1841 IOS firewall policy off/on

Unanswered Question
Mar 8th, 2007
User Badges:

I have a 1841 router that is going to be an Internet facing router for a DR site.

Normal operation is to have the main site VPN tunnel to the remote site.

An IOS firewall policy blocking all access but throught the VPN tunnel

If the main site were to have a disaster, we would need to have customers have access to DR servers via the Internet to a block NATed address.

The thing is , I do not want to allow access to these addresses all the time, but I want to be able to quickly remote in and add access to 20 differnet servers on five or six different ports.

Is there a way to save an IOS firewall policy file and dump it to the router where all access is blocked via Internet, then access allowed?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pradeepde Wed, 03/14/2007 - 06:48
User Badges:
  • Bronze, 100 points or more

hope Context-Based Access Control will help to you.

CBAC creates temporary openings in access lists at firewall interfaces. These openings are created when specified traffic exits your internal network through the firewall.

Refer this link:



This Discussion