小弟在做到一个ACL实验题时不解,题目是这样:
Q:ACL控制要求
1、Host C should be able to use a web browser(HTTP)to access the Finance Web Server.
2、Other types of access from host C to the Finance Web Server should be blocked.
3、All access from hosts in the Core or local LAN to the Finance Web Server should be blocked.
4、All hosts in the Core and on local LAN should be to access the Public Web Server.
Answer:
前三个都没什么问题和歧异,但是第4个问题题目看了下答案有点不解,题目明明是说“所有的主机在core和本地LAN可以数据通过public WEB server”,
而答案却是access-list 100 permit ip any any ,我的答案应该是:access-list 100 permit ip any host 172.0.0.1 //172.0.0.1为public WEB server
对这个题目确实只有两台服务器,一台Finance Web Server和public WEB server,因为前面几个问题的答案已经把Finance Web Server给deny了,现在其余主机就算不写也可以访问这台public WEB server;我觉得还是应该按照题目的要求做吧