Please see attached document(Access List.docx) for instructions.  Please use Cisco Packet Tracer version 6.2.0.0052. On a word document, Write all the steps and commands you took to answer Task #1 and Task#2.

 

 

Objective
The overall objective of this laboratory exercise is to gain experience with configuring access lists on a
Cisco router. Your task in this lab is to configure an access control list (ACL) that denies Telnet and web
traffic but permits all other traffic. You will then enable that ACL for packets entering R1's S0/0/0
interface. You will test the configuration by sending a ping, which should be allowed, and attempting to
telnet, which should be denied.
Topology Reference Tables
For convenience, Table 1 provides the IP address and mask of all necessary interfaces used to complete
the lab.
Table 1: The Computer IP Addresses, Subnet Masks, and Gateway Addresses for Lab 10
Computer/Interface – R1 IP Address Subnet Mask Gateway Address 172.16.160.11 255.255.255.224 172.16.160.1 R1-Fa0/0 172.16.160.1 255.255.255.224 R1-S0/0/0 172.16.128.5 255.255.255.252 Computer/Interface – R2 IP Address Subnet Mask Gateway Address 172.16.192.12 255.255.255.224 172.16.192.1 R2-Fa0/0 172.16.192.1 255.255.255.224 R2-S0/0/1 172.16.128.6 255.255.255.252 PC1 PC2 Settings for the Router 1 [R1] and Router 2 [R2]: Setting Password enable secret ciscopress line vty 0 4 ciscopress line con 0 ciscopress Detailed Lab Steps
In the following tasks, you must demonstrate your knowledge to configure computer networks. Each task
specifies a particular network setting you will be required to input. You will be required to document the
command(s) used to accomplish each task.
Task #1
Configure the network Routers (R1 and R2) and computers PC1 and PC2 to operate in the network using
the IP addresses, subnet mask, and gateway address specified in Table 1. You also configure RIP routing
between the two networks.
1. Configure the IP address and subnet masks for Routers R1, R2 and PC1 and PC2. List the steps
taken to accomplish this task. List the router prompt and the command for each task.
2. Configure RIPv2 routing for the network. List the router prompt and the command for each task
to accomplish this task.
3. Verify the network routing is properly configured. Discuss the steps you took to accomplish this.
Make corrections to the network configurations as needed.
4. Create an ACL on Router R1 that filters all UDP traffic coming into the serial 0/0/0 interface on
Router R1. You also allow all other traffic, including ICMP, to enter the network. You can simulate
UDP traffic by issuing the traceroute command, and you can simulate ICMP traffic by issuing
the ping command. Given this information, create an access list that meets this requirement.
Please note that when testing your access-list, you issue the traceroute and ping commands
from Router R2 to test your ACL.
Create access list:
Apply access list to the s0/0/0 interface:
5. Create an ACL on Router R1 that will deny Telnet but permit all other traffic including ICMP.
Given this information, write out what you think the configuration should be. You first need to
enable a Telnet connection on R1. Next create and apply the access-list on R1. You will test your
access list by issuing the telnet command from router R2 to test your ACL.
Create an access list: Apply the access list to the s0/0/0 interface:
6. Configure on R2’s Serial 0/0/1 interface an outbound ACL that denies Telnet access for Telnet
users in subnet 172.16.192.0/27 (R2’s LAN subnet) who try to connect to Telnet servers in subnet
172.16.160.0/27 (R1’s LAN subnet). The ACL should also allow other types of traffic between
hosts in those same subnets. In this lab, use wildcard masks to filter traffic to and from these
specific networks. Please note that you will issue the trace commands from Router R2 to test
your ACL. Given this information, write out what you think the access list configuration should
be. Please note that when testing your access list, you issue the traceroute and pin commands
from Router R2 to test your ACL. You need to remove the access list on R1 to be able to test. You
need to remove the access list on R1 to test the configuration.
Create access list: Task #2: Access List Questions
The following is a partial list of the items displayed when you issue the command show access-lists on a
router. Your task is to define each item and its purpose. You might need to go to Cisco.com to look up
what each of these commands means.
What is the purpose/function of the following commands?
1. R1(config)# access-list 10 permit host 10.10.20.250
2. R1(config)# access-list 110 permit tcp any host 192.168.12.1 eq telnet www smtp pop3
3. R1(config)# access-list 100 deny tcp 172.50.12.0 0.0.0.255 172.50.10.0 0.0.0.255 eq 23
4. R1(config)# access-list 100 permit ip any any
5. R1(config-if)# ip access-group 100 in
6. R1(config)# access-list 101 permit tcp 0.0.0.0 255.255.255.255 130.120.110.100 0.0.0.0 eq 80
7. R1(config)# access-list 101 deny ip any any
8. R1(config-if)# no ip access-group 100 in
9. R1(config)# access-list 122 permit udp any eq domain host 192.168.1.1 gt 1023
10. R1(config)# access-list rate-limit 10 mask 0E

Attachments:

• 1493197052-Access List.docx