How2pass.com Forums

Full Version: QID:S19 & S17 Broken??
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

sptmaster

I've had this question several times and I always get it wrong. Just now I've tried doing it 3 times individually and I got marked wrong all times.

I checked all the cable types and ip addresses correct, and I even did "enable password" correctly instead of secret. Everything I've entered (did copy run start also) looks the SAME as the explanation!!!

Anyone else having problems with this one?


I also just got done doing S17 and got marked wrong... I did it again even using the number 101 for my access list and got marked wrong again a second time......

access-list 101 permit tcp host PCIP host SERVERIP eq 80
access-list 101 deny tcp any host SERVERIP eq 80
access-list 101 permit ip any any

int fa0/0 (interface the server is on)
ip access-group 101 out

Did copy run start also, and I've checked my answers against the explanations and they are IDENTICAL. What gives with these sims???
Take a screen capture after entering your commands and send to our support address. You will be told what was missing.

Djmillymil

Yea I'm getting the same thing.

Correct me if I'm wrong but extended ACLs should be placed closest to the source, so it should be applied in Fa0/1 going out.

There is even something in the answer that leads me to think that this SIM is a little messed up...on Step 3.
(04-01-2011, 02:18 AM)Djmillymil link Wrote:Yea I'm getting the same thing.

Correct me if I'm wrong but extended ACLs should be placed closest to the source, so it should be applied in Fa0/1 going out.

There is even something in the answer that leads me to think that this SIM is a little messed up...on Step 3.

It is a general rule but not always true. In this case if you apply it to the Fa0/1 going out, how can it filter traffic coming from the Core network (S0/1) and leaving towards Servers LAN (F0/0). The out direction even cannot filter the traffic originating from other PCs in the Hosts LAN destined for Stock Web Server. Even the "in" direction on F0/1 is not fulfilling the requirement of checking the traffic from the Core network to the Stock Web Server.

Please read your books for clear understanding of ACL directions and their effects.

Djmillymil

Thanks for the tip, looks like I read the question a little wrong as well (missed that it had to block Core too)


Sorry to have ever disturbed you.
I just ran across this trying to find clarification on how to apply the ACL to FA0/0 for question S17. Why is the ACL applied going "out" the interface? Shouldn't it applied going "in" since Extended ACL's are suppose to placed as close as possible to he source.

tomMike

It is a general rule but not always true.
I am copying line for line from the answer and it is still being marked as wrong. OUI!
Send screen captures of your commands for all steps to our support email address. Take a screen shot when one page of configuration is complete.
Also make sure to press the "Done" button, located at the bottom-left area of every sim, once your complete your config, to get your answer evaluated.
(10-05-2019, 04:19 PM)forumsupport Wrote: [ -> ]Send screen captures of your commands for all steps to our support email address. Take a screen shot when one page of configuration is complete.
Also make sure to press the "Done" button, located at the bottom-left area of every sim, once your complete your config, to get your answer evaluated.

Thank you for your reply. I wasn't clicking the Done button. All good now.