Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Ios Firewall

Hi all i have a 1841

Cisco IOS Software, 1841 Software (C1841-ADVSECURITYK9-M), Version 12.4(4)T, RELEASE SOFTWARE (fc1)

An i whant to make a firewall on this with the dmz on the fasteth0/1 too.

I readed many about but i do not have the exact idea of what to do.

Can you post a sample configuration of a firewall?

thanks all

gian paolo

1 REPLY
Gold

Re: Ios Firewall

1. configure firewall rules:

ip inspect name myfw tcp timeout 3600

ip inspect name myfw udp timeout 15

2. apply the rules on both inside and dmz interface:

interface FastEthernet0/0

ip inspect myfw in

interface FastEthernet0/1

ip inspect myfw in

3. apply acl on the dmz interface in order to restrict traffic from the dmz to inside, but permitting the rest:

access-list 111 permit tcp host eq 3389

access-list 111 permit tcp host eq 25

access-list 111 deny ip

access-list 111 permit ip any

interface FastEthernet0/1

ip access-group 111 in

109
Views
0
Helpful
1
Replies