cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
299
Views
4
Helpful
4
Replies

Need help with an access list.

abrrymnvette
Level 1
Level 1

We got a lab in class last night. Our teacher wasn't there so we were completelt on our own. I got 2 out of the 3, but this one I'm completely stumped. Am I supposed to make a named access list? We can't make a VLAN on the switch either, it all has to be in the routers.

http://i160.photobucket.com/albums/t192/abrrymnvette/AndyB.jpg

4 Replies 4

bvsnarayana03
Level 5
Level 5

Use subnetting to break the major network to small chunks. Assign Ip each from subnet to hosts. Now u can apply standard ACL with permit/deny for each IP host.

guruprasadr
Level 7
Level 7

HI abrrymnvette, [Pls Rate if Helps]

Break the Major class B Subnet as small Chunks (even smaller than as show in this example). I have divided just for example.

172.16.0.1 - 172.16.0.255 - WebServer

172.16.1.1 - 172.16.1.255 - Network A

172.16.2.1 - 172.16.2.255 - Network B

172.16.3.1 - 172.16.3.255 - RouterA - RouterB

ACLS:

Router B:

access-list 10 permit tcp ip host 172.16.0.1 eq http 172.16.1.0 0.0.0.255

Router A:

access-list 20 permit tcp ip host 172.16.1.1 eq telnet host 172.16.3.0 0.0.0.255

access-list 30 deny icmp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255

Pls Re-check the same & go-ahead with your LAB.

PLs Rate if Helps

Best Regards,

Guru Prasad R

Thanks for the responses guys. What I don't understand is how you keep the PC on network B from accessing the Web Server A that's also on network B. I doesn't need to go through the router to get to it, so how's an ACL going to stop it?

Nevermind, I see it now. I wasn't seeing the break it down even further and make each node it's own network on the network segment. Thanks a ton guys. I don't know why I didn't see to do that. Greatly appreciated!!!!!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco