O'Reilly logo

CCIE Security Exam Certification Guide by Henry Benjamin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Scenario 8-1 Solution

A1: The network administrator can quickly configure an extended access list permitting all ICMP, UDP, or TCP, as shown in Example 8-12, applying the access list to the inbound interface on R2, Serial 0/0. (The configuration is truncated to focus on the critical configuration.)
Example 8-12. Access List Configuration on R2
Hostname R2
!
interface Serial0/0
 ip address 131.108.255.2 255.255.255.252
 ip access-group 100 in
!
access-list 100 permit icmp any any log-input
access-list 100 permit tcp any any log-input
access-list 100 permit udp any any log-input
!
End

To determine the traffic type, access list 100 allows ICMP, UDP, and TCP inbound on Serial 0/0. Logging is also enabled with the keyword log-input. Assuming the DoS ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required