Standard ACL and extended ACL

standard ACL

R0 Basic configuration

int f0/0

ip add 192.168.10.254 255.255.255.0

no shutdown

int f0/1

ip add 76.12.16.133 255.255.255.252

no shut

R1 Basic configuration

int f0/0

ip add 76.12.32.254 255.255.255.0

no shut

int f0/1

ip add 76.12.16.134 255.255.255.252

no shut

Then give them to R1、R2 Configure the default route

R1

ip route 0.0.0.0 0.0.0.0 76.12.16.133     #76.12.16.133 It is the next hop address connected to this router , It can also be written as the next hop port number connected to this router

R2

ip route 0.0.0.0 0.0.0.0 76.12.16.134    # ditto

standard ACL On the router near the destination address

stay R1 Upper configuration standard ACL

standard ACL The number of 1-99

ip access-list 1 permit  host 192.168.10.100 

ip access-list 1 deny host 192.168.10.1

interface f0/1

ip access-group 1 in

Expand ACL

R0 Basic configuration

int f0/0

ip add 192.168.10.254 255.255.255.0

no shutdown

int f0/1

ip add 76.12.16.133 255.255.255.252

no shut

R1 Basic configuration

int f0/0

ip add 76.12.32.254 255.255.255.0

no shut

int f0/1

ip add 76.12.16.134 255.255.255.252

no shut

Then give them to R1、R2 Configure the default route

R1

ip route 0.0.0.0 0.0.0.0 76.12.16.133     #76.12.16.133 It is the next hop address connected to this router , It can also be written as the next hop port number connected to this router

R2

ip route 0.0.0.0 0.0.0.0 76.12.16.134    # ditto

Expand ACL It is configured on the router close to the source address

stay R0 Configure extensions on ACL

Expand ACL The number of 100-199

You need an agreement 、 Source IP、 Source port 、 Purpose IP、 The destination ports match

ip access-list 100 deny icmp host 192.168.10.1 host 76.12.32.1    # Reject from 192.168.10.1 The host goes to 76.12.32.1 The host ping package

ip access-list 100 permit ip any any     # Allow all

interface f0/1

ip access-group 100 out                      # take ACL Apply to the out interface