1. LAB 12: Zone-Based Firewall
Task
1. Assign IP address to each routers.
2. Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in outside zone.
3. Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration for the
same.
4. R2 can copy a file from R4 using http, make necessary configuration.
5. NTP of all the router must be synchronize. Create R2 as NTP Server.
Figure 1Topology
2. LAB 12: Zone-Based Firewall
Solution
Task 2: Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in
outside zone.
Class-map type inspect match-any INCP
match protocol tcp
match protocol udp
match protocol icmp
exit
policy-map type inspect INPM
class type inspect INCP
inspect
exit
exit
zone security inside
zone security outside
zone-pair security ZIO source inside destination outside
service-policy type inspect INPM
exit
int f0/0
zone-member security inside
exit
int f0/1
zone-member security outside
exit
Task 3: Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration
for the same.
R2
Ip dns server
Ip host R3 101.1.1.2
3. LAB 12: Zone-Based Firewall
Task 4: R2 can copy a file from R4 using http, make necessary configuration.
R4
Ip http server
Ip http path flash:
Copy running flash:
“File Name” which is save in flash
R2
Copy http://101.1.1.3/”file name” flash:
Task 5: NTP of all the router must be synchronizes. Create R2 as NTP Master.
R2
Set clock “Time & Date”
R1
class-map type inspect match-any OUT
match protocol ntp
exit
policy-map type inspect OUTP
class type inspect OUT
pass
exit
exit
zone security inside
zone security outside
zone-pair security NTP source outside destination inside
service-policy type inspect OUTP
exit
int f0/0
zone-member security inside
exit
int f0/1
zone-member security outside
exit