当前位置:网站首页>标准ACL与扩展ACL
标准ACL与扩展ACL
2022-07-07 16:36:00 【陈叉叉__】
标准ACL
R0基本配置
int f0/0
ip add 192.168.10.254 255.255.255.0
no shutdown
int f0/1
ip add 76.12.16.133 255.255.255.252
no shut
R1基本配置
int f0/0
ip add 76.12.32.254 255.255.255.0
no shut
int f0/1
ip add 76.12.16.134 255.255.255.252
no shut
再分别给R1、R2配置默认路由
R1
ip route 0.0.0.0 0.0.0.0 76.12.16.133 #76.12.16.133为本路由器的所连接的下一跳地址,也可写为本路由器所连接的下一跳端口号
R2
ip route 0.0.0.0 0.0.0.0 76.12.16.134 #同上
标准ACL靠近目的地址的路由器上
在R1上配置标准ACL
标准ACL的编号1-99
ip access-list 1 permit host 192.168.10.100
ip access-list 1 deny host 192.168.10.1
interface f0/1
ip access-group 1 in
扩展ACL
R0基本配置
int f0/0
ip add 192.168.10.254 255.255.255.0
no shutdown
int f0/1
ip add 76.12.16.133 255.255.255.252
no shut
R1基本配置
int f0/0
ip add 76.12.32.254 255.255.255.0
no shut
int f0/1
ip add 76.12.16.134 255.255.255.252
no shut
再分别给R1、R2配置默认路由
R1
ip route 0.0.0.0 0.0.0.0 76.12.16.133 #76.12.16.133为本路由器的所连接的下一跳地址,也可写为本路由器所连接的下一跳端口号
R2
ip route 0.0.0.0 0.0.0.0 76.12.16.134 #同上
扩展ACL配置在靠近源地址的路由器上
在R0上配置扩展ACL
扩展ACL的编号100-199
需要协议、源IP、源端口、目的IP、目的端口都匹配
ip access-list 100 deny icmp host 192.168.10.1 host 76.12.32.1 #拒接来自192.168.10.1主机去往76.12.32.1主机的ping包
ip access-list 100 permit ip any any #允许所有
interface f0/1
ip access-group 100 out #将ACL应用到出接口
边栏推荐
- SQLite SQL exception near "with": syntax error
- 【Unity Shader】插入Pass实现模型遮挡X光透视效果
- 现在网上期货开户安全吗?国内有多少家正规的期货公司?
- DataSimba推出微信小程序,DataNuza接受全场景考验? | StartDT Hackathon
- 数学分析_笔记_第11章:Fourier级数
- Hutool - 轻量级 DB 操作解决方案
- 讨论 | AR 应用落地前,要做好哪些准备?
- PIP related commands
- Chapter 1 Introduction to CRM core business
- Chapter 3 business function development (to remember account and password)
猜你喜欢
数学分析_笔记_第11章:Fourier级数
[paper sharing] where's crypto?
手撕Nacos源码(先撕客户端源码)
CVPR 2022丨学习用于小样本语义分割的非目标知识
Slider plug-in for swiper left and right switching
Tear the Nacos source code by hand (tear the client source code first)
Kubernetes DevOps CD工具对比选型
What skills can you master to be a "master tester" when doing software testing?
Debian10 compile and install MySQL
性能测试过程和计划
随机推荐
AntiSamy:防 XSS 攻击的一种解决方案使用教程
Yearning-SQL审核平台
Import requirements in batches during Yolo training Txt
What are the financial products in 2022? What are suitable for beginners?
Personal best practice demo sharing of enum + validation
3分钟学会制作动态折线图!
Click on the top of today's headline app to navigate in the middle
Introduction de l'API commune de programmation de socket et mise en œuvre de socket, select, Poll et epoll
Management by objectives [14 of management]
Interviewer: why is the page too laggy and how to solve it? [test interview question sharing]
财富证券证券怎么开户?通过链接办理股票开户安全吗
云景网络科技面试题【杭州多测师】【杭州多测师_王sir】
Summary of debian10 system problems
【demo】循环队列及条件锁实现goroutine间的通信
zdog. JS rocket turn animation JS special effects
SD_DATA_SEND_SHIFT_REGISTER
Machine vision (1) - Overview
云安全日报220707:思科Expressway系列和网真视频通信服务器发现远程攻击漏洞,需要尽快升级
Hutool - 轻量级 DB 操作解决方案
Pro2: modify the color of div block