Open In App
Related Articles

Basic Firewall Configuration in Cisco Packet Tracer

Like Article
Save Article
Report issue

Prerequisite: Firewall

A firewall is a hardware or software network security device that monitors all incoming and outgoing traffic based on a defined set of security rules, it accepts, rejects, or drops that specific traffic. 

  • Accept: Allow traffic.
  • Reject: Block traffic but respond with “reachable error”.
  • Drop: Block unanswered traffic firewall establishes a barrier between secure internal networks and untrusted external networks, such as the Internet.

Steps to Configure and Verify Firewall in Cisco Packet Tracer:

Step 1: First, open the Cisco packet tracer desktop and select the devices given below:

S.NODeviceModel NameQuantity

IP Addressing Table:

S.NODeviceIPv4 AddressSubnet Mask
  • Then, create a network topology as shown below the image.
  • Use an Automatic connecting cable to connect the devices with others.


Step 2: Configure the PCs (hosts) and server with IPv4 address and Subnet Mask according to the IP addressing table given above.

  • To assign an IP address in PC0, click on PC0.
  • Then, go to desktop and then IP configuration and there you will IPv4 configuration.
  • Fill IPv4 address and subnet mask.
  • Repeat the same procedure with the server


  • Assigning an IP address using the ipconfig command, or we can also assign an IP address with the help of a command.
  • Go to the command terminal of the PC.
  • Then, type iPConfig <IPv4 address><subnet mask><default gateway>(if needed)
Example: ipconfig


  • Repeat the same procedure with other PCs to configure them thoroughly.

Step 3: Configuring the firewall in a server and blocking packets and allowing web browser.

  • Click on server0 then go to the desktop.
  • Then click on firewall IPv4.
  • Turn on the services.
  • First, Deny the ICMP protocol and set remote IP to and Remote wildcard mask to
  • Then, allow the IP protocol and set remote IP to and Remote wildcard mask to
  • And add them.


Step 4:  Verifying the network by pinging the IP address of any PC.

  • We will use the ping command to do so.
  • First, click on PC2 then Go to the command prompt.
  • Then type ping <IP address of targeted node>.
  • We will ping the IP address of the server0.
  • As we can see in the below image we are getting no replies which means the packets are blocked.


Check the web browser by entering the IP address in the URL.

  • Click on PC2 and go to desktop then web browser.


Last Updated : 30 Jun, 2022
Like Article
Save Article
Share your thoughts in the comments
Similar Reads