You are on page 1of 3

Lab Test 2: Access Control Lists

Muhammad Muizzuddin Bin Zainol Abidin, 51213215271

Universiti Kuala Lumpur British Malaysian Institute (UniKL-BMI), Batu 8, Sungai Pusu, 53100 Kuala Lumpur.

Abstract This Lab presents the review of designing a network by

utilizing Access Control Lists for system network. This
incorporates about how to design standard ACLs, configure
extended ACLs and how to verify ACLs by utilizing packet tracer.
Through this lab, the simulation of the system network is exhibited
and the aftereffects of all part in this lab was effectively gotten.

Access Control Lists are used to control traffic into and
out of your network based on given criteria. ACL consists of
a sequence of permit or deny statements that apply to network
layer or upper layer protocols. Most often Access Control
Lists are used for security reasons to filter traffic. Access lists
are applied per interface as inbound ACL and outbound ACL.
Inbound ACL where packets are processed before they are
routed while outbound ACL where packets are routed to
outbound interface and then processed by ACL.

ACLs do not also act on packets that were originated from

Figure 2.1 Network Design
the router itself. At the end of every access list is an implicit
deny any statement. Therefore, if a packet doesnt match
any of the ACL statements, it is automatically denied or For Task 1 in this lab test, all devices should be
dropped. configured, for example, configure the router hostname, IP
address and password for an encrypted privileged EXEC,
In ACLs, there can be of two types which are standard console and VTY lines for each of the routers.
and extended. Standard ACLs enable you to permit or deny After that, a message banner need to be configured as
traffic from source IP addresses. The destination of the well. This message will pop-up when router is started. This is
packet and the port doesnt matter. But in extended ACLs, also known as the basic configuration for all routers. In this
there are more advanced and IP packets are filtered based on design, OSPF is utilized with handle ID "1" on all router for
several criteria, for example, protocol type, source or all networks in request to interface all IP connectivity
destination IP address, source or destination of TCP or UDP successfully by utilizing the Ping command.
ports. Both ACLs types can be Numbered or Named. In Next, for task 2, R1 and R3 must be configured with
table below shows what numbers are used for both IP ACLs standard ACLs. The standard ACLs have been configured
types. with standard name ACLs configuration which have been
applied on the R1 and R3 vty lines. The ACLs must permit
Table 1: Number Used by ACLs hosts connected directly to their Fast Ethernet subnets to gain
Telnet access and explicitly deny all other connection
Standard ACLs 1 to 99 1300 to 1999 attempts. All the standard ACLs that have been configured
Extended ACLs 100 to 199 2000 to 2699 need to be named with VTY Local and applied to all telnet

In this lab test, a network needed to be configured. By
using Cisco Packet Tracer, the simulation of the network was
conducted and the network design is as shown as shown in a
figure below
Figure 2.2: Command to Configure Standard Named ACLs
The above figure shows that the command that was used to
make or arrange named ACLs which just allowing has that
had connected directly to their Fast Ethernet which for R1 and for R3 taken after by their wildcard

The propagation


We assume a

This section presents the results that have been obtained
from the