diff --git "a/09\345\215\242\351\221\253\346\235\260/20250424 \350\267\257\347\224\261\345\231\250IP\346\216\247\345\210\266\350\256\277\351\227\256.md" "b/09\345\215\242\351\221\253\346\235\260/20250424 \350\267\257\347\224\261\345\231\250IP\346\216\247\345\210\266\350\256\277\351\227\256.md" new file mode 100644 index 0000000000000000000000000000000000000000..b09f7f56649c49661be16a4478861469bfd7e1d3 --- /dev/null +++ "b/09\345\215\242\351\221\253\346\235\260/20250424 \350\267\257\347\224\261\345\231\250IP\346\216\247\345\210\266\350\256\277\351\227\256.md" @@ -0,0 +1,85 @@ +# 练习 + +![image-20250424103105115](C:\Users\Administrator\AppData\Roaming\Typora\typora-user-images\image-20250424103105115.png) + +![image-20250424103237603](C:\Users\Administrator\AppData\Roaming\Typora\typora-user-images\image-20250424103237603.png) + +``` +任务1: + 192.168.10.1 可访问外网 40.1不可以 +三层交换机//拒绝地址访问 +Switch(config)#access-list 10 permit 192.168.10.1 +Switch(config)#access-list 10 deny any +Switch(config)#in f0/2 +Switch(config-if)#ip access-group 10 out +``` + +![](C:\Users\Administrator\AppData\Roaming\Typora\typora-user-images\image-20250424104416410.png) + +![image-20250424104503580](C:\Users\Administrator\AppData\Roaming\Typora\typora-user-images\image-20250424104503580.png) + +``` +Switch(config)#access-list 10 permit 192.168.10.1 +Switch(config)#access-list 10 deny any +Switch(config)#in f0/2 +Switch(config-if)#ip access-group 10 out 任务2:只允许192.168.20.0 访问 192.168.30.0内的主机 + +``` + +集团 + +``` +财务路由器3 +Router>en +Router#conf t +Router(config)#access-list 10 permit 192.168.10.1 +Router(config)#access-list 10 deny any +Router(config)#in g0/2 +Router(config-if)#ip access-group 10 out +``` + +``` +业务经理路由器1 +Router>en +Router#conf t +Router(config)#ac +Router(config)#access-list 10 permit 192.168.30.1 +Router(config)#ac +Router(config)#access-list 10 deny any +Router(config)#access-list 10 permit 3.3.3.0 0.0.0.255 +Router(config)#access-list 10 permit 192.168.30.1 +Router(config)#access-list 10 deny any +Router(config)#in g0/2 +Router(config-if)#ip access-group 10 out + +``` + +``` +后勤路由器5 +Router>en +Router#conf t +Router(config)#access-list 10 permit 192.168.20.2 +Router(config)#access-list 10 deny any +Router(config)#in g0/0 +Router(config-if)#ip access-group 10 out +``` + +``` +第三小题 +,业务经理只允许被财务经理访问路由器4 +Router>en +Router#conf t +Enter configuration commands, one per line. End with CNTL/Z. +Router(config)#access-list 10 per +Router(config)#access-list 10 permit 192.168.10.1 +Router(config)#access-list 10 deny any +Router(config)#no access-list 10 permit 192.168.10.1 +Router(config)#no access-list 10 deny any +Router(config)#access-list 10 permit 3.3.3.0 0.0.0.255 +Router(config)#access-list 10 permit 192.168.10.1 +Router(config)#access-list 10 deny any +Router(config)#in g0/0 +Router(config-if)#ip access-group 10 in +Router(config-if)# +``` +