Skip to content
  • Home
  • CCNA Labs
    • CCNA 1 LAB Activities (v6 & v7)
    • CCNA 2 LAB Activities (v6 & v7)
    • CCNA 3 LAB Activities (v6 & v7)
    • CCNA 4 Lab Activities
  • Linux
    • Linux Unhatched
    • Linux Essentials 2.0
    • Linux Essentials
    • Introduction to Linux I
    • Introduction to Linux II
  • Programming
    • PCAP – Programming Essentials in Python
    • CLA – Programming Essentials in C
    • CPA Programming Essentials in C++
  • About
    • Contact Us
    • Privacy Policy

CCNA 7 Exam Answers 2023

Go with our CCIE, Passed 100%

  • ITE
    • ITE - IT Essentials v7.0
    • ITE - IT Essentials v6.0
      • IT Essentials Lab 2019
    • ITE v5.0 Exam
    • Virtual Activity Laptop
    • Virtual Activity Desktop
  • NE
    • MF
  • CCNA
    • CCNA1
      • CCNA1 v7.0 – ITN
      • CCNA1 v6.0
    • CCNA2
      • CCNA2 v7.0 – SRWE
      • CCNA2 v6.0
    • CCNA3
      • CCNA3 v7.0 – ENSA
      • CCNA3 v6.0
    • CCNA4
      • CCNA4 v6.0
  • Cyber-Security
    • ITC – Introduction to Cybersecurity 2.1 (Level 1)
    • CE – Cybersecurity Essentials 1.1 (Level 2)
    • CCNA CyberOps 1.1 (Level 3)
  • Security
    • CCNA Security v2
  • DevNet
  • CCNA PT Lab 2023
C:\Users\Allan\Desktop\Sandbox\development\Griffin\en\1.0\Activities\PT\2a-Routing-Prot (RP)\Chapter-09\9.3.2.12_Configuring_Extended ACLs_Scenario_3\Configuring_Extended ACLs_Scenario_3_Topology.png

4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3

Posted on April 28, 2018May 3, 2018 By Admin

Last Updated on May 3, 2018 by Admin

4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3

  • Recommend

From year to year, Cisco has updated many versions with difference questions. The latest version is version 6.0 in 2018. What is your version? It depends on your instructor creating your class. We recommend you to go thought all version if you are not clear. While you take online test with netacad.com, You may get random questions from all version. Each version have 1 to 10 different questions or more. After you review all questions, You should practice with our online test system by go to "Online Test" link below.

Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge

Packet Tracer – Configuring Extended ACLs – Scenario 3 (Answer Version)

Answer Note: Red font color or Gray highlights indicate text that appears in the Answer copy only.

Topology

4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3

Addressing Table

Device Interface IP Address Subnet Mask Default Gateway
RT1 G0/0 172.31.1.126 255.255.255.224 N/A
S0/0/0 209.165.1.2 255.255.255.252 N/A
PC1 NIC 172.31.1.101 255.255.255.224 172.31.1.126
PC2 NIC 172.31.1.102 255.255.255.224 172.31.1.126
PC3 NIC 172.31.1.103 255.255.255.224 172.31.1.126
Server1 NIC 64.101.255.254 255.254.0.0 64.100.1.1
Server2 NIC 64.103.255.254 255.254.0.0 64.102.1.1

Objectives

Part 1: Configure a Named Extended ACL

Part 2: Apply and Verify the Extended ACL

Background / Scenario

In this scenario, specific devices on the LAN are allowed to various services on servers located on the Internet.

Part 1: Configure a Named Extended ACL

Use one named ACL to implement the following policy:

  • Block HTTP and HTTPS access from PC1 to Server1 and Server2. The servers are inside the cloud and you only know their IP addresses.
  • Block FTP access from PC2 to Server1 and Server2.
  • Block ICMP access from PC3 to Server1 and Server2.

Note: For scoring purposes, you must configure the statements in the order specified in the following steps.

Step 1: Deny PC1 to access HTTP and HTTPS services on Server1 and Server2.

a. Create an extended IP access list named ACL which will deny PC1 access to the HTTP and HTTPS services of Server1 and Server2. Because it is impossible to directly observe the subnet of servers on the Internet, four rules are required.

What is the command to begin the named ACL?

ip access-list extended ACL

b. Record the statement that denies access from PC1 to Server1, only for HTTP (port 80).

deny tcp host 172.31.1.101 host 64.101.255.254 eq 80

c. Record the statement that denies access from PC1 to Server1, only for HTTPS (port 443).

deny tcp host 172.31.1.101 host 64.101.255.254 eq 443

d. Record the statement that denies access from PC1 to Server2, only for HTTP.

deny tcp host 172.31.1.101 host 64.103.255.254 eq 80

e. Record the statement that denies access from PC1 to Server2, only for HTTPS.

deny tcp host 172.31.1.101 host 64.103.255.254 eq 443

Step 2: Deny PC2 to access FTP services on Server1 and Server2.

a. Record the statement that denies access from PC2 to Server1, only for FTP (port 21 only).

deny tcp host 172.31.1.102 host 64.101.255.254 eq 21

b. Record the statement that denies access from PC2 to Server2, only for FTP (port 21 only).

deny tcp host 172.31.1.102 host 64.103.255.254 eq 21

Step 3: Deny PC3 to ping Server1 and Server2.

a. Record the statement that denies ICMP access from PC3 to Server1.

deny icmp host 172.31.1.103 host 64.101.255.254

b. Record the statement that denies ICMP access from PC3 to Server2.

deny icmp host 172.31.1.103 host 64.103.255.254

Step 4: Permit all other IP traffic.

By default, an access list denies all traffic that does not match any rule in the list. What command permits all other traffic?

permit ip any any

Part 2: Apply and Verify the Extended ACL

The traffic to be filtered is coming from the 172.31.1.96/27 network and is destined for remote networks. Appropriate ACL placement also depends on the relationship of the traffic with respect to RT1.

Step 1: Apply the ACL to the correct interface and in the correct direction.

a. What are the commands you need to apply the ACL to the correct interface and in the correct direction?

interface g0/0
  ip access-group ACL in

Step 2: Test access for each PC.

  1. Access the websites of Server1 and Server2 using the Web Browser of PC1 and using both HTTP and HTTPS protocols.
  2. Access FTP of Server1 and Server2 using PC1. The username and password is “cisco”.
  3. Ping Server1 and Server2 from PC1.
  4. Repeat Step 2a to Step 2c with PC2 and PC3 to verify proper access list operation.
  • Recommend

From year to year, Cisco has updated many versions with difference questions. The latest version is version 6.0 in 2018. What is your version? It depends on your instructor creating your class. We recommend you to go thought all version if you are not clear. While you take online test with netacad.com, You may get random questions from all version. Each version have 1 to 10 different questions or more. After you review all questions, You should practice with our online test system by go to "Online Test" link below.

Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Version 5.02 Version 5.03 Version 6.0 Online Assessment
Chapter 4 Exam Chapter 4 Exam Chapter 4 Exam Online Test
Next Chapter
Chapter 5 Exam Chapter 5 Exam Chapter 5 Exam Online Test
CCNA 4 Lab Activities
 4.1.3.5 Packet Tracer – Configure Standard IPv4 ACLs
 4.2.2.10 Packet Tracer – Configuring Extended ACLs Scenario 1
 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
 4.2.2.12 Packet Tracer – Configuring Extended ACLs Scenario 3
 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
 4.4.2.9 Packet Tracer – Troubleshooting IPv4 ACLs
 4.4.2.10 Packet Tracer – Troubleshooting IPv6 ACLs
 4.5.1.1 Packet Tracer – Skills Integration Challenge
Uncategorized

Post navigation

Previous Post: 4.2.2.11 Packet Tracer – Configuring Extended ACLs Scenario 2
Next Post: 4.3.2.6 Packet Tracer – Configuring IPv6 ACLs
  • CCNA1 v7
  • CCNA2 v7
  • CCNA3 v7
System Test Exam Answers
Modules 1 – 3 Exam Answers
Modules 4 – 7 Exam Answers
Modules 8 – 10 Exam Answers
Modules 11 – 13 Exam Answers
Modules 14 – 15 Exam Answers
Modules 16 – 17 Exam Answers
Practice Final – ITN Answers
Course Feedback
ITN Practice PT Skills Assessment (PTSA)
Final Exam Answers
Modules 1 – 4 Exam Answers
Modules 5 – 6 Exam Answers
Modules 7 – 9 Exam Answers
Modules 10 – 13 Exam Answers
Modules 14 – 16 Exam Answers
ITN Practice Skills Assessment – PT Answers
SRWE Practice Skills Assessment – PT Part 1 Answers
SRWE Practice Skills Assessment – PT Part 2 Answers
SRWE Hands On Skills Exam Answers
SRWE Practice Final Exam Answers
SRWE Final Exam Answers 
Modules 1 – 2 Exam Answers
Modules 3 – 5 Exam Answers
Modules 6 – 8 Exam Answers
Modules 9 – 12 Exam Answers
Modules 13 – 14 Exam Answers
ITN Practice PT Skills Assessment (PTSA) Answers
SRWE Practice PT Skills Assessment (PTSA) – Part 1 Answers
SRWE Practice PT Skills Assessment (PTSA) – Part 2 Answers
ENSA Practice PT Skills Assessment (PTSA) Answers
ENSA Hands On Skills Exam Answers
Practice Final – ENSA Answers
ENSA Final Exam Answers
CCNA Certification Practice Exam Answers

Copyright © 2023 PressExam.