HCNA-41 配置基本的访问控制列表ACL2000
HCNA-41 配置基本的访问控制列表ACL2000<Huawei>system-viewsysnamer1interfaceloopback 0ipaddress 1.1.1.1 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.13.1 24 quitospf1area0authentication-modemd5 1 cipher admin1234network1.1.1.1 0.0.0.0network172.16.13.0 0.0.0.255return <Huawei>system-viewsysnamer2interfaceloopback 0ipaddress 2.2.2.2 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.23.2 24 quitospf1area0authentication-modemd5 1 cipher admin1234network2.2.2.2 0.0.0.0network172.16.23.0 0.0.0.255return <Huawei>system-viewsysnamer3interfaceloopback 0ipaddress 3.3.3.3 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.13.3 24interfaceGigabitEthernet 0/0/1ipaddress 172.16.23.3 24interfaceGigabitEthernet 0/0/2ipaddress 172.16.34.3 24 quitospf1area0authentication-modemd5 1 cipher admin1234network3.3.3.3 0.0.0.0network172.16.13.0 0.0.0.255network172.16.23.0 0.0.0.255network172.16.34.0 0.0.0.255return <Huawei>system-viewsysnamer4interfaceloopback 0ipaddress 4.4.4.4 32interfaceGigabitEthernet 0/0/0ipaddress 172.16.34.4 24 quitospf1area0authentication-modemd5 1 cipher admin1234network4.4.4.4 0.0.0.0network172.16.34.0 0.0.0.255returnuser-interfacevty 0 4authentication-modepasswordPleaseconfigure the login password (maximum length 16):admin1234acl2000//创建ACL2000基本访问控制列表rule5 permit source 1.1.1.1 0//规则5允许源IP 精确匹配通过rule10 deny source any//规则10 拒绝所有源IP通过acl2000 inbound//配置在VTY中调用ACL2000配置 使用inbound R4的数据入方向上调用<r1>telnet-a 1.1.1.1 4.4.4.4//使用源IP 1.1.1.1 telnet访问4.4.4.4Press CTRL_] to quit telnet modeTrying 4.4.4.4 ...Connected to 4.4.4.4 ...LoginauthenticationPassword:<r4> <r2>telnet-a 2.2.2.2 4.4.4.4Press CTRL_] to quit telnet modeTrying 4.4.4.4 ...Error: Can't connect to the remote host <r4>displayacl all//查看所有ACL列表 Total quantity of nonempty ACL number is 1 BasicACL 2000, 2 rulesAcl'sstep is 5 rule 5 permit source 1.1.1.1 0 (1 matches) rule 10 deny (4 matches) rule9 permit source 2.2.2.2 0displayacl all Total quantity of nonempty ACL number is 1 BasicACL 2000, 3 rulesAcl'sstep is 5 rule 5 permit source 1.1.1.1 0 (1 matches) rule 9 permit source 2.2.2.2 0 (1 matches) rule 10 deny (4 matches)<r2>telnet-a 2.2.2.2 4.4.4.4Press CTRL_] to quit telnet modeTrying 4.4.4.4 ...Connected to 4.4.4.4 ...LoginauthenticationPassword:<r4>
页:
[1]
