欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

VLAN 之間的訪問(wèn)控制

 更新時(shí)間:2007年09月19日 10:20:07   作者:  
 

路由器通過(guò)以太網(wǎng)的子口建立與下連交換機(jī)TRUNK口相連。

要求管理VLAN可以訪問(wèn)其它業(yè)務(wù)VLAN、辦公VLAN、財(cái)務(wù)VLAN、家庭網(wǎng)VLAN,但是其它VLAN不可以訪問(wèn)管理VLAN。

下面把路由器上的配置附上:

ip access-list extended infilter

evaluate mppacket

deny ip 10.54.16.0 0.0.0.255 10.54.17.0 0.0.0.255 

deny ip 10.54.16.0 0.0.0.255 10.54.18.0 0.0.0.255 

deny ip 10.54.16.0 0.0.0.255 10.54.19.0 0.0.0.255 

deny ip 10.54.16.0 0.0.0.255 10.54.31.0 0.0.0.255 

deny ip 10.54.17.0 0.0.0.255 10.54.16.0 0.0.0.255 

deny ip 10.54.17.0 0.0.0.255 10.54.18.0 0.0.0.255 

deny ip 10.54.17.0 0.0.0.255 10.54.19.0 0.0.0.255 

deny ip 10.54.17.0 0.0.0.255 10.54.31.0 0.0.0.255 

deny ip 10.54.18.0 0.0.0.255 10.54.16.0 0.0.0.255 

deny ip 10.54.18.0 0.0.0.255 10.54.17.0 0.0.0.255 

deny ip 10.54.18.0 0.0.0.255 10.54.19.0 0.0.0.255 

deny ip 10.54.18.0 0.0.0.255 10.54.31.0 0.0.0.255 

deny ip 10.54.19.0 0.0.0.255 10.54.16.0 0.0.0.255 

deny ip 10.54.19.0 0.0.0.255 10.54.17.0 0.0.0.255 

deny ip 10.54.19.0 0.0.0.255 10.54.18.0 0.0.0.255 

deny ip 10.54.19.0 0.0.0.255 10.54.31.0 0.0.0.255 

permit ip any any 

exit
ip access-list extended outfilter

permit ip any any reflect mppacket 

exit
interface fastethernet0

ip address 10.255.49.2 255.255.255.252

exit
interface fastethernet1

exit
interface fastethernet1.1

description Guanli

ip address 10.54.31.254 255.255.255.0

encapsulation dot1q 1

exit
interface fastethernet1.2

description Yewu

ip address 10.54.17.254 255.255.255.0

encapsulation dot1q 2

ip access-group outfilter out

ip access-group infilter in

exit
interface fastethernet1.3

description Bangong

ip address 10.54.16.254 255.255.255.0

encapsulation dot1q 3

ip access-group outfilter out

ip access-group infilter in

exit
interface fastethernet1.4

description Caiwu

ip address 10.54.18.254 255.255.255.0

encapsulation dot1q 4

ip access-group outfilter out

ip access-group infilter in

exit
interface fastethernet1.5

description Jiating

ip address 10.54.19.254 255.255.255.0

encapsulation dot1q 5

ip access-group outfilter out

ip access-group infilter in

exit
ip route 0.0.0.0 0.0.0.0 10.255.49.1
文章錄入:csh    責(zé)任編輯:csh 

相關(guān)文章

最新評(píng)論