ACL小实验
首先给服务端开启远程登录功能–以r2为例
[r2]aaa
[r2-aaa]local-user qz privilege level 15 password cipher 123456
Info: Add a new user.
[r2-aaa]local-user qz service-type telnet
[r2]user-interface vty 0 4
[r2-ui-vty0-4]authentication-mode aaa
[r2-ui-vty0-4]
根据题中要求写ACL配置–以r1为例
[r1-acl-adv-3000]rule deny icmp source 192.168.1.2 0 destination 192.168.1.1 0
[r1-acl-adv-3000]rule deny tcp source 192.168.1.2 0 destination 192.168.2.2 0 de
stination-port eq 23
其中要使PC1和PC2可以和r2可通需要进行下一跳–以r2和PC2为例
[r2]ip route-static 192.168.1.0 24 192.168.2.1
[Huawei]ip route-static 192.168.2.0 24 192.168.1.1
最终结果
PC1
PC2