ACL访问控制实验与NAT实验

ACL访问控制实验

SW1代码：

The device is running!

<Huawei>sys
Enter system view, return user view with Ctrl+Z.
[Huawei]sys LSW1
[LSW1]
Apr 13 2021 16:55:52-08:00 LSW1 DS/4/DATASYNC_CFGCHANGE:OID 1.3.6.1.4.1.2011.5.2
5.191.3.1 configurations have been changed. The current change number is 4, the 
change loop count is 0, and the maximum number of records is 4095.
[LSW1]undo inf	
[LSW1]undo info-center e	
[LSW1]undo info-center enable 
Info: Information center is disabled.
[LSW1]int e0/0/1
[LSW1-Ethernet0/0/1]p l a
[LSW1-Ethernet0/0/1]p d v 10   //给1接口打上vlan10
Error: The VLAN does not exist.
[LSW1-Ethernet0/0/1]q
[LSW1]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[LSW1]int e0/0/1
[LSW1-Ethernet0/0/1]p l a
[LSW1-Ethernet0/0/1]p d v 10   //1接口打上vlan10
[LSW1-Ethernet0/0/1]int e0/0/3
[LSW1-Ethernet0/0/3]p l a
[LSW1-Ethernet0/0/3]p d v 10   //3接口打上vlan10
[LSW1-Ethernet0/0/3]int e0/0/2
[LSW1-Ethernet0/0/2]p l a
[LSW1-Ethernet0/0/2]p d v 20       //2接口打上vlan20
[LSW1-Ethernet0/0/2]int e0/0/4
[LSW1-Ethernet0/0/4]p l a
[LSW1-Ethernet0/0/4]p d v 20         //4接口打上vlan20
[LSW1-Ethernet0/0/4]
<LSW1>
<LSW1>sys
Enter system view, return user view with Ctrl+Z.
[LSW1]int e0/0/5 
[LSW1-Ethernet0/0/5]p l t
[LSW1-Ethernet0/0/5]p t a v a       //给5接口打通隧道
[LSW1-Ethernet0/0/5]int e0/0/1
[LSW1-Ethernet0/0/1]q
[LSW1]acl num 2000                  //使用编号创建一个基本acl 
[LSW1-acl-basic-2000]rule 5 source 192.168.1.0 0.0.0.255
                            ^
Error: Unrecognized command found at '^' position.
[LSW1-acl-basic-2000]rule 5 deny source 192.168.1.0 0.0.0.255   //创建一个规则
[LSW1-acl-basic-2000]q
[LSW1]int e0/0/2
[LSW1-Ethernet0/0/2]traffi	
[LSW1-Ethernet0/0/2]traffic-f	
[LSW1-Ethernet0/0/2]traffic-filter out