12-04-2023 11:24 PM
Hey, I'm currently studying IT network and security track. I need help with this activity about ACL.
I'm currently working on a Packet Tracer activity that involves configuring Access Control Lists (ACLs), and I find myself in need of some assistance.
I've spent 2 hours trying to block out the hacker but nothing seems to work.
12-05-2023 12:30 AM
- FYI : Community group for Packet Tracer project questions
M.
12-05-2023 12:39 AM
Hello,
the devices are not accessible (locked). Post a file with unlocked devices (and provide the necessary passwords if applicable), or post the full running configuration (show run) of the router...
12-05-2023 05:14 AM
Sadly, I can't unlock the devices
12-05-2023 05:22 AM
Hello,
can you post the running config (sh run) of the router ?
12-05-2023 06:25 AM
12-05-2023 06:08 AM
Here is the acl I made, I was only able to get 75% completion, says something in acl 10 is wrong.
!
interface FastEthernet0/0
ip address 172.16.20.1 255.255.255.0
ip access-group 10 out
duplex auto
speed auto
!
interface Ethernet0/0/0
ip address 172.16.30.1 255.255.255.0
ip access-group 20 out
duplex auto
speed auto
!
access-list 10 deny host 172.16.10.15
access-list 10 deny host 172.16.10.6
access-list 10 deny host 172.16.10.11
access-list 10 permit host 172.16.10.5
access-list 10 permit host 172.16.10.10
access-list 20 deny host 172.16.10.15
access-list 20 permit any
!
12-06-2023 02:22 PM
Your config has the desired effect. To bad they don't give you access to a command line on the PC to test (which you should always do if at all possible). I rebuilt the lab using your config and PCs that could ping and everything was as desired. An alternate config on ACL 10 would be to permit the Pres & VP first then let the implicit deny stop everything else.
access-list 10 permit host 172.16.10.5
access-list 10 permit host 172.16.10.10
access-list 20 deny host 172.16.10.15
access-list 20 permit any
I tried that in your lab and it didn't like that either. My assumption is 4th octet of the ip addresses is reflected in the hostname and that is how we built the ACLs. However ... if you change ACL 20 to explicitly deny the Hacker and explicitly permit the other 4 addresses the Check Results fails both ACLs 10 and 20. So my guess is that there is an error in the addresses set in the results check, probably the Pres or VP address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide