ACL练习题

题目如图：

先配置IP，以及AR1、AR2启动telnet服务：

在AR1添加ACL 3000并在GE0/0/1入口注册启用:

[R1]display acl 3000
Advanced ACL 3000, 6 rules
Acl's step is 5
 rule 5 deny icmp source 192.168.1.1 0 destination 192.168.1.3 0 
 rule 10 deny icmp source 192.168.1.1 0 destination 192.168.2.1 0 (5 matches)
 rule 15 deny tcp source 192.168.1.1 0 destination 192.168.2.2 0 destination-por
t eq telnet (5 matches)
 rule 20 deny tcp source 192.168.1.2 0 destination 192.168.1.3 0 destination-por
t eq telnet 
 rule 25 deny tcp source 192.168.1.2 0 destination 192.168.2.1 0 destination-por
t eq telnet 
 rule 30 deny icmp source 192.168.1.2 0 destination 192.168.2.2 0 

测试结果：

PC1:

<Pc1>ping 192.168.2.2
  PING 192.168.2.2: 56  data bytes, press CTRL_C to break
    Reply from 192.168.2.2: bytes=56 Sequence=1 ttl=254 time=140 ms
    Reply from 192.168.2.2: bytes=56 Sequence=2 ttl=254 time=170 ms
    Reply from 192.168.2.2: bytes=56 Sequence=3 ttl=254 time=80 ms

  --- 192.168.2.2 ping statistics ---
    3 packet(s) transmitted
    3 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 80/130/170 ms

<Pc1>ping 192.168.2.1
  PING 192.168.2.1: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out

  --- 192.168.2.1 ping statistics ---
    4 packet(s) transmitted
    0 packet(s) received
    100.00% packet loss


<Pc1>telnet 192.168.2.1
Trying 192.168.2.1 ...
Press CTRL+K to abort
Connected to 192.168.2.1 ...

Login authentication


Username:

  Configuration console exit, please retry to log on

Info: The connection was closed by the remote host.
<Pc1>telnet 192.168.2.2
Trying 192.168.2.2 ...
Press CTRL+K to abort

——————————----------------------------------------------------------------
PC2:

<Pc2>ping 192.168.2.1
  PING 192.168.2.1: 56  data bytes, press CTRL_C to break
    Reply from 192.168.2.1: bytes=56 Sequence=1 ttl=255 time=80 ms
    Reply from 192.168.2.1: bytes=56 Sequence=2 ttl=255 time=70 ms
    Reply from 192.168.2.1: bytes=56 Sequence=3 ttl=255 time=100 ms
    Reply from 192.168.2.1: bytes=56 Sequence=4 ttl=255 time=140 ms

  --- 192.168.2.1 ping statistics ---
    4 packet(s) transmitted
    4 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 70/97/140 ms

<Pc2>ping 192.168.2.2
  PING 192.168.2.2: 56  data bytes, press CTRL_C to break
    Request time out
    Request time out
    Request time out
    Request time out

  --- 192.168.2.2 ping statistics ---
    4 packet(s) transmitted
    0 packet(s) received
    100.00% packet loss

<Pc2>telnet 192.168.2.2
Trying 192.168.2.2 ...
Press CTRL+K to abort
Connected to 192.168.2.2 ...

Login authentication


Username:

  Configuration console exit, please retry to log on

Info: The connection was closed by the remote host.
<Pc2>telnet 192.168.2.1
Trying 192.168.2.1 ...
Press CTRL+K to abort