Beruflich Dokumente
Kultur Dokumente
10.0.0.1/8
S0
HYD
1.2
S1
10.0.0.2/8
1.3
LAN - 192.168.1.0/24
is
isdone
doneClosest
Closest
to
tothe
the
11.0.0.1/8
S0
E0
192.168.1.150/24
1.1
Creation
Creationand
and
Implementation
Implementation
2.1
CHE
Destination.
Destination.
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
1.1
1.1 &
& 1.2
1.2 should
should not
not communicate
communicate with
with 2.0
2.0 network
network
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
1.1
1.1 is
is accessing
accessing 2.1
2.1
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
1.1
Source IP
192.168.1.1
2.1
Destination IP
192.168.2.1
1.1
Source IP
192.168.1.1
2.1
Destination IP
192.168.2.1
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
1.3
1.3 is
is accessing
accessing 2.1
2.1
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
1.1
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
1.1
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
1.1
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
10
1.1
Source IP
192.168.1.1
192.168.1.3
2.1
Destination IP
192.168.2.1
11
10.0.0.1/8
S0
HYD
1.2
S1
10.0.0.2/8
1.3
LAN - 192.168.1.0/24
is
isdone
doneClosest
Closest
to
tothe
the
11.0.0.1/8
S0
E0
192.168.1.150/24
1.1
Creation
Creationand
and
Implementation
Implementation
2.1
CHE
Destination.
Destination.
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
1.1
1.1 &
& 3.0
3.0 should
should not
not communicate
communicate with
with 2.0
2.0 network
network
12
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
1.1
1.1 is
is accessing
accessing 2.1
2.1
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
13
1.1
Source IP
192.168.1.1
2.1
Destination IP
192.168.2.1
14
1.1
Source IP
192.168.1.1
2.1
Destination IP
192.168.2.1
15
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
1.3
1.3 is
is accessing
accessing 2.1
2.1
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
16
1.3
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
17
1.3
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
18
1.3
Source IP
192.168.1.3
2.1
Destination IP
192.168.2.1
19
1.3
Source IP
192.168.1.1
192.168.1.3
2.1
Destination IP
192.168.2.1
20
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
3.1 is
is accessing
accessing 2.1
2.1
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
21
3.1
Source IP
192.168.3.1
2.1
Destination IP
192.168.2.1
22
3.1
Source IP
192.168.3.1
2.1
Destination IP
192.168.2.1
23
3.1
Source IP
192.168.3.1
2.1
Destination IP
192.168.2.1
24
HYD
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
is
isdone
doneClosest
Closest
to
tothe
theSource.
Source.
11.0.0.1/8
S0
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
2.0
2.0 should
should not
not access
access with
with 3.1
3.1 (Web
(Web Service)
Service)
25
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
2.1
2.1 is
is accessing
accessing 3.1
3.1 -- Web
Web Service
Service
26
2.1
Source IP
192.168.2.1
Destination IP
192.168.3.1
Port - 80
3.1
27
2.1
Source IP
192.168.2.1
Destination IP
192.168.3.1
Port - 80
3.1
28
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
2.1
2.1 is
is accessing
accessing 3.1
3.1 Telnet
Telnet Service
Service
29
2.1
Source IP
192.168.2.1
Destination IP
192.168.3.1
Port - 23
3.1
30
2.1
Source IP
192.168.2.1
Destination IP
192.168.3.1
Port - 23
3.1
31
2.1
Source IP
192.168.1.1
192.168.2.1
Destination IP
192.168.3.1
Port - 23
3.1
32
10.0.0.1/8
S0
HYD
11.0.0.1/8
S0
S1
10.0.0.2/8
E0
192.168.1.150/24
1.1
1.2
1.3
LAN - 192.168.1.0/24
2.1
CHE
S1
11.0.0.2/8
E0
192.168.2.150/24
2.2
2.3
LAN - 192.168.2.0/24
3.1
BAN
E0
192.168.3.150/2
3.2
3.3
LAN - 192.168.3.0/24
2.1
2.1 is
is accessing
accessing 1.1
1.1 -- Web
Web Service
Service
33
2.1
Source IP
192.168.2.1
Destination IP
192.168.1.1
192.168.1.1
Port - 80
1.1
34
2.1
Source IP
192.168.2.1
Destination IP
192.168.1.1
Port - 80
1.1
35
2.1
Source IP
192.168.1.1
192.168.2.1
Destination IP
192.168.1.1
Port - 80
1.1
36
37
Creation
Creationof
ofStandard
StandardNamed
NamedAccess
AccessList
List
Router(config)#
Router(config)#ip
ipaccess-list
access-liststandard
standard<name>
<name>
Router(config-std-nacl)#
Router(config-std-nacl)#<permit/deny>
<permit/deny><source
<sourceaddress>
address>
<source
<sourcewildcard
wildcardmask>
mask>
Implementation
Implementationof
ofStandard
StandardNamed
NamedAccess
AccessList
List
Router(config)#interface
Router(config)#interface<interface
<interfacetype><interface
type><interfaceno>
no>
Router(config-if)#ip
Router(config-if)#ipaccess-group
access-group<name>
<name><out/in>
<out/in>
38
Creation
Creationof
ofExtended
ExtendedNamed
NamedAccess
AccessList
List
Router(config)#
Router(config)#ip
ipaccess-list
access-listextended
extended<name>
<name>
Router(config-ext-nacl)#
Router(config-ext-nacl)#<permit/deny>
<permit/deny><protocol>
<protocol>
<source
<sourceaddress>
address><source
<sourcewildcard
wildcardmask>
mask><destination
<destination
address>
address><
<destination
destinationwildcard
wildcardmask>
mask><operator>
<operator>
<service>
<service>
Implementation
Implementationof
ofExtended
ExtendedNamed
NamedAccess
AccessList
List
Router(config)#interface
Router(config)#interface<interface
<interfacetype><interface
type><interfaceno>
no>
Router(config-if)#ip
Router(config-if)#ipaccess-group
access-group<name>
<name><out/in>
<out/in>
39
40
41
42
43
44
45
46
Chennai#
47
IP access list 5
192.168.1.1
192.168.3.0
any
48
Chennai#
49
50
51
52
Chennai#
53