Diploma CCNA ACLs Project

ACL CONFIGURATION
REFERENCES
 https://en.wikipedia.org/wiki/Computer_network
 https://www.digitalocean.com/community/tutorials/an-introduction-to-networking-
terminology-interfaces-and-protocols
 https://www.ccnablog.com/acls-access-control-lists-part-i/
 https://www.udemy.com/cisco-packet-tracer-network-simulator/
 http://mucins.weebly.com/22-topology.html
 https://www.computernetworkingnotes.com/ccna-study-guide/cabling-cisco-devices-
guide.html
 http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfacls
.html, date of extraction: 12 August 2015.
 https://www.computernetworkingnotes.com/ccna-study-guide/access-control-list-explained-
with-examples.html
DVR & Dr.HS MIC College Of Technology Page 39

ACL CONFIGURATION
ANNEXURE-A
IN Router 0:
Router>en
Router#conf t
Router(config)#no ip domain-lookup
Router(config)#hostname Router0
Router0(config)#service password-encryption
Router0(config)#enable secret class
Router0(config)#line console 0
Router0(config-line)#password cisco
Router0(config-line)#login
Router0(config-line)#logging synchronous
Router0(config-line)#exit
Router0(config)#line vty 0 4
Router0(config)#banner motd $ UnAuthorized Access Is Prohibited $
Router0(config)#int g0/0
Router0(config-if)#ip address 192.168.1.225 255.255.255.240
Router0(config-if)#no shutdown
Router0(config-if)#int g0/1
Router0(config-if)#int s0/1/0

ACL CONFIGURATION
Router0(config-if)#router rip
Router0(config-router)#version 2
Router0(config-router)#network 192.168.1.0
Router0(config-router)#exit
Router0(config)#ip access-list standard 2
Router0(config-std-nacl)#deny host 192.168.1.226
Router0(config-std-nacl)#exit
Router0(config)#do sh ip access-list
Router0(config-if)#ip access-group 2 IN
Router0(config-if)#exit
Router0(config-if)#ip access-group 4 OUT
Router0(config)#exit
Router0#copy running-config startup-config

ACL CONFIGURATION
IN Router 1:
Router>en
Router#conf t
Router(config)#no ip domain-lookup
Router(config)#hostname Router1
Router1(config)#service password-encryption
Router1(config)#enable secret class
Router1(config)#line console 0
Router1(config-line)#logging synchronous
Router1(config)#line vty 0 4
Router1(config)#banner motd $ UnAuthorized Access Is Prohibited $
ACL CONFIGURATION
Router1(config-if)#int g0/1
Router1(config-if)#int s0/1/0
Router1(config-if)#router rip
Router1(config-router)#version 2
Router1(config-router)#network 192.168.1.0
Router1(config-router)#exit
Router1(config-std-nacl)#permit host 192.168.1.130
Router1(config)#int s0/1/0
Router1(config-if)#ip access-group 1 OUT

ACL CONFIGURATION
Router1(config-if)#ip access-group 3 IN
Router1(config)#exit
Router1#copy running-config startup-config
----------------------------------------------------
IN Switch 0:
Switch>en
Switch#conf t
Switch(config)#no ip domain-lookup
Switch(config)#hostname Switch0
Switch0(config)#service password-encryption
Switch0(config)#enable secret class
Switch0(config)#line console 0
Switch0(config-line)#password cisco
Switch0(config-line)#login

ACL CONFIGURATION
Switch0(config-line)#logging synchronous
Switch0(config-line)#exit
Switch0(config)#line vty 0 4
Switch0(config)#banner motd $ UnAuthorized Access Is Prohibited $
Switch0(config)#exit
Switch0#copy running-config startup-config
---------------------------------------------------
IN Switch 1:
Switch>en
Switch#conf t

ACL CONFIGURATION
---------------------------------------------------
IN SW 2:
Switch>en
Switch#conf t

ACL CONFIGURATION
IN SW 3:
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
----------------------------------------------------

ACL CONFIGURATION
ANNEXURE-B
IN Switch 0:
Switch0#sh running-config
Building configuration...
Current configuration : 1273 bytes
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
hostname Switch0
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
no ip domain-lookup
spanning-tree mode pvst

ACL CONFIGURATION
spanning-tree extend system-id
interface FastEthernet0/1

ACL CONFIGURATION

ACL CONFIGURATION
interface GigabitEthernet0/1
interface Vlan1
no ip address
shutdown
banner motd ^C UnAuthorized Access Is Prohibited ^C
line con 0
password 7 0822455D0A16
logging synchronous
login
line vty 0 4
login
line vty 5 15
login

ACL CONFIGURATION
end
-------------------------------------------------------
IN Switch 1:
version 12.2
hostname Switch1
no ip domain-lookup

ACL CONFIGURATION

ACL CONFIGURATION

ACL CONFIGURATION
interface Vlan1
no ip address
shutdown
line con 0
logging synchronous
login
line vty 0 4
login
line vty 5 15
login

ACL CONFIGURATION
end
-------------------------------------------------------
IN Switch 2:
version 12.2
hostname Switch2
no ip domain-lookup

ACL CONFIGURATION

ACL CONFIGURATION

ACL CONFIGURATION
interface Vlan1
no ip address
shutdown
line con 0
logging synchronous
login
line vty 0 4
login
line vty 5 15
login

ACL CONFIGURATION
end
-------------------------------------------------------
IN Switch 3:
version 12.2
hostname Switch3
no ip domain-lookup

ACL CONFIGURATION

ACL CONFIGURATION

ACL CONFIGURATION
interface Vlan1
no ip address
shutdown
line con 0
logging synchronous
login
line vty 0 4
login
line vty 5 15
login

ACL CONFIGURATION
end
-------------------------------------------------------
IN Router 0:
Router0#sh running-config
version 15.1
hostname Router0

ACL CONFIGURATION
no ip cef
no ipv6 cef
license udi pid CISCO1941/K9 sn FTX1524807Q-
no ip domain-lookup

ACL CONFIGURATION
ip address 192.168.1.225 255.255.255.240
ip access-group 2 in
ip access-group 4 out
duplex auto
speed auto
ip address 192.168.1.193 255.255.255.224
duplex auto
speed auto
interface Serial0/1/0
ip address 192.168.1.241 255.255.255.252
clock rate 2000000
no ip address
clock rate 2000000
shutdown
interface Vlan1
no ip address

ACL CONFIGURATION
shutdown
router rip
version 2
network 192.168.1.0
ip classless
ip flow-export version 9
access-list 2 deny host 192.168.1.226
line con 0
logging synchronous

ACL CONFIGURATION
login
line aux 0
line vty 0 4
login
end
-------------------------------------------------------
IN Router 1:
Router1#sh running-config
version 15.1
hostname Router1

ACL CONFIGURATION
no ip cef
no ipv6 cef
license udi pid CISCO1941/K9 sn FTX152402A8-

ACL CONFIGURATION
no ip domain-lookup
ip address 192.168.1.129 255.255.255.192
duplex auto
speed auto
ip address 192.168.1.1 255.255.255.128
ip access-group 3 in
duplex auto
speed auto
ip address 192.168.1.242 255.255.255.252
ip access-group 1 out

ACL CONFIGURATION
no ip address
clock rate 2000000
shutdown
interface Vlan1
no ip address
shutdown
router rip
version 2
network 192.168.1.0
ip classless
ip flow-export version 9
access-list 1 permit host 192.168.1.130

ACL CONFIGURATION
line con 0
logging synchronous
login
line aux 0
line vty 0 4
login
end

Diploma CCNA ACLs Project

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Diploma CCNA ACLs Project

Uploaded by

Copyright:

Available Formats

ACL CONFIGURATION

DVR & Dr.HS MIC College Of Technology Page 39

Router0(config)#enable secret class

Router0(config)#banner motd $ UnAuthorized Access Is Prohibited $

Router0(config-if)#ip address 192.168.1.225 255.255.255.240

Router0(config-if)#ip address 192.168.1.193 255.255.255.224

Router0(config-if)#ip address 192.168.1.241 255.255.255.252

DVR & Dr.HS MIC College Of Technology Page 40

Router0(config)#ip access-list standard 2

Router0(config-std-nacl)#deny host 192.168.1.226

Router0(config-std-nacl)#deny host 192.168.1.227

Router0(config)#ip access-list standard 4

Router0(config-std-nacl)#deny host 192.168.1.194

Router0(config-std-nacl)#deny host 192.168.1.195

Router0(config-if)#ip access-group 4 OUT

Router0#copy running-config startup-config

DVR & Dr.HS MIC College Of Technology Page 41

Router1(config)#enable secret class

Router1(config)#banner motd $ UnAuthorized Access Is Prohibited $

Router1(config-if)#ip address 192.168.1.129 255.255.255.192

Router1(config-if)#ip address 192.168.1.1 255.255.255.128

Router1(config-if)#ip address 192.168.1.242 255.255.255.252

Router1(config)#ip access-list standard 1

Router1(config-std-nacl)#deny host 192.168.1.131

Router1(config-std-nacl)#deny host 192.168.1.2

Router1(config-std-nacl)#deny host 192.168.1.3

Router1(config-std-nacl)#permit host 192.168.1.130

Router1(config-if)#ip access-group 1 OUT

DVR & Dr.HS MIC College Of Technology Page 43

Router1(config)#ip access-list standard 3

Router1(config-std-nacl)#deny host 192.168.1.2

Router1(config-std-nacl)#deny host 192.168.1.3

Router1#copy running-config startup-config

Switch0(config)#enable secret class

DVR & Dr.HS MIC College Of Technology Page 44

Switch0(config)#banner motd $ UnAuthorized Access Is Prohibited $

Switch0#copy running-config startup-config

Switch1(config)#enable secret class

DVR & Dr.HS MIC College Of Technology Page 45

Switch1(config)#banner motd $ UnAuthorized Access Is Prohibited $

Switch1#copy running-config startup-config

Switch2(config)#enable secret class

Switch2(config)#banner motd $ UnAuthorized Access Is Prohibited $

Switch2#copy running-config startup-config

DVR & Dr.HS MIC College Of Technology Page 46

Enter configuration commands, one per line. End with CNTL/Z.

Switch3(config)#enable secret class

Switch3(config)#banner motd $ UnAuthorized Access Is Prohibited $

Switch3#copy running-config startup-config

DVR & Dr.HS MIC College Of Technology Page 47

Current configuration : 1273 bytes

no service timestamps log datetime msec

no service timestamps debug datetime msec

enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

spanning-tree mode pvst

DVR & Dr.HS MIC College Of Technology Page 48

spanning-tree extend system-id

DVR & Dr.HS MIC College Of Technology Page 49

DVR & Dr.HS MIC College Of Technology Page 50

banner motd ^C UnAuthorized Access Is Prohibited ^C

DVR & Dr.HS MIC College Of Technology Page 51

Current configuration : 1273 bytes

no service timestamps log datetime msec