Blog Sorusu
CLI Guru - Cisco Eğitim ve Danışmanlık Merkezi |

2007 yılından bu yana aktif olan ciscotr.com, artık " www.bilisim.pro " olarak devam edecektir.  
Mevcut mesajlarınız ve kullanıcı bilgilerinizle sitemizde katılıma devam edebilirsiniz.

+ Reply to Thread
Results 1 to 2 of 2
Blog Sorusu

slm; CCie bloglarini gezerken bugun guzel bir soru tarzi birsey gordum ve aynisini post ediyorum buraya ....Acaba Author birseyler mi ima ediyor, hata varmi acl de, yoksa oylesine mi soylemis

  1. #1
    burner Guest

    Default Blog Sorusu

    slm;

    CCie bloglarini gezerken bugun guzel bir soru tarzi birsey gordum ve aynisini post ediyorum buraya ....Acaba Author birseyler mi ima ediyor, hata varmi acl de, yoksa oylesine mi soylemis kafamizda kusku brakmak icin...

    Access Control Lists (How to Fail a Task without Really Trying)
    By Anthony Sequeira, #15626
    Hello to all our faithful blog readers, I hope this post find you very well, and enjoying your studies!

    Access list tasks are a common CCIE Lab Exam feature, and I wanted to take a moment to show how easy it can be for a candidate to miss one thing or many things in such a task.

    Here is the task topology and the task itself. Following that we have the proposed solution by a Mock Student

    Can you find the errors in his or her ways?

    The Topology



    The Task
    Security
    Traffic Filtering
    8.1 Configure a security filter on R3 that will accomplish the following for traffic entering the router from the direction of R2:

    Allow Telnet from R2 (S0/1) to R1 (Lo1)
    Allow BGP traffic through the router
    Allow ICMP ping traffic between R1 (Lo1) and R2 (Lo1)
    Block any traffic sourced from RFC 1918 addresses – log these violations and include Layer 2 address information
    4 points


    The Proposed Solution(MOC ogrencisinin onerdigi cevap)
    !
    access-list 100 permit tcp host 32.0.1.2 eq telnet host 192.168.100.1 eq telnet
    access-list 100 permit tcp any any eq bgp
    access-list 100 permit icmp host 22.10.1.2 host 192.168.100.1
    access-list 100 permit icmp host 192.168.100.1 host 22.10.1.2
    access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
    access-list 100 deny ip 172.16.0.0 0.0.255.255 any log
    access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
    !
    interface Serial1/2
    ip access-group 100 in

    NOTE: I have posted a solution to this blog in the comments. The solution post date is November 20th, 2008.
    Kolay Gelsin
    Iyi gunler
    Last edited by burner; 04.12.2008 at 18:19.

  2. #2
    root is offline Moderator
    Join Date
    Jun 2007
    Location
    Ankara
    Posts
    1,409

    Default

    çok teşekkürler burner'cim...

+ Reply to Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts