Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1. Write the ACL Control-R3 configuration on R3 (Using the outgoing direction) to implement the below policy: (8 marks) Permit all devices in IT-Admins zone
1. Write the ACL Control-R3 configuration on R3 (Using the outgoing direction) to implement the below policy: (8 marks) Permit all devices in IT-Admins zone (except for PC3) to access Intranet Server via FTP Deny all internal users from accessing the MLWSRV via HTTPS Permit all outgoing HTTPS for internal users Permit all devices in IT-Admins zone (except for PC3) to access any server via RDP
Consider the following topology diagram: IN-SERVER-Zone OUT-Zone 192.168.20.0/24 Intranet SERVER .254 -- Fa0/1 SO/0/2 209.165.200.224/27 .1 225 R2 50/0/0 S0/0/1 .2 ISP Internet .1 ML WRSTV 207.3.0.19 10.1.1.0/30 10.2.2.0/30 IN-LAB-Zone S0/0/0 .1 IN-STAFF-Zone 50/0/1 .2 Fa0/0 R1 Fa0/1 .1 Lab-1 Users Lab-2 Users 192.168.10.0/24 192.168.11.0/24 R3 Fa0/1 Fa0/1 Fa0/1 S1 Fa0/2 S2 Fa0/2 Fa0/1 IT Admins S3 Sales Users 192.168.30.0/24 192.168.40.0/24 Fa0/2 Fa0/3 PC1 PC3 PC4 PC2 .10 .10 .10 .10 1 . Objectives Review and configure ACLs on R1 and R3 Configure a zone-based policy (ZPF) firewall on R2. Configure IOS IPS on R1 A R3#sh access-lists 5 deny top host 192.168.30.10 host 192.168.20.254 any eq 21 10 permit top 192.168.30.0 0.0.0.255 host 192.168.20.254 any eq21 15 deny ton 192.168.0.0 0.0.255.255 host 207.3.0.19 eq 443 20 permit tcp192.168.0.0 0.0.255.255 any eq 443 30 deny top host 192.168.30.10 any eq 3389 35 permit ton any any eq 3389 R3#sh run int S/0/0/1 int S/0/0/1 ir address-10.2.2.2 255.255.255.252 in access-group Control-R3 out Consider the following topology diagram: IN-SERVER-Zone OUT-Zone 192.168.20.0/24 Intranet SERVER .254 -- Fa0/1 SO/0/2 209.165.200.224/27 .1 225 R2 50/0/0 S0/0/1 .2 ISP Internet .1 ML WRSTV 207.3.0.19 10.1.1.0/30 10.2.2.0/30 IN-LAB-Zone S0/0/0 .1 IN-STAFF-Zone 50/0/1 .2 Fa0/0 R1 Fa0/1 .1 Lab-1 Users Lab-2 Users 192.168.10.0/24 192.168.11.0/24 R3 Fa0/1 Fa0/1 Fa0/1 S1 Fa0/2 S2 Fa0/2 Fa0/1 IT Admins S3 Sales Users 192.168.30.0/24 192.168.40.0/24 Fa0/2 Fa0/3 PC1 PC3 PC4 PC2 .10 .10 .10 .10 1 . Objectives Review and configure ACLs on R1 and R3 Configure a zone-based policy (ZPF) firewall on R2. Configure IOS IPS on R1 A R3#sh access-lists 5 deny top host 192.168.30.10 host 192.168.20.254 any eq 21 10 permit top 192.168.30.0 0.0.0.255 host 192.168.20.254 any eq21 15 deny ton 192.168.0.0 0.0.255.255 host 207.3.0.19 eq 443 20 permit tcp192.168.0.0 0.0.255.255 any eq 443 30 deny top host 192.168.30.10 any eq 3389 35 permit ton any any eq 3389 R3#sh run int S/0/0/1 int S/0/0/1 ir address-10.2.2.2 255.255.255.252 in access-group Control-R3 out
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started