Table of Contents
Advertisement
8
C H A P T E R
Configuring a Simple Firewall
The Cisco 1800 integrated services routers support network traffic filtering by means of access lists. The
router also supports packet inspection and dynamic temporary access lists by means of Context-Based
Access Control (CBAC).
Basic traffic filtering is limited to configured access list implementations that examine packets at the
network layer or, at most, the transport layer, permitting or denying the passage of each packet through
the firewall. However, the use of inspection rules in CBAC allows the creation and use of dynamic
temporary access lists. These dynamic lists allow temporary openings in the configured access lists at
firewall interfaces. These openings are created when traffic for a specified user session exits the internal
network through the firewall. The openings allow returning traffic for the specified session (that would
normally be blocked) back through the firewall.
See the
Cisco IOS Security Configuration Guide, Release
12.3, for more detailed information on traffic
filtering and firewalls.
Figure 8-1
shows a network deployment using PPPoE or PPPoA with NAT and a firewall.
Figure 8-1
Router with Firewall Configured
4
7
2
3
5
6
1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
8-1
OL-6426-02
Hide quick links:
Advertisement
Table of Contents
