Control Outbound traffic

Control Outbound traffic
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Control Outbound traffic JP Morgan 11-15-2004
Posted by JP Morgan on November 15, 2004, 10:54 am
If you were  Registered and logged in, you could reply and use other advanced thread options


I have a cisco pix w/ multiple tunnels and I need to traffic-rate tcp/ip
printing. Can I police it from the router on the outside by port
(515/9100)? Or will I have to police it before it hits the PIX? I was
wonder if the encapulation would affect it after the PIX.

Thanks


home networking made easy, greater protection, less stress, introducing nm 5.0, 728x90
Posted by Ivan Ostreš on November 15, 2004, 5:36 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
says...
> I have a cisco pix w/ multiple tunnels and I need to traffic-rate tcp/ip
> printing. Can I police it from the router on the outside by port
> (515/9100)? Or will I have to police it before it hits the PIX? I was
> wonder if the encapulation would affect it after the PIX.
>
>

You can't police it after it's being encapsulated/encrypted since you
can't read 515/9100 ports in encrypted packets. So, you have to doit
before traffic enters pix.


--
-Ivan.

*** Use Rot13 to see my eMail address ***


Posted by JP Morgan on November 15, 2004, 1:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Ivan Ostreš wrote:
> says...
>
>>I have a cisco pix w/ multiple tunnels and I need to traffic-rate tcp/ip
>>printing. Can I police it from the router on the outside by port
>>(515/9100)? Or will I have to police it before it hits the PIX? I was
>>wonder if the encapulation would affect it after the PIX.
>>
>>
>
>
> You can't police it after it's being encapsulated/encrypted since you
> can't read 515/9100 ports in encrypted packets. So, you have to doit
> before traffic enters pix.
>
>


Ok, that's all I needed to know. My hunch was right, thanks for
verification.



Similar ThreadsPosted
PIX - Deny outbound traffic March 12, 2005, 1:32 pm
Basic ACL Question - Outbound Traffic April 30, 2006, 2:18 am
Documentation for Traffic Control - CBQ October 26, 2005, 3:37 am
Flow Control and traffic optimization August 4, 2006, 12:04 pm
Redirect Outbound SMTP Traffic to Specific Server - 837 and 2621 July 21, 2004, 5:15 pm
Flow control and multicast or broadcast traffic August 7, 2006, 12:14 pm
Specify outbound IP March 18, 2008, 9:16 pm
outbound nat on a 3640 October 4, 2006, 5:54 pm
outbound NAT on a 3640 October 4, 2006, 6:16 pm
TCP inbound on 192.168.1.12 but outbound on 192.168.1.10 - Huh? March 7, 2007, 11:00 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map