In enterprise environments, there are usually access control requirements. By configuring access control requirements, you can set some data packets to be received and some data packets to be rejected. The ACL Access Control List uses the packet filtering technology to read Layer 3 and Layer 3 of the OSI Layer 7 model on the router for detection, including matching policies for IP addresses and ports, to achieve the purpose of access control.
Overview of Sample requirements:
The topology is as follows:
Specific requirements:
1. All Hosts in VLAN 10 can access the WEB Services of the server from Monday to Friday-, but reject other services.
2. Only PC1 can be used to PING the server. Other hosts cannot be pinged to the server.
3. Add a user and password for SW1. Only the host PC1 can log on.
Specific implementation steps:
1. connect to the network to ensure network connectivity.
A) connect networks based on the Topology
B)
C) ip address planning:
I. PC1: 192.168.1.1 Gateway: 192.168.1.2
Ii. PC10: 192.168.2.1 Gateway: 192.168.2.2
Iii. SERVER: 192.168.3.1 Gateway: 192.168.3.2
D) configure the IP address
E) PC1
F) PC10
G) configure the IP address on the router (simulated server)
H) VLAN information is divided on three vswitches.
I)
J) divide the corresponding ports into VLANs Based on the topology.
K)
L)
M) the gateway address of the corresponding VLAN configured as the IP address of the PC and Server
N)
O) configure the switch connection interface as the truch Port
P)
Q)
R)
S) Verify connectivity
T)
2. Complete access list Configuration
A) configuration so that all users in VLAN10 can access the WEB Service of the server during working hours
B)
C)
D)
E) configuration, so that only PC1 can PING the server, and only PC1 can access SW1
F)
G)
H) in the interface application
I)
J)
3. Verify
A) after changing the time, VLAN10 users can access the WEB service.
B) Only PC1 can PING the server.