Zone-Based Firewall on Cisco 850

Unanswered Question
May 29th, 2008

Hi all,

I tried to activate the zone based firewall feature in a Cisco 850 router running 12.4(15)T5. I can successfully define zones, zone-pairs and assign interfaces to zones. However, I am unable to define class-maps and policy maps.

Did anybody run into the same problem? What use can zones possibly be without class-maps and policy-maps?

Thanks in advance,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
smahbub Wed, 06/04/2008 - 08:59

Zone-Based Firewall configuration model offers intuitive policies for multiple-interface routers, increased granularity of firewall policy application, and a default deny-all policy that prohibits traffic between firewall security zones until an explicit policy is applied to allow desirable traffic.

Refer the following link for "Zone-Based Policy Firewall Design and Application Guide" which will help you in knowing more about zone-based firewalls:


This Discussion