Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Lab Topology
The topology diagram below represents the NetMap in the Simulator.
Command Summary
Command Description
configure terminal enters global configuration mode from privileged EXEC
mode
deny tcp {source-ipv6-prefix/prefix-length | is used to set deny conditions for an IPv6 access list
any | host source-ipv6-address}
{destination-ipv6-prefix/prefix-length | any |
host destination-ipv6-address} [eq {port |
protocol}]
enable enters privileged EXEC mode
end ends and exits configuration mode
exit exits one level in the menu structure
interface type number changes from global configuration mode to interface
configuration mode
The IPv6 addresses and subnet masks used in this lab are shown in the table below:
IP Addresses
Device IPv6 Address
Router1 2001:DB8:1:1::1/64
PC1 2001:DB8:1:1::2/64
PC2 2001:DB8:1:1::3/64
Lab Tasks
Task 1: Configure an IPv6 ACL that Controls Telnet Traffic
This task involves configuring an IPv6 access list that allows Telnet traffic from PC1 and that blocks Telnet
traffic from PC2.
1. On PC1, configure the appropriate IPv6 address; refer to the IPv6 Addresses table
3. On PC1 and PC2, ping Router1’s IPv6 address (2001:DB8:1:1::1) to verify connectivity between the
PCs and Router1. The pings should be successful.
4. From PC1 and PC2, attempt to telnet to Router1 (2001:DB8:1:1::1). The Telnet sessions should
succeed. Exit the Telnet sessions.
5. On Router1, display the IPv6 access lists. How many ACLs are currently configured on Router1? _
7. On Router1, apply the block_telnet ACL to the FastEthernet 1/0 interface inbound.
9. On PC1 and PC2, ping Router1 (2001:DB8:1:1::1) to verify connectivity between the PCs and
Router1. The pings should be successful.
10. On PC1, verify Telnet connectivity from PC1 to Router1 (2001:DB8:1:1::1). Exit the Telnet session.
11. From PC2, attempt to telnet to Router1 (2001:DB8:1:1::1). The Telnet session should fail.
12. On Router1, display the IPv6 access lists; observe the matches logged in the ACL statements.
Once you have completed this lab, be sure to check your work by using the grading function.
You can do so by clicking the Grade Lab icon ( ) in the toolbar or by pressing Ctrl+G.
2. On PC2, issue the following command to configure the appropriate IPv6 address:
C:>ping 2001:DB8:1:1::1
4. From PC1 and PC2, issue the following commands to attempt to telnet to Router1 (2001:DB8:1:1::1)
and to then exit the Telnet sessions. The Telnet sessions should succeed. The following is sample
output from PC1:
C:>telnet 2001:DB8:1:1::1
Password: boson
Router1>exit
[Connection to 2001:DB8:1:1::1 closed by foreign host]
5. On Router1, issue the following command to display the IPv6 access lists:
6. On Router1, you should issue the following commands to configure the block_telnet IPv6 ACL that
blocks PC2 IPv6 Telnet traffic and permits all other IPv6 traffic:
Router1#configure terminal
Router1(config)#ipv6 access-list block_telnet
Router1(config-ipv6-acl)#deny tcp host 2001:DB8:1:1::3 any eq telnet
Router1(config-ipv6-acl)#permit ipv6 any any
7. On Router1, you should issue the following commands to apply the block_telnet ACL to the
FastEthernet 1/0 inbound interface:
C:>ping 2001:DB8:1:1::1
10. On PC1, you should issue the following commands to verify Telnet connectivity from PC1 to Router1
and exit the Telnet session:
C:>telnet 2001:DB8:1:1::1
Password: boson
Router1>exit
[Connection to 2001:DB8:1:1::1 closed by foreign host]
11. On PC2, you should issue the following command to attempt a Telnet session to Router1. The Telnet
session should fail.
C:>telnet 2001:DB8:1:1::1
Trying 10.10.0.1 ...
% Destination unreachable; gateway or host down
12. On Router1, you should issue the following command to display the IPv6 access lists and to observe
matches to the ACL statements. Sample output is shown below:
Copyright © 1996–2017 Boson Software, LLC. All rights reserved. NetSim software and documentation are protected by copyright law.