05-31-2007 06:26 AM - edited 03-03-2019 05:14 PM
We got a lab in class last night. Our teacher wasn't there so we were completelt on our own. I got 2 out of the 3, but this one I'm completely stumped. Am I supposed to make a named access list? We can't make a VLAN on the switch either, it all has to be in the routers.
http://i160.photobucket.com/albums/t192/abrrymnvette/AndyB.jpg
05-31-2007 11:08 PM
Use subnetting to break the major network to small chunks. Assign Ip each from subnet to hosts. Now u can apply standard ACL with permit/deny for each IP host.
05-31-2007 11:37 PM
HI abrrymnvette, [Pls Rate if Helps]
Break the Major class B Subnet as small Chunks (even smaller than as show in this example). I have divided just for example.
172.16.0.1 - 172.16.0.255 - WebServer
172.16.1.1 - 172.16.1.255 - Network A
172.16.2.1 - 172.16.2.255 - Network B
172.16.3.1 - 172.16.3.255 - RouterA - RouterB
ACLS:
Router B:
access-list 10 permit tcp ip host 172.16.0.1 eq http 172.16.1.0 0.0.0.255
Router A:
access-list 20 permit tcp ip host 172.16.1.1 eq telnet host 172.16.3.0 0.0.0.255
access-list 30 deny icmp 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255
Pls Re-check the same & go-ahead with your LAB.
PLs Rate if Helps
Best Regards,
Guru Prasad R
06-01-2007 05:13 AM
Thanks for the responses guys. What I don't understand is how you keep the PC on network B from accessing the Web Server A that's also on network B. I doesn't need to go through the router to get to it, so how's an ACL going to stop it?
06-01-2007 05:15 AM
Nevermind, I see it now. I wasn't seeing the break it down even further and make each node it's own network on the network segment. Thanks a ton guys. I don't know why I didn't see to do that. Greatly appreciated!!!!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide