您的位置:首页 > 其它

Lock and Key Access-List

2006-10-29 12:11 591 查看
lo0-10.1.1.1/24 lo0-60.1.1.1/24 lo0-20.1.1.1
R1---(16.1.1.0/24)------R6------(26.1.1.0/24) --- R2

Hostname R6

interface Loopback0
ip address 60.1.1.1 255.255.255.0
!
interface Ethernet0/0
ip address 16.1.1.2 255.255.255.0
!
interface Ethernet1/0
ip address 26.1.1.1 255.255.255.0
ip access-group 131 in
!
router eigrp 300
network 16.0.0.0
network 26.0.0.0
network 60.0.0.0
auto-summary
!
access-list 131 dynamic mylist timeout 3 permit ip any any
access-list 131 permit tcp any host 60.1.1.1 eq telnet
access-list 131 permit eigrp any any
===========================================
Before Telnet from R2 to R6 loopback0

r2#ping 10.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)

r6#sh access-list
Extended IP access list 131
10 Dynamic mylist permit ip any any
20 permit tcp any host 60.1.1.1 eq telnet (321 matches)
30 permit eigrp any any (2019 matches)
============================================
Telnet from R2 to R6 loopback

r2#telnet 60.1.1.1
Trying 60.1.1.1 ... Open

User Access Verification

Username:
Password:
[Connection to 60.1.1.1 closed by foreign host]
r2#ping 10.1.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
===============================================

r6#sh access-list
Extended IP access list 131
10 Dynamic mylist permit ip any any
permit ip any any (38 matches)
20 permit tcp any host 60.1.1.1 eq telnet (378 matches)
30 permit eigrp any any (2079 matches)
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航