Demonstrate the use of standard
access control lists.
Equipment Requirements:
Two Routers
One Switch with two VLANS set or
two switches or two hubs
Two workstations
Scenario:
We want to create a standard
access-list which will prevent network traffic from users on network
172.32.2.0. The access-list should be applied to the correct router
and on the correct interface so that users on network 172.32.2.0
will not be able to access network 172.32.4.0.
Step
1
Construct the above circuit, using
IGRP as your routing protocol. Use the network address
172.32.3.0/24 on the serial link between the two routers.
Upon completion of the
configuration will the two workstations be able to communicate?
List the entries in the routing
table
Step
2
Determine a standard access list
which will prevent access from any user on subnet 172.32.2.0.
What is the required access list?
Step
3
Apply the access list accordingly so
that the users on subnet 172.32.2.0 will not have access to subnet
172.32.4.0.
Which router did you apply the
access list to?
On which port did you apply the
access list?
Was the access list applied coming
in to the port or going out of the port?
Explain your reasons for placing
the access list at the location previously specified.
Step
4
Issue several ping commands to test
this access list.
Are hosts on subnetwork 172.32.2.0
be able to ping any host on subnet 172.32.4.0?
Is router-b able to ping any host
on subnetwork 172.32.4.0? Is router-a able to ping any host on
subnetwork 172.32.4.0?
Reflection:
Answer the following questions.
Why is it important to choose the
correct wildcard mask for access lists?
Can you alter the information on a particular line
of an access list that exists in the middle of the list?
Typically where should
standard access lists be placed on a network?