Hi i still have another question about access-lists.
There are four routers connected together like a hub on spoke topology. The central router A is connected to internet and the three others Miami,LA and Chicago are connected to it.
So the goal is to PERMIT hosts at LA and Chicago to access web ressources on the internet, but NOT hosts in Miami subnet. Also we do not want anyone NOT in Miami to access web sites hosted in Miami.
Assuming that the hosts subnets at Miami are are associated with 192.168.1.0/24, Chicago with 192.168.2.0/24 and LA with 192.168.3.0/24, which of the following lines might be use in an ACL to accomplish the task if the last line of the ACL is
access-list 110 permit ip any any ?
A. access-list 110 deny tcp 192.168.0.0 0.0.0.255 any eq 80
B. access-list 110 permit tcp 192.168.0.0 0.0.0.255 any eq 80
C. access-list 110 deny tcp any 192.168.0.0 0.0.0.255 eq 80
D access-list 110 permit tcp any 192.168.0.0 0.0.0.255 eq 80
The answer he gave was A and C, but as far as i am concerned i only answered C and guessed another ACL command was missing in the choices listed (or incorrectly written).
If we add "A" we're not blocking only hosts in Miami to access the internet but also LA et Chicago's!!! Or we have to change the wilcard mask and/or address(in my opinion)
Please help me fix that shit!