access-l 1 permit 123.123.123.0 0.0.0.255 access-l 101 deny ip 1.2.3.4 0.0.0.0 any access-l 101 permit tcp any 2.2.0.0 0.0.255.255 eq 21 Server IP address= x.x.x.10/24 GW= x.x.x.1 Telnet Server 223.8.151.10 From 192.5.5.0 cannot telnet to 223.8.151.10, allow all other traffics 4. FTP server 205.7.5.10 Allow only from 192.5.5.0 to access the FTP server, deny from all other sources to access the FTP server, allow all other traffics. answer A:access-l 104 perm tcp 192.5.5.0 0.0.0.255 host 205.7.5.10 eq 20 A:access-l 104 perm tcp 192.5.5.0 0.0.0.255 host 205.7.5.10 eq 21 A:access-l 104 deny tcp any 205.7.5.10 0.0.0.0 eq 21 A:access-l 104 perm ip any any A:int fa0/1 A:ip access-g 104 out another way A:access-l 144 permit tcp any host 205.7.5.10 eq 21 A:int fa0/0 A: ip access-g 144 in A:access-l 145 deny tcp any host 205.7.5.10 eq 21 A:access-l 145 perm ip any any A:int s0/0/0 A: ip access-g 145 in 5. Web Server 219.17.100.10 Allow clients from the left (LAB A), deny clients from the right to access the web server. Allow all other traffics answer B:access-l 105 deny tcp any host 219.17.100.10 eq 80 B:access-l 105 perm ip any any B:int s0/0/0 B: ip access-g 105 in 6. FTP/Web/Telnet Server 223.8.151.10 (1) Allow all ip traffics except from the source of 205.7.5.0 ~ 205.7.5.127 to the server. (2) Allow FTP ONLY from 192.5.5.0, deny all other FTP’s to the server. (3) Allow telnet to the server from the right (210.93.105.0), deny from the left. (4) Allow all sources to browse the web server except from 210.93.105.128~210.93.105.191 (5) Allow all other traffics. answer: C:access-l 106 deny ip 205.7.5.0 0.0.0.127 host 223.8.151.10 C:access-l 106 per tcp 192.5.5.0 0.0.0.255 host 223.8.151.10 eq 21 C:access-l 106 per tcp 210.93.105.0 0.0.0.255 host 223.8.151.10 eq 23 C:access-l 106 deny tcp 210.93.105.128 0.0.0.63 host 223.8.151.10 eq 80 C:access-l 106 per ip any any C:int fa0/0 C: ip access-g 106 out C:access-l 161 deny tcp any host 223.8.151.10 eq 23 C:access-l 161 per ip any any C:int s0/0/0 c: ip access-g 161 in 7. FTP server at 192.5.5.12, web server at 205.7.5.12 Allow ONLY LAB A e0 to access the web server; allow ONLY LAB A e1 to access the FTP server; block all other FTP and Web traffics. Allow all ip traffics but block the traffic to 210.93.105.0 A:access-l 171 per tcp 192.5.5.0 0.0.0.255 host 205.7.5.12 eq 80 A:access-l 171 deny tcp any any eq 80 A:access-l 171 per ip any any A:int fa0/1 A: ip access-g 171 out A:access-l 172 per tcp 205.7.5.0 0.0.0.255 host 192.5.5.12 eq 21 A:access-l 172 deny tcp any any eq 21 A:access-l 172 per ip any any A:int fa0/0 A: ip access-g 172 out A:access-l 173 deny ip any 210.93.105.0 0.0.0.255 A:access-l 173 per ip any any A:int s0/0/0 A: ip access-g 173 out