| Table 1: ACLs on the Router's Lab Interface |
| |
ACL command |
Direction Applied on Ethernet 1 |
Purpose |
| A |
access-list 110 permit tcp any 192.168.1.0 0.0.0.255 eq 3389 |
Outgoing/into lab network |
Allow RDP from anywhere to the lab subnet |
| B |
access-list 120 permit tcp 192.168.1.0 0.0.0.255 any established |
Inbound/out of lab network |
Allow hosts on the lab subnet to respond to connection requests from anywhere |
| C |
Access-list 120 deny ip any 192.168.1.0 0.0.0.255 |
Inbound/out of lab network | Deny all traffic from the lab subnet destined for the corporate subnet not already allowed by rule B |
| D |
Access-list 120 permit ip any any |
Inbound/out of lab network |
Allow the lab outbound access to the Internet |
| E |
Access-list 110 deny ip 192.168.1.0 0.0.0.255 any |
Outgoing/into lab network |
Deny all traffic from the corporate subnet to the lab subnet not allowed by rule A |
| F |
Access-list 110 permit ip any any |
Outgoing/into lab network |
Allow the lab to receive responses from its Internet traffic |