Lab Test 2: Access Control Lists

Muhammad Muizzuddin Bin Zainol Abidin, 51213215271

Universiti Kuala Lumpur British Malaysian Institute (UniKL-BMI), Batu 8, Sungai Pusu, 53100 Kuala Lumpur.
muhammadmuizz93@gmail.com

Abstract This Lab presents the review of designing a network by

utilizing Access Control Lists for system network. This
incorporates about how to design standard ACLs, configure
extended ACLs and how to verify ACLs by utilizing packet tracer.
Through this lab, the simulation of the system network is exhibited
and the aftereffects of all part in this lab was effectively gotten.

I. INTRODUCTION
Access Control Lists are used to control traffic into and
out of your network based on given criteria. ACL consists of
a sequence of permit or deny statements that apply to network
layer or upper layer protocols. Most often Access Control
Lists are used for security reasons to filter traffic. Access lists
are applied per interface as inbound ACL and outbound ACL.
Inbound ACL where packets are processed before they are
routed while outbound ACL where packets are routed to
outbound interface and then processed by ACL.

ACLs do not also act on packets that were originated from

the router itself. At the end of every access list is an implicit
deny any statement. Therefore, if a packet doesnt match
any of the ACL statements, it is automatically denied or
dropped.
In ACLs, there can be of two types which are standard
and extended. Standard ACLs enable you to permit or deny
traffic from source IP addresses. The destination of the
packet and the port doesnt matter. But in extended ACLs,
there are more advanced and IP packets are filtered based on
several criteria, for example, protocol type, source or
destination IP address, source or destination of TCP or UDP
ports. Both ACLs types can be Numbered or Named. In
table below shows what numbers are used for both IP ACLs
types.
Table 1: Number Used by ACLs
Standard ACLs 1 to 99 1300 to 1999
Extended ACLs 100 to 199 2000 to 2699
Figure 2.1 Network Design
For Task 1 in this lab test, all devices should be
configured, for example, configure the router hostname, IP
address and password for an encrypted privileged EXEC,
console and VTY lines for each of the routers.
After that, a message banner need to be configured as
well. This message will pop-up when router is started. This is
also known as the basic configuration for all routers. In this
design, OSPF is utilized with handle ID "1" on all router for
all networks in request to interface all IP connectivity
successfully by utilizing the Ping command.
Next, for task 2, R1 and R3 must be configured with
standard ACLs. The standard ACLs have been configured
with standard name ACLs configuration which have been
applied on the R1 and R3 vty lines. The ACLs must permit
hosts connected directly to their Fast Ethernet subnets to gain
Telnet access and explicitly deny all other connection
attempts. All the standard ACLs that have been configured
need to be named with VTY Local and applied to all telnet
lines.

II. DISCUSSION
In this lab test, a network needed to be configured. By
using Cisco Packet Tracer, the simulation of the network was
conducted and the network design is as shown as shown in a
figure below
Figure 2.2: Command to Configure Standard Named ACLs
The above figure shows that the command that was used to
make or arrange named ACLs which just allowing has that
had connected directly to their Fast Ethernet which for R1
10.1.1.0 and for R3 10.3.1.0 taken after by their wildcard
mask.

III. METHODOLOGY
The propagation

IV. RESULTS AND ANALYSIS

We assume a

V. CONCLUSIONS
This section presents the results that have been obtained
from the
.

REFERENCES