HELP ME TO CREATE ACCESS LIST
goldari
Member Posts: 1 ■□□□□□□□□□
in CCNA & CCENT
There are several security concerns in the internetwork. Develop a Access Control LIsts (ACLs) to address security issues. the following are the concerns:
1. The company has an intranet web server host that all systems can reach at ip address 172.16.0.1 with only http access. no other protocols will be permitted to this site.
2. The company also has a server pool in the 209.0.0./24 network. The server pool addresses are divided in half. The servers in the upper half of the address range are reachable only by management host using all possible IP protocols. The servers in the upper half of the address range are not reachable by production hosts using all IP protocols. The server should not be accessible by any other hosts.
3. The company has discovered an Internet Web server at 198.0.0.1 that is known to contain viruses. All hosts are to be banned from reaching this site.
4. The web browser on both hosts can bring up login of ip address 62.0.0.1
These security requirements should be accomplished with a single access list. Plan the access list required to accomplish these tasks, to which interface this will be applied, and the direction the list will be applied
1. The company has an intranet web server host that all systems can reach at ip address 172.16.0.1 with only http access. no other protocols will be permitted to this site.
2. The company also has a server pool in the 209.0.0./24 network. The server pool addresses are divided in half. The servers in the upper half of the address range are reachable only by management host using all possible IP protocols. The servers in the upper half of the address range are not reachable by production hosts using all IP protocols. The server should not be accessible by any other hosts.
3. The company has discovered an Internet Web server at 198.0.0.1 that is known to contain viruses. All hosts are to be banned from reaching this site.
4. The web browser on both hosts can bring up login of ip address 62.0.0.1
These security requirements should be accomplished with a single access list. Plan the access list required to accomplish these tasks, to which interface this will be applied, and the direction the list will be applied
Comments
-
mikej412
Member Posts: 10,086 ■■■■■■■■■■
Sounds like a homework problem.
:mike: Cisco Certifications -- Collect the Entire Set! -
nuglobe
Member Posts: 190
Theory:
http://cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfacls.htm
Implementation:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiap_c/ch05/hipaclis.htmGenshiroGuide: My blog about things I found useful. Now with videos.
-
emmajoyce
Member Posts: 86 ■■□□□□□□□□
Yea i agree, sounds like something a school book would have in it. send me your email and ill send you a paper that shows you how to do that problem.
-
Kaminsky
Member Posts: 1,235
Never had homework like that when I was at school. Is that an academy question ? If so, that academy just impresses me more and more with it's thoroughness.Kam.
-
mikej412
Member Posts: 10,086 ■■■■■■■■■■
It looks like a "modified" or "easier" CCNA 2 Module 11 academy question. When I did it, #2 was even # servers and odd # servers.... just splitting the range is easy.Kaminsky wrote:Is that an academy question ?
:mike: Cisco Certifications -- Collect the Entire Set! -
euanlaing
Member Posts: 1 ■□□□□□□□□□
Ummm, this is a question from an Open University TMA. At least nobody gave the answer!
