Scribd
Upload
2 views

ACL Lab 1

The document outlines the steps to configure an Access Control List (ACL) on a Corp1 router to permit only Host C to access a finance server while denying access to other hosts. It includes commands for setting up the ACL, applying it to an interface, saving the configuration, and verifying access from different hosts. The final verification step confirms that only Host C can access the finance server, ensuring the ACL is configured correctly.

Uploaded by

masud36531
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
2 views

ACL Lab 1

The document outlines the steps to configure an Access Control List (ACL) on a Corp1 router to permit only Host C to access a finance server while denying access to other hosts. It includes commands for setting up the ACL, applying it to an interface, saving the configuration, and verifying access from different hosts. The final verification step confirms that only Host C can access the finance server, ensuring the ACL is configured correctly.

Uploaded by

masud36531
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

En

sp g. A
ea h
no m
ri@ ad
ya Na
ho be
o.c el
om Al-
Question 1: Access Control List (ACL) Lab 1

Om
ar
i
Answer

1. Select the console on Corp1 router:

2. Configuring ACL on Corp1 router:

Password: cisco

i
ar
Corp1>enable
Password: cisco

Om
Corp1#configure terminal

Comment: To permit only Host C (192.168.33.3) {source address} to access finance server
address (172.22.242.23) {destination address } on port number 80 (web):

om Al-
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
o.c el
ho be
Comment: To deny any source to access finance server address (172.22.242.23)
{destination address} on port number 80 (web):
ya Na

Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80


ri@ ad

Comment: To permit ip protocol from any source to access any destination because of
the implicit deny any any statement at the end of ACL:
no m
ea h

Corp1(config)#access-list 100 permit ip any any


sp g. A

3. Applying the ACL on the Interface:


En

Comment: Place the ACL to check for packets going outside the interface towards the
finance web server:

Corp1(config)#interface fastethernet 0/1


Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end

4. Important: save your running config to startup config before exit.

Corp1#copy running-config startup-config


5. Verifying the Configuration:

Step1: show ip interface brief command identifies the interface on which to apply access
list.

Step2: Click on each host A,B,C & D . Host opens a web browser page.

- Click on host C and open its web browser. In the address box type http://172.22.242.23
to check if you are allowed to access Finance Web Server or not. If your configuration is
correct then you can access it.
- Click on other hosts (A, B and D) and check to make sure you can’t access Finance
Web Server from these hosts.

i
ar
Om
om Al-
o.c el
ho be

Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also
ya Na

access then maybe something went wrong in your configuration . check whether you
configured correctly and in order.
ri@ ad
no m
ea h
sp g. A
En

You might also like