Lab 8.3.3 Configuring and Verifying Standard ACLs
Step 1: Connect the equipment
- Connect the Serial 0/0/0 interface of Router 1 to the Serial 0/0/0 interface of Router 2 using a serial cable.
- Connect the Fa0/0 interface of Rourter 1 to the Fa0/1 port of Switch 1 using a straight-through cable.
- Connect a console cable to the PC to perform configurations on the routers and switch.
- Connect H1 to the Fa0/2 port of Switch 1 using a straight-through cable.
Step 2: Perform basic configuration on Router 1
- Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
- On Router 1, configure the hostname, interfaces, passwords, and message-of-the-day banner and disable DNS lookups according to the addressing table and topology diagram. Save the configuration.
Step 3: Perform basic configuration on Router 2
Perform basic configuration on Router 2 and save the configuration.
Step 4: Perform basic configuration on Switch 1
Configure Switch 1 with a hostname and passwords according to the addressing table and topology diagram.
Step 5: Configure the host with IP address, subnet mask, and default gateway
- Configure the host with the proper IP address, subnet mask, and default gateway. The host should be assigned the address 192.168.200.10/24 and the default gateway of 192.168.200.1.
- The workstation should be able to ping the attached router. If the ping is not successful, troubleshoot as necessary. Check and verify that the workstation has been assigned a specific IP address and default gateway.
Step 6: Configure RIP routing and verify end-to-end connectivity in the network
- On Router 1, enable the RIP routing protocol and configure it to advertise both connected networks.
- On Router 2, enable the RIP routing protocol and configure it to advertise all three connected networks.
- Ping from Host 1 to the two loopback interfaces on Router 2.
Were the pings from Host 1 successful? __________ yes
If the answer is no, troubleshoot the router and host configurations to find the error. Ping again until they are both successful.
Step 7: Configure and test a standard ACL
Step 8: Test the ACL
- From Host 1, ping the 192.168.1.1 loopback address.
Is the ping successful? __________ No
- From Host 1, ping the 192.168.2.1 loopback address.
Is the ping successful? __________ No
- Issue the show access-list command again.
How many matches are there for the first ACL statement (permit)? __________
Answers will vary but there should be at least 8-16 matches if the pings to the loopbacks were done.
Step 9: Reflection
- Why is careful planning and testing of access control lists required? Jawaban: To verify that the intended traffic – and ONLY the intended – traffic is permitted.
- What is the main limitation of standard ACLs? Jawaban: They can only filter based on source address.
Tidak ada komentar:
Posting Komentar