Scribd
Upload
125 views0 pages

Art Cna 003 l46 Solution

This document describes configuring access control lists (ACLs) on a Ranet-HQ router to restrict access. ACLs are created to deny Telnet access from host 172.22.3.52 to host 172.22.3.90 and to deny HTTP access from host 172.22.3.53. The ACL is then applied to interface Fa0/0 to filter traffic. Testing shows User-Host1 is unable to Telnet or access the website, while User-Host2 can ping the server but not Telnet to it or initially access the website, indicating the ACLs are properly blocking access as configured.

Uploaded by

Paulo Martin
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
125 views0 pages

Art Cna 003 l46 Solution

This document describes configuring access control lists (ACLs) on a Ranet-HQ router to restrict access. ACLs are created to deny Telnet access from host 172.22.3.52 to host 172.22.3.90 and to deny HTTP access from host 172.22.3.53. The ACL is then applied to interface Fa0/0 to filter traffic. Testing shows User-Host1 is unable to Telnet or access the website, while User-Host2 can ping the server but not Telnet to it or initially access the website, indicating the ACLs are properly blocking access as configured.

Uploaded by

Paulo Martin
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 0

1

A R T I C L E

ART-CNA-003-L46
Document No.:
Packet Activity
CCNA LAB 4-6: Access Control List (ACL)

[ Ranet HQ ( console)] :
( Desktop > Terminal > OK)
Ranet-HQ>en
Ranet-HQ#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Ranet-HQ(config)#int fa0/0
Ranet-HQ(config-if)#no sh

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Ranet-HQ(config-if)#ip add 172.22.3.33 255.255.255.224
Ranet-HQ(config-if)#int s0/0/0
Ranet-HQ(config-if)#no sh

Ranet-HQ(config-if)#
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
Ranet-HQ(config-if)#ip add 172.22.3.98 255.255.255.252
Ranet-HQ(config-if)#int s0/1/0
Ranet-HQ(config-if)#no sh

%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up
Ranet-HQ(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up
Ranet-HQ(config-if)#ip add 203.144.7.254 255.255.255.252
Ranet-HQ(config-if)#exit
Ranet-HQ(config)#router rip
Ranet-HQ(config-router)#version 2
Ranet-HQ(config-router)#network 172.22.0.0
Ranet-HQ(config-router)#no auto-summary

2

A R T I C L E

ART-CNA-003-L46
Document No.: Ranet-HQ(config-router)#exit
Ranet-HQ(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0
Ranet-HQ(config)#access-list 100 deny tcp 172.22.3.52 0.0.0.3 host 172.22.3.90 eq 23
Ranet-HQ(config)#access-list 100 deny tcp host 172.22.3.53 any eq 80
Ranet-HQ(config)#access-list 100 permit ip any any
Ranet-HQ(config)#int fa0/0
Ranet-HQ(config-if)#ip access-group 100 in
Ranet-HQ(config-if)#
Ranet-HQ#
%SYS-5-CONFIG_I: Configured from console by console
Ranet-HQ#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
Ranet-HQ#

[ Admin-Host] :
( Desktop > Command Prompt)
Packet Tracer PC Command Line 1.0
PC>telnet 172.22.3.90
Trying 172.22.3.90 ...Open


User Access Verification

Password: ranetpass
Ranet-CoreSW>
( Desktop > Web Browser)
URL: http://www.ranet.co.th
Output: Ranet Co.,Ltd - Welcome to Ranet Co.,Ltd.

[ User-Host1] :
( Desktop > Command Prompt)
Packet Tracer PC Command Line 1.0
PC>telnet 172.22.3.90

3

A R T I C L E

ART-CNA-003-L46
Document No.: % Connection timed out; remote host not responding
PC>ping 172.22.3.90

Pinging 172.22.3.90 with 32 bytes of data:

Reply from 172.22.3.90: bytes=32 time=14ms TTL=253
Reply from 172.22.3.90: bytes=32 time=12ms TTL=253
Reply from 172.22.3.90: bytes=32 time=14ms TTL=253
Reply from 172.22.3.90: bytes=32 time=16ms TTL=253

Ping statistics for 172.22.3.90:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 16ms, Average = 14ms

PC>
( Desktop > Web Browser)
URL: http://www.ranet.co.th
Output: Request Timeout

[ User-Host2] :
( Desktop > Command Prompt)
Packet Tracer PC Command Line 1.0
PC>telnet 172.22.3.90
Trying 172.22.3.90 ...
% Connection timed out; remote host not responding
PC>ping 172.22.3.90

Pinging 172.22.3.90 with 32 bytes of data:

Reply from 172.22.3.90: bytes=32 time=18ms TTL=253
Reply from 172.22.3.90: bytes=32 time=14ms TTL=253
Reply from 172.22.3.90: bytes=32 time=17ms TTL=253
Reply from 172.22.3.90: bytes=32 time=13ms TTL=253

Ping statistics for 172.22.3.90:

4

A R T I C L E

ART-CNA-003-L46
Document No.: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 18ms, Average = 15ms

PC>
( Desktop > Web Browser)
URL: http://www.ranet.co.th
Output: Ranet Co.,Ltd - Welcome to Ranet Co.,Ltd.

You might also like