In Vol1 Lab18 Task6d the wording of the task makes me think the ACL in the DSG wouldn't really meet the requirements of the last 2 sentences. I read that as only allow things destined to the subnets R9 announces; deny and log everything else. Would this ACL be more fitting based on the wording?
R9(config-ext-nacl)#do sh run | s access ip access-list extended RFC1918 deny ip 10.0.0.0 0.255.255.255 any log deny ip 172.16.0.0 0.15.255.255 any log deny ip 127.0.0.0 0.255.255.255 any log deny ip 192.168.0.0 0.0.255.255 any log deny ip 169.254.0.0 0.0.255.255 any log permit ip any host 200.0.0.9 permit ip any 150.50.69.0 0.0.0.255 deny ip any any log
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
