Packet Tracer 52实验十二 标准IP访问控制列表配置Word格式.docx
- 文档编号:17544645
- 上传时间:2022-12-07
- 格式:DOCX
- 页数:10
- 大小:39.47KB
Packet Tracer 52实验十二 标准IP访问控制列表配置Word格式.docx
《Packet Tracer 52实验十二 标准IP访问控制列表配置Word格式.docx》由会员分享,可在线阅读,更多相关《Packet Tracer 52实验十二 标准IP访问控制列表配置Word格式.docx(10页珍藏版)》请在冰豆网上搜索。
实验拓扑
1、路由器之间通过V.35电缆串口连接,DCE端连接在R1上,配置其时间频率为64000;
主机与路由器通过交叉线连接;
2、配置路由器接口IP地址;
3、在路由器上配置OSPF路由协议,让三台PC能相互ping通,因为只有在互通的前提下才能涉及到访问控制列表;
4、在R1上配置编号的IP标准访问控制列表;
5、将标准IP访问列表应用到接口上;
6、验证主机之间的互通性;
R1:
Router>
en
Router#conft
Enterconfigurationcommands,oneperline.EndwithCNTL/Z.
Router(config)#hostnameR1
R1(config)#interfacefa1/0
R1(config-if)#ipaddress192.168.1.1255.255.255.0
R1(config-if)#noshut
%LINK-5-CHANGED:
InterfaceFastEthernet1/0,changedstatetoup
%LINEPROTO-5-UPDOWN:
LineprotocolonInterfaceFastEthernet1/0,changedstatetoup
R1(config-if)#exit
R1(config)#intfa0/0
R1(config-if)#ipadd192.168.2.1255.255.255.0
InterfaceFastEthernet0/0,changedstatetoup
LineprotocolonInterfaceFastEthernet0/0,changedstatetoup
R1(config)#intse2/0
R1(config-if)#clockrate64000
R1(config-if)#ipadd192.168.3.1255.255.255.0
InterfaceSerial2/0,changedstatetodown
R1(config)#
R1(config)#routerospf1
R1(config-router)#network192.168.1.00.0.0.255area0
R1(config-router)#network192.168.2.00.0.0.255area0
R1(config-router)#network192.168.3.00.0.0.255area0
R1(config-router)#end
R1#
%SYS-5-CONFIG_I:
Configuredfromconsolebyconsole
R1#showiproute
Codes:
C-connected,S-static,I-IGRP,R-RIP,M-mobile,B-BGP
D-EIGRP,EX-EIGRPexternal,O-OSPF,IA-OSPFinterarea
N1-OSPFNSSAexternaltype1,N2-OSPFNSSAexternaltype2
E1-OSPFexternaltype1,E2-OSPFexternaltype2,E-EGP
i-IS-IS,L1-IS-ISlevel-1,L2-IS-ISlevel-2,ia-IS-ISinterarea
*-candidatedefault,U-per-userstaticroute,o-ODR
P-periodicdownloadedstaticroute
Gatewayoflastresortisnotset
C192.168.1.0/24isdirectlyconnected,FastEthernet1/0
C192.168.2.0/24isdirectlyconnected,FastEthernet0/0
R1#showiproute//两台路由器配置好后的路由信息
C
192.168.1.0/24isdirectlyconnected,FastEthernet1/0
192.168.2.0/24isdirectlyconnected,FastEthernet0/0
192.168.3.0/24isdirectlyconnected,Serial2/0
O
192.168.4.0/24[110/782]via192.168.3.2,00:
00:
15,Serial2/0
R1#conft
Enterconfigurationcommands,oneperline.
EndwithCNTL/Z.
R1(config)#ip?
access-list
Namedaccess-list
default-network
Flagsnetworksascandidatesfordefaultroutes
dhcp
ConfigureDHCPserverandrelayparameters
domain
IPDNSResolver
domain-lookup
EnableIPDomainNameSystemhostnametranslation
domain-name
Definethedefaultdomainname
forward-protocol
ControlsforwardingofphysicalanddirectedIPbroadcasts
host
Addanentrytotheiphostnametable
name-server
Specifyaddressofnameservertouse
nat
NATconfigurationcommands
route
Establishstaticroutes
tcp
GlobalTCPparameters
R1(config)#ipac
R1(config)#ipaccess-list?
extended
ExtendedAccessList
standard
StandardAccessList
R1(config)#ipaccess-liststa
R1(config)#ipaccess-liststandard?
<
1-99>
StandardIPaccess-listnumber
WORD
Access-listname
R1(config)#ipaccess-liststandarddavid?
cr>
R1(config)#ipaccess-liststandarddavid//配置名为david的IP标准访问控制列表
R1(config-std-nacl)#?
default
Setacommandtoitsdefaults
deny
Specifypacketstoreject
exit
Exitfromaccess-listconfigurationmode
no
Negateacommandorsetitsdefaults
permit
Specifypacketstoforward
remark
Accesslistentrycomment
R1(config-std-nacl)#permit192.168.1.0?
A.B.C.D
Wildcardbits
R1(config-std-nacl)#permit192.168.1.00.0.0.255?
R1(config-std-nacl)#permit192.168.1.00.0.0.255//允许192.168.1.0网段通过
R1(config-std-nacl)#deny?
Addresstomatch
any
Anysourcehost
Asinglehostaddress
R1(config-std-nacl)#deny192.168.2.0?
R1(config-std-nacl)#deny192.168.2.00.0.0.255?
R1(config-std-nacl)#deny192.168.2.00.0.0.255//禁止192.168.2.0网段通过
R1(config-std-nacl)#exit
R1(config)#inter
R1(config)#interfacese2/0
R1(config-if)#?
bandwidth
Setbandwidthinformationalparameter
cdp
CDPinterfacesubcommands
clock
Configureserialinterfaceclock
crypto
Encryption/Decryptioncommands
custom-queue-list
Assignacustomqueuelisttoaninterface
delay
Specifyinterfacethroughputdelay
description
Interfacespecificdescription
encapsulation
Setencapsulationtypeforaninterface
Exitfrominterfaceconfigurationmode
fair-queue
EnableFairQueuingonanInterface
frame-relay
Setframerelayparameters
hold-queue
Setholdqueuedepth
ip
InterfaceInternetProtocolconfigcommands
keepalive
Enablekeepalive
mtu
SettheinterfaceMaximumTransmissionUnit(MTU)
ppp
Point-to-PointProtocol
priority-group
Assignaprioritygrouptoaninterface
service-policy
ConfigureQoSServicePolicy
shutdown
Shutdowntheselectedinterface
tx-ring-limit
ConfigurePAleveltransmitringlimit
zone-member
Applyzonename
R1(config-if)#ip?
access-group
Specifyaccesscontrolforpackets
address
SettheIPaddressofaninterface
hello-interval
ConfiguresIP-EIGRPhellointerval
helper-address
SpecifyadestinationaddressforUDPbroadcasts
inspect
Applyinspectname
ips
CreateIPSrule
SetIPMaximumTransmissionUnit
NATinterfacecommands
ospf
OSPFinterfacecommands
split-horizon
Performsplithorizon
summary-address
Performaddresssummarization
virtual-reassembly
VirtualReassembly
R1(config-if)#ipac
R1(config-if)#ipaccess-group?
1-199>
IPaccesslist(standardorextended)
R1(config-if)#ipaccess-groupdavid?
in
inboundpackets
out
outboundpackets
R1(config-if)#ipaccess-groupdavidout?
R1(config-if)#ipaccess-groupdavidout//将名为david的IP标准访问控制列表应用到se2/0端口
R1(config-if)#end
R1#showrunning-config
Buildingconfiguration...
Currentconfiguration:
928bytes
!
version12.2
noservicetimestampslogdatetimemsec
noservicetimestampsdebugdatetimemsec
noservicepassword-encryption
hostnameR1
...
interfaceFastEthernet0/0
ipaddress192.168.2.1255.255.255.0
duplexauto
speedauto
interfaceFastEthernet1/0
ipaddress192.168.1.1255.255.255.0
interfaceSerial2/0
ipaddress192.168.3.1255.255.255.0
ipaccess-groupdavidout
clockrate64000
interfaceSerial3/0
noipaddress
shutdown
interfaceFastEthernet4/0
interfaceFastEthernet5/0
routerospf1
log-adjacency-changes
network192.168.1.00.0.0.255area0
network192.168.2.00.0.0.255area0
network192.168.3.00.0.0.255area0
ipclassless
ipaccess-liststandarddavid
permit192.168.1.00.0.0.255
deny192.168.2.00.0.0.255
linecon0
linevty04
login
end
R2:
Router(config)#hostnameR2
R2(config)#intfa0/0
R2(config-if)#ipadd192.168.4.1255.255.255.0
R2(config-if)#noshut
R2(config-if)#exit
R2(config)#intse2/0
R2(config-if)#ipadd192.168.3.2255.255.255.0
InterfaceSerial2/0,changedstatetoup
R2(config)#routerospf1
R2(config-router)#
LineprotocolonInterfaceSerial2/0,changedstatetoup
R2(config-router)#network192.168.3.00.0.0.255area0
R2(config-router)#network192.168.4.00.0.0.255area0
11:
23:
%OSPF-5-ADJCHG:
Process1,Nbr192.168.3.1onSerial2/0fromLOADINGtoFULL,LoadingDo
R2(config-router)#end
R2#
R2#showiproute
E1-OSPFexternaltype1,E2-OSPFexternaltype2,
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Packet Tracer 52实验十二 标准IP访问控制列表配置 52 实验 十二 标准 IP 访问 控制 列表 配置
![提示](https://static.bdocx.com/images/bang_tan.gif)