The document provides steps to configure and verify a basic firewall in Cisco Packet Tracer. It instructs the user to:
1) Create a network topology with devices including PCs, a server, and a firewall. 2) Configure IP addresses on the devices. 3) Turn on services like ICMP and HTTP on the firewall and deny/allow protocols. 4) Verify the firewall configuration by pinging devices and accessing the web browser.
The document provides steps to configure and verify a basic firewall in Cisco Packet Tracer. It instructs the user to:
1) Create a network topology with devices including PCs, a server, and a firewall. 2) Configure IP addresses on the devices. 3) Turn on services like ICMP and HTTP on the firewall and deny/allow protocols. 4) Verify the firewall configuration by pinging devices and accessing the web browser.
The document provides steps to configure and verify a basic firewall in Cisco Packet Tracer. It instructs the user to:
1) Create a network topology with devices including PCs, a server, and a firewall. 2) Configure IP addresses on the devices. 3) Turn on services like ICMP and HTTP on the firewall and deny/allow protocols. 4) Verify the firewall configuration by pinging devices and accessing the web browser.
Packet Tracer Steps to Configure and Verify Firewall in Cisco Packet Tracer:
Step 1: First, open the Cisco packet tracer desktop and select the devices given below:
IP Addressing Table:
Then, create a network topology as shown below the image.
Use an Automatic connecting cable to connect the devices with others. Step 2: Configure the PCs (hosts) and server with IPv4 address and Subnet Mask according to the IP addressing table given above. To assign an IP address in PC0, click on PC0. Then, go to desktop and then IP configuration and there you will IPv4 configuration. Fill IPv4 address and subnet mask. Repeat the same procedure with the server Step 3: Configuring the firewall in a server and blocking packets and allowing web browser. Click on server0 then go to the desktop. Then click on firewall IPv4. Turn on the services. First, Deny the ICMP protocol and set remote IP to 0.0.0.0 and Remote wildcard mask to 255.255.255.255. Then, allow the IP protocol and set remote IP to 0.0.0.0 and Remote wildcard mask to 255.255.255.255. And add them. Step 4: Verifying the network by pinging the IP address of any PC. We will use the ping command to do so. First, click on PC2 then Go to the command prompt. Then type ping <IP address of targeted node>. We will ping the IP address of the server0. As we can see in the below image we are getting no replies which means the packets are blocked. Check the web browser by entering the IP address in the URL. Click on PC2 and go to desktop then web browser. MAC Flood attack Switch Configuration: restrict mode • Switch>enable • Switch#configure terminal • Switch(config)#interface range fastEthernet 0/1-3 • Switch(config-if-range)#switchport mode access • Switch(config-if-range)#switchport port-security • Switch(config-if-range)#switchport port-security maximum 2 Switch Configuration: restrict mode • Switch(config-if-range)#switchport port-security violation ? – protect Security violation protect mode – restrict Security violation restrict mode – shutdown Security violation shutdown mode • Switch(config-if-range)#switchport port-security violation restrict • Switch(config-if-range)# exit • Switch#end • %SYS-5-CONFIG_I: Configured from console by console • Wr (type wr to build the configuration) • Switch#show port-security • Switch#show mac address-table switchport mode access • Using the “Switchport mode access” command forces the port to be an access port while and any device plugged into this port will only be able to communicate with other devices that are in the same VLAN. Switchport Security Violations • A switchport violation occurs in one of two situations: • When the maximum number of secure MAC addresses has been reached (by default, the maximum number of secure MAC addresses per switchport is limited to 1) • An address learned or configured on one secure interface is seen on another secure interface in the same VLAN 3 modes ofvSwitchport Security Violations • The action that the device takes when one of these violations occurs can be configured: • Protect—This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped. • Restrict—This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped. • Shutdown—This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and reenabling the switchport.