Kamis, 23 Desember 2010

CCNA3 - Lab 8.3.3 Configuring and Verifying Standard ACLs

| |

Step 1: Connect the equipment
  1. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial cable.
  2. Connect the Fa0/0 interface of Rourter 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
  3. Connect a console cable to the PC to perform configurations on the routers and switch.
  4. Connect H1 to the Fa0/2 port of Switch 1 using a straight-through cable.
Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, interfaces, passwords, and message-of-the-day banner and disable DNS lookups according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 2 and save the configuration.

Step 4: Perform basic configuration on Switch 1
Configure Switch 1 with a hostname and passwords according to the addressing table and topology diagram.

Step 5: Configure the host with IP address, subnet mask, and default gateway
  1. Configure the host with the proper IP address, subnet mask, and default gateway. The host should be assigned the address 192.168.200.10/24 and the default gateway of 192.168.200.1.
  2. The workstation should be able to ping the attached router. If the ping is not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway.
Step 6: Configure RIP routing and verify end-to-end connectivity in the network
  1. On Router 1, enable the RIP routing protocol and configure it to advertise both connected networks.
  2. On Router 2, enable the RIP routing protocol and configure it to advertise all three connected networks.
  3. Ping from Host 1 to the two loopback interfaces on Router 2.
Were the pings from Host 1 successful? Yes
If the answer is no, troubleshoot the router and host configurations to find the error. Ping again until they are both successful.

Step 7: Configure and test a standard ACL

Step 8: Test the ACL
  1. From Host 1, ping the 192.168.1.1 loopback address.
Is the ping successful? No
  1. From Host 1, ping the 192.168.2.1 loopback address.
Is the ping successful? No
  1. Issue the show access-list command again.
How many matches are there for the first ACL statement (permit)?
Answers will vary but there should be at least 8-16 matches if the pings to the loopbacks were done.

Step 9: Reflection
  1. Why is careful planning and testing of access control lists required?   Jawaban: To verify that the intended traffic – and ONLY the intended – traffic is permitted.
  2. What is the main limitation of standard ACLsJawaban: They can only filter based on source address

0 komentar:

go-top

Posting Komentar

My Playlist

Blog ArchiveArchive

Pages

Followers

Diberdayakan oleh Blogger.
 
 
 
top