On packet tracer I've been tasked with the following:
Create 3-line extended ACLs on PHX-RTR-1 named PHX-LAN-1, PHX-LAN-2, and PHX-LAN-3 to prevent IP source address spoofing on these LANs. Only allow traffic that has a source address from the LAN it comes from. Allow DHCP requests:
1. Allow the IP Range for the LAN
2. Allow BOOTPS
3. Deny all other traffic
the PHX-LAN-1 address range is 172.25.65.128/26
I made the following access-list (which is wrong)
Extended IP access list PHX-LAN-1
10 permit udp any any eq bootps
20 permit ip 172.25.65.128 0.0.0.63 any
30 deny ip any any
I'm not sure what I'm doing wrong. Would appreciate any help, thanks!