Cisco CISCO876-SEC-I-K9 Configuration Guide - Page 92

Chapter 8 Configuring a Simple Firewall 1 Multiple networked devices-Desktops, laptop PCs, switches 2 Fast Ethernet LAN interface (the inside interface for NAT) 3 PPPoE or PPPoA client and firewall implementation-Cisco 851/871 or Cisco 857/876/877/878 series access router, respectively 4 Point at which NAT occurs 5 Protected network 6 Unprotected network 7 Fast Ethernet or ATM WAN interface (the outside interface for NAT) In the configuration example that follows, the firewall is applied to the outside WAN interface (FE4) on the Cisco 851 or Cisco 871 and protects the Fast Ethernet LAN on FE0 by filtering and inspecting all traffic entering the router on the Fast Ethernet WAN interface FE4. Note that in this example, the network traffic originating from the corporate network, network address 10.1.1.0, is considered safe traffic and is not filtered. Configuration Tasks Perform the following tasks to configure this network scenario: • Configure Access Lists • Configure Inspection Rules • Apply Access Lists and Inspection Rules to Interfaces A configuration example that shows the results of these configuration tasks is provided in the "Configuration Example" section on page 8-5. Note The procedures in this chapter assume that you have already configured basic router features as well as PPPoE or PPPoA with NAT. If you have not performed these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," and Chapter 4, "Configuring PPP over ATM with NAT," as appropriate for your router. You may have also configured DHCP, VLANs, and secure tunnels. Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide 8-2 OL-5332-01