Refer to the exhibit and the following configuration. ACL 10, configured on R1, is designed to deny the host at 192.168.10.10 access to the 192.168.11.0 network, but all other hosts on the 192.168.10.0 network should be permitted access. However, the ACL does not accomplish this. Which changes would correct this problem?

Oct 30, 2023 Last Updated: Oct 30, 2023 No Comments
Tweet Share Pin it
IT Questions BankCategory: CCNA 4 v4.0 EWANRefer to the exhibit and the following configuration. ACL 10, configured on R1, is designed to deny the host at 192.168.10.10 access to the 192.168.11.0 network, but all other hosts on the 192.168.10.0 network should be permitted access. However, the ACL does not accomplish this. Which changes would correct this problem?

Refer to the exhibit and the following configuration. ACL 10, configured on R1, is designed to deny the host at 192.168.10.10 access to the 192.168.11.0 network, but all other hosts on the 192.168.10.0 network should be permitted access. However, the ACL does not accomplish this. Which changes would correct this problem?

R1(config)# access-list 10 deny host 192.168.10.10
R1(config)# interface Fa0/1
R1(config-if)# ip access-group 10 in

 

On router R1:

  • The host address is incorrectly specified. It should be 192.168.11.10.
  • Because of the implicit deny statement, the remainder of the subnet is not permitted through. The remainder of the subnet should be permitted using the access-list 10 permit any command.
  • ACL 10 should be applied to be in an outbound direction on interface Fa0/1.

Correct configuration:

R1(config)# access-list 10 deny host 192.168.11.10
R1(config)# access-list 10 permit any
R1(config)# interface Fa0/1
R1(config-if)# ip access-group 10 out

Exam with this question: EWAN v4 Chapter 5 Check Your Understanding: Access Control Lists

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x