Connect to R1 and set the IP Address on Ethernet 0 interface to
192.168.1.1/24 and the Serial 0 interface to 192.168.2.1/24 and enable
the interfaces. Enable Routing Protocol RIP on R1 and add the network to
Ethernet 0 and Serial 0 interfaces
Connect to R2 and set the IP Address on Ethernet 0 interface to
192.168.1.2/24, enable the interface and enable RIP on R2, add the
network to Ethernet 0 interface
Connect to R3 and set the IP Address on Serial 0 interface to
192.168.2.2/24 and Serial 1 interface to 192.168.3.1/24 and enable the
interfaces. Enable RIP protocol on R3 and add the network to Serial 0
and Serial 1 interfaces
Connect to R4 and set the IP Address on Serial 0 interface to
192.168.3.2/24, enable the interface and enable RIP on R3, add the
network to Serial 0 interface
R2 from both R3 and R4 and see that it is successful
Configure Extended Access-List 101 on R1 that allows telnet traffic from
R3 (192.168.2.2) and allow icmp traffic from R4 (192.168.3.2) and block
all other traffic
Apply this access-list to R1’s Serial 0 interface on inbound traffic
and check the same using show ip interface command
Verify the Extended Access List applied on R1 by pinging and telneting
R2 from R3 and R4
(R3 (192.168.2.2)) should not be able to ping R2
but should be able to telnet to R2 and R4 (192.168.3.2) should be able
to ping R2 but not telnet to it))
Note: Please refer to the CertExams.com Network Simulator software for complete lab with commands.
Description: This lab exercise demonstrates the concept of Extended Access List by configuring
and verifying the same
1. Configure IP address of all the device as per the above table
2. Configure Extended Access-List 101 on R1 that allows telnet traffic from R3 (192.168.2.2)
and allow icmp traffic from R4 (192.168.3.2) and block all other traffic.
3. In Add a Rule window enter access list number as 101 and select as Extended Rule from
Type drop down and click Add button.
4. In add an Extended Rule entry window select action as permit and select tcp from Protocol and
5. In source Host/Network select host from type drop down box and enter the IP address as
192.168.2.2 and in destination Host/Network select Any IP address and select Destination Port “=”
6. To apply another access-list with number 101 click Add button in Add a Rule window.
7. In extended Access-List entry screen select permit from select an action drop down box .
8. Select host from Source Host/Network enter 192.168.3.2 in IP address field.
9. Select Any IP address from Destination Host/Network.
10. Select icmp from protocol and service and click OK button
11. In add a rule window click associate and select interface as s0 and direction as inbound
from Associate with an Interface screen and click OK button.
12. On R1 issue show ip interface command using View > IOS show command.
Note: Please refer to the CertExams.com Network Simulator software for complete lab with GUI Interface.