CISCO CCNA EXAM 200-120 (803) LAB Simulation #1
|So though i should share one helpful Lab which may have chances to come into exam
Please note: attention is to just share knowledge and practice
Configuring ACL
Corp1>enable
Corp1#configure terminal
comment: To permit only Host C (192.168.33.3){source addr} to access finance server address
(172.22.242.23) {destination addr} on port number 80 (web)
Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80
comment: To deny any source to access finance server address (172.22.242.23) {destination
addr} on port number 80 (web)
Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80
comment: To permit ip protocol from any source to access any destination because of the implicit
deny any any statement at the end of ACL
Corp1(config)#access-list 100 permit ip any any
Applying the ACL on the Interface
comment: Check show ip interface brief command to identify the interface type and number by
checking the IP address configured.
Corp1(config)#interface fa 0/1
If the ip address configured already is incorrect as well as the subnet mask. this should be
corrected in order ACL to work
type this commands at interface mode :
no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask)
Configure Correct IP Address and subnet mask :
ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as
172.22.242.17 – 172.22.242.30 )
comment: Place the ACL to check for packets going outside the interface towards the finance web
server.
Corp1(config-if)#ip access-group 100 out
Corp1(config-if)#end
Important: To save your running config to startup before exit.
Corp1#copy running-config startup-config
————————————————————————————————
Verifying the Configuration :
Step1: show ip interface brief command identifies the interface on which to apply access list.
Step2: Click on each host A,B,C & D . Host opens a web browser page , Select address box of the
web browser and type the ip address of finance web server(172.22.242.23) to test whether it
permits /deny access to the finance web Server .
Step 3: Only Host C (192.168.33.3) has access to the server . If the other host can also access
then maybe something went wrong in your configuration . check whether you configured correctly
and in order.
Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT
button to successfully submit the ACL SIM.
A GUY might be possessed and handled by way of a sole firm, nevertheless it normally will probably be employed by lots of people and companies. MANs might additionally network+ end up being possessed and handled while public ammenities. They will often provide opportinity for internetworking connected with regional systems.
CCNA practice test will great the best way to score in the exams. Therefore, the students who are going to give the examinations in this mentioned time and syllabus will surely need some help from the online tests and results to get good confident during the examinations.