Cheap Web Hosting | Free Web Hosting | Dedicated Servers | Windows Hosting | Free Web Space | Trade Show Displays | GoDaddy Coupon Codes | FrontPage Hosting | Business Hosting
cheap web hosting
Search the Web

 

Cisco Networking: Example for Simple Packet-Filtering Firewall

 

 

Goal: Allowing any TCP packet from the Internet (any source address, external network) to any host address (internal network) to be accepted, as long as the connection was established from inside (internal network). 

 

Router Configuration:

 

1 hostname NewYork

2 interface Ethernet 0

3   ip address 192.168.2.1   255.255.255.0

4 interface serial 0

5   ip address 172.16.1.33   255.255.255.252

6   ip access-group 101 in

7 ip route 0.0.0.0   0.0.0.0   172.16.1.34 

8 access-list   101 permit tcp  any  192.168.2.0   0.0.0.255 

9 access-list   101 deny ip any any 

 

Note.   Line 8:  Means to allow access to the internal network (192.168.2.0) as long as the connection was initiated (“established”) from the internal network.

 

Sketch:

 

192.168.2.0 /24 --------E0-.1-|Router|-S0-.33-------172.16.1.32/30------(External network)

(Internal network)