CISCO CCNA EXAM 200-120 (803) LAB Simulation #1

Since there are so many fallows out there, who are eagerly wants to attempt and pass their Network 1st step exam Cisco CCNA New edition exam 200-120.

So though i should share one helpful Lab which may have chances to come into exam

Please note: attention is to just share knowledge and practice

CISCO CCNA EXAM 200-120
CISCO CCNA EXAM 200-120

Configuring ACL
Corp1>enable
Corp1#configure terminal
comment: To permit only Host C (192.168.33.3){source addr} to access finance server address
(172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

comment: To deny any source to access finance server address (172.22.242.23) {destination
addr} on port number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

comment: To permit ip protocol from any source to access any destination because of the implicit
deny any any statement at the end of ACL
Corp1(config)#access-list 100 permit ip any any

Applying the ACL on the Interface
comment: Check show ip interface brief command to identify the interface type and number by
checking the IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask. this should be
corrected in order ACL to work
type this commands at interface mode :
no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask)
Configure Correct IP Address and subnet mask :
ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as
172.22.242.17 – 172.22.242.30 )

comment: Place the ACL to check for packets going outside the interface towards the finance web
server.
Corp1(config-if)#ip access-group 100 out

Corp1(config-if)#end

Important: To save your running config to startup before exit.
Corp1#copy running-config startup-config
————————————————————————————————

Verifying the Configuration :

Step1: show ip interface brief command identifies the interface on which to apply access list.

Step2: Click on each host A,B,C & D . Host opens a web browser page , Select address box of the
web browser and type the ip address of finance web server(172.22.242.23) to test whether it
permits /deny access to the finance web Server .

Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also access
then maybe something went wrong in your configuration . check whether you configured correctly
and in order.

Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT
button to successfully submit the ACL SIM.

2 Comments