Professional Documents
Culture Documents
1.
Permitir el acceso al host .100 al servicio http y
denegar el resto de servicios para este host.
Router RB
Configure terminal
access-list 101 permit tcp 186.33.0.25 0.0.0.0 186.33.0.100 0.0.0.0 eq 80
access-list 101 deny ip 186.33.0.24 0.0.0.0 186.33.0.100 0.0.0.0
access-list 101 deny ip 186.33.0.23 0.0.0.0 186.33.0.100 0.0.0.0
access-list 101 deny ip 186.33.0.22 0.0.0.0 186.33.0.100 0.0.0.0
access-list 101 deny ip 186.33.0.21 0.0.0.0 186.33.0.100 0.0.0.0
access-list 101 deny ip 186.33.0.64 0.0.0.31 186.33.0.100 0.0.0.0
access-list 101 permit ip any any
interface Gig0/0
ip access-group 101 out
2.- Permitir el acceso a todo los servicios al host .135
excepto a los servicios red/26 que al servidor POP3 lo utilice
como descarga y a SMTP2 para envi.
Router RC
no access-list 120 permit ip any any
access-list 101 permit tcp 186.33.0.101 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 permit tcp 186.33.0.23 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 deny ip 186.33.0.25 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 deny ip 186.33.0.26 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 deny ip 186.33.0.24 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 deny ip 186.33.0.21 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 deny ip 186.33.0.20 0.0.0.0 186.33.0.135 0.0.0.0
access-list 101 permit ip any any
interface Gig0/1
ip access-group 101 out
GRUPO2
2.
Al host .20 denegar el servicio de vpn y permitir el acceso al resto de
la red.
ROUTER RC
access-list 101 deny ip 186.33.0.161 0.0.0.0 186.33.0.20 0.0.0.0
access-list 101 deny ip 186.33.0.71 0.0.0.0 186.33.0.20 0.0.0.0
access-list 101 deny ip 0.0.0.0 0.0.0.0 186.33.0.20 0.0.0.0
access-list 101 permit ip any any
interface Gig0/0
ip access-group 101 out
3.
A la Pc .100 Permitir el acceso al servidor vpn y
denegar el acceso al resto de la red.
ROUTER RB
no access-list 101 permit ip any any
interface Gig0/0
no ip access-group 101 out
access-list
access-list
access-list
access-list
101
101
101
101
GRUPO # 3
SENTENCIAS GRUPO #7
12.
Denegar el acceso de la PC2 (cualquier ip valida) al
servidor FTP y permitir a los dems host de la red acceder al mismo
ROUTER RA
access-list 101 deny ip 186.33.0.21 0.0.0.0 186.33.0.69 0.0.0.0
access-list 101 permit ip any any
interface Fa0/0
ip access-group 101 out
13.
Permitir que el host .100 tenga acceso al servidor FTP y
no tenga acceso a los dems servicios.
Router RB*
Configure terminal
access-list 101 permit ip 186.33.0.21 0.0.0.0 186.33.0.100 0.0.0.0
access-list 101 permit ip any any
interface Gig0/0
ip access-group 101 out