User Account

All Pages

What are the two main types of acls in cisco

Assignment Help Computer Networking
Reference no: EM131103868

Topic learning guide: ACLs

Preparation:

Watch the YouTube lecture "Standard ACLs - Part 1"

https://www.youtube.com/watch?v=a7ewUWSteBM

Watch the YouTube lecture "Standard ACLs - Part 2"

https://www.youtube.com/watch?v=JXHpuRDopl4

Download and read Cisco's document "Access Control Lists: Overview and Guidelines"

https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfacls.html#wp1000939

Download and read the SANS document "Easy steps to Cisco Extended ACLs'

https://www.sans.org/reading-room/whitepapers/networkdevs/easy-steps-cisco-extended-access-list-231

Watch the YouTube lecture "Extended ACL for Cisco CCNA - part 1"

https://www.youtube.com/watch?v=FIVJUx1k3xA

Watch the YouTube lecture "Extended ACL for Cisco CCNA - part 2"

https://www.youtube.com/watch?v=aSkv5-0S0ZM

Test your understanding

You should now be able to answer the following short answer questions.

1. What are the two main types of ACLs in Cisco?

2. Name two types of network devices that an ACL can be applied to.

3. What are the two main statements used to allow access or restrict access in an ACL?

4. What parameter(s) in the IP packet are used by standard ACLs to make decisions about what to do with the packet?

5. If I have multiple entries in an access control list, in what order are the individual ACEs (access control entries) processed?

6. How does an ACL wildcard relate to a subnet mask?

7. What is the ACL wildcard I would need to apply to packets from an IP address with a subnet mask of 255.255.255.0?

8. What parameters in an IP packet can be used by extended ACLs to make decisions about what to do with the packet

9. After I have created an access list, what do I need to apply it to on the router?

10. What is the Cisco IOS command to view access lists?

Lab

For this Lab, you need to complete labs 12.1 and 12.2 in the book Todd LammleCCNA Routing and Switching Study GuideSybex, 2013. )A copy of the pages describing this lab is provided for your convenience - see Word files Lab12.1 and Lab12.2)
Once you have completed your labs, save your files as Lab3.pktWritten

Lab 12

The answers to this lab can be found in Appendix A, "Answers to Written Labs" In this section, write the answers to the following questions:

1. What command would you use to configure a standard IP access list to prevent all machines on network 172.16.0.0/16 from accessing your Ethernet network?

2. What command would you use to apply the access list you created in question 1. Ethernet interface outbound?

3. What command(s) would you use to create an access list that denies host 192.168.253 access to an Ethernet network?

4. Which command verifies that you've entered the access list correctly?

5. What two tools can help notify and prevent DoS attacks?

6. What command(s) would you use to create an extended access list that stops host 172.16.10.1 from telnetting to host 172.16.30.5?

7. What command would you use to set an access list on a VTY line?

8. Write the same standard IP access list you wrote in question 1 but this time as a names access list.

9. Write the command to apply the named access list you created in question 8 to an Ethernet interface outbound.

10. Which command verifies the placement and direction of an access list?

Hands-on Labs

In this section, you will complete two labs. To complete these labs, you will need at learn three routers. You can easily perform these labs with the Cisco Packet Tracer program. You are studying to take your Cisco exam, you really need to do these labs!

Lab 12.1: Standard IP Access Lists

Lab 12.2: Extended IP Access Lists

Lab 2

At this point, you can add the eq telnet command to filter host 192.168.10.2 from telnetting to 172.16.10.6. The log command can also be used at the end of the com-mand so that whenever the access-list line is hit, a log will be generated on the console.
SF(config)#access-list 118 deny tcp host
192.168.18.2 host 172.16.10.6 eq telnet log

It is important to add this line next to create a permit statement. (Remember that 0.0.0.0 255.255.255.255 is the same as the any command.)

SF(config)#access-list 110 permit ip any 0.0.0.0
255.255.255.255

You must create a permit statement; if you just add a deny statement, nothing will be permitted at all. Please see the sections earlier in this chapter for more detailed information on the deny any command implied at the end of every ACL.

Apply the access list to the FastEthernet0/0 on SF to stop the Telnet traffic as soon as it hits the first router interface.
SF(config)#int f
SF(config-if)#ip access-group 110 in
SF(config-if)#AZ

Try telnetting from host 192.168.10.2 to LA using the destination IP address of 172.16.10.6. This should fail, but the ping command should work.

On the console of SF, because of the log command, the output should appear as follows;
01:11:48: %SEC-6-IPACCESSLOGP: list 110 denied tcp
192.168.10.2(1030) -> 172.16.10.6(23), 1 packet
01:13:04: %SEC-6-IPACCESSLOGP: list 110 denied tcp
192.168.10.2(1030) -> 172.16.10.6(23), 3 packets

Reference no: EM131103868

Questions Cloud

Opened a new restaurant and bar in tampa : In Week 3, Donny Woods, Jamaica Johnson and Gerald Smith opened a new restaurant and bar in Tampa, Florida. You determined the type of business organization and gave the business a name.
When good with equally elastic demand and supply : When a good with equally elastic demand and supply is taxed the incidence of the tax is borne
The main aims of a literature review : 1. What are the main aims of a literature review? What were Brown & Eisenhardt's particular aims in this review?
Describe the four basic types of market structures : Describe the four basic types of market structures. Although there are many different examples of economies in the world, all of them demonstrate one or more of the four basic types of market structure. For this assignment, in your own words, Identif..
What are the two main types of acls in cisco : What are the two main types of ACLs in Cisco - Name two types of network devices that an ACL can be applied to.
Role for human rights in international relations : As an emerging international relations analyst, what thoughtful assessment might you offer of the role for human rights in international relations? How does "state sovereignty" influence your assessment?
Question regarding the political pyramid : Organizations provide a power base for individuals.  from a purely economic standpoint, organizations exist to create an excess of income over expenses but meeting needs in the market place.
Suppose competitive industry is in long-run equilibrium : Suppose a competitive industry is in long-run equilibrium; then the price of a substitute good (in consumption) decreases. What happens in the short run? The market demand curve? The market supply curve?
Daily basis for natural designs to run smoothly : what types of decision must Jim McMaster make on a daily basis for Natural Designs to run smoothly? What kind of decisions must he make on a long-term basis?

Reviews

Write a Review

Computer Networking Questions & Answers

  Display the column names from the loan data set

Randomly shuffle the loan data set. Run 10-fold cross-validation to evaluate the out-of-sample performance of Random Forest, ANN and SVM. Based on your cross-validation results, which model has the best out-of-sample performance? Please briefly ex..

  Illustrate the project embed the diagram into the report

A network diagram is required to illustrate the project, embed the diagram into the report. You may use resources from any library, government library, or any peer-reviewed reference.

  How can the company connect all of its offices to the intern

How can the company connect all of its offices to the Interne

  Value of server farms-virtualization to large organization

Describe at lease 750 words(in your own words) what is meant by "server farm" and by "virtualization". What is the value of server farms and virtualization to large organization?

  Purposethe primary objective of the project is to encourage

purposethe primary objective of the project is to encourage students to explore in modest depth the operations function

  Assignment on social media and networking presentation

Social Media and Networking Presentation, Imagine that you have been hired as a consultant for a university that wants to leverage social media and networking technologies to encourage the collaboration of students, and improve their overall sense ..

  Describe the network configuration

Describe the network configuration that will address the needs of the organization. Topic coverage should include DNS, DHCP, network protocols, WINS, IP Routing, and Certificate Services

  Clock controlled access and high-bandwidth internet access

Zippy Car, a medium-sized business wants to house the company-owned web servers in a facility that offers round-the-clock controlled access and high-bandwidth internet access.

  Problem-solving procedure to find files from unknown source

Use problem-solving and brainstorming skills to find a procedure to follow. Write a short report outlining what to do.

  Will the network be peer to peer or server based?

Will the network be peer to peer or server based?

  How bringing on these new locations affect existing network

Describe how bringing on these new locations will affect your existing network. Will you have to increase bandwidth to the servers? Licensing for applications like e-mail? Will any additional hardware be required at your HQ site?

  Determine in which category the threat you researched in

1.define each of the following terms in your own words2.explain how each virus or worm functions and

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd