Lab 11‐1 ‐ Cisco Access‐List Assignment - Isaiah-River/NET-330-01-Network-Design GitHub Wiki

Ping the various PCs and Servers to ensure connectivity

Block the 192.168.11.0/24 network from entering (inbound serial 0/0/0) on Router 3 using a Standard ACL R3

enable
conf t
ip access-list standard STND-1


deny 192.168.11.0 0.0.0.255
permit any
exit
int serial 0/0/0

ip access-group STND-1 in

exit
copy run start

Test the ACL by pinging from PC3 to PC5. Since the ACL is designed to block traffic with source addresses from the 192.168.11.0/24 network, PC3 (192.168.11.10) should not be able to ping PC5 (192.168.30.10).

Block network 192.168.10.0/24 from reaching the Internet. R2

enable
conf t
ip access-list extended EXTEND-1

deny ip 192.168.10.0 0.0.0.255 host 200.200.200.1
permit ip any any
exit
int Serial 0/0/0
ip access-group EXTEND-1 out

Bonus activities Deny ISP Access to File Server R1

enable
conf t

ip access-list extended Bonus1
deny ip 200.200.200.0 0.0.0.255 host 192.168.20.210
exit
interface Serial 0/2/0
ip access-group Bonus1 in

Bonus 2 r1

ip access-list extended Bonus2
permit tcp any host 192.168.20.200 eq 25
permit tcp any host 192.168.20.200 eq 110
permit tcp any host 192.168.20.200 eq 143
deny ip any host 192.168.20.200
exit
int FastEthernet 0/0
ip access-group Bonus2 in