Scribd
Upload
34 views

Week 2-4 - SRWE Workshop - Standard Access Control List (ACL) - Instructions

ACL

Uploaded by

madangautam100
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
34 views

Week 2-4 - SRWE Workshop - Standard Access Control List (ACL) - Instructions

ACL

Uploaded by

madangautam100
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Switching, Routing, and Wireless (SRWE) – Semester 2

Week 4 workshop – Standard Access Control List (ACL)

1. Configure the routers using the PCs connected using the console cables. The
console password is ‘consoleclass’ and the exec mode password is ‘cisco’
PC > Desktop > Terminal

2. The network has been pre-configured with the following IP addressing scheme: -

DEFAULT
DEVICE INTERFACE IP ADDRESS SUBNET MASK
GATEWAY
Gig0/0 172.16.1.1 255.255.255.252 N/A
Server-
Gig0/1 172.16.2.1 255.255.255.252 N/A
Router
Se0/0/0 209.165.23.5 255.255.255.252 N/A
Gig0/0 192.168.1.1 255.255.255.0 N/A
LAN-
Gig0/1 192.168.2.1 255.255.255.0 N/A
Router
Se0/0/0 209.165.23.6 255.255.255.252 N/A
Server1 Fa0 172.16.1.2 255.255.255.252 172.16.1.1
Server2 Fa0 172.16.2.2 255.255.255.252 172.16.2.1
192.168.1.0 Fa0 192.168.1.2 255.255.255.0 192.168.1.1
/ 24 PC1
192.168.1.0 Fa0 192.168.1.3 255.255.255.0 192.168.1.1
/ 24 PC2
192.168.2.0 Fa0 192.168.2.2 255.255.255.0 192.168.2.1
/ 24 PC1
192.168.2.0 Fa0 192.168.2.3 255.255.255.0 192.168.2.1
/ 24 PC2
3. Configure a Named Standard ACL ‘BLOCK’ that allows only the host 192.168.1.3
to access the Server1. Implicitly deny all other hosts.

Notes: -
1. Implicit means it is automatically done by the router.
2. Standard ACL should always be placed as close as possible to the destination.

Server-Router(config) #ip access-list standard BLOCK


Server-Router(config-std-nacl) #permit host 192.168.1.3
Server-Router(config-std-nacl) #exit

4. Apply the Named Standard ACL ‘BLOCK’ in the appropriate interface.

Note: -
1. Standard ACL should always be placed as close as possible to the destination.

Server-Router(config) #int gig0/0


Server-Router(config-if) #ip access-group BLOCK out
Server-Router(config-if) #exit

5. Configure a Numbered Standard ACL 10 that allows only the 192.168.2.0 LAN to
reach Server2. Explicitly deny all other access.

Notes: -
1. Explicit means the network administrator must perform the intended action
manually.
2. Standard ACL should always be placed as close as possible to the destination.
3. The numeric range for standard ACL is from 1 to 99.

Server-Router(config) #ip access-list standard 10


Server-Router(config-std-nacl) #permit 192.168.2.0 0.0.0.255
Server-Router(config-std-nacl) #deny any
Server-Router(config-std-nacl) #exit
6. Apply the Numbered Standard ACL 10 in the appropriate interface.

Note: -
1. Standard ACL should always be placed as close as possible to the destination.

Server-Router(config) #int gig0/1


Server-Router(config-if) #ip access-group 10 out
Server-Router(config-if) #exit

End of Paper !!
Regards

Cisco SRWE, Aaditya Khwakhwali.

You might also like