Halaman

Exemplo Cria Access List extendet ACL para deny traffic FTP

example we will create an extended ACL that will deny FTP traffic
topologi iha leten ne ita sei deny ka block tiha network 10.0.0/8 atu labele access ba FTP Server ka ip 187.100.16.2, Konfigurasaun neébe ita sei halo mak hanesan tuir mai ne;e:

# Konfigurasaun iha Router

hostname RTR001
!
!
ip dhcp excluded-address 10.0.0.1
!
ip dhcp pool client
 network 10.0.0.0 255.0.0.0
 default-router 10.0.0.1
 dns-server 187.100.16.2
!
!
!
no ip cef
no ipv6 cef
!
!
interface FastEthernet0/0
 ip address 10.0.0.1 255.0.0.0
 duplex auto
 speed auto
!
interface FastEthernet1/0
 ip address 187.100.16.1 255.255.255.248
 ip access-group 101 out
 duplex auto
 speed auto
!
interface Serial2/0
 no ip address
 shutdown
!
interface Serial3/0
 no ip address
 shutdown
!
interface FastEthernet4/0
 no ip address
 shutdown
!
interface FastEthernet5/0
 no ip address
 shutdown
!
interface GigabitEthernet6/0
 no ip address
 duplex auto
 speed auto
!
ip classless
!
ip flow-export version 9
!
!
access-list 101 deny tcp 10.0.0.0 0.255.255.255 187.100.16.0 0.0.0.7 eq 20
access-list 101 deny tcp 10.0.0.0 0.255.255.255 187.100.16.0 0.0.0.7 eq ftp
access-list 101 permit ip any any
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end
====================================

Diposting oleh Tidak ada komentar:
Langganan: Komentar (Atom)