In this post I will talk about Cisco Zone Based Firewall (ZBF) which is a new approach to configure access control in the IOS firewall. I will first make an introduction to ZBF and then I will demonstrate how to configure it.
To illustrate the different examples in this post I will use the following topology:
IGP: EIGRP AS 10
Platform/IOS: Cisco 2691/12.4(15)T11 Adv IP services.
Side note: As I am using IOS 12.4(15)T I will only talk about ZBF rules for this IOS release. Some improvements and rules changes have been made in the last IOS releases (IOS 15.X).
IP addressing: All routers in the topology are configured with loopback IP in the format X.X.X.X /32 where X is the router number.