IOS questions (cisco 806 and the IOS firewall feature set)

[xyyz]

I got my 806 and I downloaded the IOS firewall package.

Now, I don't know exactly how to upgrade my router. Do I copy this file to my flash? This file is smaller than the current IOS image... or do I copy this file elsewhere on my router? How do I enable these options?

Second, how do you disable vty access to your router? I only want to access the router by using the console.

 

[Nutz]

I HIGHLY recommend you back up your current IOS before hand.

Router#copy flash tftp

Cisco's instructions for flashing an 800 series

Here, this may be usefull down the road.

Same goes for this

 

[FFC]

Basically the IOS upgrade is achieved via tftp by using the copy tftp flash command.

To stop telnet access create an access list which denies everything e.g.

access-list 1 deny any

The under the vty lines in the config apply the access list e.g.

line vty 0 4
access-class 1 in

That will stop all telnet access in.

 

[spidey07]

also....

line vty 0 4
no login

But I like FFCs idea better, a little more brute for and to the point.

 

[xyyz]

<< also....

line vty 0 4
no login

But I like FFCs idea better, a little more brute for and to the point. >>




Ummm.... I tried this one... and well.... when I telnet into the router I get connected right away... w/o it even asking for a login ID or anything... it's just like another console connection. :/

*EDIT*

nevermind... I read what FFC said... CAREFULLY this time... and it made perfect sense.

 

[xyyz]

another question....

how do you speed things in hyperterminal? last night things were pretty fast... and today there seems to be a second lag between me typing something and it showing on screen.

 

[xyyz]

okay... now I screwed things up even more...

I did a ios image backup last night... a few minutes ago I decided to get some basic IOS practice in so I blanked everything out.

I then tried to upload the image to the router using TFTP... but the problem is that it won't work.

I've done exactly what the 806 manual says for an emergency recovery, but things don't seem to work here.

Any ideas what I should do now? I can always use xmodem to upload the file, but that will take forever.

 

[xyyz]

i've uploaded the firewall feature set to the 806, it's in the flash along with the IOS image... now how do I get it to do something.... or check to see that it is doing something?

 

[FFC]

The firewall feature set is part of IOS, it is what they call a monolithic code base.

The Firewall feature set won't do anything by itself. You need to configure some context based access lists to suit your needs. It's quite a large subject to cover. I'd suggest reading the docs on the web site about creating context based access lists for a start. Then try some simle ones out and see how it goes.