Access Control List mak saida?
Access list mak hanesan policia ka guarda nébe hein hela iha Portaun oin wainhira ita atu tama ba uma laran ou sai ba liur, wain visitante atu tama sai siguranca ka policia sei husu ita nia id kard ka kartaun Eleitoral ka BI ou karta licenca ruma atu bele fo licenca ka permisaun ba ita ba ka lae. Maluk sira ida neé hanesan exemplo ida deit, keta lori ba lia...Mai ita koko halo tuir topology iha kraik neé atu ita bele kompriende liu tan konaba ACLs ne;e...
Access Control List / ACLs
1. Dezenho lai Tolopology tuir imagen ne;e iha cisco packet tracert
2. Konfigurasaun neébe ita halo iha Router mak tuir mai neé :
hostname Router
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
ip address 20.20.20.254 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.248
ip access-group 120 out
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
access-list 120 permit icmp host 20.20.20.1 10.10.0.0 0.0.31.255
access-list 120 deny tcp host 20.20.20.1 10.10.0.0 0.0.31.255 eq www
access-list 120 permit ip any any
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
# konfigurasun tuir imagen ne;e ita halo para host ida 20.20.20.1 bele halo ping ba network 10.10.0.0 maibe host 20.20.20.1 la iha permisaun atu loke pagina www.timorleste.tl ka 10.10.10.2, tamba host ida neé hetan block tiha husi network ne (10.10.10.0/29) maibe hots ne bele halo ping ba network ne.
1. koko halo ping husi host 20.20.20.1 ba 10.10.10.2
ex.
2. koko loke web browser iha host 20.20.20.1
Access list mak hanesan policia ka guarda nébe hein hela iha Portaun oin wainhira ita atu tama ba uma laran ou sai ba liur, wain visitante atu tama sai siguranca ka policia sei husu ita nia id kard ka kartaun Eleitoral ka BI ou karta licenca ruma atu bele fo licenca ka permisaun ba ita ba ka lae. Maluk sira ida neé hanesan exemplo ida deit, keta lori ba lia...Mai ita koko halo tuir topology iha kraik neé atu ita bele kompriende liu tan konaba ACLs ne;e...
Access Control List / ACLs
Koko block tiha host ida labele asesu ba ICMP ka http
iha network ida tomak.
iha network ida tomak.
2. Konfigurasaun neébe ita halo iha Router mak tuir mai neé :
hostname Router
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
ip address 20.20.20.254 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.248
ip access-group 120 out
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
access-list 120 permit icmp host 20.20.20.1 10.10.0.0 0.0.31.255
access-list 120 deny tcp host 20.20.20.1 10.10.0.0 0.0.31.255 eq www
access-list 120 permit ip any any
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
# konfigurasun tuir imagen ne;e ita halo para host ida 20.20.20.1 bele halo ping ba network 10.10.0.0 maibe host 20.20.20.1 la iha permisaun atu loke pagina www.timorleste.tl ka 10.10.10.2, tamba host ida neé hetan block tiha husi network ne (10.10.10.0/29) maibe hots ne bele halo ping ba network ne.
1. koko halo ping husi host 20.20.20.1 ba 10.10.10.2
ex.
2. koko loke web browser iha host 20.20.20.1
3.koko loke web browser husi host http://www.timorleste.tl / ka 10.10.10.2
karik nia resultado hanesan iha leten entaun konfigurasun neébe ita halo iha router los...
bele koko test ping husi qualquer host ou browsing husi kualker host ba iha server sira seluk..
obrigado tamba ita konsege halo tuir ona topologi ne;e.
adeus i hasoru malu fali iha edisaun seluk..
mai ita aprende hamutuk network liu husi cisco packet tracert.
Tidak ada komentar:
Posting Komentar