access list

Unanswered Question
Oct 29th, 2007

Router has the three interface e0, e1,& s0.

s0 is connected to the internet,

e0 to lan,

e1 to three servers srv1, srv2,srv3.

We have to make the access list to prevent all the host and from the internet to access the web service on srv1. But the host 1 (192.168.10.2) should have permission to access this web

server and all other traffic is permitted.

ip address:-

router e0 interface: 192.168.10.1

host on e0: host 1= 192.168.10.2

host 2=192.168.10.3 , host 3=192.168.10.4

router s0 interface :- 10.10.10.1

router e1 interface:-172.168.10.1

srv1: 172.168.10.2 , srv 2:172.168.10.3

srv3:172.168.10.4

apply the acl in not more than three statement and in which interface and in which direction this acl should be applied.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
LordFlasheart Mon, 10/29/2007 - 03:02

Hi,

What you need to do is break it down the problem into steps and put it into some order.

For example, you need to permit traffic from Host 1 to Server 1, deny everything else to Server 1, then allow all other traffic. That is three steps and fits in with your question>

access-list 101 permit ip host 192.168.10.2 host 172.168.10.2

access-list 101 deny ip any host 172.168.10.2

access-list 101 permit ip any any

Now you need to work out where to place the list. The common point where the web and LAN meet is on the e1 interface going towards the web servers so it should be placed outbound on the e1 interface:

int e1

ip access-group 101 out

HTH,

Chris

arifmscelectronics Mon, 10/29/2007 - 03:10

Thank dear.

Actually i am preparing for the ccna. and in the testking the answer was given on the interface e0 and inbound.

That why I was confused .

Thank again

Actions

This Discussion