ACL基本高级配置_app

概述1.前段配置： r1: <Huawei>u t m <Huawei>system-view [Huawei]sysname r1 [r1]interface GigabitEthernet 0/0/1 [r1-GigabitEthernet0/0/1]ip address 192.168.12.1 24 [r1]interface GigabitEthernet 0/0/2 [r1-Gigabit

1.前段配置：
r1:
<Huawei>u t m
<Huawei>system-vIEw
[Huawei]sysname r1
[r1]interface GigabitEthernet 0/0/1
[r1-GigabitEthernet0/0/1]ip address 192.168.12.1 24
[r1]interface GigabitEthernet 0/0/2
[r1-GigabitEthernet0/0/2]ip address 192.168.13.1 24
[r1]interface GigabitEthernet 0/0/0
[r1-GigabitEthernet0/0/0]ip address 1.1.1.254 24
[r1]display ip interface brIEf
[r1]ip route-static 192.168.1.0 24 192.168.12.2
[r1]ip route-static 192.168.10.0 24 192.168.12.2
[r1]ip route-static 192.168.20.0 24 192.168.12.2
[r1]ip route-static 192.168.30.0 24 192.168.13.2
[r1]ip route-static 192.168.1.0 24 192.168.13.2
R2:
<Huawei>u t m
<Huawei>system-vIEw
[Huawei]sysname r2
[r2]interface GigabitEthernet 0/0/1
[r2-GigabitEthernet0/0/1]ip address 192.168.10.254 24
[r2]interface GigabitEthernet 0/0/2
[r2-GigabitEthernet0/0/2]ip address 192.168.20.254 24
[r2]interface GigabitEthernet 0/0/0
[r2-GigabitEthernet0/0/0]ip address 192.168.12.2 24
<r2>display ip interface brIEf
[r2]ip route-static 0.0.0.0 0.0.0.0 192.168.12.1
R3:
<Huawei>u t m
<Huawei>system-vIEw
[Huawei]sysname r3
[r3]interface GigabitEthernet 0/0/1
[r3-GigabitEthernet0/0/1]ip address 192.168.30.254 24
[r3]interface GigabitEthernet 0/0/2
[r3-GigabitEthernet0/0/2]ip address 192.168.1.254 24
[r3]interface GigabitEthernet 0/0/0
[r3-GigabitEthernet0/0/0]ip address 192.168.13.2 24
<r3>display ip interface brIEf
[r3]ip route-static 0.0.0.0 0.0.0.0 192.168.13.1
WG:
<Huawei>u t m
<Huawei>system-vIEw
[Huawei]sysname WG
[WG]interface GigabitEthernet 0/0/0
[WG-GigabitEthernet0/0/0]ip address 192.168.10.1 24
[WG]ip route-static 0.0.0.0 0.0.0.0 192.168.10.254

2.在r1设置远程与基本ACL：
[r1]acl 2000
[r1-acl-basic-2000]rule 5 permit source 192.168.10.1 0.0.0.0
[r1-acl-basic-2000]rule 10 deny source any
[r1-acl-basic-2000]quit
[r1]user-interface vty 0 4
[r1-ui-vty0-4]acl 2000 inbound
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]user privilege level 3
[r1-ui-vty0-4]aaa
[r1-aaa]local-user tata password cipher 123
[r1-aaa]local-user tata service-type telnet

3.设置高级ACL:
R2:
[r2]acl 3000
[r2-acl-adv-3000]rule 5 permit ip source 192.168.20.1 0 destination 192.168.10.1 0
[r2-acl-adv-3000]rule 10 permit ip source 192.168.20.1 0 destination 1.1.1.1 0
[r2-acl-adv-3000]rule 15 permit tcp source 192.168.20.1 0 destination 192.168.1.1 0 destination-port eq 80
[r2-acl-adv-3000]rule 20 deny ip source any
[r2-acl-adv-3000]quit
[r2]interface GigabitEthernet 0/0/2
[r2-GigabitEthernet0/0/2]traffic-filter inbound acl 3000

R3:[r3]acl 3000[r3-acl-adv-3000]rule 5 permit ip source 192.168.30.1 0 destination 192.168.10.1 0[r3-acl-adv-3000]rule 10 permit tcp source 192.168.30.1 0 destination 192.168.1.1 0 destination-port eq 80[r3-acl-adv-3000]rule 15 deny ip source any[r3-acl-adv-3000]quit[r3]interface GigabitEthernet 0/0/1 [r3-GigabitEthernet0/0/1]traffic-filter inbound acl 3000

总结

以上是内存溢出为你收集整理的ACL基本/高级配置全部内容，希望文章能够帮你解决ACL基本/高级配置所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。

欢迎分享，转载请注明来源：内存溢出

原文地址: http://outofmemory.cn/web/1080298.html