Question 5:

(The answers were filled up by my professor, but he did not explain it step by step how he got that answer, it's just a straight answer with no explaination. I would appreciate it if you could explain to me how he got each answer. Thank you)

Given is the following network: R&D subnet freelancer subnet 172.17.4.0/24 172.16.2.0/24 D File server 172.17.3.1/24 172.17.1.0/24 etho eth2 eth3 R1 R2 etho Internet eth2 eth1 eth1 S1 Email Server 09 172.17.1.1/24 99 172.16.1.0/24 172.17.2.0/24 guests subnet HR subnet Configure the firewall on router R1. Configure the firewall according the following requirements (Be aware: the tables could contain more empty lines than are needed). a. Answers of an established connection should be allowed No. Protocol Source Action Destination IP IP Port Port 1 Established related lor gomething like that, Allow b. Guests 1. Should not be able to do anything in the company's network (No connection to any other subnet or server) 2. Should be able to visit internet web sides using http based on top. 2 No. Protocol Source Action Destination IP IP Port Port * 172.16.* * Deny? br 2 * 3 * bL TCP 172.16.1.* 172.16.1* 172.16. 1.* 172.47.* Deny proble Allow * 80 C. Freelancers 1. Should be able to initiate a connection to the Email server 2. Should not be able to do anything else in the company's network (No connection to any other subnet or server). 3. Should be able to visit the internet (using any service and protocol) No. Protocol Source Action Destination IP IP Port Port * Alou al5 CL b 7 318 * 177.17.1.1 172.16.* 172. 17.* *** X 172.16.2.* 172.16.2* 172 16.2.* 172.16.2.* on line Deng * Deng possible * * Alloch d. File Server, Email Server, Computers of the R&D subnet or HR subnet 1. Should not be able to initiate a connection to guests or freelancers 2. Should be able to visit the internet (using any service and protocol) No. Protocol Source Action Destination IP IP Port Port Di * 172,17.* * 172.16. X 3 10 Deg 172.17* & * * Alm. e. From outside 1. Email server is listening on port 25 for incoming emails. No. Protocol Source Destination Action IP Port IP Port *al * 172.07.1.1 25 Allow f. Anything else is not allowed No. Protocol Source Action Destination IP IP Port Port 12 X * * * Day (10 points)