If the task is not very eloquent in describing how to inspect non-standard telnet wouldn't it be acceptable to add this non-standard telnet port to ip-port mapping and then just inspect telnet?
Eugene From: [email protected] [mailto:[email protected]] On Behalf Of Mike Rojas Sent: Monday, July 23, 2012 9:58 PM To: [email protected] Subject: [OSL | CCIE_Security] Zone based Firewall Port Map Hi Everyone, Quick one, with zone based if they tell you to inspect telnet on a non standard port, does zone based also use the system ports? Or should we use an access list permitting the traffic on port 23 and have it being inspected as a regular tcp traffic? Since it didnt say anything to an specific server, I created an access-list with the any keyword and mapped the port to tcp.. Im not sure if that is correct. Mike
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
