推荐点击下面图片,通过本站淘宝优惠价购买:
acc-list 1 permit 192168.1.0 0.0.0.255
acc-list 1 permit 172.16.1.0 0.0.0.255
ip nat inside soucre list 1 int fax/x overload
默认下三层上由于有vlan间路由, 三个vlan都能互相访问
用自反ACL来实现此要求 vlan10可以访问vlan20 ,vlan20不能访问vlan10
ip acc-list extend cisco-in
permit ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255 reflect cisco1
permit ip any any
ip acc-list extend cisco-out
evaluate cisco1
deny 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
permit ip any any
int vlan 10
ip acc-list cisco-in in
ip acc-list cisco-out out
本文链接:https://hqyman.cn/post/179.html 非本站原创文章欢迎转载,原创文章需保留本站地址!
休息一下,本站随机推荐观看栏目:
