Router IP Traffic Export (RITE)

This topic is to discuss the following lesson:

https://networklessons.com/cisco/ccie-routing-switching/router-ip-traffic-export-rite/

Hi Rene,

I think the interfaces on your diagram are wrong on the Router RITE cause you mentioned f0/1 but there is none.

Thanks

Thanks Alfredo, just fixed the image.

Hello Rene, thanks for the explanation. The question I have is: should returned traffic be inspected or forwarded to the IDS, instead of the client’s traffic? We assume internal traffic is trusted, right?

Hi Jose,

If you want to use RITE to forward traffic to an IDS/IPS then yes, it’s probably the traffic from outside to inside that you want to forward and inspect.

We don’t always trust internal traffic 100% btw. For example, a few weeks ago I used an ASA with firepower that is used to inspect all outgoing traffic. It can be used to drop certain traffic that the hosts are not allowed to use.

Rene

Hello Rene,

Nice. Is there any option to Monitor Traffic Remotely like RSPAN on Router port ??

br//
zaman

Embedded Packet Capture works very well on routers.