Configure to set restricted access to websites on campus
Objective: to log on to http://www.idcquan.com/qq dns only
Follow these steps:
Topology
PC
RUT
SW
PC2
PC3
PC1
On a PC, a vswitch and route are connected through Ethernet lines, and the access list ACL is used to control the traffic of the address. Here, a simulation is obtained through ACL data capture domain.) www.qq.com address 192.168.0.1 http://www.idcquan.com/address 172.16.0.101
Ip access-list extended namw permit udp host 192.168.0.1 eq domain any deny udp host any int f0/0 ip access-group 1 in/ip access-list extended in interface call namw/second group address permit udp host 172.16.0.101 eq domain host 192.100.1.1 permit udp host 192.100.0.0 eq 68 67 permit udp host 192.100.0.0 eq 68 67 deny udp any int f0/0 ip access-group 1 in sh running-config/View list information version 12.3 servi Ce timestamps debug datetime msec service timestamps log datetime msec no service password-encryption! Hostname r1! Boot-start-marker boot-end-marker!! No aaa new-model ip subnet-zero! Ip classless no ip http server!!! Ip access-list extended namw permit udp host 192.168.0.1 eq domain any permit udp host 172.16.0.101 eq domain host 192.100.1.1 deny udp any access-list 1 permit 12.0.0.0 log access-list 1 permit 192.100.1.1 access- list dynamic-extended! Route-map mm permit match policy-list http * jpg */allows jpg data to be disabled or matched by match policy-list http * jcm * match ip/policy information Control |
Use ACL to implement entries that allow access to addresses, send data packets to filter useless addresses, and then call the interface to filter other websites that cannot be accessed.
The IP address extension ACL is performed in the forward direction from the source. In each direction, the ACL is set for each interface and Protocol. At least one is a permit statement.
You can use sh access-list, sh ip access-list/intface, and sh running-config to view the configuration list.
- Design and configuration of Dual-egress for campus network
- Common router maintenance methods for campus network
- Introduction to trend 3 of remote access to campus network