Acess-List

Unanswered Question
Dec 9th, 2009
User Badges:

Examine the figure. You want to configure an access list that would permit  everyone on the 172.16.0.0/16 network to access resources on the 172.18.0.0/16  network but deny everyone else. You configure the following access-list:


access-list 1 permit 172.16.0.0 0.0.255.255


ACL.JPG


A)     Apply it inbound on RouterA's Ethernet 0 interface


B)     Apply it outbound on RouterA's Ethernet 1 interface


C)     Apply it inbound on RouterB's Ethernet 1 interface


D)     Apply it inbound on RouterC's Ethernet 1 interface


E)     Apply it outbound on RouterC's Ethernet 0 interface


Which one is correct?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Wed, 12/09/2009 - 23:44
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello,


for me the correct one would be RB eth0 outbound but I don't see it on the available options.


172.18.0.0/16 is connected to RB so using ACLs on RC has no effect.


if applied inbound on RB ethernet1 it would be a partial achievement because it cannot process traffic coming from RC for example (if eth1 connects to RA)



C is the best of the available options


Here, we need to point out that standard ACLs match on source address regardless that they are applied inbound or outbound.


being standard ACL it should be applied nearest  to destination to be specific in action




Hope to help

Giuseppe

abhijit379 Thu, 12/10/2009 - 00:07
User Badges:

Tomorrow I will sit for the CCNA Exam, I was trying to solve a question paper from a reputed auther. In my point of view, the best available answer is the option "C". But author described it as E.


Thanks for your reply, Now I am sure, my concepts are not wrong. Lots of answers are there for which my concept differs from the answer described by the auther. I think I should ignore them and focus on my book.

Actions

This Discussion