Extended ACL Lab Access Control Lists

Lab Diagram

Lab Objectives

  • Cable a network in accordance with the diagram given
  • Configure the hostname and interface IP addresses, or paste the initial configuration onto all devices
  • Create an extended access list (2224) using legacy syntax. This ACL should be used to evaluate all packets leaving interface FastEthernet0/0
  • The network 231.89.109.96/27 should be prevented access to network 232.38.108.24/32
  • The network 183.6.76.80/30 udp ports lower than 586 should be allowed access to network 250.100.177.118/31 udp ports not equal to 586
  • The network 104.151.204.0/25 should be prevented access to network 36.240.143.0/25
  • The network 33.225.36.212/30 udp ports lower than 705 should be allowed access to network 205.195.231.200/29 udp ports lower than 621

Initial Configuration (Already applied to devices in console)

R1
!Configuration generated by CCNAPractice.com 
!
!
hostname R1
!
!
!
!
interface FastEthernet0/0
 no shutdown
!
!
!
!
!
!
!
line con 0
!
end

Final Configuration

R1
!Configuration generated by CCNAPractice.com 
!
!
hostname R1
!
!
!
!
interface FastEthernet0/0
 ip access-group 2224 out
 no shutdown
!
!
!
!
!
!
access-list 2224 deny ip 231.89.109.96 0.0.0.31 host 232.38.108.24
access-list 2224 permit udp 183.6.76.80 0.0.0.3 lt 586 250.100.177.118 0.0.0.1 neq 586
access-list 2224 deny ip 104.151.204.0 0.0.0.127 36.240.143.0 0.0.0.127
access-list 2224 permit udp 33.225.36.212 0.0.0.3 lt 705 205.195.231.200 0.0.0.7 lt 621
!
line con 0
!
end


R1#

Comments