I am setting up two cisco 2621 routers. I am new to cisco routers but I have read the manuals. Is there anything special I have to do to prevent ip spoofing? i.e. preventing spoofed packets from leaving my network and preventing them from entering.
Very simple on the 'coming in' side. Simply put an access list on the external interface that blocks traffic with a source of a network that is on the internal side.
192.168.0.0 Internet Pipe
Put an access list that denies 192.168.0.0 255.255.255.0 to any from coming IN the external interface. This prevents someone from 'spoofing' your internal addressing and forwarding traffic into your router from the outside.
To be honest, its usually a good idea to ACL off all internal network addressing which should not be present in the internet.