Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
QID:NA282
#4
I was confused on this question as well. But when I read it more carefully I realized it's asking to block a host address, not a subnet, from access outside it's own subnet.

ip                                  = we're using TCP/IP addressing so this will stop it from accessing other hosts through ip
192.168.125.34 0.0.0.0  = use this as the source address since we're looking to block only a single host

the use of "any" as the destination is confusing, since it's use should deny access even to it's own subnet. But if you think of it like this it may help. I've realized with a lot of these questions a complete network diagram would really help you understand what's going on.

192.168.125.34 -------- switch --------router
                                    |
                                    |
                          192.168.125.35

Since ACL's are applied on routers only, the traffic from 192.168.125.34 to another host in the same subnet attached to the same switch won't get blocked by the ACL since the packets will never get to the ACL on the router.

The good part about this question, you don't need to worry about the destination "any" because they've provided it for you in the question.
Reply


Messages In This Thread
QID:NA282 - by to_old_4_this - 04-22-2009, 12:12 AM
Re: QID:NA282 - by wtf007 - 05-06-2009, 11:55 PM
Re: QID:NA282 - by aredmond - 05-11-2009, 07:22 PM
Re: QID:NA282 - by fucher - 06-02-2009, 11:38 PM

Forum Jump:


Users browsing this thread: 2 Guest(s)