PricingBlogAbout Us

Cisco Network Security: Implementing ACLs for Network Protection

Verified

Added on  2019/09/21

|4
|602
|492
Homework Assignment
AI Summary
This assignment solution focuses on securing networks by implementing Access Control Lists (ACLs) on Cisco routers. The solution covers various scenarios, including controlling access to the internet and public backbone, securing Australian, Southeast Asian, and European LANs. The ACL configurations are provided for Sydney, Adelaide, Brisbane, Singapore, Zurich, and London routers. These configurations involve permitting and denying specific TCP and UDP traffic based on source and destination IP addresses, ports (HTTP, HTTPS, SSH, FTP, Telnet, and database ports), and network segments. The solution aims to restrict unauthorized access, filter network traffic, and protect sensitive services by applying ACLs in both inbound and outbound directions on various interfaces.
Document Page
SECURITY BY APPLYING ACLS
A. ACCESS TO INTERNET AND PUBLIC BACKBONE
1) AND 2)
access list 101 permit tcp any host 160.168.35.129 eq http
access list 101 permit tcp any host 160.168.35.129 eq https
access list 101 deny any any
interface serial S0/0
ip access group 101 in
3)
access list 100 permit tcp 160.168.0.0 0.0.255.255 any eq http
access list 100 permit tcp 160.168.0.0 0.0.255.255 any eq https
access list 100 permit tcp 160.168.0.0 0.0.255.255 any established
access list 100 deny ip 160.168.0.0 0.0.255.255
interface serial S0/0
ip access group 100 out
B. THE AUSTRALIAN LANS
4) SYDNEY ROUTER
access list 105 permit ip 160.168.16.0 0.0.0.255 160.168.35.129
access list 105 deny any any
interface Ethernet E1/0
ip access group 105 in
Adelaide ROUTER
access list 105 permit ip 160.168.35 0.0.0.255 160.168.35.129
access list 105 deny any any
interface Ethernet E1/0
ip access group 105 in
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Brisbane router
access list 105 permit ip 160.168.24.0 0.0.0.255 160.168.35.129
access list 105 deny any any
interface Ethernet E1/0
ip access group 105 in
5) SYDNEY ROUTER
access list 106 permit ip 160.168.16.0 0.0.0.255 160.168.35 0.0.0.255
access list 106 permit ip 160.168.16.0 0.0.0.255 160.168.24.0 0.0.0.255
access-list 106 deny ping any any
interface serial S0/1
ip access group 106 out
interface serial S0/2
ip access group 106 out
Adelaide ROUTER
access list 106 permit ip 160.168.35 0.0.0.255 160.168.16.0 0.0.0.25
access-list 106 deny ping any any
interface serial S0/0
ip access group 106 out
Brisbane router
access list 106 permit ip 160.168.24.0 0.0.0.255 160.168.16.0 0.0.0.255
access-list 106 deny ping any any
interface serial S0/0
ip access group 106 out
6) SYDNEY ROUTER
access list 107 permit tcp 160.168.16.0 0.0.0.255 160.168.35.149 eq ssh
access list 107 permit tcp 160.168.16.0 0.0.0.255 160.168.35.136 eq
1433
access list 107 deny any any
Document Page
interface serial S0/0
ip access group 07 out
ADELAIDE ROUTER
access list 107 permit tcp 160.168.35 0.0.0.255 160.168.35.149 eq ssh
access list 107 deny any any
interface serial S0/0
ip access group 107 out
BRISBANE ROUTER
access list 107 permit tcp 160.168.24.0 0.0.0.255 160.168.35.149 eq ssh
access list 107 deny any any
interface serial S0/0
ip access group 107 out
C THE SOUTH EAST ASIAN LANS
7). SINGAPORE ROUTER
access list 103 permit tcp 160.168.28.0 0.0.0.255 host 160.168.35.129 eq
http
access list 103 permit tcp 160.168.28.0 0.0.0.255 host 160.168.35.129
eq https
access list 103 permit tcp 160.168.28.0 0.0.0.255 host 160.168.35.129
eq 53
access list 103 deny ip 160.168.28.0 0.0.0.255 host 160.168.35.129
access list 103 permit udp 160.168.28.0 0.0.0.255 host 160.168.35.129
eq 53
access list 103 deny tcp 160.168.28.0 0.0.0.255 160.168.35.128 eq 23
access list 103 deny tcp 160.168.28.0 0.0.0.255 160.168.35.128 eq 21
access list 103 deny tcp 160.168.28.0 0.0.0.255 160.168.35.128 eq 21
access list 103 permit ip 160.168.28.0 0.0.0.255 160.168.35.128
interface Ethernet E1/0
ip access group 103 in

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
8) SINGAPORE ROUTER
access list 102 permit tcp 160.168.28.0 0.0.0.255 160.168.35.136
access list 102 permit tcp 160.168.28.0 0.0.0.255 160.168.35.149
access list 102 deny tcp 160.168.28.0 0.0.0.255 160.168.35.136 eq ftp
access list 102 deny tcp 160.168.28.0 0.0.0.255 160.168.35.136 eq telnet
access list 102 deny tcp 160.168.28.0 0.0.0.255 160.168.35.149 eq ftp
access list 102 deny tcp 160.168.28.0 0.0.0.255 160.168.35.149 eq telnet
interface Ethernet E1/0
ip access group 102 in
D) European lans
9. ZURICH LAN
access list 104 permit tcp 160.168.0.0 0.0.255.255 host 160.168.35.136
eq 1433
access list 104 deny ip 160.168.0.0 0.0.255.255 any
interface Ethernet E1/0
ip access group 104 in
LONDON LAN
access list 104 permit tcp 160.168.32.0 0.0.0.255 host 160.168.35.136
eq 1433
access list 104 deny ip 160.168.32.0 0.0.0.255 any
interface Ethernet E1/0
ip access group 104 in
chevron_up_icon
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.