Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Access-list
`Using wildcard-mask
1
`Using wildcard-mask
`Using wildcard-mask
2
`Using wildcard-mask
Web Server
S0 S0
-All stations only allowed to fpt to
R_E
File Server and access web in Web F0/0
Server
-File Server offers only ftp service E0
to inner-network and Web Server. E0
R_A R_B Enginering
E1 E1
•All stations in all Ethernet
networks are not allowed to
telnet to any router
File Server
`ACL Challenge
220.16.30.0/24
•Outer-network can’t ping into inner-
network
•Do not allow outer-network to access
inner-network with TCP traffic. R1
3
`LAB Topology
Static
IGRP 88
REQUIREMENTS:
- In each network, normal stations take upper IP range, key devices take lower IP range
- Allow all host to access Internet except using FTP
- Allow entire Ethernet network attached to RD full access to Proxy Server and Mail Server
- Allow public access to web site on Mail Server but not to all other services
- Only stations attached to RE are allowed to telnet Routers
- Allow all hosts on the internal network to use FTP, telnet, HTTP, DNS and no other
services
- Disallow all other access