This article describes how to configure the Cisco IOS Firewall and how to configure IOS.
Although some people think that the firewall is no longer brilliant, I believe that if you fully utilize the firewall function of the device, it is still a choice to enhance security. This document describes how to configure the Cisco IOS Firewall.
Note that some content in this article belongs to the feature set of IOS Firewall. If your vro does not have a firewall feature set, do not run firewall commands. However, to enhance security, we recommend that you use the IOS version that supports the firewall. Although only NAT can provide minimum protection for your internal network, your Internet-facing router is more vulnerable to hacker attacks. (The following command ignores the prompt and adds an explanation or description to each command .)
Enable
Enter privileged user mode
Config t
Enter global configuration mode
Ip dhcp excluded-address 192.168.100.1 192.168.100.10
Exclude the first 10 IP addresses from the internal DHCP address pool
Ip dhcp pool Internal-DHCP
Create a DHCP pool called "Internal DHCP"
Import all
Import external DHCP settings from ISP to Internal DHCP pool
Network 192.168.100.0 255.255.255.0
Define the network in which the DHCP pool runs
Default-router 192.168.100.1
Set the default gateway for the "Internal DHCP" pool
Ip inspect name cbac tcp
Checks outbound data communication to allow internal response to TCP Communication
Ip inspect name cbac udp
Checks outbound data communication to allow internal response to UDP Communication