Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
589
Views
1
Helpful
7
Replies

Need Help on this ACL Packet Tracer Activity

TF2
Level 1
Level 1

‎12-04-2023 11:24 PM

Hey, I'm currently studying IT network and security track. I need help with this activity about ACL.

I'm currently working on a Packet Tracer activity that involves configuring Access Control Lists (ACLs), and I find myself in need of some assistance.

I've spent 2 hours trying to block out the hacker but nothing seems to work.

Labels:
ACL_11-8-23.ZIP
0 Helpful
7 Replies 7

marce1000
VIP
VIP

‎12-05-2023 12:30 AM

 

                     - FYI : Community group for Packet Tracer project questions

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Georg Pauwen
VIP
VIP

‎12-05-2023 12:39 AM

Hello,

the devices are not accessible (locked). Post a file with unlocked devices (and provide the necessary passwords if applicable), or post the full running configuration (show run) of the router...

0 Helpful

TF2
Level 1
Level 1
In response to Georg Pauwen

‎12-05-2023 05:14 AM

Sadly, I can't unlock the devices

 

0 Helpful

Georg Pauwen
VIP
VIP
In response to TF2

‎12-05-2023 05:22 AM

Hello,

can you post the running config (sh run) of the router ?

0 Helpful

TF2
Level 1
Level 1
In response to Georg Pauwen

‎12-05-2023 06:25 AM

TF2_0-1701786271865.pngTF2_1-1701786298675.png

 

0 Helpful

matthew2587
Level 1
Level 1

‎12-05-2023 06:08 AM

Here is the acl I made, I was only able to get 75% completion, says something in acl 10 is wrong.

!

interface FastEthernet0/0

ip address 172.16.20.1 255.255.255.0

ip access-group 10 out

duplex auto

speed auto

!

interface Ethernet0/0/0

ip address 172.16.30.1 255.255.255.0

ip access-group 20 out

duplex auto

speed auto

!

access-list 10 deny host 172.16.10.15

access-list 10 deny host 172.16.10.6

access-list 10 deny host 172.16.10.11

access-list 10 permit host 172.16.10.5

access-list 10 permit host 172.16.10.10

access-list 20 deny host 172.16.10.15

access-list 20 permit any

!

cbradt
Level 1
Level 1

‎12-06-2023 02:22 PM

Your config has the desired effect.  To bad they don't give you access to a command line on the PC to test (which you should always do if at all possible).   I rebuilt the lab using your config and PCs that could ping and everything was as desired.  An alternate config on ACL 10 would be to permit the Pres & VP first then let the implicit deny stop everything else.

access-list 10 permit host 172.16.10.5
access-list 10 permit host 172.16.10.10
access-list 20 deny host 172.16.10.15
access-list 20 permit any

I tried that in your lab and it didn't like that either.  My assumption is 4th octet of the ip addresses is reflected in the hostname and that is how we built the ACLs.  However ... if you change ACL 20 to explicitly deny the Hacker and explicitly permit the other 4 addresses the Check Results fails both ACLs 10 and 20.  So my guess is that there is an error in the addresses set in the results check, probably the Pres or VP address.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card