Refer to the exhibit. An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts. Drag and drop the commands into the configuration to achieve these results. Some commands maybe used more than once. Not all commands are used.
SW1(config)# ip access-list extended DENY-HTTP
SW1(config-ext-nacl)# permit tcp host 10.1.1.10 host 10.1.1.20 eq www
SW1(config)# ip access-list extended MATCH_ALL
SW1(config-ext-nacl)# FIELD 1 ip any any
SW1(config)# vlan access-map HOST-A-B 10
SW1(config-access-map)# match ip address DENY-HTTP
SW1(config-access-map)# FIELD 2
SW1(config)# vlan access-map HOST-A-B 20
SW1(config-access-map)# match ip address MATCH_ALL
SW1(config-access-map)# FIELD 3
SW1(config)# vlan filter HOST-A-B vlan 10
permit
|
action drop
|
action forward
|
filter
|
deny
|
match
|
|
FIELD 1
|
permit
|
FIELD 2
|
action drop
|
FIELD 3
|
action forward
|
|