Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

1. Write the ACL Control-R3 configuration on R3 (Using the outgoing direction) to implement the below policy: (8 marks) Permit all devices in IT-Admins zone

image text in transcribed

1. Write the ACL Control-R3 configuration on R3 (Using the outgoing direction) to implement the below policy: (8 marks) Permit all devices in IT-Admins zone (except for PC3) to access Intranet Server via FTP Deny all internal users from accessing the MLWSRV via HTTPS Permit all outgoing HTTPS for internal users Permit all devices in IT-Admins zone (except for PC3) to access any server via RDP

image text in transcribed

Consider the following topology diagram: IN-SERVER-Zone OUT-Zone 192.168.20.0/24 Intranet SERVER .254 -- Fa0/1 SO/0/2 209.165.200.224/27 .1 225 R2 50/0/0 S0/0/1 .2 ISP Internet .1 ML WRSTV 207.3.0.19 10.1.1.0/30 10.2.2.0/30 IN-LAB-Zone S0/0/0 .1 IN-STAFF-Zone 50/0/1 .2 Fa0/0 R1 Fa0/1 .1 Lab-1 Users Lab-2 Users 192.168.10.0/24 192.168.11.0/24 R3 Fa0/1 Fa0/1 Fa0/1 S1 Fa0/2 S2 Fa0/2 Fa0/1 IT Admins S3 Sales Users 192.168.30.0/24 192.168.40.0/24 Fa0/2 Fa0/3 PC1 PC3 PC4 PC2 .10 .10 .10 .10 1 . Objectives Review and configure ACLs on R1 and R3 Configure a zone-based policy (ZPF) firewall on R2. Configure IOS IPS on R1 A R3#sh access-lists 5 deny top host 192.168.30.10 host 192.168.20.254 any eq 21 10 permit top 192.168.30.0 0.0.0.255 host 192.168.20.254 any eq21 15 deny ton 192.168.0.0 0.0.255.255 host 207.3.0.19 eq 443 20 permit tcp192.168.0.0 0.0.255.255 any eq 443 30 deny top host 192.168.30.10 any eq 3389 35 permit ton any any eq 3389 R3#sh run int S/0/0/1 int S/0/0/1 ir address-10.2.2.2 255.255.255.252 in access-group Control-R3 out Consider the following topology diagram: IN-SERVER-Zone OUT-Zone 192.168.20.0/24 Intranet SERVER .254 -- Fa0/1 SO/0/2 209.165.200.224/27 .1 225 R2 50/0/0 S0/0/1 .2 ISP Internet .1 ML WRSTV 207.3.0.19 10.1.1.0/30 10.2.2.0/30 IN-LAB-Zone S0/0/0 .1 IN-STAFF-Zone 50/0/1 .2 Fa0/0 R1 Fa0/1 .1 Lab-1 Users Lab-2 Users 192.168.10.0/24 192.168.11.0/24 R3 Fa0/1 Fa0/1 Fa0/1 S1 Fa0/2 S2 Fa0/2 Fa0/1 IT Admins S3 Sales Users 192.168.30.0/24 192.168.40.0/24 Fa0/2 Fa0/3 PC1 PC3 PC4 PC2 .10 .10 .10 .10 1 . Objectives Review and configure ACLs on R1 and R3 Configure a zone-based policy (ZPF) firewall on R2. Configure IOS IPS on R1 A R3#sh access-lists 5 deny top host 192.168.30.10 host 192.168.20.254 any eq 21 10 permit top 192.168.30.0 0.0.0.255 host 192.168.20.254 any eq21 15 deny ton 192.168.0.0 0.0.255.255 host 207.3.0.19 eq 443 20 permit tcp192.168.0.0 0.0.255.255 any eq 443 30 deny top host 192.168.30.10 any eq 3389 35 permit ton any any eq 3389 R3#sh run int S/0/0/1 int S/0/0/1 ir address-10.2.2.2 255.255.255.252 in access-group Control-R3 out

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

More Books

Students also viewed these Databases questions