New Cheat Sheet: IOS Zone-Based Firewall

By stretch | Monday, March 12, 2012 at 2:09 a.m. UTC

As a follow-up to my January article covering IOS Zone-Based Firewall implementation, I've created a new cheat sheet dedicated to the subject.

zbf_cheat_sheet.png

I'm always open to ideas for new cheat sheets, so please let me know if there's one you've been waiting to see.

Posted in Announcements

Comments


Braz (guest)
March 12, 2012 at 5:49 a.m. UTC

Hello All,

I would be glad if someone would share Some cheatsheet on Juniper Firewall/Switching..

Thanks in advance

Braz


jabbs0n
March 12, 2012 at 7:00 a.m. UTC

Awesome stuff as always, thanks, mr. J.

About ideas: i think there are so many great things that could be "cheat sheeted" such as FR, NBAR, NETFLOW, PPPoE, MPLS VPN MP-BGP, Private VLANs, some VPN topics maybe (VTI, DMVPN, EASYVPN, GETVPN, SSLVPN). And those are just first things that came to my head when i started to think about it and any of those could be pretty demanded by your readers, what do you think?

your thankful reader.


Lobin (guest)
March 12, 2012 at 8:00 a.m. UTC

Thanks, covers basics of ZFW, but great reference!


Brian Raaen (guest)
March 12, 2012 at 11:21 a.m. UTC

Thanks for another great printout. I keep meaning to write a post on setting up ipv6 firewalls on Cisco and Linux, this post is giving me some inspiration to write one up.


hmrneves
March 12, 2012 at 11:48 a.m. UTC

Hi, really thanks for you sheets, they are really usefull.

Like jabbs0n said, do more ;D

Thanks and Regards


scottsee (guest)
March 13, 2012 at 2:44 a.m. UTC

Nice Job man! Glad to see you back..


shoaibmerchant89
March 13, 2012 at 6:43 p.m. UTC

Wanted this so badly. Thanks Jeremy!


ls (guest)
March 14, 2012 at 3:57 p.m. UTC

I would love to see QoS cheat for switches and routers;)


Roger (guest)
March 21, 2012 at 5:35 p.m. UTC

Very timely post, I just started studying ZBF this week and I have all your cheat sheets. This one as always is very helpful.

You are saving me a lot of time doing something like this.

Thanks again

Roger
UK


FoggyDrake
March 22, 2012 at 10:10 a.m. UTC

Brilliant, Thanks Jeremy! That will help me for my ccna-security study.


zohirsouam
March 29, 2012 at 3:32 p.m. UTC

hello,

any things about voice topics.


Daoudd
July 31, 2012 at 6:49 a.m. UTC

That provide a great summary to the Topic , Thank you Jeremy ! :)


Rob McKennon (guest)
August 29, 2013 at 4:46 p.m. UTC

Jeremy, wonderful cheat sheet! But I believe there is a small error. In the "Match by access list" entry, the "permit ip 10.0.0.0 255.255.0.0 any" statement should be "permit ip 10.0.0.0 0.0.255.255 any" Those are wildcard-mask bits, not subnet-mask bits.

Rob.


sgtcasey
January 29, 2015 at 4:57 a.m. UTC

I tried clicking on the cheat sheet image and it comes up with a 404 error. Just FYI.

Comments have closed for this article due to its age.