SlideShare uma empresa Scribd logo

Nxll12 zone based firewall

Netwax Lab
Netwax Lab

Eincop Netwax Lab Practice Labs for CCNA, CCNP, CCIE

1 de 3
Baixar para ler offline
LAB 12: Zone-Based Firewall Task 1. Assign IP address to each routers. 2. Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in outside zone. 3. Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration for the same. 4. R2 can copy a file from R4 using http, make necessary configuration. 5. NTP of all the router must be synchronize. Create R2 as NTP Server. Figure 1Topology
LAB 12: Zone-Based Firewall Solution  Task 2: Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in outside zone. Class-map type inspect match-any INCP match protocol tcp match protocol udp match protocol icmp exit policy-map type inspect INPM class type inspect INCP inspect exit exit zone security inside zone security outside zone-pair security ZIO source inside destination outside service-policy type inspect INPM exit int f0/0 zone-member security inside exit int f0/1 zone-member security outside exit  Task 3: Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration for the same. R2 Ip dns server Ip host R3 101.1.1.2
LAB 12: Zone-Based Firewall  Task 4: R2 can copy a file from R4 using http, make necessary configuration. R4 Ip http server Ip http path flash: Copy running flash: “File Name” which is save in flash R2 Copy http://101.1.1.3/”file name” flash:  Task 5: NTP of all the router must be synchronizes. Create R2 as NTP Master. R2 Set clock “Time & Date” R1 class-map type inspect match-any OUT match protocol ntp exit policy-map type inspect OUTP class type inspect OUT pass exit exit zone security inside zone security outside zone-pair security NTP source outside destination inside service-policy type inspect OUTP exit int f0/0 zone-member security inside exit int f0/1 zone-member security outside exit

Recomendados

Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Netwax Lab
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiNetwax Lab
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cliNetwax Lab
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iiiNetwax Lab
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting Netwax Lab
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6Netwax Lab
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failoverNetwax Lab
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionNetwax Lab
 

Recomendados

Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Netwax Lab
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiNetwax Lab
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cliNetwax Lab
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iiiNetwax Lab
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting Netwax Lab
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6Netwax Lab
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failoverNetwax Lab
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionNetwax Lab
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Netwax Lab
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNetwax Lab
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiNetwax Lab
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access listNetwax Lab
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNetwax Lab
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp iiNetwax Lab
 
Eincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiEincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiNetwax Lab
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6Netwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Netwax Lab
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgpNetwax Lab
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunkingNetwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Netwax Lab
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeNetwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiNetwax Lab
 
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing ProtocolsEincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing ProtocolsNetwax Lab
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNetwax Lab
 
Route Redistribution
Route RedistributionRoute Redistribution
Route RedistributionNetwax Lab
 
DMVPN
DMVPNDMVPN
DMVPNNetProtocol Xpert
 
Báo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng tháiBáo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng tháitran thai
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPNNetProtocol Xpert
 
IOS Zone based Firewall
IOS Zone based FirewallIOS Zone based Firewall
IOS Zone based FirewallNetwax Lab
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access Netwax Lab
 

Mais conteúdo relacionado

Mais procurados

Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Netwax Lab
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNetwax Lab
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiNetwax Lab
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access listNetwax Lab
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNetwax Lab
 
Eincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiEincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiNetwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Netwax Lab
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunkingNetwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Netwax Lab
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeNetwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiNetwax Lab
 
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing ProtocolsEincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing ProtocolsNetwax Lab
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNetwax Lab
 
Route Redistribution
Route RedistributionRoute Redistribution
Route RedistributionNetwax Lab
 
Báo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng tháiBáo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng tháitran thai
 

Mais procurados (20)

Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarization
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iii
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access list
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asa
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp ii
 
Eincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiEincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List ii
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgp
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunking
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static route
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking ii
 
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing ProtocolsEincop Netwax Lab: Site 2 Site VPN with Routing Protocols
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asa
 
Route Redistribution
Route RedistributionRoute Redistribution
Route Redistribution
 
DMVPN
DMVPNDMVPN
DMVPN
 
Báo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng tháiBáo cáo thực tập athena trần trọng thái
Báo cáo thực tập athena trần trọng thái
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
 

Destaque

IOS Zone based Firewall
IOS Zone based FirewallIOS Zone based Firewall
IOS Zone based FirewallNetwax Lab
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access Netwax Lab
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+Netwax Lab
 
Computer Ports
Computer PortsComputer Ports
Computer PortsNetwax Lab
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionNetwax Lab
 
Zone Based Policy Firewall
Zone Based Policy FirewallZone Based Policy Firewall
Zone Based Policy Firewallpitt2k
 
Switch configuration (command)
Switch configuration (command)Switch configuration (command)
Switch configuration (command)Muhammad Ibrahim
 

Destaque (12)

IOS Zone based Firewall
IOS Zone based FirewallIOS Zone based Firewall
IOS Zone based Firewall
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access
 
Switching
SwitchingSwitching
Switching
 
Radius vs. Tacacs+
Radius vs. Tacacs+Radius vs. Tacacs+
Radius vs. Tacacs+
 
Computer Ports
Computer PortsComputer Ports
Computer Ports
 
Remote VPN
Remote VPNRemote VPN
Remote VPN
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route Redistribution
 
Zone Based Policy Firewall
Zone Based Policy FirewallZone Based Policy Firewall
Zone Based Policy Firewall
 
Ccna 1 final exam v5
Ccna 1 final exam v5Ccna 1 final exam v5
Ccna 1 final exam v5
 
Ccna full
Ccna fullCcna full
Ccna full
 
VRF Lab WorkBook
VRF Lab WorkBookVRF Lab WorkBook
VRF Lab WorkBook
 
Switch configuration (command)
Switch configuration (command)Switch configuration (command)
Switch configuration (command)
 

Semelhante a Nxll12 zone based firewall

4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...
4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...
4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...Salem Trabelsi
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tutnicolelemmimg
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF ConfigurationNetwax Lab
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Arz Sy
 
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Abhilash Kuniyil
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructionstrayyoo
 
Ccna 4 Final 2 Version 4.0 Answers
Ccna 4 Final 2 Version 4.0 AnswersCcna 4 Final 2 Version 4.0 Answers
Ccna 4 Final 2 Version 4.0 AnswersCCNA4Answers
 
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014Đồng Quốc Vương
 
Lab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfLab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfNesibusami
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfAsgarAlam6
 
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docxJosimar Caitano
 

Semelhante a Nxll12 zone based firewall (20)

4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...
4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...
4.4.1.3 packet tracer configuring a zone-based policy firewall (zpf) instru...
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
 
Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5Ccna 2 chapter 11 2014 v5
Ccna 2 chapter 11 2014 v5
 
TN566 labs
TN566 labsTN566 labs
TN566 labs
 
lab1
lab1lab1
lab1
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF Configuration
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP Troubleshooting
 
CCNP Troubleshooting
CCNP TroubleshootingCCNP Troubleshooting
CCNP Troubleshooting
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
CCNA CHAPTER 5 BY jetarvind kumar madhukar
CCNA CHAPTER 5 BY jetarvind kumar madhukarCCNA CHAPTER 5 BY jetarvind kumar madhukar
CCNA CHAPTER 5 BY jetarvind kumar madhukar
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer)
 
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructions
 
Ccna 4 Final 2 Version 4.0 Answers
Ccna 4 Final 2 Version 4.0 AnswersCcna 4 Final 2 Version 4.0 Answers
Ccna 4 Final 2 Version 4.0 Answers
 
CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014CCNA 1 Final v5.0 2014
CCNA 1 Final v5.0 2014
 
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014
Www ccnav5 net_ccna_1_chapter_8_v5_0_exam_answers_2014
 
Lab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfLab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdf
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
 
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx
2.6.6 Packet Tracer - Verify Single-Area OSPFv2 - ILM.docx
 

Nxll12 zone based firewall

  • 1. LAB 12: Zone-Based Firewall Task 1. Assign IP address to each routers. 2. Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in outside zone. 3. Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration for the same. 4. R2 can copy a file from R4 using http, make necessary configuration. 5. NTP of all the router must be synchronize. Create R2 as NTP Server. Figure 1Topology
  • 2. LAB 12: Zone-Based Firewall Solution  Task 2: Create Zone-Base Firewall on Router 1 then put interface F0/0 inside and F0/1 in outside zone. Class-map type inspect match-any INCP match protocol tcp match protocol udp match protocol icmp exit policy-map type inspect INPM class type inspect INCP inspect exit exit zone security inside zone security outside zone-pair security ZIO source inside destination outside service-policy type inspect INPM exit int f0/0 zone-member security inside exit int f0/1 zone-member security outside exit  Task 3: Ensure R2 is able to ping R3 by name. You are allowed to make necessary configuration for the same. R2 Ip dns server Ip host R3 101.1.1.2
  • 3. LAB 12: Zone-Based Firewall  Task 4: R2 can copy a file from R4 using http, make necessary configuration. R4 Ip http server Ip http path flash: Copy running flash: “File Name” which is save in flash R2 Copy http://101.1.1.3/”file name” flash:  Task 5: NTP of all the router must be synchronizes. Create R2 as NTP Master. R2 Set clock “Time & Date” R1 class-map type inspect match-any OUT match protocol ntp exit policy-map type inspect OUTP class type inspect OUT pass exit exit zone security inside zone security outside zone-pair security NTP source outside destination inside service-policy type inspect OUTP exit int f0/0 zone-member security inside exit int f0/1 zone-member security outside exit