|Home| | |Proj. Scope| | |Cut Sheet| | |Security| | |Cost&Analyses| | ||||||||||||||
SECTION
3 - DISTRICT SUPPLIED SERVERS AND FUNCTIONS |
||||||||||||||||||
ACLs
will be enabled on the router to control access between networks. |
||||||||||||||||||
Router Configuration: Router>enable SunsetRouter(config)#enable
secret class Commands to allow global access to DNS server: SunsetRouter(config)# access-list 100 permit tcp any 193.100.100.1 0.0.0.0 eq 53 SunsetRouter(config)# access-list 100 permit udp any host 193.100.100.1 0.0.0.0 eq 53 Commands to allow global access to E-mail server: SunsetRouter(config)# access-list 100 permit tcp any host 193.100.100.2 0.0.0.0 eq 25 Commands to allow global access to Web(HTTP) server: SunsetRouter(config)# access-list 100 permit tcp any host 193.100.100.4 0.0.0.0 eq 80 Commands to deny all other IP packets from Sudents Network: SunsetRouter(config)# access-list 100 deny ip 170.100.0.0 0.0.255.255 any Commands to Permit all other hosts: SunsetRouter(config)# access-list 100 permit ip any any Command to apply ACL to interface s1: SunsetRouter(config)# ip access-group 100 out
Commads that don't allow acces in only if they are requested: SunsetRouter(config)# access-list 101 permit tcp any any estabilished SunsetRouter(config)#int s0 SunsetRouter(config-if)# ip access-group 101 in
|
||||||||||||||||||