思科静态nat与标准acl怎么混合使用(2)
思科静态nat与标准acl怎么混合使用
学习啦在线学习网 --- 4.4.4.2 1.1.1.2 --- ---
--- 4.4.4.3 1.1.1.3 --- ---
Router#ping 3.3.3.2
学习啦在线学习网 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 62/62/63 ms
学习啦在线学习网 Router#conf
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
学习啦在线学习网 Router(config)#acc
Router(config)#access-list ?
<1-99> IP standard access list
<100-199> IP extended access list
Router(config)#access-list 1 ?
deny Specify packets to reject
permit Specify packets to forward
remark Access list entry comment
Router(config)#access-list 1 deny ho
Router(config)#access-list 1 deny host 1.1.1.2
Router(config)#access-list 1 per
学习啦在线学习网 Router(config)#access-list 1 permit any
Router(config)#exit
学习啦在线学习网 %SYS-5-CONFIG_I: Configured from console by console
Router#show acc
Router#show access-lists
Standard IP access list 1
学习啦在线学习网 deny host 1.1.1.2
学习啦在线学习网 permit any
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip access-group 1 in
Router(config-if)#no shut
Router(config-if)#
Router(config-if)#
Rourer 1 的配置:
学习啦在线学习网 Router>en
Router#conf t
学习啦在线学习网 Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int f0/0
Router(config-if)#ip add 3.3.3.1 255.0.0.0
Router(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#
Router(config-if)#int f0/1
Router(config-if)#ip add 2.2.2.2 255.0.0.0
Router(config-if)#no shut
学习啦在线学习网 %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
学习啦在线学习网 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Router(config-if)#
学习啦在线学习网 Router(config-if)#exit
Router(config)#router rip
Router(config-router)#net
Router(config-router)#network 2.0.0.0
学习啦在线学习网 Router(config-router)#network 3.0.0.0
学习啦在线学习网 Router(config-router)#end
%SYS-5-CONFIG_I: Configured from console by console
学习啦在线学习网 Router#show ip rou
Router#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
学习啦在线学习网 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
学习啦在线学习网 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
学习啦在线学习网 * - candidate default, U - per-user static route, o - ODR
学习啦在线学习网 P - periodic downloaded static route
Gateway of last resort is not set
学习啦在线学习网 R 1.0.0.0/8 [120/1] via 2.2.2.1, 00:00:24, FastEthernet0/1
C 2.0.0.0/8 is directly connected, FastEthernet0/1
学习啦在线学习网 C 3.0.0.0/8 is directly connected, FastEthernet0/0
学习啦在线学习网 R 4.0.0.0/8 [120/1] via 2.2.2.1, 00:00:24, FastEthernet0/1
学习啦在线学习网 Router#ping 4.4.4.2
学习啦在线学习网 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 81/91/94 ms
学习啦在线学习网 Router#ping 4.4.4.3
学习啦在线学习网 Type escape sequence to abort.
学习啦在线学习网 Sending 5, 100-byte ICMP Echos to 4.4.4.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 63/84/94 ms
Router#
在pc1 上的测试:
Packet Tracer PC Command Line 1.0
学习啦在线学习网 PC>ping 3.3.3.2
学习啦在线学习网 Pinging 3.3.3.2 with 32 bytes of data:
Request timed out.
学习啦在线学习网 Request timed out.
学习啦在线学习网 Request timed out.
Request timed out.
学习啦在线学习网 Ping statistics for 3.3.3.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PC>ping 1.1.1.1
Pinging 1.1.1.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
学习啦在线学习网 Request timed out.
学习啦在线学习网 Ping statistics for 1.1.1.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PC>
看过文章“思科静态nat与标准acl怎么混合使用”的人还看了: