|
HCNA-42 配置高级的访问控制列表ACL3000
<Huawei>system-view [Huawei]sysnamer1 [r1]interfaceloopback 0 [r1-LoopBack0]ipaddress 1.1.1.1 32 [r1-LoopBack0]interfaceGigabitEthernet 0/0/0 [r1-GigabitEthernet0/0/0]ipaddress 172.16.13.1 24 [r1-GigabitEthernet0/0/0]quit [r1]ospf1 [r1-ospf-1]area0 [r1-ospf-1-area-0.0.0.0]authentication-modemd5 1 cipher admin1234 [r1-ospf-1-area-0.0.0.0]network1.1.1.1 0.0.0.0 [r1-ospf-1-area-0.0.0.0]network172.16.13.0 0.0.0.255 [r1-ospf-1-area-0.0.0.0]return <Huawei>system-view [Huawei]sysnamer2 [r2]interfaceloopback 0 [r2-LoopBack0]ipaddress 2.2.2.2 32 [r2-LoopBack0]interfaceGigabitEthernet 0/0/0 [r2-GigabitEthernet0/0/0]ipaddress 172.16.23.2 24 [r2-GigabitEthernet0/0/0]quit [r2]ospf1 [r2-ospf-1]area0 [r2-ospf-1-area-0.0.0.0]authentication-modemd5 1 cipher admin1234 [r2-ospf-1-area-0.0.0.0]network2.2.2.2 0.0.0.0 [r2-ospf-1-area-0.0.0.0]network172.16.23.0 0.0.0.255 [r2-ospf-1-area-0.0.0.0]return <Huawei>system-view [Huawei]sysnamer3 [r3]interfaceloopback 0 [r3-LoopBack0]ipaddress 3.3.3.3 32 [r3-LoopBack0]interfaceGigabitEthernet 0/0/0 [r3-GigabitEthernet0/0/0]ipaddress 172.16.13.3 24 [r3-GigabitEthernet0/0/0]interfaceGigabitEthernet 0/0/1 [r3-GigabitEthernet0/0/1]ipaddress 172.16.23.3 24 [r3-GigabitEthernet0/0/1]interfaceGigabitEthernet 0/0/2 [r3-GigabitEthernet0/0/2]ipaddress 172.16.34.3 24 [r3-GigabitEthernet0/0/2]quit [r3]ospf1 [r3-ospf-1]area0 [r3-ospf-1-area-0.0.0.0]network3.3.3.3 0.0.0.0 [r3-ospf-1-area-0.0.0.0]network172.16.13.0 0.0.0.255 [r3-ospf-1-area-0.0.0.0]network172.16.23.0 0.0.0.255 [r3-ospf-1-area-0.0.0.0]network172.16.34.0 0.0.0.255 [r3-ospf-1-area-0.0.0.0]authentication-modemd5 1 cipher admin1234 [r3-ospf-1-area-0.0.0.0]return <Huawei>system-view [Huawei]sysnamer4 [r4]interfaceloopback 0 [r4-LoopBack0]ipaddress 4.4.4.4 32 [r4-LoopBack0]interfaceloopback 1 [r4-LoopBack1]ipaddress 40.40.40.40 32 [r4-LoopBack1]interfaceGigabitEthernet 0/0/0 [r4-GigabitEthernet0/0/0]ipaddress 172.16.34.4 24 [r4-GigabitEthernet0/0/0]quit [r4]ospf1 [r4-ospf-1]area0 [r4-ospf-1-area-0.0.0.0]authentication-modemd5 1 cipher admin1234 [r4-ospf-1-area-0.0.0.0]network4.4.4.4 0.0.0.0 [r4-ospf-1-area-0.0.0.0]network40.40.40.40 0.0.0.0 [r4-ospf-1-area-0.0.0.0]network172.16.34.0 0.0.0.255 [r4-ospf-1-area-0.0.0.0]return [r4]user-interfacevty 0 4 [r4-ui-vty0-4]authentication-modeaaa [r4-ui-vty0-4]aaa [r4-aaa]local-userzurkj password cipher admin1234 privilege level 15 [r4-aaa]local-userzurkj service-type telnet [r4-aaa]return [r4]acl3000 //配置高级ACL 3000 [r4-acl-adv-3000]step10 //配置步长为10 [r4-acl-adv-3000]rulepermit ip source 1.1.1.1 0 destination4.4.4.4 0 //规则允许源IP1.1.1.1访问目的IP4.4.4.4 l[r4-acl-adv-3000]displayacl all //查看所有ACL Total quantity of nonempty ACL number is 1 AdvancedACL 3000, 1 rule Acl'sstep is 10 rule 10 permit ip source 1.1.1.1 0 destination4.4.4.4 0 [r4]user-interfacevty 0 4 //用户界面 虚拟电传终端 同时5个访问 [r4-ui-vty0-4]acl3000 inbound //调用ACL3000 入站方向
| 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-2-5 17:40:49
