Lab 10.1 Cisco Access List Assignment - squatchulator/Tech-Journal GitHub Wiki
Cisco ACL Lab
In this lab, we used a guided Packet Tracer Activity to practice using standard and extended named access lists.
Submission (See bottom of page for R1 Configs)
Block the 192.168.11.0/24 network from entering (inbound serial 0/0/0) on Router 3 using a Standard ACL
- PC3 (192.168.11.10) should not be able to ping PC5 (192.168.30.10
- PC1 should be able to ping PC5
Router 3
--------
enable
<password is cisco>
conf t
ip access-list standard STND-1
deny 192.168.11.0 0.0.0.255
permit any
ip access-group STND-1 in
Block network 192.168.10.0/24 from reaching the Internet.
- On Router 2 serial 0/0/0, use an Extended ACL to prevent outbound packets from 192.168.10.0/24 from reaching the ISP address 200.200.200.1
- PC1 should not be able to ping 200.200.200.1
- PC1 should be able to ping everything else
Router 2
--------
enable
<password is cisco>![](https://drive.google.com/file/d/1Rrmig7Sch9trj9SFixDvPbLPFNVag5Ya/view?usp=sharing)
conf t
ip access-list extended EXTEND-1
deny ip 192.168.10.0 0.0.0.255 200.200.200.1 0.0.0.0
permit ip any any
interface serial0/0/0
ip access-group EXTEND-1 out
Bonus Tasks
- Configure only Mail access to the Mail Server (192.168.20.200)
- Configure only Web access to the Web Server (192.168.20.201)
Router 1
--------
enable
<password is cisco>
conf t
ip access-list extended MAIL-WEB
permit tcp any 192.168.20.200 0.0.0.0 eq 25
permit tcp any 192.168.20.201 0.0.0.0 eq 80
interface fastethernet0/0
ip access-group MAIL-WEB out