ACL 实验题 Question work associate is adding security to the conf iguration of the Corp1 router. The user on host C should be able to use a web browser to access financ ial information from the Finance Web Server. No other hosts from the LAN nor the Core should be able to use a web browser to access this server. Since there are multiple resources for the corporation at this location including other resources on the Finance Web Server, all other traffic should be allowed. The task is to create and apply an access-list wi th no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted. 注:红色关键单词记住,代表只允许 C 主机访问 Finance Web 服务器 Access to the router CLI can be gain ed by clicking on the appropriate host. All passwords have been te mporarily set to "cisco". The Core connection uses an IP address of ← Corp1 路由器的 S 口的 IP ,考试时要 show 下 IP对不对,不对就改 puters in the Hosts LAN have been assigned addresses of - Host A Host B Host C Host D The servers in the Server LAN have been assigned addresses of - The Finance Web Server is assigned an IP address of . Answer and Explanation Corp1> enable (you may enter "cisco" as it passwords here) We should create an access-list a nd apply it to the interface which is connected to the Server LAN because it can filter out traffic from both Sw-2 a nd works. The Server work has been assigned addresses of - so we can guess the interface c onnected to them has an IP address of (.30 is the number s hown in the figure). Use the "show runningconfig" command to check which interface has the IP address of . Corp1# show running-config We learn that interface 0/1 is the inte rface connected to Server work. It is
