ACL訪問控制列表配置實(shí)現(xiàn)_第1頁
ACL訪問控制列表配置實(shí)現(xiàn)_第2頁
ACL訪問控制列表配置實(shí)現(xiàn)_第3頁
ACL訪問控制列表配置實(shí)現(xiàn)_第4頁
ACL訪問控制列表配置實(shí)現(xiàn)_第5頁
已閱讀5頁,還剩17頁未讀 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

石河子大學(xué)信息科學(xué)與技術(shù)學(xué)院<網(wǎng)絡(luò)工程>實(shí)驗(yàn)報(bào)告題目名稱:ACL訪問控制列表配置實(shí)現(xiàn)專業(yè):計(jì)算機(jī)科學(xué)與技術(shù)班級:計(jì)算機(jī)科學(xué)與技術(shù)11級(2)班學(xué)號:2011xxxxxx學(xué)生:xxxxxxxxxxx指導(dǎo)教師:xxxxxxxxxxx完成日期:二0一四年四月二十五日一實(shí)驗(yàn)步驟1.拓?fù)鋱D根據(jù)實(shí)驗(yàn)指導(dǎo)書要求,經(jīng)過簡單操作連接出實(shí)驗(yàn)拓?fù)鋱D:R1fa0/0IOSCommandLineInterfaceRD'ater>enRouter^configCanfig^aringftoilternLinalrlEeiU-ory^.ornetwork[terniiinal]?Enterconfigurationcoimr.dndsfonepsrlineaEndwithCNTL/Z.Router(config|#hostR1R1(config}^inteifaO/OR1(config-if}addTess2S5.2SS.23S.0R1(config—if}tncabut%LINK-5-CHANGED:InterfaceFasCEthemetC/Orchangedstatetoup%_INEFROTO-5-UFDOWN:LineprotocolonInterfaceFdstEthernecO/0fchargedoupR1(confla-if}學(xué)[CopyPasteFa0/1IOSCommandLineInterfaceR1(config)iimtei:faO/OIR1(config-if)HeaddiessR1(config-if)fncshutLINK-5-CfiRNGED:InterlaceFa5LEtiiemet0/0rctiange^suatetoup%LINEPROTO-5-UPDOWM:LineprotocolonInterfaceFastEthemetO/Orchanged□upR1(config-if)fexiR1(config)#inteifaQ/1R1(config-if)ripaddTCM2-2.2.12S5.2SS.23S.0R1(config—if}incshut%LINK-5-CHANGED:InterfaceFas3Etheme10/1rchangedstatetoup%LINEPROTO-5-UPDOWN:_ineprotocolonInterfaceFdstEthernecO/1,chargedoupR1(confia-if)#|葉CopyPasteS0/0甲R(shí)iI口II回PhysicalConfigCLIIOSCommandLineInterfaceR1(config-if)Siraddiess2-2.2-1R1(conEig-if}#ncshut%LINK-5-CHANGED:InterfaceFascEthemetC/1rchangedstatetaup%l>INEFROTC—S-TJFDOWI:LineprotDcolanlazterfaceFastEtheme&Q/lfchanged凸upR1(config-if}fexiR1(config}#inteisD/0R1(config-if}*255.2E5.255.252冬Invalid,inputdetectedat■1narker-R1(config-if}#1eaddiess52R1(config-if}fencappppR1(config-if}^pncshutLINK-5-CbUiNGEDsInterfaceSerialO/DfckazigedstateLINK-5-CbUiNGEDsInterfaceSerialO/DfckazigedstatetodownR1(confia-if}學(xué)|wR2口II*PhysicalConfigCLIIOSCommandLineInterfaceR2#configConfig'QringftonterninalrlEeiu-Dry^ornetwork[terininal]?Enterconfigura11oncoimr.andsfoneperlineaEndwithCNTL/ZR2(config}#hostnoaru.e030ELZ%Invalidinputdetectedatp1rr.arker-R2(cc^f^g)#ZQ3tnaiaeC'3Z'R208OZc2(sonf^c)?^r:terfacesO/C:'50x2(sonf^c-_faddresso.5.i.2520dO^2(3on±ic-_±)#e^cdpppp3331<2(-cm£z_gi#iaohh.ut%Invalid^^putdetectedat','、narker.330^2(sonfic-_fim二二tZN^-5-CfiAHi?ZD;InterfaceZeziii2.3/Dfcjiancedstatetcj.g三050x2(sonf^u-.fj4|▼CopyPasteFa0/0PhysicalConfigCLIIOSCommandLineInterfacea)#'-o3t.naiRe"i-i^7I'SQi2(^onfic)sO/C:'30i2(2onfic-_fdddresa3.3.i.252OSOx2(sonfic-_f)#e^cdppppO5OE2("OntLC-ltl#IBQSfLUt冬Invalidinputdetectedat11marker.08OZc2(sonfic-if)shut%__NA-b-CHANc:EU:_nter±acezeria_3/3,changedstatetoj.pOSOx2(nonf:c;-■.f)#es::0S0x2(sonfic)iaO/O:'SQi2(=on£ic-_faddressT.T.4.2255.255.255.o|030^2(sonfic-_f)m二二t(jc.-£_c-_£)#ZNX-5-CHANi^ID:InterfaceFastEthemet3/0,changedstatetnCopyPaste3測試Pc0pingpc2¥PCOI□II,PhysicalConfigDesktopCommandPromptPackreriracerECconmiaiiciJLine1.0POping00Pinging00with32bytesofdata:Requesttimedout.bytes=32time=109nisTTL=127bytes=32bytes=32time=109nisTTL=127bytes=32time=125nisTTL=127byLes=32Lirae=125msTTL=127Replyfrom00:Replyrrora2.2.2.loc:Ping2tatisti£rsf&r2.2.2.IDO!Packets:Sent=4,Received=3rLost=1(25%loss)rApproximateroundtriptimesinmilli-seconds:Mininnm=109msrMaximum=125msrAverage=119msPc0pingDNSServerPinging00with32bytesofdata:Recruesttimedquc?Recruesttimedquc?Replyfrom00:Replyfron00:Replyfron00:bytes=32lbytes=32byt;e3=32tim.e=12Sinstim.e=125instim.e=109msTTL=127TTL=127TTL=127Pingstatisticsfor00:=1[25%1033)fPackets:Sent==1[25%1033)fAppnD5Liiiia.teraundtripinmilli-seconds:Miniimm=109ms^Maximum=125msfAverage=119msPc0pingwebserverPc2pingR1fa0/0暴PC2PhysicalConfigPhysicalConfigDesktopCommandPromptPacketTracerPCConmandLine1.0POpinjPinainj2-2,2.!with32bytesofdata:FieplyfromFieplyfromReplyfloinReplyfromReplyfromi>ytes=32i>ytea—32i>ytes=32i>ytes=32time=47nistime:—48matime=63niLStim.e=62msTTL=255TTI--2SSTTL=255TTL=255Pingstatisticsfor:Packets:Sent=4rReceived=4rLost=0(0?loss}fApproximateroundtriptimesinrnilli-BecQnds:Miniramn=47msfMaximum=63msrAverage=55msPc2pingR2faPingingwith32bytesofdata:Replyfrom:Replyfrom:Replyfrom:Replyfrom:bytes=32lbytes=32bytes=32bytes=32time=€3nistime=€2instime=€3nistime=62insTTL=255TTL=255TTL=255TTL=255Pingstatisticsfor:Packets:Sent=4rReceived=Last=0(0%loss}fApprQximat:eroundtriptimesinmilli-seconds:Mininmni=82ms,Maxinnim=63msfAverage=62ms配置rip并測試配置R1的rip甲R(shí)i口I心PhysicalConfigCLIIOSCommandLineInterface%LINEPROTO-5-UFDCWJ:LineprotacolonInterfaceSexialO/C>changedstateRl>Rl>Rl#co:nfigConfig^nringfrorrterninalr巽心工?,ornetwork[teiniinal]?Enterconfigura11oncoimr.andsfoneperlineaEndwithCNTL/Z.R1(config}#R1(config}#:ho5t03DR1030^1(config}ircintarrip030R1(config-router}#versior2030R1(config-router)■#routerip030R1(config-router}^network1.1.1.□□30R1(config-router}^network2.2.2-D030R1(config-zouter)■4netwark3.3.3.□匚□30E.1(aonfig-router)■fnetwork4a4.4.□030R1(confia-router}7CopyPaste

配置R2的rip甲R(shí)2言宜IMPhysicalConfigCLIIOSCommandLineInterface^LINEPROTC-S-UPDOO:LinerrotDColonIrterfaceFastEthernecO/O,charged-IoupD30R2>03OR2>030^2>canfigTranslatingrrconfigrr..-doic,己inserver(255■255■255.255}%Unknowncoiujc.andorcorr.puternar.eforunabletofindcoirpuceraddress030R2>030R2>=:n030^2*zonfigConfig^jringfronterniiDalrn?eiu.Dryfornetwork[terinina.1]?Enterconfigurationccnmr.dndsfonep-srline.EndvithCNTL/Z-030R2(config)frcuterrip030R2(config-routerHversior2030R2(con£ig一匚outer}inetwork3.3.3.D二j030R2(c:onfig-router-)■inetwazk4a4.4a□030R2(confia-router}i測試Pc0pingpc2Pc0pingdnsPc0pingR1s0/0Pinging3.3.3-1with32bytesofdata:ReplyfromReplyfrom:Replyfrom;Replyfrom:Replyflam:i>ytes=32byt-e5^32bytes=32bytes—32time=63nst-ime^^Snstinie=63nstime—62x13TTL=255TTL-255TTL=255TTL-255Pingstatisticsfoz-3=3a3.1sPackets:Sent=4,Received=4,Lost=0(0%loss)rApproxiniaHeroundtriptimesinnilli—secDiids:Minimuin=62msfMaxinura.=63nsrAverage=62nsPC>Pc2pingR1s0/0Pc2pingR2s0/0POping3a3=3a2Pingingwim32E>yLesardata:Replyfrom:bytes=32time=93msTTL=254Replyfrom:bytes=32Replyfrom:bytes=32time=94mstime=93nisTTL=254TTL=254Replyfrom3=3.3.2:Jbyte2=32time=94iLSTTL=254PingSLauisL-icslor:Packets:Sent=4,Received=4,Lost=0(0%Loss)fApproximatemundtriptimesinmill!-seconds:Mininnira.=93msfMaxinnin=94msrAverage=93ms配置R1的ACL

03OILL#03ORL#03QRL*ccnriaConriaurlnaItemLeriwlnal^memoryrornecworK[cemlnal]?EncerccnricpuraLloncomandg.oneperline.Endwichcnil/z.03QRL(CCnriQ)*access-lLSL101。巴工HULIp000-0,0,d2,2.Z.055osorl(ccnriff)#mcerrao/Dosqrl(ccnricf-iri*waccess-azrourioiinCopyPaste查看配置信息費(fèi)由r^T^~云PhysicalConFigCLI|IOSCommandLineInterfaceGSDRltshowaccess-list?ExtendedZF-aGcesslist101peririlcipbosr1.1_1.10D.0.3.255Daz-RiTsnowzpxneez±ao/oFfiiatEtkiExnctO/1DIsuprlinepzotcocil±sucICQi-EiectedlTnterrecaddressis1.1.1-3/2B2?ca£lcaBtad.3T=sa1255Addressdetern.rnedbysetupcomnandMTJisLSGOhelperaddressIsnonrDizeaceSbroadcasr^orwarcliEiffisdxBaDlsdOutaQinuaccej3±snetsetTubourdsccc^slistisIdlPz?t2.KyARPisenabledSesaxxtyle^elisdefault5plithozizanea-sLfcledICMPre^lreecssueal利日偵三sent|三|二CMPiisireachiafclegarealways3-ant二CHFmenkreplies<si.z:cneversent▼測試pc0pingpc2,dnsserverPOping00Pinging00with32bytesofdata:Replyfrom00:ReplyfromReplyfxamReplyfrom00:00:00:Replyfrom00:ReplyfromReplyfxamReplyfrom00:00:00:Pingstatisticsfor00:Packets:Sent=4fReceived=4rLost=0(0%loss)rApproxiraa.teroundtxiptimeainmiHi—seconds:Mininnini=94msrMaxirauni=12SmsfAverage=117ras刪除剛才建立ACL列表,并開啟DNSServer服務(wù)器的DNS服務(wù),添加域名解析記錄使域名指向00ZFaccessv^clatic^accounting淫disabledCiS3E<:4c:c-f:wICcinf二偵二二二二胃fronternELncL.riuemoTyfcr^etwcrk:;teriuinal;?三口七已二cor£LCJ.rat^oECDiuiiandsfc:二mper二二二m.Endwitr:CMTL/Z.(cQi.r_g)XiO/G-'.-.-i<i(cnrf■Q--f)4_raccp.=:.=:-ar":r---.『三|Z'32'Rl(corfi#eKi:'3:'R1(carfig)#|-ConyPaste在DNSServer服務(wù)器上添加第二條域名解析記錄使

配置R1的ACL,使PC0所在的網(wǎng)段上的節(jié)點(diǎn),只能訪問DNSServer服務(wù)器而不能訪問;paringfromtirirj.nalrrr.eir.cix:y>ornetwork[tenninial]?Enc=r二口nfig'LiratianuoBmands,oneperline-Es^dwithCEOL/Z-□saai(conrig)pincerta.D/D□SORI(c-onrig-it)access-gxoup101m□3DR1(conricr-iri#exjLD3DR1(conficr)#acceB3-ljLBt102cerrEit口由0-0.0.255best00eadoiiamRD30R1(config)#aeee3s-list102pemtitudpEEticst00CopyPaste再將ACL綁定在fa0/0

(conrigi-faecess-lisr102pexniiLudpJ.1.1.00?。?0,255moslz.2.z.zodD3QR1(aonrigifmcerta.D/lQ3oai(conrig-ir}^fwaccess-groGp1Q2cutD3DR1(conrior-iti耳CopyPaste使用show命令測試acl是否生效肥Ri言回聲CopyPastePhysicalConfigCLIIOSCommandLineInterface030Rif030E.L#showaccess-listExtendedIPaccessliat101permitzphost1.1_1.IDO2.2.2.DSS(Snateh(=s>}ExtendedIPaaceaslist102periaxtudp1.1.1.d0.0.D.255hostDDeqdoir.ainrer?_tndp1,1.1.00,0.0.255hose2.2?2,200030RL#showaccess-listsExtendedIEaGcesslist101permitirhose1.1-1.loo2.2?z,da.o.o,Z55(5natchtes}}ExtendedIPacee32list102pczioitudp1.1.1.Cl0i0.3.2^5hast03eqdomainpermitudp1,1.1.0o,d.0.255hose2.2?z,zoo□SaRLt^howipintsrfa0/lFastEthernet<1/1isup,lineprctacalIsup(caimectedfinternetaddressis2.2,2.1/2^BioadGastaddressis255.25S.255.255Addressdeterminedtycorir.andi<iuis15aa-■_~___3—I_-__j_.一_s_CopyPaste測試在PC2和DNSServer上是否可訪問WebserverPc2pingDNSServerpingSiftVZR>pingPlngxng4.4_4.1with32hytea:afdata:Requegttimedcut--Requesttimedqu€aH*qu?9^cur;.fteque^^LimedbPlugstatiatic3for:Packets:Sent;=4,Received=0#Lost=4(100%less)ps以住河將步驟34中配置的R1的ACL清除,然后將它配置到R2上并使之生效.呼K2E同曰PhysicalCanflgCLIIOSCommandLineInterfaceEnterconfi^rdrationrcueperline.Er_dwithCMTL/Z.#IaS3R3(config)#accea3-li=;t104permitrzlp1-1.1

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

最新文檔

評論

0/150

提交評論