ACL's

Question 0

What is the command syntax to create a standard numbered ACL?

Answer 0

router(config)#access-list “access-list-number” {permit | deny} {source [source-wildcard] | host “hostname” | any}

Question 1

What is the command syntax to apply an ACL?

Answer 1

router(config-if)#ip access-group {access-list-number | access-list-name} {in | out}

Question 2

What is the command syntax to create an extended numbered ACL that specifies a particular application layer protocol to be filtered?

Answer 2

router(config)#access-list (access-list-number 100-199) {deny | permit} (transport layer protocol) source ip source-wildcard destination ip destination-wildcard eq (port number/application layer protocol) [precedence precedence] [tos tos] [fragments] [time-range time-range-name] [log]

Question 3

What’s is the command syntax to create an extended named ACL?

Answer 3

config t
ip access-list extended {ACL name}

(config ext-nacl)#[sequence number]
{permit|deny} (transport layer protocol) source ip wildcard mask destination wildcard mask (eq port #/application name)

Question 4

Create a numbered access list that will block all telnet traffic to the network on which the host 172.16.36.1 /19 resides.

Answer 4

access-list 100 deny tcp any 172.16.32.0 0.0.31.255 eq 23

access-list 100 permit any any

Question 5

Configure and apply an access list to allow only your host (ip 172.16.1.32) to telnet into your perimeter router.

Answer 5

Router1>enable
Router1#configure terminal
Router1(configure)#access-list 1 permit 172.16.1.32
Router1(configure)#line vty 0 4
Router1(config-line)#access-class 1 in