Re: Need Help on this ACL Packet Tracer Activity

StudioGhilby · ‎12-03-2023

Hello, I'm currently studying IT network and security track. I need help on this activity.

I'm currently working on a Packet Tracer activity that involves configuring Access Control Lists (ACLs), and I find myself in need of some assistance. I have successfully configured ACLs 2 through 4, but I am encountering challenges with ACL 1, which is the ACL WEB.

My primary struggle is understanding how to correctly implement the ACL WEB to meet the specified requirements. I keep getting a 2% after configuring it.

Georg Pauwen · ‎12-03-2023

Hello,

what user profile is needed to open the file ?

EDIT: I managed to open your file. What are the requirements for ACL1 ? Can you post the instructions you are following ?

StudioGhilby · ‎12-03-2023

The instructions are there its just not docked. I added the screenshot of the instructions here.

Georg Pauwen · ‎12-03-2023

Hello,

this is the access list I have come up with:

ip access-list extended WEB
permit icmp 172.16.1.0 0.0.0.63 10.0.1.0 0.0.0.255
permit icmp 172.16.0.0 0.0.0.63 10.0.1.0 0.0.0.255
permit icmp 172.16.0.64 0.0.0.63 10.0.1.0 0.0.0.255
permit icmp 172.16.0.128 0.0.0.63 10.0.1.0 0.0.0.255
permit icmp 172.16.0.192 0.0.0.63 10.0.1.0 0.0.0.255
permit tcp any host 10.0.1.11 eq www
permit tcp any host 10.0.1.12 eq www
permit tcp any host 10.0.1.13 eq www
permit tcp any host 10.0.1.11 eq 443
permit tcp any host 10.0.1.12 eq 443
permit tcp any host 10.0.1.13 eq 443
permit tcp any host 10.0.1.5 eq domain

Apply the access list to interface GigabitEthernet0/0:

interface GigabitEthernet0/0
ip address 10.0.1.1 255.255.255.0
ip access-group WEB out

StudioGhilby · ‎12-03-2023

Thanks, I've manage to figure it out. Your only mistake was "permit tcp any host 10.0.1.5 eq domain" it should be "permit udp any host 10.0.1.5 eq domain". Now my problem is ACL 2 I can't seem to get it right. ACLs 1, 3, & 4 are good