AR1
[R1-aaa]
[R1-aaa]
[R1-aaa]
[R1-aaa]q
[R1]
[R1]in
[R1]interface
[R1]u
[R1]us
[R1]user-interface v
[R1]user-interface vty 0 4
[R1-ui-vty0-4]
[R1-ui-vty0-4]au
[R1-ui-vty0-4]authentication-mode aaa
[R1-ui-vty0-4]
[R1-ui-vty0-4]
[R1-ui-vty0-4]
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<R1>sys
Enter system view, return user view with Ctrl+Z.
[R1]
[R1]
[R1]ac
[R1]ac
[R1]acl 3000
[R1-acl-adv-3000]
[R1-acl-adv-3000]RY
[R1-acl-adv-3000]ru
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny ic
[R1-acl-adv-3000]rule deny icmp s
[R1-acl-adv-3000]rule deny icmp source 192.168.2.2 0.0.0.0 de
[R1-acl-adv-3000]rule deny icmp source 192.168.2.2 0.0.0.0 destination 192.168.2
.1 0.0.0.0
[R1-acl-adv-3000]
[R1-acl-adv-3000]re
[R1-acl-adv-3000]reset
[R1-acl-adv-3000]ru
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny ic
[R1-acl-adv-3000]rule deny icmp s
[R1-acl-adv-3000]rule deny icmp source 192.168.2.2 0.0.0.0 de
[R1-acl-adv-3000]rule deny icmp source 192.168.2.2 0.0.0.0 destination 192.168.1
.1 0.0.0.0
[R1-acl-adv-3000]
[R1-acl-adv-3000]dis
[R1-acl-adv-3000]display this
[R1-acl-adv-3000]display this
[V200R003C00]
#
acl number 3000
rule 5 deny icmp source 192.168.2.2 0 destination 192.168.2.1 0
rule 10 deny icmp source 192.168.2.2 0 destination 192.168.1.1 0
#
return
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]q
[R1]
[R1]in
[R1]info-center
[R1]interface g 0/0/1
[R1-GigabitEthernet0/0/1]tr
[R1-GigabitEthernet0/0/1]tracert
[R1-GigabitEthernet0/0/1]traffic-filter in
[R1-GigabitEthernet0/0/1]traffic-filter inbound ac
[R1-GigabitEthernet0/0/1]traffic-filter inbound acl 3000
[R1-GigabitEthernet0/0/1]
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<R1>sys
Enter system view, return user view with Ctrl+Z.
[R1]ac
[R1]access-user
^
Error:Incomplete command found at '^' position.
[R1]ac
[R1]acl
[R1]access-user
[R1]acl 3000
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]ru
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny tcp
[R1-acl-adv-3000]rule deny tcp a
[R1-acl-adv-3000]rule deny tcp s
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination-port
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 destination-port e
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 destination-port eq t
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 destination-port eq tacacs
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 destination-port eq talk
[R1-acl-adv-3000]rule deny tcp source 192.168.2.2 0.0.0.0 destination 192.168.1.
2 0.0.0.0 destination-port eq telnet
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]dis
[R1-acl-adv-3000]display this
[V200R003C00]
#
acl number 3000
rule 5 deny icmp source 192.168.2.2 0 destination 192.168.2.1 0
rule 10 deny icmp source 192.168.2.2 0 destination 192.168.1.1 0
rule 15 deny tcp source 192.168.2.2 0 destination 192.168.1.2 0 destination-por
t eq telnet
#
return
[R1-acl-adv-3000]q
[R1]
[R1]in
[R1]info-center
[R1]interface g 0/0/1
[R1-GigabitEthernet0/0/1]dis
[R1-GigabitEthernet0/0/1]discard
[R1-GigabitEthernet0/0/1]display
[R1-GigabitEthernet0/0/1]discard
[R1-GigabitEthernet0/0/1]display this
[V200R003C00]
#
interface GigabitEthernet0/0/1
ip address 192.168.2.1 255.255.255.0
traffic-filter inbound acl 3000
#
return
[R1-GigabitEthernet0/0/1]q
[R1]
[R1]
[R1]ac
[R1]access-user
[R1]acl 3000
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]rule
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny tcp s
[R1-acl-adv-3000]rule deny tcp source192.168.2.3 de
[R1-acl-adv-3000]rule deny tcp source192.168.2.3 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source192.168.2.3 0.0.0.0 des
[R1-acl-adv-3000]rule deny tcp source
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination-port
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.2.
1 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.2.
1 0.0.0.0 destination-port eq
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.2.
1 0.0.0.0 destination-port eq 23
[R1-acl-adv-3000]ru
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny tc
[R1-acl-adv-3000]rule deny tcp s
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination-port
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination192.168.1.1
0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination192.168.1.1
0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.1.
1 0.0.0.0 de
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.1.
1 0.0.0.0 destination-port eq
[R1-acl-adv-3000]rule deny tcp source 192.168.2.3 0.0.0.0 destination 192.168.1.
1 0.0.0.0 destination-port eq 23
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]
[R1-acl-adv-3000]de
[R1-acl-adv-3000]ru
[R1-acl-adv-3000]rule de
[R1-acl-adv-3000]rule deny ic
[R1-acl-adv-3000]rule deny icmp s
[R1-acl-adv-3000]rule deny icmp source 192.168.2.3 0.0.0.0 de
[R1-acl-adv-3000]rule deny icmp source 192.168.2.3 0.0.0.0 destination 192.168.1
.2 0.0.0.0
[R1-acl-adv-3000]q
[R1]
[R1]
[R1]
[R1]
[R1]q
<R1>save
AR2
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys
[Huawei]sysname R2
[R2]in
[R2]info-center
[R2]interface g 0/0/0
[R2-GigabitEthernet0/0/0]ip ad
[R2-GigabitEthernet0/0/0]ip address 192.168.1.2 24
May 8 2024 17:16:01-08:00 R2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[R2-GigabitEthernet0/0/0]q
[R2]
[R2]
[R2]ip r
[R2]ip rd-filter
[R2]ip relay
[R2]ip route
[R2]ip route-static 192.168.2.0 24 192.168.2.1
[R2]undo ip route-static 192.168.2.0 24 192.168.2.1
[R2]ip r
[R2]ip rpf-route-static
[R2]ip rd-filter
[R2]ip relay
[R2]ip route
[R2]ip route-static 192.168.2.0 24 192.168.1.1
[R2]
[R2]
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<R2>sys
Enter system view, return user view with Ctrl+Z.
[R2]
[R2]
[R2]
[R2]aaa
[R2-aaa]lo
[R2-aaa]local-user aaa pr
[R2-aaa]local-user aaa privilege l
[R2-aaa]local-user aaa privilege level 15 p
[R2-aaa]local-user aaa privilege level 15 password c
[R2-aaa]local-user aaa privilege level 15 password cipher 123456
Info: Add a new user.
[R2-aaa]
[R2-aaa]
[R2-aaa]l
[R2-aaa]local-user AAA se
[R2-aaa]local-user AAA service-type te
[R2-aaa]local-user AAA service-type telnet
[R2-aaa]
[R2-aaa]
[R2-aaa]
[R2-aaa]q
[R2]
[R2]us
[R2]user-group
[R2]user-interface vty 0 4
[R2-ui-vty0-4]
[R2-ui-vty0-4]
[R2-ui-vty0-4]au
[R2-ui-vty0-4]authentication-mode aaa
[R2-ui-vty0-4]
[R2-ui-vty0-4]
[R2-ui-vty0-4]
[R2-ui-vty0-4]
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<R2>sa
<R2>save
PC1
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys
[Huawei]sysname PC1
[PC1]in
[PC1]info-center
[PC1]interface g 0/0/0
[PC1-GigabitEthernet0/0/0]ip ad
[PC1-GigabitEthernet0/0/0]ip address 192.168.2.2 24
May 8 2024 17:16:57-08:00 PC1 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[PC1-GigabitEthernet0/0/0]
[PC1-GigabitEthernet0/0/0]
[PC1-GigabitEthernet0/0/0]q
[PC1]
[PC1]
[PC1]ip r
[PC1]ip rd-filter
[PC1]ip relay
[PC1]ip route
[PC1]ip route-static 0.0.0.0 0 192.168.2.1
[PC1]
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<PC1>
<PC1>sys
Enter system view, return user view with Ctrl+Z.
[PC1]
[PC1]te
[PC1]telnet 192.168.1.2
^
Error: Unrecognized command found at '^' position.
[PC1]te
[PC1]test-aaa
^
Error:Incomplete command found at '^' position.
[PC1]te
[PC1]test-packet
[PC1]telnet 192.168.1.2
^
Error: Unrecognized command found at '^' position.
[PC1]q
<PC1>te
<PC1>terminal
<PC1>test-aaa
<PC1>telnet 192.168.1.2
Press CTRL_] to quit telnet mode
Trying 192.168.1.2 ...
Connected to 192.168.1.2 ...
Login authentication
Username:AAA
Password:
Error: Local authentication is rejected.
Logged Fail!
Username:q
Password:
Error: Failed to send authen-req.
Logged Fail!
Username:AAA
Password:
<R2>
<R2>
<R2>
Please check whether system data has been changed, and save data in time
Configuration console time out, please retry to log on
The connection was closed by the remote host
<PC1>
Please check whether system data has been changed, and save data in time
Configuration console time out, please press any key to log on
<PC1>sa
<PC1>save
The current configuration will be written to the device.
Are you sure to continue? (y/n)[n]:y
It will take several minutes to save configuration file, please wait.......
Configuration file had been saved successfully
Note: The configuration file will take effect after being activated
<PC1>
PC2
<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys
[Huawei]sysname PC2
[PC2]in
[PC2]info-center
[PC2]interface g 0/0/0
[PC2-GigabitEthernet0/0/0]ip ad
[PC2-GigabitEthernet0/0/0]ip address 192.168.2.3 24
May 8 2024 17:17:47-08:00 PC2 %%01IFNET/4/LINK_STATE(l)[0]:The line protocol IP
on the interface GigabitEthernet0/0/0 has entered the UP state.
[PC2-GigabitEthernet0/0/0]q
[PC2]
[PC2]
[PC2]ip r
[PC2]ip rd-filter
[PC2]ip relay
[PC2]ip route
[PC2]ip route-static 0.0.0.0 0 192.168.2.1
[PC2]
[PC2]
[PC2]
6506
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
