7.2.1.7 Packet Tracer – Configuring Named Standard IPv4 ACLs (Instructor Version)
Instructor Note: Red font color or Gray highlights indicate text that appears in the Answer copy only.
Topology
Addressing Table
Objectives
- Part 1: Configure and Apply a Named Standard ACL
- Part 2: Verify the ACL Implementation
Background / Scenario
The senior network administrator has tasked you to create a standard named ACL to prevent access to a file server. All clients from one network and one specific workstation from a different network should be denied access.
Part 1: Configure and Apply a Named Standard ACL
Step 1: Verify connectivity before the ACL is configured and applied.
All three workstations should be able to ping both the Web Server and File Server.
Step 2: Configure a named standard ACL.
Configure the following named ACL on R1.
R1(config)# ip access-list standard File_Server_Restrictions R1(config-std-nacl)# permit host 192.168.20.4 R1(config-std-nacl)# deny any
Note: For scoring purposes, the ACL name is case-sensitive.
Step 3: Apply the named ACL.
a. Apply the ACL outbound on the interface Fast Ethernet 0/1.
R1(config-if)# ip access-group File_Server_Restrictions out
b. Save the configuration.
Part 2: Verify the ACL Implementation
Step 1: Verify the ACL configuration and application to the interface.
Use the show access-lists command to verify the ACL configuration. Use the show run or show ip interface fastethernet 0/1 command to verify that the ACL is applied correctly to the interface.
Step 2: Verify that the ACL is working properly.
All three workstations should be able to ping the Web Server, but only PC1 should be able to ping the File Server.
