Re: Confused by the access-list question
I hereby promise never to post replies under the affluence of incahol. I need a "Delete previous post" button. You're absolutely right. The answer was clear as day at the time, but now I look at it again, both of your comments appear spot on. Sorry Gaz ""lishengtao"" <[EMAIL PROTECTED]> wrote in message 92a0l7$2e2$[EMAIL PROTECTED]">news:92a0l7$2e2$[EMAIL PROTECTED]... > Yes, I know what you mean and agree with you. > > However, I choosed answer A during the test and was told that it is wrong. > > Anyway, I make me a little more clear about the access-list with your help. > > Thanks and Regards > > Stanton > ""MariaD"" <[EMAIL PROTECTED]> wrote in message > 9298pk$d4a$[EMAIL PROTECTED]">news:9298pk$d4a$[EMAIL PROTECTED]... > > Hi, > > yeah, CISCO wording in their test questions can be very confusing, > > I think in this case, > > what they're actually asking is: > > which of A, B, C or D is NOT AFFECTED by the access-list statement ? > > If they asked "what would not be affected" > > instead of > > "what would not apply" > > it would be clearer. > > B, C & D are affected by the access-list statement because their ip > > addresses are within the > > ranges listed in the access-list statement. ( 172.16.16.0/20 and > > 172.16.32.0/20 ) > > therefore, > > the router will apply a MATCH and deal to those packets as appropriate. > > > > for A, 172.16.1.1 is not in the 172.16.16.0/20 or 172.16.32.0/20 networks > > therefore, > > there is NO MATCH in the access-list statement > > so no access-list statement will be applied to 172.16.1.1 packets > > > > HTH, > > > > R, > > MariaD > > > > > > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > > 928upd$399$[EMAIL PROTECTED]">news:928upd$399$[EMAIL PROTECTED]... > > > Hi, > > > > > > Agree with you partialy, and I think the statements of B and D are also > > not > > > apply, because the telnet access with 172.16.16.1 as source and > > 172.16.32.1 > > > as destination is denied, and the same as telnet access with > 172.16.30.12 > > as > > > source and 172.16.32.12 as destination. > > > > > > However, this question is come from Cisco's on-line test with only one > > > choice. > > > > > > I am still confused. > > > > > > Regards > > > > > > Stanton > > > > > > ""MariaD"" <[EMAIL PROTECTED]> wrote in message > > > 928n2i$srv$[EMAIL PROTECTED]">news:928n2i$srv$[EMAIL PROTECTED]... > > > > Hi, > > > > > > > > I reckon it's A > > > > because the 172.16.1.1 address is not included in your access-list > > > > statement. > > > > > > > > the addresses that would be affected are 172.16.16.0/20 to > > 172.16.32.0/20 > > > > and 172.16.1.1/20 is in another network > > > > > > > > R, > > > > MariaD > > > > > > > > > > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > > > > 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > > > > > The following is an access-list entered on a Cisco router: > access-list > > > 135 > > > > > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet > > > > access-list > > > > > 135 permit ip any any br>Which of the following would not apply if > > this > > > > > access-list is used to control incoming packets on ethernet 0? > > > > > > > > > > A. address 172.16.1.1 will be denied telnet access to address > > > 172.16.37.5 > > > > > > > > > > B. address 172.16.16.1 will be permitted telnet access to address > > > > > 172.16.32.1 > > > > > > > > > > C. address 172.16.16.1 will be permitted telnet access to address > > > > > 172.16.50.1 > > > > > > > > > > D. address 172.16.30.12 will be permitted telnet access to address > > > > > 172.16.32.12 > > > > > > > > > > > > > > > _ > > > > > FAQ, list archives, and subscription info: > > > > http://www.groupstudy.com/list/cisco.html > > > > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > _ > > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused by the access-list question
Yes, I know what you mean and agree with you. However, I choosed answer A during the test and was told that it is wrong. Anyway, I make me a little more clear about the access-list with your help. Thanks and Regards Stanton ""MariaD"" <[EMAIL PROTECTED]> wrote in message 9298pk$d4a$[EMAIL PROTECTED]">news:9298pk$d4a$[EMAIL PROTECTED]... > Hi, > yeah, CISCO wording in their test questions can be very confusing, > I think in this case, > what they're actually asking is: > which of A, B, C or D is NOT AFFECTED by the access-list statement ? > If they asked "what would not be affected" > instead of > "what would not apply" > it would be clearer. > B, C & D are affected by the access-list statement because their ip > addresses are within the > ranges listed in the access-list statement. ( 172.16.16.0/20 and > 172.16.32.0/20 ) > therefore, > the router will apply a MATCH and deal to those packets as appropriate. > > for A, 172.16.1.1 is not in the 172.16.16.0/20 or 172.16.32.0/20 networks > therefore, > there is NO MATCH in the access-list statement > so no access-list statement will be applied to 172.16.1.1 packets > > HTH, > > R, > MariaD > > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > 928upd$399$[EMAIL PROTECTED]">news:928upd$399$[EMAIL PROTECTED]... > > Hi, > > > > Agree with you partialy, and I think the statements of B and D are also > not > > apply, because the telnet access with 172.16.16.1 as source and > 172.16.32.1 > > as destination is denied, and the same as telnet access with 172.16.30.12 > as > > source and 172.16.32.12 as destination. > > > > However, this question is come from Cisco's on-line test with only one > > choice. > > > > I am still confused. > > > > Regards > > > > Stanton > > > > ""MariaD"" <[EMAIL PROTECTED]> wrote in message > > 928n2i$srv$[EMAIL PROTECTED]">news:928n2i$srv$[EMAIL PROTECTED]... > > > Hi, > > > > > > I reckon it's A > > > because the 172.16.1.1 address is not included in your access-list > > > statement. > > > > > > the addresses that would be affected are 172.16.16.0/20 to > 172.16.32.0/20 > > > and 172.16.1.1/20 is in another network > > > > > > R, > > > MariaD > > > > > > > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > > > 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > > > > The following is an access-list entered on a Cisco router: access-list > > 135 > > > > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet > > > access-list > > > > 135 permit ip any any br>Which of the following would not apply if > this > > > > access-list is used to control incoming packets on ethernet 0? > > > > > > > > A. address 172.16.1.1 will be denied telnet access to address > > 172.16.37.5 > > > > > > > > B. address 172.16.16.1 will be permitted telnet access to address > > > > 172.16.32.1 > > > > > > > > C. address 172.16.16.1 will be permitted telnet access to address > > > > 172.16.50.1 > > > > > > > > D. address 172.16.30.12 will be permitted telnet access to address > > > > 172.16.32.12 > > > > > > > > > > > > _ > > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused by the access-list question
Hi, yeah, CISCO wording in their test questions can be very confusing, I think in this case, what they're actually asking is: which of A, B, C or D is NOT AFFECTED by the access-list statement ? If they asked "what would not be affected" instead of "what would not apply" it would be clearer. B, C & D are affected by the access-list statement because their ip addresses are within the ranges listed in the access-list statement. ( 172.16.16.0/20 and 172.16.32.0/20 ) therefore, the router will apply a MATCH and deal to those packets as appropriate. for A, 172.16.1.1 is not in the 172.16.16.0/20 or 172.16.32.0/20 networks therefore, there is NO MATCH in the access-list statement so no access-list statement will be applied to 172.16.1.1 packets HTH, R, MariaD ""lishengtao"" <[EMAIL PROTECTED]> wrote in message 928upd$399$[EMAIL PROTECTED]">news:928upd$399$[EMAIL PROTECTED]... > Hi, > > Agree with you partialy, and I think the statements of B and D are also not > apply, because the telnet access with 172.16.16.1 as source and 172.16.32.1 > as destination is denied, and the same as telnet access with 172.16.30.12 as > source and 172.16.32.12 as destination. > > However, this question is come from Cisco's on-line test with only one > choice. > > I am still confused. > > Regards > > Stanton > > ""MariaD"" <[EMAIL PROTECTED]> wrote in message > 928n2i$srv$[EMAIL PROTECTED]">news:928n2i$srv$[EMAIL PROTECTED]... > > Hi, > > > > I reckon it's A > > because the 172.16.1.1 address is not included in your access-list > > statement. > > > > the addresses that would be affected are 172.16.16.0/20 to 172.16.32.0/20 > > and 172.16.1.1/20 is in another network > > > > R, > > MariaD > > > > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > > 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > > > The following is an access-list entered on a Cisco router: access-list > 135 > > > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet > > access-list > > > 135 permit ip any any br>Which of the following would not apply if this > > > access-list is used to control incoming packets on ethernet 0? > > > > > > A. address 172.16.1.1 will be denied telnet access to address > 172.16.37.5 > > > > > > B. address 172.16.16.1 will be permitted telnet access to address > > > 172.16.32.1 > > > > > > C. address 172.16.16.1 will be permitted telnet access to address > > > 172.16.50.1 > > > > > > D. address 172.16.30.12 will be permitted telnet access to address > > > 172.16.32.12 > > > > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused by the access-list question
Hi, Agree with you partialy, and I think the statements of B and D are also not apply, because the telnet access with 172.16.16.1 as source and 172.16.32.1 as destination is denied, and the same as telnet access with 172.16.30.12 as source and 172.16.32.12 as destination. However, this question is come from Cisco's on-line test with only one choice. I am still confused. Regards Stanton ""MariaD"" <[EMAIL PROTECTED]> wrote in message 928n2i$srv$[EMAIL PROTECTED]">news:928n2i$srv$[EMAIL PROTECTED]... > Hi, > > I reckon it's A > because the 172.16.1.1 address is not included in your access-list > statement. > > the addresses that would be affected are 172.16.16.0/20 to 172.16.32.0/20 > and 172.16.1.1/20 is in another network > > R, > MariaD > > > ""lishengtao"" <[EMAIL PROTECTED]> wrote in message > 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > > The following is an access-list entered on a Cisco router: access-list 135 > > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet > access-list > > 135 permit ip any any br>Which of the following would not apply if this > > access-list is used to control incoming packets on ethernet 0? > > > > A. address 172.16.1.1 will be denied telnet access to address 172.16.37.5 > > > > B. address 172.16.16.1 will be permitted telnet access to address > > 172.16.32.1 > > > > C. address 172.16.16.1 will be permitted telnet access to address > > 172.16.50.1 > > > > D. address 172.16.30.12 will be permitted telnet access to address > > 172.16.32.12 > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused by the access-list question
Hi, I reckon it's A because the 172.16.1.1 address is not included in your access-list statement. the addresses that would be affected are 172.16.16.0/20 to 172.16.32.0/20 and 172.16.1.1/20 is in another network R, MariaD ""lishengtao"" <[EMAIL PROTECTED]> wrote in message 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > The following is an access-list entered on a Cisco router: access-list 135 > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet access-list > 135 permit ip any any br>Which of the following would not apply if this > access-list is used to control incoming packets on ethernet 0? > > A. address 172.16.1.1 will be denied telnet access to address 172.16.37.5 > > B. address 172.16.16.1 will be permitted telnet access to address > 172.16.32.1 > > C. address 172.16.16.1 will be permitted telnet access to address > 172.16.50.1 > > D. address 172.16.30.12 will be permitted telnet access to address > 172.16.32.12 > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused by the access-list question
Access list is stopping telnet access from range of addresses 172.16.16.0-172.16.31.255 to range of addresses 172.16.32.0-172.16.47.255. Or from 172.16.16.0/20 to 172.16.32.0/20. So answer B is the only one which does not apply. Unless my hangover's playing tricks on me. Cheers, Gareth ""lishengtao"" <[EMAIL PROTECTED]> wrote in message 925adn$8lo$[EMAIL PROTECTED]">news:925adn$8lo$[EMAIL PROTECTED]... > The following is an access-list entered on a Cisco router: access-list 135 > deny tcp 172.16.16.0 0.0.15.255 172.16.32.0 0.0.15.255 eq telnet access-list > 135 permit ip any any br>Which of the following would not apply if this > access-list is used to control incoming packets on ethernet 0? > > A. address 172.16.1.1 will be denied telnet access to address 172.16.37.5 > > B. address 172.16.16.1 will be permitted telnet access to address > 172.16.32.1 > > C. address 172.16.16.1 will be permitted telnet access to address > 172.16.50.1 > > D. address 172.16.30.12 will be permitted telnet access to address > 172.16.32.12 > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]