Well, It is really complicated to say "Basic security". There are 2 types of Firewall that you can configure using IOS, one is CBAC and the other one (little bit more complicated) called Zone based firewall. First you need to know what services are permitted from inside to outside and from outside to inside and so on....
Here are a couple of documents that may help you to sort this out,
I'm sorry to say but I'm very very novice with cisco and while i sorta get the point of cbac and zone based firewalls, i don't know enough at the moment to get really granular with them.
I have an 891 router which i need to put into service at home because I'm changing service providers and the new one will need the gigabit wan port.
currently i have a simple rv042 v3 router for firewall duties. I have dhcp on it disabled because my switch (SG300) handles everything on the vlan side of things. so as i said, the router just handles firewalling, thats it..
on the RV042, the only firewall services that are active are: SPI, DoS, and Block WAN Request.
I just want to enable those same simple things on the 891. I figure SPI will be more involved, and i see the documentation on it is out there to follow, but i haven't seen anything on "Block WAN Request" specifically.
I basically (for starters) just want to have it so that if someone pings the wan ip address from outside, i don't want it to respond.
I don't need anything absolutely crazy, i just want to have the same basic, simple firewalling that the RV042 does, on my 891.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :