Options

Help needed in my ACL. Desperate. my last chance

Davey2006Davey2006 Member Posts: 2 ■□□□□□□□□□
Help needed in my ACL.. Desperate.. my last chance

I really need some help and I would appreciate it very much…


The Wan IP address is 100.10.5.0 with a subnetmask of 255.255.255.0
The local lan has been assigned an IP adress of 10.10.10.0
Each Subnet of the above network needs to accommodate 24 host adresses.
Use the 3 (Third) usable subnet for the lan. Do not use subnet zero as the first subnet.
The IGRP AS number is 25

I have done all the subnetting


Production Host
IP address _____10.10.10.98 till 10.10..10.126_____________
Subnet Mask ____255.255.255.244______________
Default Gateway ___10.10.10.33________________________

Management Host
IP address___10.10.10.112 till 10.10.10.126_______________
Subnet Mask _____255.255.255.244_____________
Default Gateway ___10.10.10.33_____________________


1. The company has an Intranet Web server host that all systems can reach at IP address 172.16.0.1 with only HTTP access. No other protocols will be permitted to this site.

2. The company also has a server pool in the 209.0.0.0/24 network. Half of the servers are allocated with odd number ip address(e.g 209.0.0.1) and other half of the ip address are allocated with even number address(e.g 209.0.0.2).The servers in odd numbers are reachable by management hosts using all possible ip protocols. The servers in even numbers are reachable by all LAN hosts using all possible protocols. The servers should not be accessible by any other hosts.

3. The company has discovered an Internet Web server at 198.0.0.1 that is known to contain viruses.
All hosts are to be banned from reaching this site.


MY ANSWERS

1. Acceslist 102 Permit TCP any 172.16.0.1

2. Acceslist 103 Permit IP any 209.0.0.128/25 (Management Host)
Acceslist 104 Permit IP any 209.0.0.0/25 (Production Host)
Acceslist 105 Permit ip deny 209.0.0.0/24 any

3. Acceslist 106 Permit TCP deny any 198.0.0.1
4. Acceslist 107 Permit IP any any





But it’s wrong (I’m told) but what I don’t know..
Can u please help me?

Comments

  • Options
    EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    But it’s wrong (I’m told) but what I don’t know..
    Can u please help me?[/quote]

    Sounds like an exam, why dont you ask the person who told you it was wrong?There must be a reason then have not provided you with the correct answer.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • Options
    david_rdavid_r Member Posts: 112
    There is an error in everything you typed icon_sad.gif
  • Options
    Danman32Danman32 Member Posts: 1,243
    Yup, plenty of errors.

    First, the keyword is accesslist, not acceslist.

    for 1. you allowed all traffic, when the question said only HTTP.
    For 2, I believe that you cannot use that syntax for the wildcard.
    But here's a hint: you have to filter ignoring MOST of the last octet. You still have to consider the last (rightmost) bit to determine odd or even though.
    for 3, you use permit OR deny, not both in the same line.

    Review the syntax for accesslists.
  • Options
    Davey2006Davey2006 Member Posts: 2 ■□□□□□□□□□
    oke thnx, but my teacher doesn't want to say what's wrong, he's really giving me a hard time.

    Can someone correct this for me...?
  • Options
    EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    Davey2006 wrote:
    oke thnx, but my teacher doesn't want to say what's wrong, he's really giving me a hard time.

    Can someone correct this for me...?
    There is a reason why he doesnt give you the answer, you must learn and do it yourself.Go to the link below and read.
    If you dont understand something in the docs you read post questions here.
    Dont expect us to do your homework assignment.
    http://www.cisco.com/en/US/tech/tk648/tk361/tk821/tsd_technology_support_sub-protocol_home.html
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • Options
    Danman32Danman32 Member Posts: 1,243
    I pretty much told you what was wrong. Go back and study the syntax and conventions of standard and extended access lists.
Sign In or Register to comment.