ACL实验报告

发布时间:2024年01月18日

一、实验拓扑

二、实验要求

1.pc1可以访问telnet r1,不能ping r1

2.pc1不能访问telnet r2,但是可以ping r2

3.pc2不可以访问telnet r1,但是可以ping r1

4.pc2能访问telnet r2,但不可以pping r2

三、实验步骤

[pc1]int g0/0/0
[pc1-GigabitEthernet0/0/0]ip add 192.168.1.10 24

[pc1-GigabitEthernet0/0/0]quit

[pc1]ip route-static 0.0.0.0 0 192.168.1.254

[pc2]int g0/0/0
[pc2-GigabitEthernet0/0/0]ip add 192.168.1.11 24

[pc2-GigabitEthernet0/0/0]quit

[pc2]ip route-static 0.0.0.0 0 192.168.1.254

[r1]int g0/0/1
[r1-GigabitEthernet0/0/1]ip add 192.168.2.1 24
[r1-GigabitEthernet0/0/1]int g0/0/0
[r1-GigabitEthernet0/0/0]ip add 192.1168.1.1 24

[r2]int g0/0/0
[r2-GigabitEthernet0/0/0]ip add 192.168.2.2 24

[r2-GigabitEthernet0/0/0]quit

检验是否全网通

配置telnet

[r1]aaa
[r1-aaa]local-user wangdaye privilege level 15 password cipher wdy123

[r1-aaa]local-user wangdaye service-type telnet
[r1-aaa]quit
[r1]user-interface vty 0 4?
[r1-ui-vty0-4]authentication-mode aaa
[r1-ui-vty0-4]quit

[r2]aaa

[r2-aaa]local-user zhangdaye privilege level 15 password cipher zdy123
[r2-aaa]]local-user zhangdaye service-type telnet
[r2-aaa]quit
[r2]user-interface vty 0 4
[r2-ui-vty0-4]authentication-mode aaa
[r2-ui-vty0-4]quit

配置ACL

[r1]acl 3000? ??
[r1-acl-adv-3000]rule deny icmp source 192.168.1.10 0.0.0.0 destination 192.168.
1.254 0.0.0.0
[r1-acl-adv-3000]rule deny icmp source 192.168.1.10 0.0.0.0 destination 192.168.
2.1 0.0.0.0
[r1-acl-adv-3000]rule deny tcp source 192.168.1.10 0.0.0.0 destinatio
n 192.168.2.2 0.0.0.0 destination-port eq 23

[r1-acl-adv-3000]rule deny tcp source 192.168.1.11 0.0.0.0 destination 192.168.1
.254 0.0.0.0 destination-port eq 23
[r1-acl-adv-3000]rule deny tcp source 192.168.1.11 0.0.0.0 destination 192.168.
2.1 0.0.0.0 destination-port eq 23

[r1-acl-adv-3000]rule deny icmp source 192.168.1.11 0.0.0.0 destination 192.168.
2.2 0.0.0.0

[r1]int g0/0/0
[r1-GigabitEthernet0/0/0]traffic-filter inbound acl 3000
[r1-GigabitEthernet0/0/0]quit

测试

文章来源:https://blog.csdn.net/2301_80296870/article/details/135662022
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。