Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
AR248
#1
This answer seems wrong.

Question requests "which configuration on the branch router makes the intranet website available to the branch office users." The answer does this, but it takes all port 80 traffic to the next hop of 192.168.2.2. This will include all the internet traffic.

I think the answer should be the single ACL answer on G1/0.
Reply
#2
(08-05-2022, 04:48 PM)Kuroneko Wrote: This answer seems wrong.

Question requests "which configuration on the branch router makes the intranet website available to the branch office users." The answer does this, but it takes all port 80 traffic to the next hop of 192.168.2.2. This will include all the internet traffic.

I think the answer should be the single ACL answer on G1/0.
 This does seem to be correct. Intranet traffic uses port 80 as well as internet traffic. So the single access list on Gi1/0 doesn't appear to be complete to stand alone. The next best answer would be the choice with two access list. I except this as the answer because they used the word host, and only the other choice has "tcp any any ". Please let me know your thought. I've had problems with other questions regarding when to use "tcp host" versus "tcp any any".

However, I the reason why the single access list is wrong is due to the "tcp host" refers to a single device as /32 with no destination. "tcp any any " refers to any network and mask source with the destination of any network and source.

tcp any any = (Source) tcp 0.0.0.0 0.0.0.0 any port to (destination) tcp 0.0.0.0 0.0.0. any port  (Allows all traffic on any port from any source to any destination.)

tcp host = 0.0.0.0/32 ( basically, just this host ) 
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)