E-Lab 11.2.2e - Extended ACL
Configure an extended access list for the local router Abuja.
Step 1
Activate privileged EXEC mode.
Step 2
Enter global configuration mode.
Step 3.1
Create an extended access-list, 101, that prevents local requests for ftp traffic from 192.168.12.0 to anywhere other than 192.168.11.0, but permits all other traffic.
A CCNA student suggests that one way to do this is to block all ftp traffic requests from leaving Abuja through the serial interface.
Configure this list.
Step 3.2
Add a line to the access list so that any other traffic can pass through the interface.
Step 4
Now enter interface config mode for Serial 0/0 to apply the access-list.
Step 5
Apply access-list 101 to the serial interface such that filtering occurs on outbound traffic.
Step 6
Type end to exit the configuration session.
Step 7
Type show access-lists to view the access-list that was created.
Step 8
View the ip interface information for serial 0/0 to verify that the list is being applied.
Where else might this access list be placed?
Write out the appropriate IOS command.