1. Trang chủ
  2. » Công Nghệ Thông Tin

Cisco IOS và ACL

13 357 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 13
Dung lượng 197,27 KB

Nội dung

Đề tài 16: Cisco IOS ACL Bùi Hồng Nhung Lều Thị Lan Nomintsetseg.J :20111947 :20111775 :20114660 Cisco IOS • User mode: Router> • Privileged mode: enable Router# • Configuration mode: configure terminal Router(config)# Router(config-if)# Cisco IOS • Đặt Hostname cho Router: Router(config)#hostname Worker Worker(config)# • Banner cho Router: Worker(config)#banner motd "Xin chao cac ban!!!" Worker(config)#end Cisco IOS • Đặt mật cho Router Worker(config)#enable secret ccna (md5) Worker(config)#enable password ccna (md7) • Đặt mật cho Telnet, Console AUX Worker(config)#line vty 4|console 0|aux Worker(config-line)#password cisco Worker(config-line)#login Topo mạng Mạng Marketing (IPv4) Cấu hình Standard ACL • Mạng Marketing Marketing (config)#access-list 99 permit host 10.2.2.10 Marketing (config)#line vty 15 Marketing (config-if)#access-class 99 in Marketing (config)#int g0/1 Marketing (config-if)#ip access-group 99 in Cấu hình Numbered-Extended ACL • Mạng Marketing Marketing(config)#ip access-list extended 101 Marketing(config-ext-nacl)# permit icmp host 10.2.3.11 10.2.1.0 0.0.0.255 echo Marketing(config-ext-nacl)# permit tcp host 10.2.3.12 10.2.1.0 0.0.0.255 eq www Marketing(config)#int g0/2 Marketing(config-if)#ip access-group 101 in Cấu hình Named-Extended ACL Mạng Marketing Marketing(config)#ip access-list extended Marketing Marketing(config-ext-nacl)#permit tcp 10.2.1.0 0.0.0.255 host 10.3.0.10 eq www Marketing(config-ext-nacl)#permit tcp 10.2.1.0 0.0.0.255 host 10.3.0.20 eq www Marketing(config-ext-nacl)#permit tcp 10.2.1.0 0.0.0.255 host 10.3.0.30 eq ftp Marketing(config-ext-nacl)#deny tcp any any Marketing(config-ext-nacl)#exit Marketing(config)#int s0/3/0 Marketing(config-if)#ip access-group Marketing out Mạng Engineer (IPv6) Cấu hình ACL IPv6 • Mạng Engineer Worker(config)#ipv6 access-list WORKER Worker(config-ipv6-acl)#permit tcp host 2001:db8:1::10 host 2001:db8:4::40 eq www Worker(config-ipv6-acl)#permit tcp host 2001:db8:1::11 host 2001:db8:4::40 eq www Worker(config-ipv6-acl)#permit tcp host 2001:db8:1::12 host 2001:db8:4::50 eq www Worker(config-ipv6-acl)#permit tcp host 2001:db8:1::13 host 2001:db8:4::50 eq www Worker(config-ipv6-acl)#exit Worker(config)#int g0/0 Worker(config-if)#ipv6 traffic-filter WORKER in Cấu hình ACL IPv6 Mạng Engineer Engineer(config)#ipv6 access-list SERVER Engineer (config-ipv6-acl)#permit ipv6 2001:db8:4::/64 2001:db8:5::/64 Engineer (config-ipv6-acl)#exit Engineer (config)#int g0/0 Engineer (config-if)#ipv6 traffic-filter SERVER out Engineer (config-if)#exit Cấu hình Named-Extended ACL Mạng Engineer Engineer(config)#ip access-list extended DualStack Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.10 eq www Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.20 eq www Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.30 eq ftp Engineer (config-ext-nacl)#exit Engineer (config)#int s0/3/0 Engineer (config-if)#ip access-group DualStack out [...]...Cấu hình ACL IPv6 • Mạng Engineer Worker(config)#ipv6 access-list WORKER Worker(config-ipv6 -acl) #permit tcp host 2001:db8:1::10 host 2001:db8:4::40 eq www Worker(config-ipv6 -acl) #permit tcp host 2001:db8:1::11 host 2001:db8:4::40 eq www Worker(config-ipv6 -acl) #permit tcp host 2001:db8:1::12 host 2001:db8:4::50 eq www Worker(config-ipv6 -acl) #permit tcp host 2001:db8:1::13... Worker(config-ipv6 -acl) #exit Worker(config)#int g0/0 Worker(config-if)#ipv6 traffic-filter WORKER in Cấu hình ACL IPv6 Mạng Engineer Engineer(config)#ipv6 access-list SERVER Engineer (config-ipv6 -acl) #permit ipv6 2001:db8:4::/64 2001:db8:5::/64 Engineer (config-ipv6 -acl) #exit Engineer (config)#int g0/0 Engineer (config-if)#ipv6 traffic-filter SERVER out Engineer (config-if)#exit Cấu hình Named-Extended ACL Mạng... Engineer Engineer(config)#ip access-list extended DualStack Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.10 eq www Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.20 eq www Engineer (config-ext-nacl)#permit tcp 10.1.1.0 0.0.0.255 host 10.3.0.30 eq ftp Engineer (config-ext-nacl)#exit Engineer (config)#int s0/3/0 Engineer (config-if)#ip access-group DualStack

Ngày đăng: 21/01/2016, 23:53

Xem thêm

TỪ KHÓA LIÊN QUAN

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN

w