ACL
AR1配置
acl number 2000 rule 5 deny source 10.1.1.1 0 # interface GigabitEthernet0/0/0 ip address 10.1.1.100 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 20.1.1.200 255.255.255.0 traffic-filter outbound acl 2000
扩展ACL配置
AR1配置
acl number 3000 rule 5 deny ip source 10.1.1.1 0 destination 20.1.1.1 0 interface GigabitEthernet0/0/0 ip address 10.1.1.100 255.255.255.0 traffic-filter inbound acl 3000 # 可以在g0/0/0的入方向调用,也可以在g0/0/1的出方向调用。 interface GigabitEthernet0/0/1 ip address 20.1.1.100 255.255.255.0