Powered by Blogger.

Access Control List (ACL)

You are the network administrator at Ranet, and have to config router Ranet-HQ to connect its LAN
to Branch network and Internet, and to config Access-List to control traffic as below:

(via its console)
1. Enable and set IP address on LAN interface to be the first assignable IP of this subnet.
2. Enable and set IP address on each serial interface to be the last assignable IP of its own subnet.
3. Set RIPv2 to be the router protocol on this router to exchange route with Ranet-BR
4. Set default route to allow the connection with internet.
5. Set access-list to prevent the connection from hosts in LAN as:
- allow only Admin-Host to telnet to Ranet-CoreSW (password: ranetpass)
- Not permit only User-Host1 to connect to any site in the internet.
- Any traffic beside these should be allow.
Remark: Use ACL no.100 only!, and use as short as possible to gain %Completion

Ranet-HQ config:
(copy & paste these command below to Ranet-HQ)
conf t
int fa0/0
no sh
ip add
int s0/0/0
no sh
ip add
int s0/1/0
no sh
ip add
router rip
version 2
no auto-summary
ip route s0/1/0
access-list 100 deny tcp host eq 23
access-list 100 deny tcp host any eq 80
access-list 100 permit ip any any
int fa0/0
ip access-group 100 in
Ranet-HQ#copy run start 
Destination filename [startup-config]?
Building configuration…
———————– The End ———————
Everything is OK.
You can view and download this solution here.
    Blogger Comment
    Facebook Comment