Scribd
Upload
14 views

Firewall Configuration-Assignmnet-Lab

Networking

Uploaded by

SHAN 10s
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
14 views

Firewall Configuration-Assignmnet-Lab

Networking

Uploaded by

SHAN 10s
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Firewall Configuration:

To configure a firewall in Packet Tracer for two


different networks, Steps are as follow-

1. Create the Network:


 Open Packet Tracer and create two separate networks with at least one router and
one PC in each network.
 Connect the routers to each other using a serial link.
 Assign IP addresses to the interfaces on the routers and PCs.
2. Configure the Firewall:
 Add a firewall device to the network, connecting it to the serial link between the two
routers.
 Configure the firewall's interfaces with appropriate IP addresses.
 Enable the firewall's interface.
Configuring the Firewall in Packet Tracer

1. Add the Firewall Device:

 Drag and Drop: From the Packet Tracer inventory, drag a firewall device (like a
Cisco ASA) onto the canvas.
 Connect: Connect the firewall to the serial link between the two routers. Ensure the
connections are made to the appropriate interfaces on the firewall and routers.

2. Configure Firewall Interfaces:

 Click: Right-click on the firewall device and select "Configure."


 Interfaces: Navigate to the "Interfaces" tab.
 Configure:
o GigabitEthernet 0/0: Assign an IP address from the Network A subnet.
o GigabitEthernet 0/1: Assign an IP address from the Network B subnet.
o Enable: Enable both interfaces by checking the "Enabled" box.

Example Configuration:

Interface GigabitEthernet0/0
ip address 192.168.1.254 255.255.255.0
no shutdown

Interface GigabitEthernet0/1
ip address 192.168.2.254 255.255.255.0
no shutdown
3. Create Access Control Lists (ACLs):
 Create ACLs to define the traffic rules for each network.
 Decide which traffic should be allowed or denied between the two networks.
 Create separate ACLs for each direction (inbound and outbound) if necessary.
 Apply the ACLs to the firewall's interfaces.

4. Test the Firewall Configuration:


 Attempt to ping between devices in the two networks.
 Verify that the firewall is blocking or allowing traffic as expected based on the ACL
rules.
 Adjust the ACLs if necessary to achieve the desired traffic flow.

Testing the Firewall Configuration

1. Ping Between Networks:

 From Network A: Try to ping a device in Network B. If the ping is successful, traffic
is flowing. If not, there might be an issue with the firewall configuration.
 From Network B: Try to ping a device in Network A. This will help verify the
outbound traffic rules.

2. Verify ACL Rules:

 Check ACLs: Ensure the ACLs you've applied to the firewall interfaces are correct
and match your desired traffic flow.
 Debug: Use the show access-lists command to view the ACLs and their entries.

3. Adjust ACLs as Needed:

 If traffic is blocked incorrectly: Modify the ACLs to permit the desired traffic.
 If traffic is allowed incorrectly: Deny the unwanted traffic using the ACLs.

Example:

If you're trying to block all traffic except for HTTP traffic from Network A to Network B,
you might need to adjust the ACLs to include only the HTTP traffic.

Before:

access-list 101 permit ip any any


After:

access-list 101 permit tcp any any eq 80


access-list 101 deny ip any any

Example ACL Configuration:


Inbound ACL (permit traffic from Network A to Network B):

 access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0


255.255.255.0
 access-list 101 deny ip any any

Outbound ACL (permit traffic from Network B to Network A):

 access-list 102 permit ip 192.168.2.0 255.255.255.0 192.168.1.0


255.255.255.0
 access-list 102 deny ip any any

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy