Need help with an access list.

Unanswered Question
May 31st, 2007
User Badges:

We got a lab in class last night. Our teacher wasn't there so we were completelt on our own. I got 2 out of the 3, but this one I'm completely stumped. Am I supposed to make a named access list? We can't make a VLAN on the switch either, it all has to be in the routers.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
bvsnarayana03 Thu, 05/31/2007 - 23:08
User Badges:
  • Silver, 250 points or more

Use subnetting to break the major network to small chunks. Assign Ip each from subnet to hosts. Now u can apply standard ACL with permit/deny for each IP host.

guruprasadr Thu, 05/31/2007 - 23:37
User Badges:
  • Gold, 750 points or more

HI abrrymnvette, [Pls Rate if Helps]

Break the Major class B Subnet as small Chunks (even smaller than as show in this example). I have divided just for example. - - WebServer - - Network A - - Network B - - RouterA - RouterB


Router B:

access-list 10 permit tcp ip host eq http

Router A:

access-list 20 permit tcp ip host eq telnet host

access-list 30 deny icmp

Pls Re-check the same & go-ahead with your LAB.

PLs Rate if Helps

Best Regards,

Guru Prasad R

abrrymnvette Fri, 06/01/2007 - 05:13
User Badges:

Thanks for the responses guys. What I don't understand is how you keep the PC on network B from accessing the Web Server A that's also on network B. I doesn't need to go through the router to get to it, so how's an ACL going to stop it?

abrrymnvette Fri, 06/01/2007 - 05:15
User Badges:

Nevermind, I see it now. I wasn't seeing the break it down even further and make each node it's own network on the network segment. Thanks a ton guys. I don't know why I didn't see to do that. Greatly appreciated!!!!!!


This Discussion