09-12-2012 05:43 AM - edited 03-03-2019 06:45 AM
Hi everyone! I'm reviewing ACLs for the CCNA. I had a question in the practice certification exam # 1 in cisco.netacad asking me to block telnet in three statements with an extended ACL. I answered this:
access-list 100 deny tcp any any eq telnet
access-list 100 permit ip any any
The placement of the ACL was ok, but I didn't get any points for configuration. I didn't put the “deny any any” statement because I thought it was already included with the implicit deny, but to get out of doubt, I took it again and added the las statement. Again, I did not get any points for the configuration of the ACL. I have three routers connected by serial ports and the last one connected to the internet through a serial port also. All routers have an Ethernet interface. To block telnet from the networks connected to the last router, and also from the internet I place the ACL outbound in the fa0/0.
Now, my question is, should I use in the statements "any any" because I believe that the only reason I'm not getting this points is because they want me to summarize the networks or something. Also, I don't know whether to include the “deny any any” statement or not. I will be taking the ICND 2 and I'm pretty sure I will see this on the test. Can someone please help me understand what are they asking me? Please... Thank you very much.
Carlos
09-12-2012 10:53 AM
Hi,
Could you post your pka file.
Regards.
Alain
Don't forget to rate helpful posts.
09-13-2012 08:38 AM
Hi Carlos,
Probably what they wanted you to do was the following:
ip access-list extended BLOCK_TELNET
deny tcp any any eq telnet
permit ip any any
Do not know what the exact statement of the question is but you can give it a try.
Regards.
09-16-2012 02:42 AM
Hi Carlos,
I guess you may need to apply that ACL to an interface or VLAN as in so that it can make the things work and that would be the correct answer.
Please do rate if the given information helps.
By
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide