The premiere source of truth powering network automation. Open and extensible, trusted by thousands.
NetBox is now available as a managed cloud solution! Stop worrying about your tooling and get back to building networks.
New Cheat Sheet: IOS Zone-Based Firewall
By stretch | Monday, March 12, 2012 at 2:09 a.m. UTC
As a follow-up to my January article covering IOS Zone-Based Firewall implementation, I've created a new cheat sheet dedicated to the subject.
I'm always open to ideas for new cheat sheets, so please let me know if there's one you've been waiting to see.
Posted in Announcements
Comments
March 12, 2012 at 5:49 a.m. UTC
Hello All,
I would be glad if someone would share Some cheatsheet on Juniper Firewall/Switching..
Thanks in advance
Braz
March 12, 2012 at 7:00 a.m. UTC
Awesome stuff as always, thanks, mr. J.
About ideas: i think there are so many great things that could be "cheat sheeted" such as FR, NBAR, NETFLOW, PPPoE, MPLS VPN MP-BGP, Private VLANs, some VPN topics maybe (VTI, DMVPN, EASYVPN, GETVPN, SSLVPN). And those are just first things that came to my head when i started to think about it and any of those could be pretty demanded by your readers, what do you think?
your thankful reader.
March 12, 2012 at 8:00 a.m. UTC
Thanks, covers basics of ZFW, but great reference!
March 12, 2012 at 11:21 a.m. UTC
Thanks for another great printout. I keep meaning to write a post on setting up ipv6 firewalls on Cisco and Linux, this post is giving me some inspiration to write one up.
March 12, 2012 at 11:48 a.m. UTC
Hi, really thanks for you sheets, they are really usefull.
Like jabbs0n said, do more ;D
Thanks and Regards
March 13, 2012 at 2:44 a.m. UTC
Nice Job man! Glad to see you back..
March 13, 2012 at 6:43 p.m. UTC
Wanted this so badly. Thanks Jeremy!
March 14, 2012 at 3:57 p.m. UTC
I would love to see QoS cheat for switches and routers;)
March 21, 2012 at 5:35 p.m. UTC
Very timely post, I just started studying ZBF this week and I have all your cheat sheets. This one as always is very helpful.
You are saving me a lot of time doing something like this.
Thanks again
Roger
UK
March 22, 2012 at 10:10 a.m. UTC
Brilliant, Thanks Jeremy! That will help me for my ccna-security study.
March 29, 2012 at 3:32 p.m. UTC
hello,
any things about voice topics.
July 31, 2012 at 6:49 a.m. UTC
That provide a great summary to the Topic , Thank you Jeremy ! :)
August 29, 2013 at 4:46 p.m. UTC
Jeremy, wonderful cheat sheet! But I believe there is a small error. In the "Match by access list" entry, the "permit ip 10.0.0.0 255.255.0.0 any" statement should be "permit ip 10.0.0.0 0.0.255.255 any" Those are wildcard-mask bits, not subnet-mask bits.
Rob.
January 29, 2015 at 4:57 a.m. UTC
I tried clicking on the cheat sheet image and it comes up with a 404 error. Just FYI.