ACL实验-VLAN间访问控制（PBR流分类）

流分类配置简要

acl number 3010

rule 5 permit ip destination 192.168.50.240 0

rule 10 deny ip source 192.168.40.0 0.0.0.255 destination 192.168.50.0 0.0.0.255

acl number 3020

rule 3 permit ip destination 192.168.50.240 0

rule 5 deny ip source 192.168.20.0 0.0.0.255 destination 192.168.30.0 0.0.0.255

rule 10 deny ip source 192.168.20.0 0.0.0.255 destination 192.168.50.0 0.0.0.255

rule 20 deny ip source 192.168.30.0 0.0.0.255 destination 192.168.50.0 0.0.0.255

rule 30 deny ip source 192.168.30.0 0.0.0.255 destination 192.168.40.0 0.0.0.255

traffic classifier c1 operator and

if-match acl 3010

traffic classifier c2 operator and

if-match acl 3020

traffic behavior b1

permit

traffic policy p1

classifier c1 behavior b1

traffic policy p2

classifier c2 behavior b1

vlan 20

traffic-policy p2 inbound

vlan 30

traffic-policy p2 inbound

vlan 40

traffic-policy p1 inbound

posted @ 2019-10-23 11:30 烛火燎远阅读(587) 评论(0) 收藏举报

刷新页面返回顶部

烛火燎远