學(xué)習(xí)啦 > 學(xué)習(xí)電腦 > 網(wǎng)絡(luò)知識(shí) > 路由器 > 路由器設(shè)置 > cisco思科 > 思科48口交換機(jī)如何配置ACL

思科48口交換機(jī)如何配置ACL

時(shí)間: 權(quán)威724 分享

思科48口交換機(jī)如何配置ACL

  Cisco依靠自身的技術(shù)和對(duì)網(wǎng)絡(luò)經(jīng)濟(jì)模式的深刻理解,成為了網(wǎng)絡(luò)應(yīng)用的成功實(shí)踐者之一,那么你知道思科48口交換機(jī)如何配置ACL嗎?下面是學(xué)習(xí)啦小編整理的一些關(guān)于思科48口交換機(jī)如何配置ACL的相關(guān)資料,供你參考。

  思科48口交換機(jī)配置ACL的方法:

  大家先看下配置,我的要求就是,在47口上做鏡像,4vlan內(nèi)的機(jī)器的數(shù)據(jù)鏡像到47口上,47口接監(jiān)控服務(wù)器,然后在做下訪問(wèn)控制,4vlan內(nèi)的機(jī)器 跟47口上的服務(wù)器可以相互通訊,但4vlan之間不能相互通訊!目前47口的ip地址為192.168.25.1 255.255.255.0.

  FwhSwh#show run

  Building configuration…

  Current configuration : 4909 bytes

  !

  version 12.2

  no service pad

  service timestamps debug uptime

  service timestamps log uptime

  no service password-encryption

  !

  hostname FwhSwh

  !

  !

  no aaa new-model

  ip subnet-zero

  ip routing

  !

  ip dhcp pool vlan20

  network 192.168.20.0 255.255.255.0

  default-router 192.168.20.1

  dns-server 202.106.196.115 202.106.0.20

  !

  ip dhcp pool vlan21

  network 192.168.21.0 255.255.255.0

  default-router 192.168.21.1

  dns-server 202.106.196.115 202.106.0.20

  !

  ip dhcp pool vlan22

  network 192.168.22.0 255.255.255.0

  default-router 192.168.22.1

  dns-server 202.106.196.115 202.106.0.20

  !

  ip dhcp pool vlan23

  network 192.168.23.0 255.255.255.0

  default-router 192.168.23.1

  dns-server 202.106.0.20

  !

  !

  !

  !

  no file verify auto

  spanning-tree mode pvst

  spanning-tree extend system-id

  !

  vlan internal allocation policy ascending

  !

  interface FastEthernet0/1

  switchport access vlan 20

  !

  interface FastEthernet0/2

  switchport access vlan 20

  !

  interface FastEthernet0/3

  switchport access vlan 20

  !

  interface FastEthernet0/4

  switchport access vlan 20

  !

  interface FastEthernet0/5

  switchport access vlan 20

  !

  interface FastEthernet0/6

  switchport access vlan 20

  !

  interface FastEthernet0/7

  switchport access vlan 20

  !

  interface FastEthernet0/8

  switchport access vlan 20

  !

  interface FastEthernet0/9

  switchport access vlan 20

  !

  interface FastEthernet0/10

  switchport access vlan 20

  !

  interface FastEthernet0/11

  switchport access vlan 20

  !

  interface FastEthernet0/12

  switchport access vlan 20

  !

  interface FastEthernet0/13

  switchport access vlan 20

  !

  interface FastEthernet0/14

  switchport access vlan 20

  !

  interface FastEthernet0/15

  switchport access vlan 20

  !

  interface FastEthernet0/16

  switchport access vlan 20

  !

  interface FastEthernet0/17

  switchport access vlan 20

  !

  interface FastEthernet0/18

  switchport access vlan 20

  !

  interface FastEthernet0/19

  switchport access vlan 20

  !

  interface FastEthernet0/20

  switchport access vlan 20

  !

  interface FastEthernet0/21

  switchport access vlan 21

  !

  interface FastEthernet0/22

  switchport access vlan 21

  !

  interface FastEthernet0/23

  switchport access vlan 21

  !

  interface FastEthernet0/24

  switchport access vlan 21

  !

  interface FastEthernet0/25

  switchport access vlan 21

  !

  interface FastEthernet0/26

  switchport access vlan 21

  !

  interface FastEthernet0/27

  switchport access vlan 21

  !

  interface FastEthernet0/28

  switchport access vlan 21

  !

  interface FastEthernet0/29

  switchport access vlan 21

  !

  interface FastEthernet0/30

  switchport access vlan 21

  !

  interface FastEthernet0/31

  switchport access vlan 22

  !

  interface FastEthernet0/32

  switchport access vlan 22

  !

  interface FastEthernet0/33

  switchport access vlan 22

  !

  interface FastEthernet0/34

  switchport access vlan 22

  !

  interface FastEthernet0/35

  switchport access vlan 22

  !

  interface FastEthernet0/36

  switchport access vlan 22

  !

  interface FastEthernet0/37

  switchport access vlan 22

  !

  interface FastEthernet0/38

  switchport access vlan 22

  !

  interface FastEthernet0/39

  switchport access vlan 22

  !

  interface FastEthernet0/40

  switchport access vlan 22

  !

  interface FastEthernet0/41

  switchport access vlan 23

  !

  interface FastEthernet0/42

  switchport access vlan 23

  !

  interface FastEthernet0/43

  switchport access vlan 23

  !

  interface FastEthernet0/44

  switchport access vlan 23

  !

  interface FastEthernet0/45

  !

  interface FastEthernet0/46

  !

  interface FastEthernet0/47

  !

  interface FastEthernet0/48

  no switchport

  ip address *.*.*.* 255.255.255.0

  !

  interface GigabitEthernet0/1

  !

  interface GigabitEthernet0/2

  !

  interface GigabitEthernet0/3

  !

  interface GigabitEthernet0/4

  !

  interface Vlan1

  no ip address

  shutdown

  !

  interface Vlan20

  ip address 192.168.20.1 255.255.255.0

  ip access-group 100 in

  ip helper-address 192.168.20.1

  !

  interface Vlan21

  ip address 192.168.21.1 255.255.255.0

  ip access-group 101 in

  ip helper-address 192.168.21.1

  !

  interface Vlan22

  ip address 192.168.22.1 255.255.255.0

  ip access-group 102 in

  ip helper-address 192.168.22.1

  !

  interface Vlan23

  ip address 192.168.23.1 255.255.255.0

  ip access-group 103 in

  ip helper-address 192.168.23.1

  !

  ip classless

  ip route 0.0.0.0 0.0.0.0 10.0.0.1

  no ip http server

  !

  access-list 100 deny ip any 192.168.21.0 0.0.0.255

  access-list 100 deny ip any 192.168.22.0 0.0.0.255

  access-list 100 permit ip any any

  access-list 101 deny ip any 192.168.22.0 0.0.0.255

  access-list 101 deny ip any 192.168.20.0 0.0.0.255

  access-list 101 deny ip any 192.168.23.0 0.0.0.255

  access-list 101 permit ip any any

  access-list 102 deny ip any 192.168.20.0 0.0.0.255

  access-list 102 deny ip any 192.168.21.0 0.0.0.255

  access-list 102 deny ip any 192.168.23.0 0.0.0.255

  access-list 102 permit ip any any

  access-list 103 deny ip any 192.168.21.0 0.0.0.255

  access-list 103 deny ip any 192.168.22.0 0.0.0.255

  access-list 103 permit ip any any

  !

  control-plane

  !

  !

  line con 0

  line vty 0 4

  no login

  line vty 5 15

  no login

  !

  !

  end

  看過(guò)文章“思科48口交換機(jī)如何配置ACL"的人還看了:

  1.思科路由器怎么進(jìn)入 思科路由器怎么設(shè)置

  2.CISCO路由器的配置與調(diào)試

  3.教你如何設(shè)置Cisco路由器安全

  4.如何利用腳本配置思科路由器

  5.cisco思科怎么配置無(wú)線AP

  6.思科配置常見(jiàn)問(wèn)題及其解決方法

  7.思科Cisco路由器的基礎(chǔ)配置知識(shí)

554387