freedomknight
28-10-2007, 01:33
السلام عليكم rule:rule:rule:
لو سمحتم مساعدة في Access-List قبل الامتحان هناك سؤالين في TestKing شكيت في صحتهم
You are the administrator of the TestKing network which is composed of three
routers connected together via a WAN as shown in the diagram. Your assignment is
to configure and apply an access control list that will block telnet access to the
TestKing1 router without inhibiting all other traffic. The access list won't need
more then 3 statements and it should be applied to the TestKing3 router. The three
routers are already connected and configured as follows:
* The routers are named: TestKing1, TestKing2, and TestKing3 respectively.
* All three of them are using RIP as the routing protocol.
* The serial 0 interfaces are providing clocking.
* The default subnet mask is used on every interface.
* The IP addresses and passwords are listed below.
TestKing1
E0 192.168.1.1
S0 192.168.118.1
Secret password: testking
TestKing2
E0 192.168.121.1
S0 192.168.5.1
S1 192.168.118.2
Secret password: testking
TestKing3
E0 192.168.134.1
S1 192.168.5.2
Answer:
Explanation:
TestKing3>enable
:password
TestKing3#show access-lists (** redundant **)
TestKing3#config t
.Enter configuration commands, one per line. End with END
TestKing3(config)#access-list 101 deny tcp any 192.168.1.1 0.0.0.0 eq 23
TestKing3(config)#access-list 101 deny tcp any 192.168.118.0 0.0.0.0 eq 23
TestKing3(config)#access-list 101 permit ip any any
TestKing3(config)#interface Ethernet 0
TestKing3(config-if)#ip access-group 101 in
TestKing3(config-if)#exit
TestKing3(config)#interface serial 0
TestKing3(config-if)#ip access-group 101 in
TestKing3(config-if)#<CTRL-Z
..
TestKing3#copy running-config startup-config
الشكل مرفق
ياشباب مابتعتقدوا أنه في خطأ بـ access-list تحديداً access-list 101 deny tcp any 192.168.118.0 0.0.0.0 eq 23
ويجب أن يكون بدلها access-list 101 deny tcp any 192.168.118.1 0.0.0.0 eq 23
You work as a network engineer at TestKing.com. Three TestKing stores have
established network connectivity. The routers are named TestKing1, TestKing2,
and TestKing3. The manager at the TestKing site, Tess King, has decided to deny
the ability of anyone from any other network to connect to the TestKing3 router
with the ping command. Implement an access list on the TestKing3 router to deny
this detection but allow all other types of traffic to pass. The access list should
contain no more than three statements. The routers have been configured with the
following specifications:
* The routers are named TestKing1, TestKing2, and TestKing3.
* RIP is the routing protocol.
* Clocking signal is provided on the serial 0 interfaces.
* The password on each router is "testking".
* The subnet mask on all interfaces is the default mask.
* The IP addresses are listed in the chart below.
TestKing1
E0 192.168.49.1
S0 192.168.51.1.
TestKing2
E0 192.168.53.1
S0 192.168.55.1
S1 192.168.51.2
TestKing3
E0 192.168.57.1
S1 192.168.55.2
Answer:
Click on Host 6 to connect to and configure TestKing3.
configure terminal
access-list 101 deny icmp any 192.168.57.1 0.0.0.0
access-list 101 deny icmp any 192.168.55.2 0.0.0.0
access-list 101 permit ip any any
Interface s1
Ip access-group 101 in
interface ethernet0
ip access-group 101 out
ctrl z
copy running-config startup-config
الشكل مرفق
ياشباب مابتعتقدوا أنه في خطأ بـ interface ethernet0
ip access-group 101 out
ويجب أن يكون بدلها interface ethernet0
ip access-group 101 in
الرجاء من الذي يعرف اخطاء في تست كنج 114 يخبرني فوراً
وجزاكم الله خيراً
لو سمحتم مساعدة في Access-List قبل الامتحان هناك سؤالين في TestKing شكيت في صحتهم
You are the administrator of the TestKing network which is composed of three
routers connected together via a WAN as shown in the diagram. Your assignment is
to configure and apply an access control list that will block telnet access to the
TestKing1 router without inhibiting all other traffic. The access list won't need
more then 3 statements and it should be applied to the TestKing3 router. The three
routers are already connected and configured as follows:
* The routers are named: TestKing1, TestKing2, and TestKing3 respectively.
* All three of them are using RIP as the routing protocol.
* The serial 0 interfaces are providing clocking.
* The default subnet mask is used on every interface.
* The IP addresses and passwords are listed below.
TestKing1
E0 192.168.1.1
S0 192.168.118.1
Secret password: testking
TestKing2
E0 192.168.121.1
S0 192.168.5.1
S1 192.168.118.2
Secret password: testking
TestKing3
E0 192.168.134.1
S1 192.168.5.2
Answer:
Explanation:
TestKing3>enable
:password
TestKing3#show access-lists (** redundant **)
TestKing3#config t
.Enter configuration commands, one per line. End with END
TestKing3(config)#access-list 101 deny tcp any 192.168.1.1 0.0.0.0 eq 23
TestKing3(config)#access-list 101 deny tcp any 192.168.118.0 0.0.0.0 eq 23
TestKing3(config)#access-list 101 permit ip any any
TestKing3(config)#interface Ethernet 0
TestKing3(config-if)#ip access-group 101 in
TestKing3(config-if)#exit
TestKing3(config)#interface serial 0
TestKing3(config-if)#ip access-group 101 in
TestKing3(config-if)#<CTRL-Z
..
TestKing3#copy running-config startup-config
الشكل مرفق
ياشباب مابتعتقدوا أنه في خطأ بـ access-list تحديداً access-list 101 deny tcp any 192.168.118.0 0.0.0.0 eq 23
ويجب أن يكون بدلها access-list 101 deny tcp any 192.168.118.1 0.0.0.0 eq 23
You work as a network engineer at TestKing.com. Three TestKing stores have
established network connectivity. The routers are named TestKing1, TestKing2,
and TestKing3. The manager at the TestKing site, Tess King, has decided to deny
the ability of anyone from any other network to connect to the TestKing3 router
with the ping command. Implement an access list on the TestKing3 router to deny
this detection but allow all other types of traffic to pass. The access list should
contain no more than three statements. The routers have been configured with the
following specifications:
* The routers are named TestKing1, TestKing2, and TestKing3.
* RIP is the routing protocol.
* Clocking signal is provided on the serial 0 interfaces.
* The password on each router is "testking".
* The subnet mask on all interfaces is the default mask.
* The IP addresses are listed in the chart below.
TestKing1
E0 192.168.49.1
S0 192.168.51.1.
TestKing2
E0 192.168.53.1
S0 192.168.55.1
S1 192.168.51.2
TestKing3
E0 192.168.57.1
S1 192.168.55.2
Answer:
Click on Host 6 to connect to and configure TestKing3.
configure terminal
access-list 101 deny icmp any 192.168.57.1 0.0.0.0
access-list 101 deny icmp any 192.168.55.2 0.0.0.0
access-list 101 permit ip any any
Interface s1
Ip access-group 101 in
interface ethernet0
ip access-group 101 out
ctrl z
copy running-config startup-config
الشكل مرفق
ياشباب مابتعتقدوا أنه في خطأ بـ interface ethernet0
ip access-group 101 out
ويجب أن يكون بدلها interface ethernet0
ip access-group 101 in
الرجاء من الذي يعرف اخطاء في تست كنج 114 يخبرني فوراً
وجزاكم الله خيراً