Filter
Top Products
Chapter 42 Viewing Router Information
Zone-Based Policy Firewall Status
42-10
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
• Destination IP Address—The IP address of the packet’s destination host.
• Protocol—The network protocol being examined.
• Match Count—The number of packets matching the firewall conditions.
Update button
Click this button to refresh the firewall sessions in the table and display the most
current data from the router.
Zone-Based Policy Firewall Status
If the router runs a Cisco IOS image that supports the Zone-Based Policy Firewall
feature, you can display the status of the firewall activity for each zone pair
configured on the router.
Firewall Policy List Area
The firewall policy list area displays the policy name, source zone, and destination
zone for each zone pair. The following table contains sample data for two zone
pairs.
In this sample table there is a zone pair configured for traffic inbound to the DMZ,
and traffic outbound from the DMZ.
Choose the zone pair that you want to display firewall statistics for.
View Interval
Choose one of the following options to specify how data should be collected:
• Real-time data every 10 sec—Data is reported every 10 seconds. Each tick
mark on the horizontal axis of the Dropped Packets and Allowed Packets
graph represents 10 seconds.
Zone Pair Name Policy Name Source Zone Destination Zone
wan-dmz-in pmap-wan zone-wan zone-dmz
wan-dmz-out pmap-dmz zone-dmz zone-wan