基础配置
[pc1]int g0/0/0
[pc1-GigabitEthernet0/0/0]ip add 192.168.1.10 24
[pc2]int g0/0/0
[pc2-GigabitEthernet0/0/0]ip add 192.168.1.20 24
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.168.1.1 24
[r1-GigabitEthernet0/0/0]int g0/0/1
[r1-GigabitEthernet0/0/1]ip add 192.168.2.1 24
[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 192.168.2.2 24
PC1不能pingR1,但可以TelnetR1
[r1]acl 3001
[r1-acl-adv-3001]rule deny icmp source 192.168.1.10 0 destination 192.168.1.1 0
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]traffic-filter inbound acl 3001
.
PC1能pingR2,但不能TelnetR2
[r1]acl 3002
[r1-acl-adv-3002]rule deny tcp source 192.168.1.10 0 destination 192.168.2.2 0 destination-port eq 23
[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]traffic-filter inbound acl 3002
PC2所有条件与PC1相反
[r2]acl 3003
[r2-acl-adv-3003]rule deny icmp source 192.168.1.20 0 destination 192.168.2.2 0
[r2-acl-adv-3003]int g0/0/0
[r2-GigabitEthernet0/0/0]traffic-filter inbound acl 3003
[r1-acl-adv-3002]acl 3004
[r1-acl-adv-3004]rule deny tcp source 192.168.1.20 0 destination 192.168.1.1 0 destination-port eq 23
[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]traffic-filter outbound acl 3004
1419
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
