User Account

All Pages

What are the two main types of acls in cisco

Assignment Help Computer Networking
Reference no: EM131103868

Topic learning guide: ACLs

Preparation:

Watch the YouTube lecture "Standard ACLs - Part 1"

https://www.youtube.com/watch?v=a7ewUWSteBM

Watch the YouTube lecture "Standard ACLs - Part 2"

https://www.youtube.com/watch?v=JXHpuRDopl4

Download and read Cisco's document "Access Control Lists: Overview and Guidelines"

https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfacls.html#wp1000939

Download and read the SANS document "Easy steps to Cisco Extended ACLs'

https://www.sans.org/reading-room/whitepapers/networkdevs/easy-steps-cisco-extended-access-list-231

Watch the YouTube lecture "Extended ACL for Cisco CCNA - part 1"

https://www.youtube.com/watch?v=FIVJUx1k3xA

Watch the YouTube lecture "Extended ACL for Cisco CCNA - part 2"

https://www.youtube.com/watch?v=aSkv5-0S0ZM

Test your understanding

You should now be able to answer the following short answer questions.

1. What are the two main types of ACLs in Cisco?

2. Name two types of network devices that an ACL can be applied to.

3. What are the two main statements used to allow access or restrict access in an ACL?

4. What parameter(s) in the IP packet are used by standard ACLs to make decisions about what to do with the packet?

5. If I have multiple entries in an access control list, in what order are the individual ACEs (access control entries) processed?

6. How does an ACL wildcard relate to a subnet mask?

7. What is the ACL wildcard I would need to apply to packets from an IP address with a subnet mask of 255.255.255.0?

8. What parameters in an IP packet can be used by extended ACLs to make decisions about what to do with the packet

9. After I have created an access list, what do I need to apply it to on the router?

10. What is the Cisco IOS command to view access lists?

Lab

For this Lab, you need to complete labs 12.1 and 12.2 in the book Todd LammleCCNA Routing and Switching Study GuideSybex, 2013. )A copy of the pages describing this lab is provided for your convenience - see Word files Lab12.1 and Lab12.2)
Once you have completed your labs, save your files as Lab3.pktWritten

Lab 12

The answers to this lab can be found in Appendix A, "Answers to Written Labs" In this section, write the answers to the following questions:

1. What command would you use to configure a standard IP access list to prevent all machines on network 172.16.0.0/16 from accessing your Ethernet network?

2. What command would you use to apply the access list you created in question 1. Ethernet interface outbound?

3. What command(s) would you use to create an access list that denies host 192.168.253 access to an Ethernet network?

4. Which command verifies that you've entered the access list correctly?

5. What two tools can help notify and prevent DoS attacks?

6. What command(s) would you use to create an extended access list that stops host 172.16.10.1 from telnetting to host 172.16.30.5?

7. What command would you use to set an access list on a VTY line?

8. Write the same standard IP access list you wrote in question 1 but this time as a names access list.

9. Write the command to apply the named access list you created in question 8 to an Ethernet interface outbound.

10. Which command verifies the placement and direction of an access list?

Hands-on Labs

In this section, you will complete two labs. To complete these labs, you will need at learn three routers. You can easily perform these labs with the Cisco Packet Tracer program. You are studying to take your Cisco exam, you really need to do these labs!

Lab 12.1: Standard IP Access Lists

Lab 12.2: Extended IP Access Lists

Lab 2

At this point, you can add the eq telnet command to filter host 192.168.10.2 from telnetting to 172.16.10.6. The log command can also be used at the end of the com-mand so that whenever the access-list line is hit, a log will be generated on the console.
SF(config)#access-list 118 deny tcp host
192.168.18.2 host 172.16.10.6 eq telnet log

It is important to add this line next to create a permit statement. (Remember that 0.0.0.0 255.255.255.255 is the same as the any command.)

SF(config)#access-list 110 permit ip any 0.0.0.0
255.255.255.255

You must create a permit statement; if you just add a deny statement, nothing will be permitted at all. Please see the sections earlier in this chapter for more detailed information on the deny any command implied at the end of every ACL.

Apply the access list to the FastEthernet0/0 on SF to stop the Telnet traffic as soon as it hits the first router interface.
SF(config)#int f
SF(config-if)#ip access-group 110 in
SF(config-if)#AZ

Try telnetting from host 192.168.10.2 to LA using the destination IP address of 172.16.10.6. This should fail, but the ping command should work.

On the console of SF, because of the log command, the output should appear as follows;
01:11:48: %SEC-6-IPACCESSLOGP: list 110 denied tcp
192.168.10.2(1030) -> 172.16.10.6(23), 1 packet
01:13:04: %SEC-6-IPACCESSLOGP: list 110 denied tcp
192.168.10.2(1030) -> 172.16.10.6(23), 3 packets

Reference no: EM131103868

Questions Cloud

Opened a new restaurant and bar in tampa : In Week 3, Donny Woods, Jamaica Johnson and Gerald Smith opened a new restaurant and bar in Tampa, Florida. You determined the type of business organization and gave the business a name.
When good with equally elastic demand and supply : When a good with equally elastic demand and supply is taxed the incidence of the tax is borne
The main aims of a literature review : 1. What are the main aims of a literature review? What were Brown & Eisenhardt's particular aims in this review?
Describe the four basic types of market structures : Describe the four basic types of market structures. Although there are many different examples of economies in the world, all of them demonstrate one or more of the four basic types of market structure. For this assignment, in your own words, Identif..
What are the two main types of acls in cisco : What are the two main types of ACLs in Cisco - Name two types of network devices that an ACL can be applied to.
Role for human rights in international relations : As an emerging international relations analyst, what thoughtful assessment might you offer of the role for human rights in international relations? How does "state sovereignty" influence your assessment?
Question regarding the political pyramid : Organizations provide a power base for individuals.  from a purely economic standpoint, organizations exist to create an excess of income over expenses but meeting needs in the market place.
Suppose competitive industry is in long-run equilibrium : Suppose a competitive industry is in long-run equilibrium; then the price of a substitute good (in consumption) decreases. What happens in the short run? The market demand curve? The market supply curve?
Daily basis for natural designs to run smoothly : what types of decision must Jim McMaster make on a daily basis for Natural Designs to run smoothly? What kind of decisions must he make on a long-term basis?

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd