Home > Access-list Questions

Access-list Questions

March 23rd, 2020 Go to comments

Note: If you are not sure about Access list, please read our Access List Tutorial.

Question 1

Question 2

Explanation

When assigning an IPv4 access list to an interface you used the ip access-group ACL_NAME in|out command in interface configuration mode. To assign an IPv6 ACL to an interface you’ll use the ipv6 traffic-filter ACL_NAME in|out command in interface configuration mode.

We should also specific which port (telnet in this case) we want to deny or we will drop all TCP traffic to the destination.

Note: In fact there is an error with all of the above commands as we cannot use subnet mask (/64) with keyword “host”. We must remove the subnet mask before applying the ACL statement.

Comments (5) Comments
  1. elmecah
    December 15th, 2020

    just a clarification, on explanation it says that to assign an ipv4 access list to an interfaceyou need to use the “ip access-list ACL_NAME in|out” command while the correct form is “ip access-group ACL_NAME in|out”

    cheers!

  2. networktut
    December 15th, 2020

    @elmecah: Thanks for your detection, we have just updated it!

  3. Anonymous
    May 5th, 2022

    @networktut
    I agree, regarding Q2, that Answer D is the correct answer.
    However tcp host…/64 …This doenst doesn’t work in a configuration.
    Host is only one ip, even with IPv6 not/never a prefix of 64.
    So “host” should be removed

  4. networktut
    May 6th, 2022

    @Anonymous: Thanks for your detection, in this question all four options have /64 so none of them is correct. Therefore we have to choose the best answer.

  5. ciscobs
    September 16th, 2022

    Isn’t that the worst? We pay hundreds of dollars for a test, and they can’t even make sure their questions are accurate.