Lab:11 扩展访问列表
版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://guyun.blog.51cto.com/71128/24228 |
实验目的:仅允许在192.168.2.16/28网络可以telnetR2的S1端口,而192.168.2.0/28不可以telnet,但是可以通过R2访问到R3
  Router> Router>en Router#con t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host R1 R1(config)#int s0 R1(config-if)#ip add 192.168.2.1 255.255.255.240 R1(config-if)#no sh %LINK-3-UPDOWN: Interface Serial0, changed state to up R1(config-if)#exit R1(config)#route rip R1(config-router)#net 192.168.2.0 R1(config-router)#exit R1(config)#exit R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route Gateway of last resort is not set
192.168.2.0/28 is subnetted, 2 subnets
C 192.168.2.0 is directly connected, Serial0 R 192.168.2.16 [120/1] via 192.168.2.2, 00:03:29, Serial0 R1#ping 192.168.2.18
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.18, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1#ping 192.168.2.17 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.17, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms Router>
Router>en Router#con t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#int s0 Router(config-if)#ip add 192.168.2.2 255.255.255.240 Router(config-if)#clock rate 64000 Router(config-if)#no sh Router(config-if)#exit Router(config)#int s1 Router(config-if)#ip add 192.168.2.17 255.255.255.240 Router(config-if)#clock rate 64000 Router(config-if)#no sh Router(config-if)#exit Router(config)#host R2 R2(config)#route rip R2(config-router)#net 192.168.2.0 R2(config-router)#net 192.168.2.16 R2(config-router)#exit R2(config)#access-list 101 permit tcp 192.168.2.16 0.0.0.15 any eq telnet R2(config)#access-list 102 permit ip 192.168.2.0 0.0.0.15 any log R2(config)#int s0 R2(config-if)#ip access-group 102 in R2(config-if)#exit R2(config)#int s1 R2(config-if)#ip access-group 101 in R2(config-if)#exit R2(config)#lin vty 0 4 R2(config-line)#login R2(config-line)#password test R2(config-line)#exit Router> Router>en Router#con t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host R3 R3(config)#int s0 R3(config-if)#ip add 192.168.2.18 255.255.255.240 R3(config-if)#no sh %LINK-3-UPDOWN: Interface Serial0, changed state to up R3(config-if)#exit R3(config)#route rip R3(config-router)#net 192.168.2.16 R3(config-router)#exit R3(config)#exit 本文出自 “Ж孤云Ж” 博客,请务必保留此出处http://guyun.blog.51cto.com/71128/24228 本文出自 51CTO.COM技术博客 |
Ж孤云Ж
博客统计信息
热门文章
最新评论
友情链接
