On your newly installed router, you apply the access list illustrated below to interface Ethernet0 on a router. The interface is connected to the 192.168.1.8/29 LAN.
How will the above access lists affect traffic?
A.
All traffic will be allowed to exit E0 except FTP traffic.
B.
FTP traffic from 192.168.166.19 to any host will be denied.
C.
All traffic exiting E0 will be denied.
D.
All FTP traffic to network 192.168.166.18/29 from any host will be denied.
why??!! I’m really confused, I would say B
I know about implicit deny any at the end of acl, and what they mean by exiting ?? exiting network 192.168.1.8/29 or other than E0 interface towards 192.168.166.18/29?
Hi,
The access list is about network 192.168.166.16/29 and will deny any FTP traffic exiting the router. But also the other traffic will be deny because of implicit deny.
As you observed, this ACL has only inputs that related with 192.168.166.16/29 network, nothing else regarding the 192.168.166.8/29 network and not even one permit entry. So…all traffic will be denied.
This is the exhibit
access-list 123 deny tcp 192.168.166.18 0.0.0.7 eq 20 any
access-list 123 deny tcp 192.168.166.18 0.0.0.7 eq 21 any