Semester
4 TCS - Mountain Sky School - Arsene Ionut
ACLs
- On Mountain Sky Router we
need to configure Access Control Lists (ACLs) for security purposes, and this
will be achieved as follows:
- Access List on Router's
interface Ehternet 0 for VLAN 1(enterprise and administrative servers):
| MtnSky(config)#access-list 101
permit ip 150.150.195.128 0.0.0.73 any MtnSky(config)#access-list 101 permit tcp 150.150.195.202 0.0.0.52 host 150.150.195.3 eq 25 MtnSky(config)#access-list 101 permit tcp 150.150.195.202 0.0.0.52 host 150.150.195.3 eq 53 MtnSky(config)#access-list 101 permit udp 150.150.195.202 0.0.0.52 host 150.150.195.3 eq 53 MtnSky(config)#access-list 101 permit tcp 150.150.195.202 0.0.0.52 host 150.150.195.3 eq 110 MtnSky(config)#access-list 101 permit ip 150.150.195.202 0.0.0.52 host 150.150.195.4 MtnSky(config)#access-list 101 permit ip 150.150.195.202 0.0.0.52 host 150.150.195.5 MtnSky(config)#access-list 101 deny ip any any (apply acl on Eth0, VLAN1, admin, enterprise servers) MtnSky(config)#interface Ethernet 0 MtnSky(config-if)#ip access-group 101 in |
- Access list on interface Ethernet 1 for VLAN 2 (teachers network):
| MtnSky(config)#access-list 102
permit ip 150.150.195.0 0.0.0.127 any MtnSky(config)#access-list 102 deny ip any any MtnSky(config)#interface Ethernet 1 MtnSky(config-if)#ip access-group 102 in |
- Access list on interface Ethernet 2 for VLAN 3 (curriculum network):
| MtnSky(config)#access-list 103 deny
ip 192.168.0.0 0.0.255.255 150.150.195.128 0.0.0.73 MtnSky(config)#access-list 103 deny ip any any MtnSky(config)#interface Ethernet 2 MtnSky(config-if)#ip access-group 103 out |
|
Home | WAN Requirements | IP Addressing | PPP-CHAP Configuration |
| Frame Relay
Configuration | NAT
Configuration | IGRP
Configuration |
| ISDN Configuration | DHCP Configuration | ACLs
|
Semester 3 TCS
|
Main Page |
Requirements |
Wiring map |
MDF/IDF details |
| VLANs |
IP addressing scheme |
Cutsheets |
Router config |
| Security configuration |
Details about the equipment used |