Lab 214 - Extended ACL

Lab 214 - Extended ACL
Di Posting Oleh : Simple Learning
Kategori : Security

Prerequisites: CCNP level skills.

NOTE!
Initial configuration for this lab can be downloaded here.

Topology

Pic 1. Topology Diagram.

Task 1
Enable HTTP service on R5 for testing purposes.

Task 2
On R5 configure ACL which is going to block HTTP traffic from Vlan 27 towards R5's loopback address (10.0.5.5). HTTP traffic from any source towards 172.16.215.5 destination should be allowed. All other traffic should be allowed as well.

Solution

Task 1
Enable HTTP service on R5 for testing purposes.

R5 Config:
!
ip http server
!


Task 2
On R5 configure ACL which is going to block HTTP traffic from Vlan 27 towards R5's loopback address (10.0.5.5). HTTP traffic from any source towards 172.16.215.5 destination should be allowed. All other traffic should be allowed as well.

 
R5 Config:
!
access-list 100 deny   tcp 172.16.27.0 0.0.0.255 host 10.0.5.5 eq www
access-list 100 permit ip any any
!

interface FastEthernet0/1
 ip address 172.16.215.5 255.255.255.0
 ip access-group 100 in
 speed 100
 full-duplex
!


Verification:
Pic. 2 - Telnet Test.
 

0 Response to "Lab 214 - Extended ACL"

Post a Comment