Practice Building Extended Numbered Access Control Lists

1.) Permit traffic from web client 10.1.2.1, sent to a web server in subnet 10.1.3.0/24

We need to create an ACL that allows client 10.1.2.1 access to the web server on 10.1.3.0/24. Below is how we do that.

Step 1: input the access-list command and use the permit function
R1(config)#access-list 110 permit


Step 2: Define the protocol type, we know that web traffic is a TCP header so use TCP
R1(config)#access-list 110 permit tcp

Step 3: Input the source IP
R1(config)#access-list 110 permit tpc host 10.1.2.1

notice that we used the host command and then just the IP of the client, this is because the question did not ask to add the subnet on which that client exists. 

Step 4: Define the destination network
R1(config)#access-list 110 permit tcp host 10.1.2.1 10.1.3.0 0.0.0.255

The question asked to define the subnet of the web server not just the web server

Step 5: Filter by traffic equaling port 80 or web traffic
R1(config)#access-list 110 permit tcp host 10.1.2.1 10.1.3.0 0.0.0.255 eq www
or
R1(config)#access-list 110 permit tcp host 10.1.2.1 10.1.3.0 0.0.0.255 eq 80

2.) Permit telnet client traffic from 172.16.4.3/25 to a telnet server in subnet 172.16.3.0/25 match all hosts in the client subnet.

R1(config)#access-list 112 permit tcp 172.16.4.0 0.0.0.127 172.16.3.0 0.0.0.127 eq telnet