Cisco Systems CCNA 2 manual Phase 4 Access Control Lists, Ping from Router Boaz to Workstation

Phase 4: Access Control Lists

While testing the network, the team leader discovers that security has not been planned for the network. If the network configuration were installed as designed, any network user would be able to access all network devices and workstations.

The team leader asks the technician to add access control lists (ACLs) to the routers. The team leader has some suggestions for developing the security. Before the ACLs are added, backup the current router configuration. Also, make sure there is complete connectivity throughout the network before any of the ACLs are applied.

The following conditions must be taken into consideration when creating the ACLs:

•Workstation 2 and File Server 1 are on the management network. Any device on the management network can access any other device on the entire network.

•Workstations on Eva and Boaz LANs are not permitted outside of their subnet except to access File Server 1.

•Each router can telnet to the other routers and access any device on the network.

The team lead asks the technician to write down a short summary of the purpose of each ACL, the interfaces upon which they will be applied, and the direction of the traffic. Then list the exact commands that will be used to create and apply the ACLs to the router interfaces.

Before the ACLs are configured on the routers, review each of the following test conditions and make sure that the ACLs will perform as expected: