access-list 101 deny tcp host 10.1.4.98 198.1.1.0 0.0.0.255 lt 1023 and access-list 101 deny
ip 10.1.4.0 0.0.0.255 198.1.1.0 0.0.0.255 eq www in access list 101 are not really needed
because the default is to deny these anyway. So, list 101 would perform the same function if it
had only one statement in it (access-list 101 permit tcp host 10.1.4.98 198.1.1.0 0.0.0.255 eq
www).
Scenario 7-4 design details and the context of the answers to the three tasks for this scenario.
lists used on Atlanta. Furthermore, you need to determine whether clients in the remote sites
can access the servers in Atlanta. The answer is not obvious in this case. The extended access
list is particularly confusing, given all the options. The parameters coded in the first entry in list
903 in Example 7-17 are as follows:
so all 0s are coded in the node part of the address. The node part of the address must be
configured; otherwise, the syntax does not allow the right to use the network wildcard
mask.
access-list 101 permit tcp host 210.1.1.1 198.1.1.0 0.0.0.255 eq www
access-list 101 permit tcp host 210.1.1.2 198.1.1.0 0.0.0.255 eq www
! Next statements meet Criterion 2
access-list 101 deny tcp host 210.1.1.1 198.1.1.0 0.0.0.255 lt 1023
access-list 101 deny tcp host 210.1.1.2 198.1.1.0 0.0.0.255 lt 1023
! Next statement meets criterion 4
access-list 101 permit ip 210.1.1.0 0.0.0.255 198.1.1.0 0.0.0.255
!Default meets Criterion 6
!
interface serial 0
ip access-group 101
!
interface serial 1
ip access-group 101