Application (ACL) of the access control list of cisco router Integrated Experiment ii ip Address Configuration on each device, steps ======================================================== ========================================================== ======================================= Configure route R1: (config) # ip route 0.0.0.0 0.0.0.0 192.168.1.254 route www.2cto.com R2: (config) # ip route 0.0.0.0 0.0.0.0 192.168.255.254 ================================ ========================================================== ============================ configure ACLSW1: create vlan 10 and vlan 20 Add interface f0/10 to vlan 10 interface f0/15 Add vlan 20 Step 1 (config) # time-range worktime (config-time-range) # periodic weekdays to (config-time-range) # exit (config) # access-list 100 permit tcp host 192.168.10.1 host 192.168.20.1 eq 80 time-range
Worktime (config) # access-list 1 permit host 192.168.1.1 (config) # int vlan 10 (-vlan) # ip access-group 100 in (config) # line vty 0 4 (config-line) # password test (config-line) # login (config-line) # access-class 1 using www.2cto.com R2: (config) # access-list 100 permit tcp host 192.168.10.1 host 192.168.20.1 eq 80 (config) # access-list 100 permit icmp host 192.168.1.1 host 192.168.20.1 echo (config) # int f0/0 (config-if) # ip access-group 100 in ==================================== ========================================================== ====================================
Set the time on the layer-3 Switch to verify the effect of the time ACL SW1: # clock set 9:00:00 1 may 2011 set the time to author Xun ruyu