标准ACL的配置（补）

如图所示：

 

 

在61.128.64.0（PC3、4所在网段）这个网段上只允许主机61.128.64.10访问网段2，网段3：172.16.0.0（PC1所在网段）可以访问网段2，其它任何主机对网段2的访问均被拒绝。

 

 

R1的配置：

 

Press Enter to Start

 

 

Router>

Router>en

Router#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#host R1

R1(config)#int f0/0

R1(config-if)#ip add 172.16.0.1 255.255.255.0

R1(config-if)#no shut

%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

R1(config-if)#int f0/1

R1(config-if)#ip add 192.168.1.1 255.255.255.0

R1(config-if)#no shut

%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up

R1(config-if)#end

R1#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

R1(config)#int s0

R1(config-if)#ip add 172.16.1.1 255.255.255.0

R1(config-if)#no shut

%LINK-3-UPDOWN: Interface Serial0, changed state to up

R1(config-if)#

R1(config-if)#exit

R1(config)#router rip

R1(config-router)#version 2

R1(config-router)#network 172.16.0.0

R1(config-router)#network 192.168.1.0

R1(config-router)#network 172.16.1.0

R1(config-router)#end

R1#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

R1(config)#access-list 1 permit 61.128.64.10 0.0.0.0

R1(config)#access-list 1 permit 172.16.0.0 0.0.0.255

R1(config)#int f0/1

R1(config-if)#ip access-group 1 out

R1(config-if)#end

 

 

R2的配置：

 

Router#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#host R2

R2(config)#int f0/0

R2(config-if)#ip add 61.128.64.1 255.255.255.0

R2(config-if)#no shut

%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up

R2(config-if)#int s0

R2(config-if)#ip add 172.16.1.2 255.255.255.0

R2(config-if)#clock rate 64000

R2(config-if)#no shut

%LINK-3-UPDOWN: Interface Serial0, changed state to up

%LINK-3-UPDOWN: Interface Serial0, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down

%LINK-3-UPDOWN: Interface Serial0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up

R2(config-if)#exit

R2(config)#router rip

R2(config-router)#version 2

R2(config-router)#network 172.16.1.0

R2(config-router)#network 61.128.64.0

R2(config-router)#end

 

 

 

 

PC的IP参数配置：

PC1：172.16.0.2/24  172.16.0.1

PC2：192.168.1.2/24  192.168.1.1

PC3：61.128.64.10/24   61.128.64.1

PC4：61.128.64.20/24   61.128.64.1

 

配置好之后再检验一下就OK。