CHAPTER 1
INTRODUCTION
The Internet has changed the manner in which social, commercial, political, and personal
interactions occur. The immediate nature of communications over the Internet encourages
the creation of global communities. Global communities allow for social interaction that
is independent of location or time zone. The creation of online communities for the
exchange of ideas and information has the potential to increase productivity opportunities
across the globe.
Online distance learning has removed geographic barriers and improved student
opportunity. Robust and reliable networks support and enrich student learning
experiences. They deliver learning the material in a wide range of formats including
interactive activities, assessments, and feedback.
● Social Media – Social media consists of interactive websites where people and
communities create and share user-generated content with friends, family, peers, and the
world.
● Blogs - Blogs, which is an abbreviation of the word “weblogs”, are web pages that are
easy to update and edit. Unlike commercial websites, blogs give anyone a means to
communicate their thoughts to a global audience without technical knowledge of web
design.
● Wikis - Wikis are web pages that groups of people can edit and view together.
Whereas a blog is more of an individual, personal journal, a wiki is a group creation. As
such, it may be subject to more extensive review and editing. Many businesses use wikis
as their internal collaboration tool.
● Peer-to-Peer (P2P) File Sharing – Peer-to-Peer file sharing allows people to share files
with each other without having to store and download them from a central server. The
user joins the P2P network by simply installing the P2P software. P2P file sharing has not
been embraced by everyone. Many people are concerned about violating the laws of
copyrighted materials.
In the business world, data networks were initially used by businesses to internally record
and manage financial information, customer information, and employee payroll systems.
These business networks evolved to enable the transmission of many different types of
information services, including email, video, messaging, and telephony.
There are many success stories illustrating innovative ways networks are being used to
make us more successful in the workplace.
Networks enable the creation of new forms of entertainment, such as online games.
Players participate in any kind of online competition that game designers can imagine.
We compete with friends and foes around the world as if we were all in the same room.
Even offline activities are enhanced using network collaboration services. Global
communities of interest have grown rapidly. We share common experiences and hobbies
well beyond our local neighborhood, city, or region. Sports fans share opinions and facts
about their favorite teams. Collectors display prized collections and get expert feedback
about them.
Home office networks and small office networks are often set up by individuals that work
from a home or a remote office and need to connect to a corporate network or other
centralized resources. Additionally, many self-employed entrepreneurs use home office
and small office networks to advertise and sell products, order supplies and communicate
with customers as shown in the below figure.
In businesses and large organizations, networks can be used on an even broader scale to
provide consolidation, storage, and access to information on network servers. Networks
also allow for rapid communication such as email, instant messaging, and collaboration
among employees. In addition to internal benefits, many organizations use their networks
to provide products and services to customers through their connection to the Internet as
shown in the below figure.
The Internet is the largest network in existence. In fact, the term Internet means a
„network of networks‟. The Internet is literally a collection of interconnected private and
public networks, such as those described above.
Servers are computers with software that enable them to provide information, like email
or web pages, to other end devices on the network. Each service requires separate server
software. For example, a server requires web server software in order to provide web
services to the network. A computer with server software can provide services
simultaneously to one or many clients. Additionally, a single computer can run multiple
types of server software. In a home or small business, it may be necessary for one
computer to act as a file server, a web server, and an email server.
Clients are computers with software installed that enable them to request and display the
information obtained from the server. An example of client software is a web browser,
like Chrome or FireFox. A single computer can also run multiple types of client software.
For example, a user can check email and view a web page while instant messaging and
listening to Internet radio. A computer with server software can provide services
simultaneously to one or many clients. Additionally, a single computer can run multiple
types of server software. In a home or small business, it may be necessary for one
computer to act as a file server, a web server, and an email server.
PEER-TO-PEER
Client and server software usually runs on separate computers, but it is also possible for
one computer to carry out both roles at the same time. In small businesses and homes,
many computers
function as the servers and clients on the network. This type of network is called a peer-
to-peer network.
IMPORTANCE OF NETWORKING
The path that a message takes from source to destination can be as simple as a single
cable connecting one computer to another, or as complex as a collection of networks that
literally spans the globe. This network infrastructure provides the stable and reliable
channel over which these communications occur.
● Devices
● Media
● Services Click each button in the figure to highlight the corresponding network
components.
Devices and media are the physical elements, or hardware, of the network. Hardware is
often the visible components of the network platform such as a laptop, PC, switch, router,
wireless access point, or the cabling used to connect the devices.
Services include many of the common network applications people use every day, like
email hosting services and web hosting services. Processes provide the functionality that
directs and moves the messages through the network. Processes are less obvious to us but
are critical to the operation of networks.
NETWORK MEDIA
Communication across a network is carried on a medium. The medium provides the
channel over which the message travels from source to destination.
Modern networks primarily use three types of media to interconnect devices and to
provide the pathway over which data can be transmitted.
● Glass or plastic fibers (fiber optic cable) - data is encoded as pulses of light
TYPES OF NETWORKS
Network infrastructures can vary greatly in terms of:
● Area of responsibility The figure illustrates the two most common types of network
infrastructures:
● Local Area Network (LAN) - A network infrastructure that provides access to users
and end devices in a small geographical area, which is typically an enterprise, home, or
small business network owned and managed by an individual or IT department.
● Wide Area Network (WAN) - A network infrastructure that provides access to other
networks over a wide geographical area, which is typically owned and managed by a
telecommunications service provider.
● Wireless LAN (WLAN) - Similar to a LAN but wirelessly interconnects users and end
points in a small geographical area.
THE INTERNET
The Internet is a worldwide collection of interconnected networks (internetworks or
internet for short).
The Internet is not owned by any individual or group. Ensuring effective communication
across this diverse infrastructure requires the application of consistent and commonly
recognized technologies and standards as well as the cooperation of many network
administration agencies. There are organizations that have been developed for the
purpose of helping to maintain structure and standardization of Internet protocols and
processes. These organizations include the Internet Engineering Task Force (IETF),
Internet Corporation for Assigned Names and Numbers (ICANN), and the Internet
Architecture Board (IAB), plus many others.
● Intranet
● Extranet An intranet is a term often used to refer to a private connection of LANs and
WANs that belongs to an organization and is designed to be accessible only by the
organization's members, employees, or others with authorization.
An organization may use an extranet to provide secure and safe access to individuals who
work for a different organization but require access to the organization‟s data. Examples
of extranets include:
● A local office of education that is providing budget and personal information to the
schools in its district.
1.2 OBJECTIVES
• Configure standard IPv4 ACLs.
CHAPTER 2
LITERATURE REVIEW
One of the most important skills a network administrator needs is mastery of access
control lists (ACLs). ACLs provide security for a network.
Network designers use firewalls to protect networks from unauthorized use. Firewalls are
hardware or software solutions that enforce network security policies. Consider a lock on
a door to a room inside a building. The lock allows only authorized users with a key or
access card to pass through the door. Similarly, a firewall filters unauthorized or
potentially dangerous packets from entering the network.
On a Cisco router, you can configure a simple firewall that provides basic traffic filtering
capabilities using ACLs. Administrators use ACLs to stop traffic or permit only specified
traffic on their networks. Network traffic can be permitted or denied.
Provide traffic flow control. ACLs can restrict the delivery of routing updates to
ensure that the updates are from a known source.
Provide a basic level of security for network access. ACLs can allow one host to
access a part of the network and prevent another host from accessing the same area.
For example, access to the Human Resources network can be restricted to authorized
users.
Filter traffic based on traffic type. For example, an ACL can permit email traffic, but
block all Telnet traffic.
Screen hosts to permit or deny access to network services. ACLs can permit or deny
a user to access file types, such as FTP or HTTP.
By default, a router does not have ACLs configured; therefore, by default a router does
not filter traffic. Traffic that enters the router is routed solely based on information within
the routing table. However, when an ACL is applied to an interface, the router performs
the additional task of evaluating all network packets as they pass through the interface to
determine if the packet can be forwarded.
In addition to either permitting or denying traffic, ACLs can be used for selecting types
of traffic to be analyzed, forwarded, or processed in other ways. For example, ACLs can
Dept. of ECE, VJIT 16
Implementation of standard ACL
An ACL is a sequential list of permit or deny statements, known as access control entries
(ACEs). ACEs are also commonly called ACL statements. When network traffic passes
through an interface configured with an ACL, the router compares the information within
the packet against each ACE, in sequential order, to determine if the packet matches one
of the ACEs. This process is called packet filtering.
Packet filtering controls access to a network by analyzing the incoming and outgoing
packets and forwarding them or discarding them based on given criteria. Packet filtering
can occur at Layer 3 or Layer 4, as shown in the figure. Standard ACLs only filter at
Layer 3. Extended ACLs filter at Layer 3 and Layer 4.
The source IPv4 address is the filtering criteria set in each ACE of a standard IPv4 ACL.
A router configured with a standard IPv4 ACL extracts the source IPv4 address from the
packet header. The router starts at the top of the ACL and compares the address to each
ACE sequentially. When a match is made, the router carries out the instruction, either
permitting or denying the packet. After a match is made, the remaining ACEs in the
ACL, if any, are not analyzed. If the source IPv4 address does not match any ACEs in the
ACL, the packet is discarded.
The last statement of an ACL is always an implicit deny. This statement is automatically
inserted at the end of each ACL even though it is not physically present. The implicit
deny blocks all traffic. Because of this implicit deny, an ACL that does not have at least
one permit statement will block all traffic.
ACLs define the set of rules that give added control for packets that enter inbound
interfaces, packets that relay through the router, and packets that exit outbound interfaces
of the router. ACLs do not act on packets that originate from the router itself.ACLs can
be configured to apply to inbound traffic and outbound traffic.
Inbound ACLs - Incoming packets are processed before they are routed to the
outbound interface. An inbound ACL is efficient because it saves the overhead of
routing lookups if the packet is discarded. If the packet is permitted by the ACL, it is
then processed for routing. Inbound ACLs are best used to filter packets when the
network attached to an inbound interface is the only source of packets that need to
be examined.
Outbound ACLs - Incoming packets are routed to the outbound interface, and then
they are processed through the outbound ACL. Outbound ACLs are best used when
the same filter will be applied to packets coming from multiple inbound interfaces
before exiting the same outbound interface.
Wildcard Masking
IPv4 ACEs include the use of wildcard masks. A wildcard mask is a string of 32 binary
digits used by the router to determine which bits of the address to examine for a match.
As with subnet masks, the numbers 1 and 0 in the wildcard mask identify how to treat the
corresponding IPv4 address bits. However, in a wildcard mask, these bits are used for
different purposes and follow different rules.
Subnet masks use binary 1s and 0s to identify the network, subnet, and host portion of an
IPv4 address. Wildcard masks use binary 1s and 0s to filter individual IPv4 addresses or
groups of IPv4 addresses to permit or deny access to resources.
Wildcard masks and subnet masks differ in the way they match binary 1s and 0s.
Wildcard masks use the following rules to match binary 1s and 0s:
Wildcard mask bit 0 - Match the corresponding bit value in the address.
Wildcard mask bit 1 - Ignore the corresponding bit value in the address.
Figure 1 shows how different wildcard masks filter IPv4 addresses. In the example,
remember that binary 0 signifies a bit that must match, and binary 1 signifies a bit that
can be ignored.
Wildcard masks are often referred to as an inverse mask. The reason is that, unlike a
subnet mask in which binary 1 is equal to a match and binary 0 is not a match, in a
wildcard mask the reverse is true.
Note: Unlike IPv4 ACLs, IPv6 ACLs do not use wildcard masks. Instead, the prefix-
length is used to indicate how much of an IPv6 source or destination address should be
matched.
Writing ACLs can be a complex task. For every interface there may be multiple policies
needed to manage the type of traffic allowed to enter or exit that interface. The router in
the figure has two interfaces configured for IPv4 and IPv6. If we needed ACLs for both
protocols, on both interfaces and in both directions, this would require eight separate
ACLs. Each interface would have four ACLs; two ACLs for IPv4 and two ACLs for
IPv6. For each protocol, one ACL is for inbound traffic and one for outbound traffic.
Note: ACLs do not have to be configured in both directions. The number of ACLs and
their direction applied to the interface will depend on the requirements being
implemented.
Use ACLs in firewall routers positioned between your internal network and an
external network such as the Internet.
Use ACLs on a router positioned between two parts of your network to control
traffic entering or exiting a specific part of your internal network.
Configure ACLs on border routers, that is, routers situated at the edges of your
networks. This provides a very basic buffer from the outside network, or between a
less controlled area of your own network and a more sensitive area of your network.
Configure ACLs for each network protocol configured on the border router
interfaces.
You can configure one ACL per protocol, per direction, per interface:
One ACL per protocol - To control traffic flow on an interface, an ACL must be
defined for each protocol enabled on the interface.
One ACL per direction - ACLs control traffic in one direction at a time on an
interface. Two separate ACLs must be created to control inbound and outbound
traffic.
One ACL per interface - ACLs control traffic for an interface, for example,
GigabitEthernet 0/0
The proper placement of an ACL can make the network operate more efficiently. An
ACL can be placed to reduce unnecessary traffic. For example, traffic that will be denied
at a remote destination should not be forwarded using network resources along the route
to that destination.
Every ACL should be placed where it has the greatest impact on efficiency. As shown in
the figure, the basic rules are:
Extended ACLs - Locate extended ACLs as close as possible to the source of the
traffic to be filtered. This way, undesirable traffic is denied close to the source
network without crossing the network infrastructure.
Placement of the ACL and therefore, the type of ACL used may also depend on:
The extent of the network administrator’s control - Placement of the ACL can
depend on whether or not the network administrator has control of both the source
and destination networks.
The topology in the figure is used to demonstration how a standard ACL can be placed.
The administrator wants to prevent traffic originating in the 192.168.10.0/24 network
from reaching the 192.168.30.0/24 network.
Following the basic placement guidelines of placing the standard ACL close to the
destination, the figure shows two possible interfaces on R3 to apply the standard ACL:
R3 G0/0 interface - Applying the standard ACL to traffic exiting the G0/0 interface
will filter packets from 192.168.10.0/24 to 192.168.30.0/24. This will not affect
other networks reachable by R3. Packets from 192.168.10.0/24 will still be able to
reach 192.168.31.0/24.
To use numbered standard ACLs on a Cisco router, you must first create the standard
ACL and then activate the ACL on an interface.
The access-list global configuration command defines a standard ACL with a number in
the range of 1 through 99. Cisco IOS Software Release 12.0.1 extended these numbers by
allowing 1300 to 1999 to be used for standard ACLs. This allows for a maximum of 798
possible standard ACLs. These additional numbers are referred to as expanded IPv4
ACLs.
ACEs can permit or deny an individual host or a range of host addresses. To create a host
statement in numbered ACL 10 that permits a specific host with the IPv4 address
192.168.10.10, you would enter:
As shown in Figure 2, to create a statement that will permit a range of IPv4 addresses in a
numbered ACL 10 that permits all IPv4 addresses in the network 192.168.10.0/24, you
would enter:
To remove the ACL, the global configuration no access-list command is used. Issuing
the show access-list command confirms that access list 10 has been removed.
documentation and makes access lists a great deal easier to understand. Each remark is
limited to 100 characters. The ACL in Figure 3, although fairly simple, is used to provide
an example. When reviewing the ACL in the configuration using the show running-
config command, the remark is also displayed.
The figure shows the logic of routing and ACL processes. When a packet arrives at a
router interface, the router process is the same, whether ACLs are used or not. As a frame
enters an interface, the router checks to see whether the destination Layer 2 address
matches its interface Layer 2 address, or whether the frame is a broadcast frame.
If the frame address is accepted, the frame information is stripped off and the router
checks for an ACL on the inbound interface. If an ACL exists, the packet is tested against
the statements in the list.
If the packet matches a statement, the packet is either permitted or denied. If the packet is
accepted, it is then checked against routing table entries to determine the destination
interface. If a routing table entry exists for the destination, the packet is then switched to
the outgoing interface, otherwise the packet is dropped.
Next, the router checks whether the outgoing interface has an ACL. If an ACL exists, the
packet is tested against the statements in the list.
If there is no ACL or the packet is permitted, the packet is encapsulated in the new Layer
2 protocol and forwarded out the interface to the next device.
CHAPTER 3:
METHODOLOGY
3.1.1 Router
The Config tab offers four general levels of configuration: global, routing, switching
(Cisco 1841 and Cisco 2811 only), and interface. To perform a global configuration,
Dept. of ECE, VJIT 31
Implementation of standard ACL
click the GLOBAL button to expand the Settings button (if it has not already been
expanded). To configure routing, click the ROUTING button, and then choose Static or
RIP. To configure switching, click the SWITCHING button to expand the VLAN
Database button. To configure an interface, click the INTERFACE button to expand
the list of interfaces, and then choose the interface. Note that the Config tab provides
an alternative to the Cisco IOS CLI only for some simple, common features; to access
the full set of router commands that have been modeled you must use the Cisco IOS
CLI. Throughout your configurations in the Config tab, the lower window will display
the equivalent Cisco IOS commands for all your actions.
3.1.2 Switch
A network switch (also called switching hub, bridging hub, officially MAC bridge) is a
computer networking device that connects devices together on a computer network by
using packet switching to receive, process, and forward data to the destination device.
3.1.3 EndDevices
The network devices that people are most familiar with are called end devices. These
devices form the interface between the human network and the underlying
communication network. Some examples of end devices are:
1 Menu Bar This bar provides the File, Edit, Options, View, Tools,
Extensions, and Help menus. You will find basic
commands suchas Open, Save, Save as Print, and
Settings and Preferences in these menus. You will also
be able to access the ActivityWizard from the
Extensions menu.
2 Main Tool Bar This bar provides shortcut icons to the File
and Edit menu commands. This bar also
provides buttonsfor Copy, Paste, Undo, Redo,
Zoom, the Drawing Palette, and the Custom
Devices Dialog. On the right, you will also
find the Network Information button, which
you can use to enter adescription for the
current network (or any text you wish to
include).
3 Common Tools This bar provides access to these commonly used
Bar workspace tools: Select, Move Layout, Place Note,
Delete, Inspect, ResizeShape, Add Simple PDU,
and Add Complex PDU.
4 Logical/Physical You can toggle between the Physical Workspace and the
Workspace and Logical Workspace with the tabs on this bar. In Logical
Navigation Bar Workspace, this bar also allows you to go back to a
previous level in a cluster, createa New Cluster, Move
Object, Set Tiled Background, and Viewport. In Physical
Workspace, this bar allows you to navigate through
physical locations, create a New City, create a New
Building, create a New Closet, Move Object, apply a
5 Workspace This area is where you will create your network, watch
simulations, and view many kinds of information and
statistics.
6 Real- You can toggle between Real-time Mode and Simulation
time/Simulation Mode with the tabs on this bar. This bar also provides
Bar buttons to Power Cycle Devices and Fast Forward Time
as well as the Play Control buttons and the Event List
toggle button in Simulation Mode. Also, it contains a
clock that displays the relative Time in Real-time Mode
and Simulation Mode.
7 Network This box is where you choose devices and
Component Box connections to put into the workspace. It contains the
Device-Type Selection Box and the Device-Specific
Selection Box. There's a searchable field that allows
you to enter a device name to look for that
specificdevicequickly.
10 User Created This window manages the packets you put in the
Packet network during simulation scenarios. See the
Window* "Simulation Mode" section for more details.
3.3NETWORK TOPOLOGY
3.4 CONFIGURATION
3.4.1 ROUTER
Global Settings
In global settings, you can change the display name of the router as it appears on the
workspaceandthehostnameasitappearsintheCiscoIOS.Youcanalsomanipulatetherouterco
nfigurations files in these various ways:
Erase the NVRAM (where the startup configuration is stored).
Save the current running configuration to the NVRAM.
Export the startup and running configuration to an external text file.
Load an existing configuration file (in .txt format) into the startup configuration.
Merge the current running configuration with another configuration file.
Algorithm Settings
In the Algorithm Settings, you can override the global Algorithm Settings by removing
the check mark Global Settings and then set your own values for the Half-Open
Session Multiplier, Maximum Number of Connections, Maximum Number of
Opened Sessions, and Maximum Retransmission Timeout in Milliseconds. For the
Cisco 1841 and Cisco 2811, you can also set the Storm Control Multiplier.
The Cisco 1841 and 2811 routers support VLAN configuration. You can manage the
VLANs on the router from the VLAN Database sub-panel. You can add VLANs by
entering a name and a VLAN number and pressing the Add button. You can see all
existing VLAN entries in the list below the button. You can remove a VLAN by
selecting it from the list and then pressing the Remove button.
Interface Configuration
A router can support a wide range of interfaces including serial, modem, copper
Ethernet, and fiber Ethernet. Each interface type may have different configuration
options, but in general, you can set the Port Status (on or off), IP Address, Subnet
Mask, and Tx Ring Limit. For Ethernet interfaces, you can also set the MAC Address,
Bandwidth, and Duplex setting. For serial interfaces, you can set the Clock Rate
setting.
3.4.2 SWITCH
Configuring Switches
The Config tab for the switch offers three general levels of configuration: global,
switching, and interface. The global level offers the same settings as a router. The
routing level also offers the same configuration parameters as a router. The switching
level, however, is where you can manage the VLAN database of the switch. The
interface level configurations also offer access to the VLAN settings of the switch.
Note that the Config tab provides an alternative to the Cisco IOS CLI only for some
simple, common features; to access the full set of switch commands that have been
modeled you must use the Cisco IOS CLI.
Throughout your configurations in the Config tab, the lower window will display the
equivalent Cisco IOS commands for all your actions.
Global Settings
In global settings, you can change the switch display name as it appears on the
workspace and the hostname as it appears in the Cisco IOS. You can also
manipulate the switch configuration files in these various ways:
Algorithm Settings
In the Algorithm Settings, you can override the global Algorithm Settings by removing
the check mark Global Settings and then set your own values for the Maximum
Number of Connections, Maximum Number of Opened Sessions, and Storm Control
Multiplier. For the Cisco Catalyst 3560-24PS, you can also set the Half-Open Session
Multiplier.
Interface Configuration
Switches have only Ethernet-type interfaces. For each interface, you can set the
Port Status (on or off), Bandwidth, Duplex setting, VLAN Switch Mode, and
Tx Ring Limit. By default, an interface is a VLAN access port assigned to VLAN
1. You can use the drop-down menu on the right side of the screen to reassign the
port to another existing VLAN. You can also change an interface into a VLAN
trunk port, and then use the drop-down menu on the right to select the VLANs you
want that trunk to handle.
CHAPTER 4
RESULTS AND DESCRIPTION
4.1 IP CONFIGURATION OF PCS
4.1.1 IP Configuration of PC0
4.3 TOPOLOGY
Use the fifth switch to accommodate the Server0, Server1 & Server2.
Step 2: Document the Standard ACL addresses. Complete the addressing table.
Step 3: Verify connectivity. You can only verify connectivity from, and. However, you
should be able to ping every IP address listed in the Addressing Table.
Addressing Table
4.5 PROGRAM
Router0
Router>enable
Router#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#in
Router(config)#interface fas
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip ad
Router(config-if)#ip address 192.168.3.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#
Router(config)#exit
Router#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#ip dh
Router(config)#ip dhcp po
Router(config)#ip dhcp pool college1
Router(dhcp-config)#net
Router(dhcp-config)#network 192.168.3.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.3.1
Router(dhcp-config)#exit
Router#
Router(config)#int
Router(config)#interface fast
Router(config)#interface fastEthernet 0/1
Router(config-if)#ip add
Router(config-if)#ip address 192.168.6.1 255.255.255.0
% 192.168.6.0 overlaps with FastEthernet1/0
Router(config-if)#interface fastEthernet 0/1
Router(config-if)#ip address 192.168.5.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#ip dch
Router(config)#ip dhc
Router(config)#ip dhcp pool college2
Router(dhcp-config)#net
Router(dhcp-config)#network 192.168.5.0 255.255.255.0
Router(dhcp-config)#def
Router(dhcp-config)#default-router 192.168.5.1
Router(dhcp-config)#exit
Router(config)#ip dhcp ex
Router(config)#ip dhcp excluded-address 192.168.5.1
Router(config)#exit
Router#con
Router#conf
Router#configure t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#in
Router(config)#interface f
Router(config)#interface fastEthernet
Router(config)#interface fastEthernet 1/0
Router(config-if)#ip add
Router(config-if)#ip address 192.168.6.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#ip dh
Router(config)#ip dhcp pool college4
Router(dhcp-config)#net
Router(dhcp-config)#network 192.168.6.0 255.255.255.0
Router(dhcp-config)#de
Router(dhcp-config)#default-router 192.168.6.1
Router(dhcp-config)#ip dhc
Router(dhcp-config)#exit
Router(config)#ip dhcp ex
Router(config)#ip dhcp excluded-address 192.168.6.1
Router(config)#exit
Router2
Router>en
Router>enable
Router#conf
Router#configure
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#inter
Router(config)#interface fast
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip add
Router(config-if)#ip address 192.168.7.1 255.255.255.0
Router(config-if)#no sh
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#ip dhcp p
Router(config)#ip dhcp pool college5
Router(dhcp-config)#net
Router(dhcp-config)#network 192.168.7.1 255.255.255.0
Router(dhcp-config)#def
Router(dhcp-config)#default-router 192.168.7.1
Router(dhcp-config)#exit
Router(config)#ip dhcp poo
Router(config)#ip dhcp pool college6
Router(dhcp-config)#net
Router(dhcp-config)#network 192.168.7.0 255.255.255.0
Router(dhcp-config)#de
Router(dhcp-config)#default-router 192.168.7.1
Router(dhcp-config)#ip dhcp ex
Router(dhcp-config)#exit
Router(config)#ip dhc
Router(config)#ip dhcp ex
Router(config)#ip dhcp excluded-address 192.168.7.1
Router(config)#exit
4.6 SIMULATION
CHAPTER 5
5.3 CONCLUSION
ACLs will check packets for certain conditions.
Standard ACLs test simple conditions.
Extended ACLs test complex conditions.
Define ACL –apply to interface.
Place ACLs sensibly.
Be sure to order ACLs sensibly too!
REFERENCES
https://www.netacad.com/
https://static-course-assets.s3.amazonaws.com/RSE6/en/index.html#7.0.1.1
https://www.youtube.com/watch?v=FabVhn_HprI
https://www.youtube.com/watch?v=3cGVILu86GU
https://www.cisco.com/c/en/us/td/docs/app_ntwk_services/waas/waas/v421/com
mand/reference/cmdref/std_acl.html