O'Reilly logo

CCIE Security Practice Labs by Fahim Hussain Yusuf Bhaiji

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Section 6.0: IOS Firewall Configuration

6.1. Context-Based Access Control (CBAC)

  1. Configure IOS Firewall—CBAC on R5 to protect VLAN6.

  2. Configure inspection to monitor all TCP and UDP traffic.

  3. Configure ACL on R6 such that the R7 ATM network can Telnet, ping, and FTP to all networks beyond R5 and should not be able to initiate any traffic to the Frame Relay network.

  4. Additionally, any device in the VLAN2 network should not be able to ping the R7 ATM link, but R7 should be able to ping R3. See ACL 101 configured on R5 in the example following item 6.

  5. Tune default firewall parameters for the number of existing half-open sessions that will cause the firewall to start deleting half-open sessions at 1500 and to stop deleting at 1200 sessions, as demonstrated ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required