Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

November 15, 2020 by Admin

Which set of access control entries would allow all users on the 192.168.10.0/24 network to access a web server that is located at 172.17.80.1, but would not allow them to use Telnet?

  • access-list 103 deny tcp host 192.168.10.0 any eq 23
    access-list 103 permit tcp host 192.168.10.1 eq 80
  • access-list 103 permit 192.168.10.0 0.0.0.255 host 172.17.80.1
    access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq telnet​​
  • access-list 103 permit tcp 192.168.10.0 0.0.0.255 host 172.17.80.1 eq 80
    access-list 103 deny tcp ​192.168.10.0 0.0.0.255 any eq 23
  • access-list 103 permit tcp 192.168.10.0 0.0.0.255 any eq 80
    access-list 103 deny tcp 192.168.10.0 0.0.0.255 any eq 23
    Answers Explanation & Hints:

    For an extended ACL to meet these requirements the following need to be included in the access control entries:identification number in the range 100-199 or 2000-2699
    permit or deny parameter
    protocol
    source address and wildcard
    destination address and wildcard
    port number or name

For more question and answers:

Leave a Reply