6.3a Configure, verify, and troubleshoot IPv4 and IPv6 access list for traffic filtering

This article is deprecated. New version here.
Now this topic is probably what got me a fail. The only simlet I did was a silly standard access sim. All the auto-complete functions were disabled and the hardware felt like it was from the 90s in the lab.
I will make sure I really get these IP access list for the next exam.
6.3.a Standard
So I made a simple lab:
6.3 lab
Standard ACLs only match on the source IP address. In the lab I wrote the required rules so I could keep focused.
BTW the monitor in the LAB was ridiculously small. I couldn’t fit it all on the damn screen.
Anyway it’s pretty easy to configure the ACL’s check page 605 in the CCENT book.
rule 1rule 2rule 3
Don’t forget the IMPLICIT DENY at the end of the ACL!
Using the implicit deny I was able to satisfy all requirement with only 3 ACL entries:
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address
ip access-group 1 out
interface FastEthernet0/1.101
encapsulation dot1Q 101
ip address
ip access-group 2 out
access-list 1 permit
access-list 1 permit
access-list 2 permit

Leave a comment

Your email address will not be published. Required fields are marked *