项目五 配置访问控制列表(ACL)V1.0(3)
发布时间:2021-06-08
R3#show ip route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
D 10.1.1.0 [90/21026560] via 23.23.23.2, 00:51:11, Serial1/1
12.0.0.0/24 is subnetted, 1 subnets
D 12.12.12.0 [90/21024000] via 23.23.23.2, 00:51:16, Serial1/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, Serial1/1
172.16.0.0/24 is subnetted, 1 subnets
D 172.16.1.0 [90/20514560] via 23.23.23.2, 00:51:16, Serial1/1
C 192.168.1.0/24 is directly connected, FastEthernet0/0
二、在R1配置ACL
1. 配置
R1(config)#access-list 101 deny tcp 10.1.1.0 0.0.0.255 host 192.168.1.100 eq 80
R1(config)#access-list 101 deny icmp 10.1.1.0 0.0.0.255 any
R1(config)#access-list 101 permit ip any any
R1(config)#int f0/0
R1(config)#ip access-group 101 in
2. 认证
R1#show access-list
Extended IP access list 101
deny tcp 10.1.1.0 0.0.0.255 host 192.168.1.100 eq www
deny icmp 10.1.1.0 0.0.0.255 any
permit ip any any
R1#show ip interface
FastEthernet0/0 is up, line protocol is up (connected)
Internet address is 10.1.1.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is 101
……
项目五 配置访问控制列表(ACL)V1.0(3).doc
将本文的Word文档下载到电脑
下一篇:大型物流园区停车场管理规范
