I'm studying for a CCNA and I need some help:
I have a scenario here:
Switch 1 - Student Network = 172.16.62.0/24
Switch 2 - Library Server - 172.16.63.252/24
Switch 3 - Records Server - 172.16.64.254/24
The badly drawn cloud to router 3 is the internet.
Switch 1 to Switch 1 = E0
Router 1 to Router 2 - R1=S0, R2=S1
Router 2 to Router 3 - R2=S0, R3=S1
Router 3 to Internet - S0
Router 3 to Switch 3 = E0
Router 2 to Switch 2 = E0
In the network, an access list was created in order to prevent students and outsiders on the internet from changing student files in the records server, while still allowing other department in the enterprise access. The access control list was applied to the e0 interface of the router 3 router going outbound.
I was given the answer for the above scenario. The following answer was given to me:
permit 172.16.0.0 0.0.255.255 172.16.64.254 0.0.0.0
deny 172.16.64.254 0.0.0.255 172.16.64.254 0.0.0.0
The issue with this scenario is that no other i.p's or networks we're given to me. So I thought I had to allow the library server access to the records server and block the student network, and the implicit deny all will block users from the internet.
I thought this was the answer:
permit 172.16.63.252 0.0.0.0 172.16.64.254 0.0.0.0
deny 172.16.62.0 0.0.0.255 172.16.64.254 0.0.0.0
Can anyone explain to me what i'm doing wrong here?