搭建top
PC1配置IP
PC2配置IP
Server1配置IP
Server2配置IP
R1的配置
[R1]int g0/0/0
[R1-GigabitEthernet0/0/0]ip add 192.168.1.254 24
[R1-GigabitEthernet0/0/0]int g0/0/1
[R1-GigabitEthernet0/0/1]ip add 10.1.1.254 24
初始情况下PC1和PC2都能够访问server1和server2
一、现在在R1接口上应用 ACL,使得PC2无法访问server2,放行其他流量
[R1]acl 3000
[R1-acl-adv-3000]rule 5 deny ip source 192.168.1.2 0.0.0.0 destination 10.1.1.2
0.0.0.0
[R1-acl-adv-3000]rule permit ip source any destination any
[R1-acl-adv-3000]dis this
[V200R003C00]
#
acl number 3000
rule 5 deny ip source 192.168.1.2 0 d