Home > Ticket 5 – R1 ACL

Ticket 5 – R1 ACL

March 26th, 2015 in TSHOOT v2 Go to comments

Configuration on R1

interface Serial0/0/1
 description Link to ISP
 ip address
 ip nat outside
 ip access-group edge_security in

ip access-list extended edge_security
 deny ip any
 deny ip any
 deny ip any
 deny any
 permit ip host any

Answer: add permit ip any command to R1’s ACL

Ans1) R1
Ans2) IPv4 Layer 3 Security
Ans3) Under the ip access-list extended edge-security configuration add the permit ip any command

+ This is the only ticket the extended access-list edge_security exists. In other tickets, the access-list 30 is applied to the inbound direction of S0/0/1 of R1.
+ Although host is permitted to go through the access-list (permit ip host any) but clients cannot ping the web server because R1 cannot establish BGP session with neighbor

Comments (4) Comments
Comment pages
1 5 6 7 26
  1. CCNP-Renew
    May 5th, 2017

    Testing Tshoot in 2 days. Just became a premium member but I am disappointed with the new format. I used Network Tut a couple of years ago when they used the low tech “Read More” link to display full answers was way more user friendly.
    This new simulations are a great idea but not really good for a quick study reference.
    If anyone has updated dumps please send to matt.ryder22 at outlook dot com
    Thank you and good luck.

  2. david
    May 23rd, 2017

    I just passed today. Got 1000/1000. Stick only to networktut.com. All the questions in feb. 2017.pdf from tut came out. Pls practice nothing but tut. All still valid

  3. maha
    June 8th, 2017

    @ david
    Pleease send to my feb.2017.pdf in my email ( {email not allowed})

  4. Andrea
    June 9th, 2017

    Are there updated ccnp Tshoot?? I will the examen next Friday

Comment pages
1 5 6 7 26