Skip to main content

Firewall Configuration

Configuring a Simple Firewall

The Cisco 1800 integrated services routers support network traffic filtering by means of access lists. The router also supports packet inspection and dynamic temporary access lists by means of Context-Based Access Control (CBAC).
Basic traffic filtering is limited to configured access list implementations that examine packets at the network layer or, at most, the transport layer, permitting or denying the passage of each packet through the firewall. However, the use of inspection rules in CBAC allows the creation and use of dynamic temporary access lists. These dynamic lists allow temporary openings in the configured access lists at firewall interfaces. These openings are created when traffic for a specified user session exits the internal network through the firewall. The openings allow returning traffic for the specified session (that would normally be blocked) back through the firewall.
.

8-1 Router with Firewall Configured
1.    Multiple networked devices—Desktops, laptop PCs, switches.
2.    Fast Ethernet LAN interface (the inside interface for NAT)
3.    PPPoE or PPPoA client and firewall implementation—Cisco 1811/1812 or Cisco 1801/1802/1803 series integrated services router, respectively
4.    Point at which NAT occurs
5.    Protected network
6.    Unprotected network
7.    Fast Ethernet or ATM WAN interface (the outside interface for NAT)
In the configuration example that follows, the firewall is applied to the outside WAN interface (FE0) on the Cisco 1811 or Cisco 1812 and protects the Fast Ethernet LAN on FE2 by filtering and inspecting all traffic entering the router on the Fast Ethernet WAN interface FE1. Note that in this example, the network traffic originating from the corporate network, network address 10.1.1.0, is considered safe traffic and is not filtered.
Configuration Tasks
Perform the following tasks to configure this network scenario:
·                 Configure Access Lists
·                 Configure Inspection Rules
·                 Apply Access Lists and Inspection Rules to Interfaces
More Click on:- http://www.cisco.com/c/en/us/td/docs/routers/access/1800/1801/software/configuration/guide/scg/firewall.html


Labels:

Comments

Post a Comment

Popular posts from this blog

Information Security Interview Questions & Answers

The number of Information Security related jobs are growing extensively…. There is a huge requirement for skilled InfoSec professionals across the globe.. the jobs positions are available for freshers, experienced guys and top management (typically CISO .HCL,BPLetc)… This post is my attempt to collect typical InfoSec interview question and answers to help those looking out opportunities in this field… I’ll keep on updating the questions regularly.. You can also share/contribute any questions you might have faced during your InfoSec interviews…. Category I: General Security Concepts / Network Security / OS Security 1) Is there any difference between Information Security and IT Security? If yes, please explain the difference. Ans- Yes. Information Security and IT Security are both different terms often used interchangeably. IT Security focuses on purely technical controls (like implementing antivirus, firewall, hardening systems etc) while Information Security is more wider ter...
Post a Comment
Read more

8 pair usage for data in Cat 6 Wire in Networking

Today I Post the Cat6 wire pair use in Networking ,we all know 8 pair in cat 6 and but no idea how any pair use in Networking .only 4 pair Use in networking , Like this Photo, If 4 pair not work in cat6 wire we use another 4 Pair same wire Save time and Money 
Post a Comment
Read more

MCSE INTERVIEW QUESTIONS AND ANSWER

MCSE INTERVIEW QUESTIONS AND ANSWER ,VERY USEFULL OUR NEXT JOB INTERVIEW MCSE Questions and Answers: :  1 :: What is the use of IGMP protocol?  Internet Group Management Protocol: - It allows internet hosts to participate in multicasting. The IGMP messages are used to learn which hosts is part of which multicast groups. The mechanism also allow a host to inform its local router, that it wants to receive messages.  2 :: What are Ping and Tracert?  Ping and tracert are the commands used to send information to some remote computers to receive some information. Information is sent and received by packets. Ping I particularly used to check if the system is in network or not. It also gives packet lost information. In windows ping command is written as ping ip_address Tracert is called as trace route. It is used to track or trace the path the packet takes from the computer where the command is given until the destination. In windows ping command is written as trac...
Post a Comment
Read more