Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
0
Helpful
1
Replies

Access List - to make the network secure before accessing the internet

Sumit1565
Level 1
Level 1

‎10-08-2019 11:18 PM

Hi

 

I would like to know i have a small single network behind Cisco ISR 1100 series router, and it has the internet link terminated on the WAN interface. What should be the access list so that i can make the single network which is 10.10.10.0/24 secure for inbound and outbound both but internet should work fine on 10.10.10.0/24 network.

Labels:
0 Helpful
1 Reply 1

Deepak Kumar
VIP Alumni
VIP Alumni

‎10-08-2019 11:45 PM

Hi,

ACL is not a stateful firewall and it is for blocking or allowing the traffic on a port, source, destination, protocol, etc. I recommended choosing a Zone-based firewall configuration with this router as:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_zbf/configuration/xe-16-6/sec-data-zbf-xe-16-6-book/sec-zone-pol-fw.html

 

Again, This is a simple firewall and it will not save you from viruses, malware, ransomware, application, and IPS, etc. If you want to go with the next-generation firewall with full protection then choose the Firepower or any third party NGFW as Sophos, Fortigate, etc.

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents