Q: Matching Port Numbers with ACLs 1

certskills
By certskills February 5, 2018 10:05

#CCNA ACL questions can uncover your weaknesses even without a detailed and complicated list of requirements to place in a single ACL. In fact, my “Acing the CCNA Exam” live course on Safari features ACL Port Matching as one of its top 10 common mistakes for about 10 minutes of the course. In preparation for the upcoming Feb 8th edition of the course, I’ve added this new question. Enjoy.

Question:

Which answers lists an ACL command would permit all unencrypted web traffic from the web servers on the left of the figure to the subnet of the web clients on the right, assuming router R1 enables the ACL on its G0/1 interface in the input direction?

  1. access-list 101 permit ip   172.16.16.0  0.0.7.255   172.16.4.0 0.0.3.255  eq www
  2. access-list 101 permit tcp 172.16.16.0  0.0.7.255   172.16.4.0 0.0.3.255  eq www
  3. access-list 101 permit ip   172.16.16.0  0.0.7.255  eq www   172.16.4.0 0.0.3.255
  4. access-list 101 permit tcp 172.16.16.0  0.0.7.255  eq www   172.16.4.0 0.0.3.255  eq www
  5. access-list 101 permit tcp 172.16.16.0  0.0.7.255  eq www   172.16.4.0 0.0.3.255

The answer post should appear in a few days. As always, the answer link sits at the bottom of this page, just above where the comments begin.

 

A: Matching Port Numbers with ACLs 1
Extended IPv4 ACL Drill 2 - Answers
certskills
By certskills February 5, 2018 10:05
Write a comment

1 Comment

  1. sanjinb February 9, 05:17

    access-list 101 permit tcp 172.16.16.0 0.0.7.255 eq www 172.16.4.0 0.0.3.255

    We would like to permit www traffic from servers to clients, so direction on interface Gi01 is in.

    sanjinb

    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Search

Categories