Configure Firewall Policy on Cisco Router !!!

-
Configure Firewall Policy on Cisco Router  to allow 80 & 443 and deny Other !!!



Configured  Route between CLIENT and WEB_SERVER and running all services.



 To Allow HTTP & HTTPS and deny others!! 

 1- Create Two Zones INPUT & OUTPUT


2- Create Class Map-Inspection



3- Create Policy Map --- Protocol Inspection



4- Create Zone Pair



TEST:

 Allow HTTP & HTTPS From Client to Server:

Deny Other services:

 -----------------------------------------------------------------------------------------------------------

 Good Luck https://www.linkedin.com/in/ahmedms/

Comments

Post a Comment

Popular posts from this blog

Kubernetes 104: Create a 2-node k3s cluster with k3sup

-
Image
Create a 2-node k3s cluster with k3sup Kubenetes-Master   = 192.168.17.5 Kubenetes-Worker  = 192.168.17.6 k3sup machine        = 192.168.1.131 !!!  Allow ssh access between k3sup  & two nodes of kubernetes       and between two nodes of kubernetes. !!!  Install K3SUP: [root@devops ~]# curl -sLSf https://get.k3sup.dev | sh which: no k3sup in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin) x86_64 Downloading package https://github.com/alexellis/k3sup/releases/download/0.3.0/k3sup as /tmp/k3sup Download complete. Running as root - Attempting to move k3sup to /usr/local/bin New version of k3sup installed to /usr/local/bin _ _____ | | _|___ / ___ _ _ _ __ | |/ / |_ \/ __| | | | '_ \ | < ___) \__ \ |_| | |_) | |_|\_\____/|___/\__,_| .__/ |_| Version: 0.3.0 Git Commit: 7d954414def98c52ae1f6de08ac5317e4260e673 [root@devops ~]# !!! Install kubernetes master: [root@devops ~]# export SERVE
Read more

Cisco Nexus: Configuration VXLAN.

-
Image
Configuration VXLAN on Cisco Nexus !!! First: Legacy Method: Connect between two servers by Trunk VLAN: Second: VXLAN Method: Connect between two servers by VXLAN Tunnel. First Method:          NXOS-L:  vlan 2  interface Ethernet1/2     switchport access vlan 2     spanning-tree port type edge     no shutdown interface Ethernet1/1    switchport mode trunk    spanning-tree port type network    no shutdown NXOS-R: vlan 2 interface Ethernet1/2    switchport access vlan 2    spanning-tree port type edge    no shutdown interface Ethernet1/1    switchport mode trunk    spanning-tree port type network    no shutdown  Result: ------------------------------------------------------------------------------------------------- Second Method: VXLAN !! NXOS-L: feature ospf  interface Ethernet1/1     no switchport     ip address 10.3.4.3/24     ip router ospf 1 area 0.0.0.0     ip ospf network point-to
Read more

How to configure OSPF on Palo Alto Networks Firewall?

-
Image
How to configure OSPF on Palo Alto Networks Firewall !! Steps: 1- Create Virtual Router. 2- Create three Zones (Site A – Site B – Site C). 3- Create security rule allow (ping) between Site A & Site C. 4- Create OSPF routing protocol on two firewalls. -------------------------------------------------------------------------------------------                                                                     PaloAlto - 1 1- Create Virtual Router (VR-1) PaloAlto-1 2- Create Zones PaloAlto-1: 3- Assign Interfaces PaloAlto-1: 4- Create rule allow (ping) and deny other 5- Apply OSPF between two interfaces (eth ½ - eth 1/1) Show routing table on Palo-Alto-1: ====================================================================                                                                PaloAlto - 2 1- Create Virtual Router (VR-1) PaloAlto-2 2- Create Zones PaloAlto-2: 3- Assign Interfac
Read more