Background

Lab 8.3.3 Configuring and Verifying Standard ACLs


Step 1: Connect the equipment
  1. Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial cable.
  2. Connect the Fa0/0 interface of Rourter 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
  3. Connect a console cable to the PC to perform configurations on the routers and switch.
  4. Connect H1 to the Fa0/2 port of Switch 1 using a straight-through cable.
Step 2: Perform basic configuration on Router 1
  1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
  2. On Router 1, configure the hostname, interfaces, passwords, and message-of-the-day banner and disable DNS lookups according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 2 and save the configuration.
Step 4: Perform basic configuration on Switch 1
Configure Switch 1 with a hostname and passwords according to the addressing table and topology diagram.
Step 5: Configure the host with IP address, subnet mask, and default gateway
  1. Configure the host with the proper IP address, subnet mask, and default gateway. The host should be assigned the address 192.168.200.10/24 and the default gateway of 192.168.200.1.
  2. The workstation should be able to ping the attached router. If the ping is not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway.
Step 6: Configure RIP routing and verify end-to-end connectivity in the network
  1. On Router 1, enable the RIP routing protocol and configure it to advertise both connected networks.
  2. On Router 2, enable the RIP routing protocol and configure it to advertise all three connected networks.
  3. Ping from Host 1 to the two loopback interfaces on Router 2.
Were the pings from Host 1 successful? __________ yes
If the answer is no, troubleshoot the router and host configurations to find the error. Ping again until they are both successful.
Step 7: Configure and test a standard ACL
Step 8: Test the ACL
  1. From Host 1, ping the 192.168.1.1 loopback address.
Is the ping successful? __________ No
b.    From Host 1, ping the 192.168.2.1 loopback address.
Is the ping successful? __________ No
c.     Issue the show access-list command again.
How many matches are there for the first ACL statement (permit)?
Jawaban : but there should be at least 8-16 matches if the pings to the loopbacks were done.
Step 9: Reflection
a.     Why is careful planning and testing of access control lists required? Jawaban : To verify that the intended traffic – and ONLY the intended – traffic is permitted.
What is the main limitation of standard ACLs? Jawaban : They can only filter based on source address.

Categories: Share

Leave a Reply