VLAN间路由 ACL
SW2主要配置
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW2
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
!
!
hostname SW1
!
!
!
interface FastEthernet0/1
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/2
switchport mode trunk
!
interface FastEthernet0/3
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
ip address 192.168.40.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
!
R1
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation dot1Q 20
ip address 192.168.20.2 255.255.255.0
!
interface FastEthernet0/0.2
encapsulation dot1Q 30
ip address 192.168.30.2 255.255.255.0
!
interface FastEthernet0/0.3
encapsulation dot1Q 1 native
ip address 192.168.40.2 255.255.255.0
!
interface Serial1/0
ip address 192.168.10.1 255.255.255.0
!
router rip
version 2
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
R2
interface FastEthernet0/0
ip address 192.168.50.1 255.255.255.0
ip access-group 10 out
duplex auto
speed auto
!
interface Serial1/0
ip address 192.168.10.2 255.255.255.0
clock rate 64000
!
interface Serial3/0
no ip address
shutdown
!
interface FastEthernet4/0
no ip address
shutdown
!
interface FastEthernet5/0
no ip address
shutdown
!
router rip
version 2
network 192.168.10.0
network 192.168.50.0
!
ip classless
!
!
access-list 10 permit 192.168.30.0 0.0.0.25
access-list 10 deny 192.168.20.0 0.0.0.255
access-list 10 permit any
转载于:https://blog.51cto.com/angf2/552392