Chapter30 More About....
Firewall Policy Use Case Scenario
30-30
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
Examining Originating Traffic: From Interface Fast Ethernet 0/0; To Interface Serial 1/0
In this configuration, there is a firewall filtering traffic entering the router on the
Serial 1/0 interface bound for the network connected to the Fast Ethernet 0/0
interface. The following traffic diagram shows that an access rule and an
inspection rule have been applied to inbound traffic on the Fast Ethernet 0/0
interface, and that an access rule has been applied to inbound traffic on Serial 1/0.
In this diagram, the firewall icon indicates that a firewall is active between Fast
Ethernet 0/0 and Serial 1/0. This is based on the presence of the inspection rule
applied to Fast Ethernet 0/0, and the access rule applied to inbound traffic on
Serial 1/0. Although an access rule has been applied to Fast Ethernet 0/0, it is not
necessary for the firewall.
The following illustration shows entries for the inspection rule on Fast Ethernet
0/0.
These entries specify which traffic inbound on Fast Ethernet 0/0 will be inspected
as it enters the router. Returning traffic matching the inspection criteria will be
allowed into the router if it is associated with a session initiated on
Fast Ethernet 0/0s network.
Examining Returning Traffic: From Interface Ethernet 0/0; To Interface Serial 1/0
Clicking the Returning traffic button displays the access rule for inbound traffic
on Serial 1/0.