Options

Access List

rivanfrankrivanfrank Member Posts: 9 ■□□□□□□□□□
in CCNA & CCENT
Hi Everyone,

I'm confused with this question, i thought letter A is the correct answer, because it was already denied in line 30.





Thanks.
· Share on FacebookShare on Twitter

Comments

  • Options
    fadhilfadhil Member Posts: 200
    I dont see questions that I suppose to choose.
    · Share on FacebookShare on Twitter
  • Options
    Prog SnobProg Snob Member Posts: 57 ■■□□□□□□□□
    I may be mistaken but it looks like the question is regarding traffic coming FROM the internet and line 30 of the access list pertains to data going TO the internet. It would be better to see the photo of the network maybe.
    · Share on FacebookShare on Twitter
  • Options
    Mrock4Mrock4 Banned Posts: 2,359 ■■■■■■■■□□
    Prog Snob is right. Answer C is correct because all of the entries show traffic sourced from the internal network not TO the internal network. As a result, the list will be processed from top to bottom, and since there's no "permit" that would match traffic destined to the 172 network it would be implicitly denied.

    Remember, ACL entries are written as such with reference to this problem:

    10 deny [PROTOCOL] [SOURCE ADDRESS] [SOURCE MASK] [DESTINATION ADDRESS] [DESTINATION MASK] [DESTINATION PORT]

    So the ACL entries in question are showing traffic sourced from the 172.16.0.0 network, which is incorrect since traffic is coming from the internet. Your confusion lies in the syntax of extended ACL's it appears.
    · Share on FacebookShare on Twitter
  • Options
    rivanfrankrivanfrank Member Posts: 9 ■□□□□□□□□□
    I see. I get it. Thanks!
    · Share on FacebookShare on Twitter
Sign In or Register to comment.