I have a 1841 router that is going to be an Internet facing router for a DR site.
Normal operation is to have the main site VPN tunnel to the remote site.
An IOS firewall policy blocking all access but throught the VPN tunnel
If the main site were to have a disaster, we would need to have customers have access to DR servers via the Internet to a block NATed address.
The thing is , I do not want to allow access to these addresses all the time, but I want to be able to quickly remote in and add access to 20 differnet servers on five or six different ports.
Is there a way to save an IOS firewall policy file and dump it to the router where all access is blocked via Internet, then access allowed?