Cisco Certified Network Associate 0 (ccna)


Note: Privilege level 15 is known as “enable mode” or “privileged exec mode,” and authorizes all commands by default. Verification



Yüklə 5,2 Mb.
səhifə139/142
tarix27.09.2023
ölçüsü5,2 Mb.
#149497
1   ...   134   135   136   137   138   139   140   141   142
CCNA 200-301 June 2023-v1.2

Note: Privilege level 15 is known as “enable mode” or “privileged exec mode,” and authorizes all commands by default.


Verification

Try to telnet to Sw101 from PC1:


On PC1:


PC1:\> telnet 192.168.100.1
Trying 192.168.100.1 …Open User Access Verification
Username: support //Type “support” here Password: ***** //Type “max2leam” here

Sw101#



Task 2. Configure and apply a single NACL on Sw101

Use the “show ip interface brief” command on Sw101, we learn the IP address of interface VLAN 100 is 192.168.100.1/24. We will use this IP address to “allow only PC2 on VLAN 200 to telnet to Sw101”.


On Sw101:

ip access-list extended ENT_ACL


deny icmp host 192.168.200.10 host 192.168.100.10
permit tcp host 192.168.200.10 host 192.168.100.1 eq telnet deny tcp 192.168.200.0 0.0.0.255 any eq telnet
permit ip any any

interface e0/2


ip access-group ENT_ACL in


Verification

+ Check to make sure PC2 cannot ping PC1:


PC2:\> ping 192.168.100.10


Pinging 192.168.100.10 with 32 bytes of data Request timed out.
Request timed out. Request timed out. Request timed out.
+ Check if only PC2 on VLAN 200 to telnet to Sw101 and prevent all other devices from telnetting from VLAN 200: PC2:\> telnet 192.168.100.1 //this must be successful
SW102# telnet 192.168.100.1 //this must fail

+ Check the “Allow all other network traffic from VLAN 200” condition by try pinging from PC2 to SW101: PC2:\>ping 192.168.100.1 //this must be successful


Task 3. Configure security on interface Ethernet 0/0 of Sw102.

In this task, it asked “No notification action is required” so we have to use “protect” for violation mode. On Sw102:


int e0/0
switchport port-security
switchport port-security maximum 4 switchport port-security violation protect



Yüklə 5,2 Mb.

Dostları ilə paylaş:
1   ...   134   135   136   137   138   139   140   141   142




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin