IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

CERTIFICATION

This is to certify that the internship report entitled IMPLEMENTATION OF A

FIREWALL ON A LAN USING CISCO PACKET TRACER IN A SMALL
BUSINESS ORGINATION Submitted by SAMA DARLINA NYONGHA, from the
Catholic University Institute of Buea (Douala Campus) a student of first year. Towards
partial fulfillment of the Higher National Diploma in Network and Security in the school
of Information and Technology in year 2024/2025 at Catholic University Institute of
Buea (Douala campus).

By: SAMA DARLINANYONGHA

Signature…………………... Date………………………...

MR SHU JILL

Signature………………… Date………………………...

(Academic Supervisor)

Mr. Ngassa Daniel

Signature……………. Date………………………

written and presented by sama

i
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

DECLARATION

I Sama Darlina, hereby declare that the presented project report of internship work
entitled “IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO
PACKET TRACER IN A SMALL BUSINESS ORGINATION” is an outcome of my
own efforts and uniquely prepared by me after the completion of two months internship
at Nala Security Consulting, under the guidance of (supervisor). The project is submitted
to the Catholic University Institute of Buea (Douala Campus). For the partial fulfillment
of the Higher National Diploma Examination 2024-2025.

Signature…………………... Date……………………

SAMA DARLINA

HND, NWS

written and presented by sama

ii
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

DEDICATION

I dedicate this report writing to God Almighty the owner and finisher of our faith,
who made it possible for me to be alive today and also help me throughout my 2-month
training may your name be praise for evermore Amen. I also dedicate this to my lovable
parents Mr. Sama Moses and Mrs. Sama Silvia for their prayers and financial support and
for always providing everything I needed during this period.

written and presented by sama

iii
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

ACKNOWLEDGEMENT

The successful completion of any work is generally not an individual effort. It is

an outcome of dedicated and cumulative efforts of several persons, each having its own
importance to the objective. This section is a value of thanks and gratitude towards my
academic supervisor Mr. SHU JILL NGWA and my professional supervisor Mr.
NGASSA DANIEL who have implicitly or explicitly contributed in their own unique
way towards the completion of this project. For their invaluable comments and
suggestions, I wish to thank them all.

Positive inspiration and right guidance a must in every aspect of life. Especially,
when we arrive at the academic stage for instance. For the success of my project several
obligations have been taken. I have performed solemn duty of expressing a heartfelt
thanks to all who have endowed me with their precious perpetual guidance, suggestions
and information. any kind of help directly or indirectly has importance to me.

written and presented by sama

iv
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

TABLE OF CONTENT

CERTIFICATION.............................................................................................................................i
DECLARATION.............................................................................................................................ii
DEDICATION................................................................................................................................iii
ACKNOWLEDGEMENT..............................................................................................................iv
TABLE OF CONTENT...................................................................................................................v
ABSTRACT..................................................................................................................................vii
LIST OF FIGURES......................................................................................................................viii
LIST OF TABLES..........................................................................................................................ix
LIST OF ABRVIATIONS................................................................................................................x
PREFACE.......................................................................................................................................xi
CHAPTER ONE..............................................................................................................................1
INTRODUCTION AND OVERVIEW............................................................................................1
1.1 ORIENTATION OF CUIB................................................................................................1
1.1.1 ORIENTATION OF STUDENTS.............................................................................1
1.1.2 ORIENTATION AT THE COMPANY......................................................................2
1.2 OBJECTIVES OF CARRYING OUT THE INTERNSHIP.............................................2
1.3 DEFINITION OF TERM..................................................................................................3
1.4 PROBLEM STATEMENT................................................................................................4
CHAPTER TWO.............................................................................................................................5
PRESENTATION OF THE COMPANY.........................................................................................5
2.1 BACKGROUND OF THE COMPANY................................................................................5
2.2 ORGANIZATIONAL STRUCTURE....................................................................................5
2.3 PRODUCT /SERVICES OFFERED BY THE COMPANY..................................................6
CHAPTER THREE.......................................................................................................................10
ACTIVITIES CARRIED OUT BY THE INTERN.......................................................................10
3.1 Activities at the Research Development Department..........................................................10
3.2 Activities at the Technical Operations Network Security Center (NSC).............................11
3.3 Research on Web Application Firewall (WAF)...................................................................13

written and presented by sama

v
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

3.4 A REPORT OF TASKS CARRIED OUT BY THE STUDENT.........................................17

3.5 Comparing Theory and Practice..........................................................................................26
3.6 Conceptual Review of your Topic.......................................................................................27
3.7 Justification of the Topic......................................................................................................29
CHAPTER FOUR.........................................................................................................................31
SWOT ANALYSIS, CONCLUSION, AND RECOMMENDATIONS........................................31
4.1 SWOT ANALYSIS..............................................................................................................31
4.1.1 STRENGHT OF NALA SECURITY CONSULTING.................................................31
4.1.2 WEAKNESS OF NALA SECURITY CONSULTING...........................................31
4.1.3 OPPORTUNITIES OF NALA SECURITY CONSULTING..................................32
4.1.4 THREADS OF NALA SECURITY CONSULTING..............................................32
4.2 CHALLENGES ENCOUNTERED................................................................................33
4.2.1 Company’s Challenges.....................................................................................................33
4.2.2 Intern Challenges.....................................................................................................34
4.3 Critical Analysis of Identified Problem...........................................................................35
4.4 RECOMMENDATION...................................................................................................36
4.5 CONCLUSION...............................................................................................................36
REFRENCES.................................................................................................................................39
APPENDICES...............................................................................................................................40

written and presented by sama

vi
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

ABSTRACT

This is due to the internship carried out at Nala Security Consulting with the aim
of blending the theorical studies to the practical studies. This was aimed at putting the
theories learned in class in to practice. The internship focusses on keys areas of cyber
security, including threat detection, network security, vulnerability assessment, and
incident response. As part of the internship, I actively contributed to real world projects
that involved the use of industry-standard tools as firewalls, IDS, SIEM and malware
analysis platforms.

One of the main projects involved was conducting vulnerability assessments and
penetration testing for clients, identifying security weakness in their network
infrastructure and providing recommendations for mitigation. I also worked on
implementing and fine-tuning security configurations for identity and access management
(IAM) solutions to enhance client’s security.

Throughout the internship, I gained hands on experience in monitoring security

events, analyzing log data, and contributing to the overall cyber security posture of the
company’s client. This internship provided invaluable insights into the dynamic nature of
cyber security industry, reinforcing the importance of proactive defense mechanisms,
continuous monitoring, and the knowledge and skills acquired during this internship will
serve as a strong foundation for my future career in cyber security.

written and presented by sama

vii
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

LIST OF FIGURES

Figure 1.2 Organizational Structure of Nala Security......................................................6

Figure 2.1 Source of Diagram...................................................................................8
Figure 3.1 Activities at the Research Development Department.......................................11
Figure 4.1 Vulnerability Assessment steps..................................................................13
Figure 5.1 Functioning of an SQL Injection................................................................14
Figure 6.1 Functions of a Cross-Site Scripting............................................................15
Figure 7.1 Functions of a Cross-Site Request Forgery...................................................16
Figure 8.1 LAN setup...........................................................................................18
Figure 9.1 Router Configuration..............................................................................19
Figure 10.1 Connection of 2 LAN to a Firewall...........................................................22
Figure 11.1 Router Configuration............................................................................23
Figure 12.1 Pc1 IP Address on LAN1.......................................................................24
Figure 13.1 Pc5 IP Address in LAN2........................................................................25
Figure 14.1 Firewall Configuration..........................................................................26

written and presented by sama

viii
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

LIST OF TABLES
Table 1: List of abbreviation…………………………………………………………… x

written and presented by sama

ix
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

LIST OF ABRVIATIONS

ABBRIVA MEANINGS
TIONS
CUIB Catholic University Institute of Buea (Douala Campus)
HND Higher National Diploma
CEO Chief Executive Officer
NCs Nala Security Consulting
LAN Local Area Network
DAM Data Access Management
IT Information Technology
IAM Identify and Access Management
ACL Access Control Lists
CASB Cloud Security Access Security Blocker
SWG Secure Web Gateway
EDR Endpoint Detection Response
DoS Denial of Services
IDS Intrusion Detection System
IPS Intrusion Prevention System
WAF Web Application Firewall
DDoS Distributed Denial of Services
HTTP Hypertext Transfer Protocol
VPN Virtual Private Network
NAT Network Address Transition
SIEM Security Information and Event Management

written and presented by sama

x
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

PREFACE

This internship report, titled IMPLEMENTATION OF A FIREWALL ON A

LAN USING CISCO PACKET TRACER IN A SMALL BUSINESS ORGINATION,
is the culmination of my hands-on experience and learning during my internship. The
purpose of this report is to document the process of designing, configuring and
implementing a firewall within a Local Area Network (LAN) to enhance security using
Cisco Packet Tracer a simulation tool.
In today’s digital landscape, network security is a critical concern for businesses
and organizations. Unauthorized access, cyber threats, and data breaches pose significant
risks to any network infrastructure. Firewalls serves and act as the first line and crucial
defense mechanism by monitoring and controlling incoming and outgoing network traffic
based on predefined security rules and also defense against unauthorized access and
cyber threats, making their implementation a vital aspect of network security.
Implementing a firewall within a LAN helps to protect sensitive data, prevent
unauthorized access, and maintain network integrity.
The objective of this project was to apply the theoretical knowledge of network
and security I learn from school into practical implementation. Using Cisco Packet
Tracer, I configured a firewall to filter network traffic, enforce security policies and
restrict unauthorized access within a simulated LAN environment.
Throughout this internship, I have gained practical knowledge of network security
principles, firewall configuration, and troubleshooting techniques. The experience has
bridged the gap between theoretical concepts and real-world applications. I would like to
express my gratitude to my supervisor and colleagues who provided guidance and
support throughout my internship.

written and presented by sama

xi
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

I hope this report will serve as a useful reference for students, professionals and
anyone interested in learning about firewalls implementation in LAN using Cisco Packet
Tracer.
AUTHOR: Sama Darlina Nyongha
INSTITUTION: Catholic University Institute of Buea (Douala Campus)
DATE:

written and presented by sama

xii
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

CHAPTER ONE

INTRODUCTION AND OVERVIEW

1.1 ORIENTATION OF CUIB

1.1.1 ORIENTATION OF STUDENTS

Before we the students at the CATHOLIC UNIVERSITY INSTITUTE OF BUEA

went out for internship, we had a meeting with some of our lecturers in school concerning
our internship. During the meeting they gave us some key points to take into
consideration to have a successful internship. Importance points such as: the dressing
code, punctuality, obedience, filling the gap, not being distracted, always asking
questions and always being attentive. As an intern respecting rules, and regulation is one
of the important key points given to us during the session. The orientation was based aim
on.
 Being Punctual
Being punctual simply means respecting the opening and closing time of the
company and coming 10 minutes before the opening time for which the opening time is
at 9am.
 Taking Initiative
Meaning you should always ask question on anything you don’t understand
and when you are confused or in doubt you need to ask for help and assistance.
 Being Responsible
By always been ready to offer help and assistance when needed at the
company.
 Having Good Morals
That we should have good and proper morals towards work and towards the
present workers of the company.

written and presented by sama

1
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

1.1.2 ORIENTATION AT THE COMPANY

On the first day at NSc, Mr. NGASSA DANIEL who is the director welcome and
then gave me a brief overview of the company and later introduce me to the other interns
and workers in the company. Also, he gave me the rules and regulation of the company to
abide to during my stay of internship in the company also he oriented me more about the
company, their various mission and vision and the various activities they carry out.
Mostly especially he oriented me on how to take my internship serious.
The following below the various rules I was to abide with
 Dress neatly by dressing responsible
 Show my ambition.
 Take initiative.
 Be at the office before 8am
 Always be open to ask questions in case of any problem or help
 Learn more about the company including their mission, vision, and the
various activities carry out in the company.

1.2 OBJECTIVES OF CARRYING OUT THE INTERNSHIP

The main objective of carrying out an internship for two months was to firstly gain
practical experience which putting in the theoretical though to me in school into practice
and have and experience with the real world of cyber security threats. Also, to help
develop and enhance technical skills in network security, encryption and risk
management. Secondly to help improve critical thinking and problem solving by working
on cyber securities challenges such as identifying vulnerabilities and help build
connections with professionals in the cyber security field open doors for me for future
career opportunities. Then also learn and know how to use cutting edge cyber security
tools and platform use in defending against cyber threat.

written and presented by sama

2
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

1.3 DEFINITION OF TERM

This report provides an overview of “The Implementation of a Firewall on a Local

Area Network Using Cisco Packet Tracer refers to the process of designing, configuring,
and developing firewall rules and securities policies to control network traffic. This
involves setting up Access Control Lists, filtering traffic based on IP addresses, ports, and
protocols, and ensuring only authorized communication occurs between devices.
Firewalls in Cisco Packet Tracer can be implemented using routers with ALC, dedicated
firewalls devices, or simulated firewall appliances to enhance network security. The
following are the different definition of the network device used:
- Firewall: It’s a security system that monitors and control the incoming and
outgoing of network system based according to the rules. Its acts as a barrier between a
trusted internal network and an untrusted external network to prevent unauthorized
access.
- Web Server: It is a computer or software that stores, processes, and delivers
website to users over the internet.
- Router: A router is a network device that helps to connect computer devices
to a LAN then the LAN to the internet for the purpose of sharing information.
- Switch: A switch is network device that is use to connect multiple devices
with a local area network and allow them to communicate efficiently.
- End Device: these are devices that are been connected to the internet such
as; a computer.
- Local Area Network: A Lan is the interconnection of different devices to
the internet with in a building.
- Cisco Packet Tracer: It is a network simulation tool developed by Cisco for
learning and practicing networking concepts.

written and presented by sama

3
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

1.4 PROBLEM STATEMENT

During my internship at NSc, it was observed that in many network

environments, unauthorized access and cyber threats pose significant risks to data
integrity and confidentiality. A poorly secured LAN is vulnerable to attacks such as
unauthorized intrusions, malware infections, and data breaches. Without a properly
configured firewall, internal network resources remain exposed to external and internal
threats. This project aims to implement a firewall on a LAN using Cisco Packet Tracer to
regulate traffic flow, restrict unauthorized access, and enhance overall network security.
The study will focus on configuring firewall rules, testing security policies, and ensuring
optimal network performance while maintaining access control.

written and presented by sama

4
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

CHAPTER TWO

PRESENTATION OF THE COMPANY

2.1 BACKGROUND OF THE COMPANY

Nala security consulting is a cyber security company that assist other business
companies of all sorts o protect their IT system and sensitive data. Nala security was
found Mrs. Sandy Enow in the United States of America in 2021. Then later in 2022 she
then opens a branch here in Cameroon precisely in Douala.

2.2 ORGANIZATIONAL STRUCTURE

The organizational structure outlines the key roles and teams within Nala Security
company, ensuring compressive management and protection of both internal systems and
client networks. Its start with the CEO who is responsible for the overall leadership,
strategies decision making, and ensuring the company’s cyber security services align with
business goals, while the incident response team manages security branches. Other
essential groups include network security, identity and access management, compliance,
client support, and research and development, each contribution to robust cyber security
practices and solutions.

written and presented by sama

5
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 1.2 Organizational Structure of Nala Security

2.3 PRODUCT /SERVICES OFFERED BY THE COMPANY

Nala security consulting offers a variety range of services such as the following:
 Endpoint security:
Endpoint security is the process of protecting workstations end devices which
transmit information or data against cyber threat using:
- Endpoint Detection and Response (EDR) which helps to identify and neutralizes
sophisticated threats in real time.
- Extended Detection Response is a unified security incident platform that uses AI
and automation
 Infrastructure Security:

written and presented by sama

6
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Infrastructure security is the practice of protecting critical systems and assets against
physical and cyber threats by using:
- Intrusion Prevention Security is the act and process of safeguarding digital
information throughout its entire life cycle to protect it from corruption.
- Data Access Management (DAM) refers to the process and technologies used to
control and monitor access to sensitive data within an organization.
 Identity and Access Management (IAM)
IAM is a cyber security practice that enables IT administrator to restrict access to
organization resources and ensuring that only the right people can access the
organization’s data and resources by making it possible to set controls that grants access
to employees and devices while making it difficult for unauthorized users to access the
system in the network.
 Cloud security:
Cloud security is the collection of security measures design to protect closed based
infrastructure by using:
- Cloud access security broker (CASB) it provides completely visibility and control
for your cloud app with real data protection and prevent cyber threat
- Secure web gateway (SWG) it helps protects your workforce from zero-day threat
and enforces data protection while assessing the web
- Cloud native applications (CNAPP) it helps secure your enterprise cloud native
application ecosystem.

written and presented by sama

7
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 SOURCE OF DIAGRAM

Figure 2.1 Source of Diagram

 BRIEF DESCRIPTION OF SOME MAIN FUNCTIONS AND HOW THE UNTITS

ARE RELATED
1. Kaspersky Security: It is global cybersecurity company that provides antivirus,
internet security, and advanced cybersecurity solutions for home users, business and
enterprises. They are well known for their threat detection, malware protection, and
endpoint security solutions. Kaspersky is one of Nala security partners, providing them
with Kaspersky’s security solutions such as Endpoint detection response (EDR) which is

written and presented by sama

8
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

a solution that collect data from endpoint devices and using behavioral analysis to detect
threats and can isolate infected devices to stop malware spread.
2. Sky High Security: It is a cloud security company specialized in data detection, cloud
security, and secure web access. It is known for its Cloud Access Broker and Security
Service Edge solutions, helping organizations secure cloud applications, prevent data
leaks, and defend against cyber threats. Sky high works together with Nala security as
partners providing them with cloud security and data protection solutions such as CASB
which detects unauthorized cloud app usage and also prevents data leakage and inside
threats and Cloud Native Application Protection to secure applications running in google
cloud and provides runtime protection, vulnerability scanning.
3. Thales Security: It is a global cybersecurity and digital security provider, specialized
in data protection, identity and access management, encryption, and cloud security. It
serves governments, financial institutions, and enterprises to secure critical infrastructure,
sensitive data, and digital transactions. Thales security works together with Nala security
in partnership providing them with solutions such as Cipher trust data security platform
which consists of encrypting files, databases, cloud storage, and also access control
which restricts unauthorized access using zero trust security. Mostly importantly
providing them with IAM solutions which is SafeNet Trusted access consisting of
multifactor authentication for cloud and on premises apps and also single sign on (SSO)
for secure access management.

written and presented by sama

9
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

CHAPTER THREE

ACTIVITIES CARRIED OUT BY THE INTERN

3.1 Activities at the Research Development Department

The R&D department plays a pivotal role in pushing the boundaries of current
technologies and ensuring that security solutions evolve to meet emerging threats.
The following are the activities I carried out concerning the implementation of a firewall,
1. Market and Technology Research:
- Technology Review: I began by reviewing the current Cisco firewall technologies
and relevant security protocols. This involves studying Cisco’s documentation, white
papers and best practices to determine the optimal solution for the lab environment.
- Objective Setting: defining the goals of the lab implementation is critical. This
includes deciding which firewall features (stateful inspection, NAT, VPN support) to test
and validating their effectiveness under simulated network conditions.
2. Lab Setup and Configuration
- Environment Design: designs a lab network that mimics a realistic LAN
environment. Tools like Cisco’s VIRL are often used to simulate the network
infrastructure
- Hardware and Software Configuration: configuring virtual routers, switch, and
firewalls to establish an integrated network. This step ensures that all components are
interconnected correctly and the firewall can be placed strategically within the network.
3. Firewall Implementation and Testing
- Policy and Rule Configuration: implementing firewall policies involve setting up
access control lists, configuring NAT, and on the research objectives.

written and presented by sama

10
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

- Simulation of Traffic Scenarios: once the firewall is configured, simulated network

traffic is introduced to test the firewall’s ability to block unauthorized access and permit
legitimate network traffic. This might include simulating various attacks vectors, such as
DoS attacks or intrusion attempts.s
-
- Integration with Other Security Measures: the firewall’s performance is evaluated
in conjunction with other security devices and protocols. This holistic approach ensures
that the firewall operates effectively within a broader security ecosystem.

Figure 3.1 Activities at the Research Development Department

3.2 Activities at the Technical Operations Network Security Center (NSC)

A NSC is responsible for monitoring, managing, and protecting an organization’s network

infrastructure from cyber threats. The Technical Operations team within the NSC carries
out various activities to ensure network security , integrity, and availability.

written and presented by sama

11
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

1. NETWORK MONITORING AND THREAT DETECTION

- Continuous monitoring of network traffic for anomalies.
- Using Intrusion Detection and Prevention systems (IDS/IPS) to identify potential
cyber threats
- Tracking security logs and alerts in real time.

2. FIREWALL AND ACCESS CONTROL MANAGEMENT

- Configuring, updating, and managing firewalls to control network traffic.
- Implementing Access Control Lists to restrict unauthorized access and protect the
network system against cyber threats
- Monitoring firewall logs for suspicious activities.
3. NETWORK CONFIGURATION AND SECURITY POLICY ENFORCEMENT
- Configuring routers, switches and other network devices securely.
- Enforcing security policies, including password policies, encryption, and
authentication mechanisms
- Managing virtual private networks for secure remote access.
4. VULNERABILITY ASSESSMENT AND PENETRATION TESTING
- Performing regular security assessments to identify network vulnerabilities
- Running penetration tests to simulate cyberattacks and evaluate security defenses.
- Implementing patches and security updates to mitigate vulnerabilities

written and presented by sama

12
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 4.1 Vulnerability Assessment steps

3.3 Research on Web Application Firewall (WAF)

Web Application Firewall is a specific form of application firewall that filters, and blocks
HTTP traffic from getting into a web server.

Types of Web Application Firewall

 Network-Based Wafs: these are usually hardware network based WAF which
enables replication of rules and setting across multiple appliances.
 Host-Based WAF: they are fully integrated into application code itself. It is a
software that controls network traffic to and from a single host computer regulating
access based on a specific set of security rules.
 Cloud-Based WAF: it is a software security product that helps to block attacks
from getting into your application.

written and presented by sama

13
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Web Application Firewall threat

 SQL Injection: it is a common cyber-attack that uses a malicious SQL code for
database manipulation to access information that was not intended to be displayed.

Figure 5.1 Functioning of an SQL Injection

 Cross-site Scripting: it is a web security vulnerability where attackers inject

malicious client-side scripts into legitimate websites, enabling them to compromise users’
interactions with those applications.

written and presented by sama

14
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 6.1 Functions of a Cross-Site Scripting

 Cross-Site Request Forgery: it involves tricking users into performing unwanted

actions on a website where they are authenticated, without their knowledge or consent.

written and presented by sama

15
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 7.1 Functions of a Cross-Site Request Forgery

IMPORTANCE OF WEB FIEWALL APPLICATIONS

 Application Profiling: WAF can detect and stop malicious request through
application profiling to get into the network system.
 Protects Against SQL Injection: WAF helps to protect a network against SQL
injections by matching the inputs to an application against a large list of known
signatures to thwart malicious SQL injections.
 Distributed Denial of Services Protection: WAF systems helps provide strong
DDoS protection and also provide additional layers for protections which helps protects
your website, and web applications from a variety of spam.

written and presented by sama

16
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

3.4 A REPORT OF TASKS CARRIED OUT BY THE STUDENT

This report provides an overview of the various tasks I carried out during my internship
at Nala Security. The primary objectives of this project were to enhance network security
by configuring and developing firewall rules to control and monitor network traffic.
 Network Topology Design:
Firstly, I was assigned to design a simulated LAN network in Cisco Packet Tracer,
including routers, switches, servers, and end-user devices. Configuring basic IP addresses
and subnetting for different network segments.
The following diagram below is a network topology in a LAN consisting of a router, a
switch, two computers (endpoint devices), and a server. In which each device is been
configured to share resources and information each containing a subnet mark of
255.255.255.0 which is in class c, and a default gateway of 192.168.1.1 and also their
various IP address as seen below:
 Router: which is known as R1 consists of the IP address in the interface Gig0/0
which is 192.168.1.1/24
 Switch: Which is known as Sw1 consists of an IP address in Vlan1 which is
192.168.1.22/24
 PC0: consists of an IP address of 192.168.1.10/24
 PC1: consists of an IP address of 192.168.1.11/24
 Server: consisting of an IP address of 192.168.1.20/24

written and presented by sama

17
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 8.1 LAN setup

written and presented by sama

18
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 9.1 Router Configuration

 Firewall Configuration and Implementation

Later on, I implemented a firewall security rule on different LAN each link to a switch
connected to router then the router to the firewall using Access Control on routers.
Configuring packet filtering rules to allow and deny network traffic based on
source/destination IP addresses, ports, and protocols. Each LAN has a specific IP address
and a gateway which I assign. They all have a subnet mark of 255.255.255.0 which is in
class C. To start with, I started connecting the various end device to their various switches

written and presented by sama

19
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

using a copper straight cable since we are working with two LANs then the two switches
are then connected to the router still using a copper straight cable then the firewall is then
connected to the different switches using copper straight cable. Later on, I continued by
configuring the firewall. The following below are the different IP addresses assign to the
various devices in the network.

 LAN 1
- Router: which is known as R1 consists of the IP address in the interface Gig0/0
which is 192.168.1.1/24,
- Switch: Which is known as Sw1 consists of an IP address in Vlan1 which is
192.168.1.22/24
- PC0: consists of an IP address of 192.168.1.10/24
- PC1: consists of an IP address of 192.168.1.11/24
- PC2: consists of an IP address of 192.168.1.12/24
- Server: consisting of an IP address of 192.168.1.20/24
 LAN 2
- Router: which is known as R1 consists of the IP address in the interface Gig1/0
which is 192.168.2.2/24
- Switch: Which is known as Sw1 consists of an IP address in Vlan1 which is
192.168.2.23/24
- PC3: consists of an IP address of 192.168.2.14/24
- PC4: consists of an IP address of 192.168.2.15/24
- PC5: consists of an IP address of 192.168.2.16/24
- Server: consists of an IP address of 192.168.1.22/24
 Firewall
- IP address in interface Gig1/1 192.168.3.1 255.255.255.0
- IP address in interface Gig1/2 192.168.4.1 255.255.255.0
Various steps to consider when configuring a firewall:

written and presented by sama

20
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Step 1: Access the Firewall

Firstly, I connected the ASA firewall using console cable. Then after, I enter the privilege
EXEC mode which is enable. Later on, I enter the Global Configuration mode which is
configure terminal (config t). Then I entered the hostname firewall then lastly the
password which Darlina143 by enabling the password and I inserted the clock set mode
which is the time and date.

 Step 2: Configuring Interface Ips and Security Levels

Here I assign the various IP addresses according to their different interface. Interface
Gig1/1 has an IP address of 192.168.3.1 255.255.255.0 then aside it to the Vlan nameif
INSIDE then lastly for this interface I assign the security level to be 100. Later on, I
assign the IP address of the interface Gig1/2 which is 192.168.4.1 255.255.255.0 then
aside it to the Vlan nameif OUTSIDE then assign the security level to be 30. Lastly no
shut.
 Step 3: Save Configuration
To save the various configurations I entered the comment write memory the end.

written and presented by sama

21
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 10.1 Connection of 2 LAN to a Firewall

written and presented by sama

22
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 11.1 Router Configuration

written and presented by sama

23
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 12.1 Pc1 IP Address on LAN1

written and presented by sama

24
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 13.1 Pc5 IP Address in LAN2

written and presented by sama

25
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Figure 14.1 Firewall Configuration

3.5 Comparing Theory and Practice

As a network and security intern, I quickly realize that there is a gap between what you
learn in theory and how things work in practice. Theoretical knowledge provides a
structured foundation, but real-world experience presents challenges that require
adaptability and problem solving.

In theory, cyber threats and vulnerabilities are studied through case studies, textbooks,
and controlled simulations. I learn about common attacks vectors, malware types, and
how to mitigate them using best practices. However, in practice, new evolving threats in
practice, new and evolving threats constantly emerge making it necessary to stay updated
and adjust security measures dynamically.

written and presented by sama

26
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

When studying cybersecurity tools, I became familiar with SIEM systems, intrusion
detection and prevention tools, firewalls and penetrating testing frameworks. In a real
work environment, I get hands on experience using and configuring these tools,
troubleshooting issues, and understanding their limitations in detecting sophisticated
threats.

Another major difference is in social engineering awareness. While I study phishing and
manipulation techniques in books, the workplace reveals how frequently employees
actually fall phishing emails, requiring stronger training and awareness initiatives.

Finally, while theoretical knowledge emphasizes security policies, best practices,

enforcing these policies can be challenging. Employees might ignore security guidelines,
use weak passwords or bypass security controls for convince, requiring continuous
monitoring and training.

3.6 Conceptual Review of your Topic

A firewall is a critical component of network security that monitors and controls

incoming and outgoing traffic based on predefined security rules. In LAN firewalls help
to protect internal devices from unauthorized access, malware, and cyber-attacks. Cisco
firewall such as Cisco Adaptive Security Appliance (ASA) and Cisco Firepower, are
widely used for enterprise grade security solutions.

This review explores the conceptual framework of implementing a firewall on a LAN

using Cisco devices, including firewall types, deployment strategies, and best practices.

 Firewall Types and Their Role in Lan Security

Cisco offers different types of firewalls of LAN security:
 Packet Filtering Firewalls helps to inspect packets based on source/destination IP,
port, and Protocols.
 Stateful Inspection Firewalls monitors the state of active connections and allow
only legitimate traffic

written and presented by sama

27
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Next-Generation Firewalls helps provide advanced security features like deep

packet inspection, intrusion prevention, and application awareness.

In a LAN, firewall prevent unauthorized access to internal resources, segment network

traffic, and enforce security policies.

 Implementation Strategy for a Cisco Firewall in a LAN

The implementation of a cisco firewall in a LAN follows a structured process:
 Network Design and Firewall Placement:
- Firewalls can be placed at the LAN-WAN boundary to filter external traffic or
within the LAN itself to enforce internal segmentations.
 Firewall Configuration
Cisco firewalls can be configured using:
- Command Line Interface offers granular control over firewall settings.
- Cisco Adaptive Security Device Manager provides a graphical interface to easier
configuration.
Key configurations include:
 Access Control Lists defines rules to permit or deny traffic based on IP addresses,
ports, and protocols.
 Network Address Translation translate Private Lan Ips to public Ips for internet
access.
 Policy Enforcement and Monitoring
After configuration, policies should be enforced to:
 Restrict unauthorized access.
 Allow only necessary services e.g., web, email.
 Monitors network traffic for anomalies using Cisco Fire power management
Center or syslog.
 Testing and Optimization
 Perform penetration testing to verify firewall effectiveness.

written and presented by sama

28
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Continuously updated firewall rules based on security threats.

 Regularly audit firewall logs to detect suspicious activity.

3.7 Justification of the Topic

In today’s digital landscape, organizations face increasing cyber security threats, making
network security a top priority. A LAN is particularly vulnerable to cyberattacks,
unauthorized access, and internal threats if not properly secured. Implementing a firewall
is a fundamental security measure to control traffic, prevent intrusions, and safeguard
sensitive data.

Cisco, a leading provider of networking and security solutions, offers robust firewall
technologies such as Cisco ASA and fire power which provide advanced threat
protection, access control, and network segmentation

Understanding the implementation of these firewalls in a LAN environment is essential

for ensuring a secure, efficient, and well managed network.

This topic is justified because it:

 Addresses a Critical Security Need: Organizations must protect their LANs from
cyber threats, making firewall implementation a key defense strategy.
 Focuses on an Industry leading Solutions: Cisco firewalls are widely used in
enterprises, making their implementation highly relevant.
 Enhances Network Performance Compliance: A properly configured improves
security firewall improves security while ensuring compliance with data protection
regulations.
 Bridges Theory and Practices: It provides hands understanding of configuring and
managing firewalls in real world environment.

Cisco, a leading provider of networking and security solutions, offers robust firewall
technologies such as Cisco ASA which provide advanced threat protection, access
control, and network segmentation.

written and presented by sama

29
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Understanding the implementation of these firewalls in a LAN environment. Is essential

for ensuring a secure efficient for ensuring a secure, efficient and well managed network.

By exploring this topics, organizations and IT professional can enhance LAN security
prevent cyber threats and optimize network performance, making it a vital area of study.

written and presented by sama

30
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

CHAPTER FOUR

SWOT ANALYSIS, CONCLUSION, AND RECOMMENDATIONS

4.1 SWOT ANALYSIS

4.1.1 STRENGHT OF NALA SECURITY CONSULTING

The strength of the Nala security consulting includes the following:

 Hand-on Experience: Which is exposure to real-world cyber security issues,
allowing you to apply theoretical knowledge to the practical solutions.
 Learning From Experts: It includes the opportunity having to work alongside
industry professionals and gain insights from experience cyber security experts.
 Access to Tools and Technologies: Helps offering ability to use cutting-edge
security tools and software tools that enhance your technical skills
 High Demand Field: As cyber security is a rapid growing field; its helps offer you
future career opportunities.
 Networking: Helps in developing relationships with professionals in the industry,
potentially leading to job offers or mentorship opportunities.

4.1.2 WEAKNESS OF NALA SECURITY CONSULTING

The various weakness of Nala security consulting includes the following:

 Limited Scope of Work: As an in intern in Nala security, you may be assigned
entry-level tasks or limited responsibilities, which might not fully challenge your
capacities.
 Operational Costs and Profitability: High initial costs for infrastructure, staffing,
and marketing may delay profitability and also managing cybersecurity operations
remotely from the main office could lead to inefficiencies.
 Inefficient Incident Response Plan: Cybersecurity response plans may be unclear
or outdated. Also, employees might not know how to handle security breaches effectively.

written and presented by sama

31
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Shadow IT (unauthorized software devices): Employees may use personal devices

or unauthorized applications, increasing risks. Also, weak policies on external USB
devices or cloud storage usage.
 Outdated Software and Patch Management Issues: Some systems or software may
not be updated regularly, leaving vulnerabilities. Also interns often notice outdated
applications that full time employees ignore.

4.1.3 OPPORTUNITIES OF NALA SECURITY CONSULTING

Here are the various opportunities you can gain working an intern in Nala security
consulting which includes the following:
 Skill development: Helps give you opportunity to enhance both technical and soft
skills together which are essential in the cyber security industry.
 Certifications and Training: Nala security consulting offers a several certifications
in cyber security such as PEBC which gives an intern the opportunities to access cyber
security certifications and online courses which include programs that can boost your
resume.
 Job Offers: As an intern in Nala security, you have high chances of securing a full-
time position post-internship and a job offer due to the growing demand in the cyber
security industry.
 Emerging Trends: Exposure to cutting-edge cyber security challenges like cloud
security, AI threats, and IoT security, allowing you to specialize in an emerging field.

4.1.4 THREADS OF NALA SECURITY CONSULTING

Nala security company can face several potential threats, both external and internal
threats. These threats can impact their operations, reputation, and the security of their
clients. Here are some key risks;

written and presented by sama

32
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

1. Internal Threat:
 Inadequate security awareness: if an employee isn’t trained on the latest
cybersecurity threats, they may fall victim to phishing or malware attacks.
 Software vulnerabilities: the present of weak security in the company could permit
hackers to explore vulnerabilities.
 Poor access security: if privileged accounts that is admin access are not properly
managed, they can be misused by employees or hackers.
2. External Threat:
 Phishing and Social engineering: attackers may impersonate executives,
employees, or clients to trick staff into sharing login credentials or sensitive information.
 Regulatory Compliance violations: failure to comply with data protection laws can
results in fine and reputational damage.

4.2 CHALLENGES ENCOUNTERED

4.2.1 Company’s Challenges

The following below are the various challenges Nala security company can face as an
upcoming cyber security in Cameroon.
1. Integration with existing systems
Many organizations already use security tools and are reluctant to switch providers.
A new company must ensure its solutions integrate seamlessly with existing IT
infrastructure (cloud services, enterprise security software).
Without easy integration, potential customers may reject the services.
2. Scaling Operations
Managing growth while maintaining high security and customer service is a challenge.

written and presented by sama

33
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

Expanding to new markets involves adapting to different regulations and cyber security
needs. Infrastructure and security operations must be scalable to handle increasing
demand.
3. Constantly Evolving Threats
Cybercriminals continuously develop new hacking techniques, ransomware, and phishing
strategies. A cybersecurity company must stay ahead of these threats by constantly
updating its software, threat intelligence, and security strategies.
Failure to do so can result in vulnerabilities, loss of reputations, and legal consequences.
4. Regulatory and Compliance Issues
Cybersecurity businesses must comply with strict regulations such as;
 General Data Protection Regulations (GDPR) helps protect EU citizen’s data.
 Health Insurance Portability and Accountability Act (HIPAA) regulates healthcare
data.
 Payment Card Industry Data Security Standard (PCI DSS) ensures secure online
payments
 Compliance in complex and costly, requiring legal expertise and regular audits.

4.2.2 Intern Challenges

The following below are the various challenges I face during internship as an intern in
Nala security:
 Handling Sensitive information: as an intern not having previous experience with
handling sensitive data or confidential information makes it difficult and challenging for
me and so I must learn how to balance privacy and security while following the company
protocols for data protection.
 Working with Real-World Threats: unlike classroom exercises, as an I will have to
deal with real-world security branches or vulnerability, which can be stressful and high-
pressure situations. They may need respond to active threats or help monitor systems
during a cyber-attack.

written and presented by sama

34
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Balancing Theory and Practical: as an intern, I came in with more theoretical

knowledge from my studies at school and so trying to apply this knowledge to real world
can be difficult. They must bridge the gap between textbook concepts and practical, hand
on work.
 Collaboration and Communication: in a cyber security company, teamwork and
communication are vital. As an intern I had face a lot of challenges in collaborating with
the team members, especially when explaining technical problems to non-technical
stakeholders.

4.3 Critical Analysis of Identified Problem

The identity problem, especially in the context of cybersecurity, refers to the challenges
associated with verifying and managing the identities of users, systems, and devices in a
digital environment. A critical analysis of the identity problem involves examine its
various aspects, including its implication, causes, and potential solutions.
1. Complexity of Identity Management
- Problem: As a digital interaction expands, so the number of identities an individual
or entity needs to manage. These identities may span across various platforms (social
media, work accounts, cloud services, IoT devices etc.). managing these multiple
identities becomes complex, especially when ensuring that each is secure and properly
authenticated.
- Implications: Without proper management, individuals or organizations may
become vulnerable to impersonation, fraud, or unauthorized access.
2. Authentication vs. Authorization:
- Problem: authentication (the process of verifying identity) and authorization (the
process of granting access based on identity) are often conflated, but they are distinct
challenges. Traditional authentication methods (e.g., passwords) are increasingly
inadequate in the face of sophisticated attacks (phishing, credential stuffing, etc.) but
authorization remains just as important for restricting access to sensitive data.

written and presented by sama

35
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

- Implication: even if authentication is robust, without strong authorization controls,

system can still be compromised once an attacker gains access.
3. The Rise of Identity Theft and Fraud
- Problem: identity theft has become a major issue, where attackers exploit stolen or
falsified identities to gain unauthorized access to systems, conduct fraud, or steal
sensitive information.
- Implication: individuals and organization face significant financial, reputation, and
operational risk to extends to regulatory fines and data breach penalties.

4.4 RECOMMENDATION

1. Invest in Identity and Access Management Solutions

- Deploy comprehensive IAM solutions that provide centralized control over user
identities, roles and access permissions. This includes capabilities for monitoring,
auditing, and automating user provisioning and de-provisioning.
- IAM solutions helps mitigate risks such as privilege creep and unauthorized access,
ensuring that users have only the permissions they need to perform their job functions.
2. Enhance privacy Measures of Identity Data
- Employ privacy preserving technologies, such as end to end encryption, data
tokenization, and federated learning, to ensure that sensitive identity information is
protected from unauthorized access or misuse.
- Protecting identity data from branches and misuse is essential for both legal compliance
and maintaining user trust.
3. Implement Strong Authorization Mechanism
- In addition to strong authentication, use fine grained authentication controls (e.g., role-
based access control or attribute-based access control) to ensure that users can only
access the resources they need.
- Even if an identity is verified, without proper authorization controls, systems and data
are still vulnerable to misuse or exploitation.

written and presented by sama

36
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

4.5 CONCLUSION

The implementation of a firewall on a LAN using Cisco technology is a crucial step in

securing network infrastructure and protecting valuable data from unauthorized access,
cyber threat and attacks, and internal threats. Firewall serve as the first line of defense,
controlling incoming and outgoing traffic based on predefined security rules, and thus
providing a strong layer of protection for network.

Key findings from the Implementation include:

1. Enhanced Security: that is by configuring a cisco firewall on a LAN, the network
was effectively shielded from external threats such as hacking attempts, viruses, and
malware. The firewall successfully filtered out unwanted traffic and only allowed
legitimate communication based on established rules.
2. Traffic Control: the firewall allowed granular control over network traffic,
enabling specific access to services and applications while blocking unnecessary or
dangerous traffic. This ensured that critical resources were protected while ensuring users
had access to the network services needed.
3. Policy Enforcement: the implementation of firewall rules allowed the enforcement
of security policies, such as restricting access to certain websites or blocking malicious IP
addresses, enhancing the overall security posture of network.
4. Network Segmentation: By configuring the firewall to isolate certain segments of
the LAN, the system ensured that internal traffic between different network zones was
monitored a controlled. This improved internal security and limited the potential damage
of a breach.
Challenges Encountered:
 Configuration Complexity: Setting up a firewall, especially in a complex network
environment, can be a difficult and time consuming. Fine-tuning security policies
required careful attention to avoid inadvertently blocking legitimate traffic or allowing
unwanted access.

written and presented by sama

37
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Outgoing Maintenance: Regular updates and rules modifications were necessary to

keep the firewall’s security mechanisms up to date against evolving threats.
Recommendations for Future Improve
 Regula Audits and Rule Updates: To maintain a secure network, it is essential to
regularly audit firewall rules and configurations, adapting them as the network evolves or
new threats emerge.
 Integration with Other Security Tools: For enhanced protection, integrating the
cisco firewall with other network security solutions, such as Intrusion detection System
or Intrusion Prevention System, can provide additional layers of defense.
 User Awareness and Training: Educating network administrators and users on the
importance of security policies and how to work with firewall constraints can help
minimize human error and improve overall network security.
In conclusions, implementing a cisco firewall on a LAN significantly bolstered the
network’s defense mechanisms. It provided essential security, traffic management, and
policy enforcement that helped protect against both external and internal threats.
Continued monitoring and rule optimization are key ensuring that the firewall remains
effective in mitigating risks and adapting to new challenges.

written and presented by sama

38
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

REFRENCES

Books and Manuals

1. Cisco System. (2020). Cisco Firepower Threat Defense Configuration Guide.
Cisco Press.
2. Cisco Systems. (2019). Cisco ASA Firewall Fundamentals. Cisco Press
3. Stallings, W. (2016). Network Security Essentials: Applications and Standards (6 th
ed.). Pearson.
Online Articles and Whitepapers
4. Cisco Systems. (2023). Cisco firewall Solutions Overview. Retrieved from
https://.www.cisco.com
5. Palo Alto Networks. (2022). Best Practices of Firewall Implementation. Retrieved
from https://www.paloaltonetworks.com
Academic Journal and Conference Papers
6. Smith, J., & Brown, T. (2021). “Enhancing Network security Through Firewall
Implementational.” International Journal of Cybersecurity, 15(3), 45-60.
7. Chen, L., & Wang, P. (2020). “Comparative Analysis of Cisco ASA and Next
Generation Firewalls.” IEEE transactions on Network security, 20(4), 112-125.

written and presented by sama

39
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

APPENDICES

Appendix A: Cisco Firewall Configuration Commands

This section provides essential cisco CLI commands for configuring a firewall in a LAN
environment.

1. Basic Firewall Setup (Cisco ASA)

 Configure terminal (config t)
 Hostname Cisco Firewall
 Enable password securepass123
2. Creating Security Zones
 Interface Gigabit ethernet0/1 such as Gig0/1
 Nameif inside
 Security-level 100
 Ip address 192.168.1.1 255.255.255.0
 No shutdown
3. Configuring Access Control Lists
 Access-list INSIDE_TO_OUTSIDE permit tcp any any eq 80
 Access-list INSIDE_TO_OUTSIDE permit tcp any any eq 443
 Access-group INSIDE_TO_OUTSIDE in interface inside
4. Setting Up Network Address Translation

written and presented by sama

40
darlina
 IMPLEMENTATION OF A FIREWALL ON A LAN USING CISCO PACKET TRACER

 Object network LAN-NETWORK

 Subnet 192.168.1.1 255.255.255.0
 Nat (inside, outside) dynamic interface

Appendix B: Network Diagram of Firewall Implementation

A simple network diagram showing the firewall positioned between LAN and WAN
protecting internal devices.

written and presented by sama

41
darlina