Cisco組建中小型企業(yè)網(wǎng)絡(luò)實(shí)例.doc

資源ID：6632804 資源大?。?span id="n8gvu8r" class="font-tahoma">305.50KB 全文頁(yè)數(shù)：13頁(yè)
資源格式： DOC 下載積分：9.9積分

快捷下載

會(huì)員登錄下載

微信登錄下載

三方登錄下載：

微信掃一掃登錄

下載資源需要9.9積分

郵箱/手機(jī)：
溫馨提示：	用戶(hù)名和密碼都是您填寫(xiě)的郵箱或者手機(jī)號(hào)，方便查詢(xún)和重復(fù)下載（系統(tǒng)自動(dòng)生成）
支付方式：
驗(yàn)證碼：	換一換

賬號(hào)：
密碼：
驗(yàn)證碼：	換一換
當(dāng)日自動(dòng)登錄忘記密碼？

友情提示

1、下載資料失敗解決辦法

2、PDF文件下載后，可能會(huì)被瀏覽器默認(rèn)打開(kāi)，此種情況可以點(diǎn)擊瀏覽器菜單，保存網(wǎng)頁(yè)到桌面，就可以正常下載了。

3、本站不支持迅雷下載，請(qǐng)使用電腦自帶的IE瀏覽器，或者360瀏覽器、谷歌瀏覽器下載即可。

4、本站資源下載后的文檔和圖紙-無(wú)水印,預(yù)覽文檔經(jīng)過(guò)壓縮，下載后原文更清晰。

5、試題試卷類(lèi)文檔，如果標(biāo)題沒(méi)有明確說(shuō)明有答案則都視為沒(méi)有答案，請(qǐng)知曉。

網(wǎng)站客服

侵權(quán)投訴

Cisco組建中小型企業(yè)網(wǎng)絡(luò)實(shí)例.doc

組建中小型網(wǎng)絡(luò)1、Vlan 信息1Vlan ID網(wǎng)絡(luò)地址名稱(chēng)描述1172.16.10.0/24無(wú)本地 vlan2172.16.20.0/24yfzx研發(fā)中心3172.16.30.0/24zbb質(zhì)保部4172.16.40.0/24zzb制造部5172.16.50.0/24sbb設(shè)備部6172.16.60.0/24cgb采購(gòu)部7172.16.70.0/24xsb銷(xiāo)售部8172.16.80.0/24cwb財(cái)務(wù)部9172.16.90.0/24glb管理部100172.16.100.0/24zjb總經(jīng)辦2、VTP信息3、設(shè)備 IP地址分配交換機(jī)、路由器詳細(xì)配置1IP 地址設(shè)置2600-R-1（config）# int F0/02600-R-1 (config-if) #ip add 221.215.31.129 255.255.255.02600-R-1 (config-if) #no shutdown-2600-R-1（config-if）# int F0/12600-R-1 (config-if) #ip add 192.168.1.1 255.255.255.02600-R-1 (config-if) #no shutdown3550-S-1 (config) # int F0/13550-S-1 (config-if) # no switchport.路由端口3550-S-1 (config-if) # ip add 192.168.1.2 255.255.255.03550-S-1 (config) # int vlan 1 .管理 vlan3550-S-1 (config-if) # ip add 172.16.10.1 255.255.255.03550-S-1 (config-if) # int vlan 2研發(fā)中心3550-S-1 (config-if) # ip add 172.16.20.1 255.255.255.02設(shè)備名稱(chēng)DomainPrunningPasswordMode3550-S-1vtp1Enable123Server2950-S-1vtp1Enable123Client2950-S-2vtp1Enable123Client2950-S-3vtp1Enable123Client2950-S-4vtp1Enable123Client設(shè)備名稱(chēng)接口IP 地址描述2600-R-1F0/0221.215.31.129/29WANF0/1192.168.1.1/24-3550-S-1F0/1192.168.1.2/243L-Switch23550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-13550-S-1VTP 配置(config-if) (config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)(config-if)int vlan 3質(zhì)保部ip add 172.16.30.1 255.255.255.0int vlan 4制造部ip add 172.16.40.1 255.255.255.0int vlan 5設(shè)備部ip add 172.16.50.1 255.255.255.0int vlan 6采購(gòu)部ip add 172.16.60.1 255.255.255.0int vlan 7銷(xiāo)售部ip add 172.16.70.1 255.255.255.0int vlan 8財(cái)務(wù)部ip add 172.16.80.1 255.255.255.0int vlan 9管理部ip add 172.16.90.1 255.255.255.0int vlan 100總經(jīng)辦ip add 172.16.100.1 255.255.255.03550-S-1 # vlan database3550-S-1 (vlan) # vtp domain vtp13550-S-1 (vlan) # vtp server3550-S-1 (vlan) # vtp password 1233550-S-1 (vlan) # vtp pruning.修剪3550-S-1 (vlan) # vlan 2 name yfzx.研發(fā)中心3550-S-1 (vlan) # vlan 3 name zbb.質(zhì)保部3550-S-1 (vlan) # vlan 4 name zzb制造部3550-S-1 (vlan) # vlan 5 name sbb設(shè)備部3550-S-1 (vlan) # vlan 6 name cgb采購(gòu)部3550-S-1 (vlan) # vlan 7 name xsb 銷(xiāo)售部3550-S-1 (vlan) # vlan 8 name xsb.財(cái)務(wù)部3550-S-1 (vlan) # vlan 9 name xsb 管理部-2950-S-1 (vlan) #vtp domain vtp12950-S-1 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-1 (vlan) #vtp client客戶(hù)模式2950-S-1 (vlan) #vtp password 1232950-S-2 (vlan) #vtp domain vtp12950-S-2 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-2 (vlan) #vtp client客戶(hù)模式2950-S-2 (vlan) #vtp password 1232950-S-3 (vlan) #vtp domain vtp12950-S-3 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-3 (vlan) #vtp client客戶(hù)模式32950-S-32950-S-42950-S-4(vlan)(vlan)(vlan)#vtp#vtp#vtppassword 123domain vtp1tran透明模式(配置修改編號(hào)清零)2950-S-42950-S-4(vlan)(vlan)#vtp#vtpclientpassword 123客戶(hù)模式3 路由配置2600-R-1（config）# ip route 0.0.0.0 0.0.0.0 f0/2.缺省路由2600-R-1（config）# ip route 192.168.0.0 255.255.0.0 192.168.1.23550-R-1 (config) # ip route 0.0.0.0 0.0.0.0 192.168.1.145NAT2600-R-1（config）# access-list 101 permit ip 192.168.0.00.0.255.255 192.168.0.00.0.255.255.內(nèi)部局部地址2600-R-1（config）# ip nat pool WAN 221.215.31.131221.215.31.134 prefix-len 29定義合法 IP 地址池2600-R-1（config）# ip nat inside sour list 101 pool WAN .實(shí)現(xiàn)地址轉(zhuǎn)換2600-R-1（config）# int f0/12600-R-1（config-if）# ip nat inside.定義 NAT inside2600-R-1（config）# int f0/02600-R-1（config-if）# ip nat outside.定義 NAToutside 端口Vlan 流量控制制造部、設(shè)備部 vlan 實(shí)現(xiàn)互訪，禁止訪問(wèn)其它部門(mén) vlan制造部、設(shè)備部上班時(shí)間禁止訪問(wèn) internet(8:00-12:00 2:00-6:00)研發(fā)中心、質(zhì)保部 vlan 實(shí)現(xiàn)互訪，禁止訪問(wèn)其它部門(mén) vlan財(cái)務(wù)部 vlan 實(shí)現(xiàn)與采購(gòu)部、銷(xiāo)售部 vlan 的單向訪問(wèn)總經(jīng)辦 vlan 實(shí)現(xiàn)與財(cái)務(wù)部、管理部 vlan 的單向訪問(wèn)管理部 vlan 禁止訪問(wèn)其它部門(mén) vlan各部門(mén) vlan 都能訪問(wèn)服務(wù)器區(qū)3550-S-1(config) # time-range restrict3550-S-1(config-time-range) # periodic daily start 12:00 to 2:00.設(shè)置時(shí)間范圍3550-S-1 (config) # ip access-list extend yfzx .研發(fā)中心 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.20.00.0.0.255.訪問(wèn)質(zhì)保部43550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any3550-S-1 (config) # ip access-list extend zbb.質(zhì)保部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.10.00.0.0.255.訪問(wèn)研發(fā)中心3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend zzb.制造部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.40.00.0.0.255.訪問(wèn)設(shè)備部3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any time-range restrict.上班時(shí)間禁止上網(wǎng)3550-S-1 (config) # ip access-list extend sbb.設(shè)備部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.30.0 0.0.0.255.訪問(wèn)制造部3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend cgb.采購(gòu)部 ACL3550-S-1 (config-ext-nacl) # evaluate cwb-cgb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.25553550-S-1 (config-ext-nacl) #permit ip any any-3550-S-1 (config) # ip access-list extend xsb.銷(xiāo)售部 ACL3550-S-1 (config-ext-nacl) # evaluate cwb-xsb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any-3550-S-1 (config) # ip access-list extend cwb.財(cái)務(wù)部 ACL3550-S-1 (config-ext-nacl) # permint ip any 172.16.60.00.0.0.255 reflect cwb-cgb.創(chuàng)建自反 ACL cwb-cgb3550-S-1 (config-ext-nacl) # permint ip any 172.16.70.00.0.0.255 reflect cwb-xsb.創(chuàng)建自反 ACL cwb-xsb3550-S-1 (config-ext-nacl) # evaluate zjb-cwb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend cwb.管理部 ACL3550-S-1 (config-ext-nacl) # evaluate zjb-glb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend zjb.總經(jīng)辦 ACL3550-S-1 (config-ext-nacl) # permint ip any 172.16.80.00.0.0.255 reflect zjb-cwb.創(chuàng)建自反 ACL zjb-cwb3550-S-1 (config-ext-nacl) # permint ip any 172.16.90.00.0.0.255 reflect zjb-glb.創(chuàng)建自反 ACL zjb-glb3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.2556訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any anyACL 應(yīng)用：3550-S-13550-S-13550-S-13550-S-13550-S-13550-S-1(config) # int vlan 2 .研發(fā)中心(config-if) #ip access-group yfzx in(config) # int vlan 3 .質(zhì)保部(config-if) #ip access-group zbb in(config) # int vlan 4 制造部(config-if) #ip access-group zzb in(略)附：關(guān)鍵字 established 的 ACL 應(yīng)用(單向訪問(wèn))3550-S-1 (config) # ip access-list extend cgb.采購(gòu)部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.80.0 0.0.0.0.255estab3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any3550-S-1 (config) # ip access-list extend xsb.銷(xiāo)售部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.80.0 0.0.0.0.255estab3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any1、Vlan 信息7Vlan ID網(wǎng)絡(luò)地址名稱(chēng)描述1172.16.10.0/24無(wú)本地 vlan2172.16.20.0/24yfzx研發(fā)中心2、VTP信息3、設(shè)備 IP地址分配交換機(jī)、路由器詳細(xì)配置1IP 地址設(shè)置2600-R-1（config）# int F0/02600-R-1 (config-if) #ip add 221.215.31.129 255.255.255.083172.16.30.0/24zbb質(zhì)保部4172.16.40.0/24zzb制造部5172.16.50.0/24sbb設(shè)備部6172.16.60.0/24cgb采購(gòu)部7172.16.70.0/24xsb銷(xiāo)售部8172.16.80.0/24cwb財(cái)務(wù)部9172.16.90.0/24glb管理部100172.16.100.0/24zjb總經(jīng)辦設(shè)備名稱(chēng)DomainPrunningPasswordMode3550-S-1vtp1Enable123Server2950-S-1vtp1Enable123Client2950-S-2vtp1Enable123Client2950-S-3vtp1Enable123Client2950-S-4vtp1Enable123Client設(shè)備名稱(chēng)接口IP 地址描述2600-R-1F0/0221.215.31.129/29WANF0/1192.168.1.1/24-3550-S-1F0/1192.168.1.2/243L-Switch2600-R-1 (config-if) #no shutdown-2600-R-1（config-if）# int F0/12600-R-1 (config-if) #ip add 192.168.1.1 255.255.255.02600-R-1 (config-if) #no shutdown3550-S-1 (config) # int F0/13550-S-1 (config-if) # no switchport.路由端口3550-S-1 (config-if) # ip add 192.168.1.2 255.255.255.03550-S-1 (config) # int vlan 1 .管理 vlan3550-S-1 (config-if) # ip add 192.168.10.1 255.255.255.03550-S-1 (config-if) # int vlan 2研發(fā)中心3550-S-1 (config-if) # ip add 192.168.20.1 255.255.255.03550-S-1 (config-if) # int vlan 3質(zhì)保部3550-S-1 (config-if) # ip add 192.168.30.1 255.255.255.03550-S-1 (config-if) # int vlan 4制造部3550-S-1 (config-if) # ip add 192.168.40.1 255.255.255.03550-S-1 (config-if) # int vlan 5設(shè)備部3550-S-1 (config-if) # ip add 192.168.50.1 255.255.255.03550-S-1 (config-if) # int vlan 6采購(gòu)部3550-S-1 (config-if) # ip add 192.168.60.1 255.255.255.03550-S-1 (config-if) # int vlan 7銷(xiāo)售部3550-S-1 (config-if) # ip add 192.168.70.1 255.255.255.03550-S-1 (config-if) # int vlan 8財(cái)務(wù)部3550-S-1 (config-if) # ip add 192.168.80.1 255.255.255.03550-S-1 (config-if) # int vlan 9管理部3550-S-1 (config-if) # ip add 192.168.90.1 255.255.255.03550-S-1 (config-if) # int vlan 100總經(jīng)辦3550-S-1 (config-if) # ip add 192.168.100.1 255.255.255.02VTP 配置3550-S-1（config）# vlan database3550-S-1 (vlan) # vtp domain vtp13550-S-1 (vlan) # vtp server3550-S-1 (vlan) # vtp password 1233550-S-1 (vlan) # vtp pruning.修剪3550-S-1 (vlan) # vlan 2 name yfzx.研發(fā)中心3550-S-1 (vlan) # vlan 3 name zbb.質(zhì)保部3550-S-1 (vlan) # vlan 4 name zzb制造部3550-S-1 (vlan) # vlan 5 name sbb設(shè)備部3550-S-1 (vlan) # vlan 6 name cgb采購(gòu)部3550-S-1 (vlan) # vlan 7 name xsb 銷(xiāo)售部3550-S-1 (vlan) # vlan 8 name xsb.財(cái)務(wù)部3550-S-1 (vlan) # vlan 9 name xsb 管理部9-2950-S-1 (vlan) #vtp domain vtp12950-S-1 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-1 (vlan) #vtp client客戶(hù)模式2950-S-1 (vlan) #vtp password 1232950-S-2 (vlan) #vtp domain vtp12950-S-2 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-2 (vlan) #vtp client客戶(hù)模式2950-S-2 (vlan) #vtp password 1232950-S-3 (vlan) #vtp domain vtp12950-S-3 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-3 (vlan) #vtp client客戶(hù)模式2950-S-3 (vlan) #vtp password 1232950-S-4 (vlan) #vtp domain vtp12950-S-4 (vlan) #vtp tran透明模式(配置修改編號(hào)清零)2950-S-4 (vlan) #vtp client客戶(hù)模式2950-S-4 (vlan) #vtp password 1233 路由配置2600-R-1（config）# ip route 0.0.0.0 0.0.0.0 f0/2.缺省路由2600-R-1（config）# ip route 192.168.0.0 255.255.0.0 192.168.1.23550- R -1 (config) # ip route 0.0.0.0 0.0.0.0 192.168.1.145NAT2600-R-1（config）# access-list 101 permit ip 192.168.0.00.0.255.255 192.168.0.00.0.255.255.內(nèi)部局部地址2600-R-1（config）# ip nat pool WAN 221.215.31.131221.215.31.134 prefix-len 29定義合法 IP 地址池2600-R-1（config）# ip nat inside sour list 101 pool WAN .實(shí)現(xiàn)地址轉(zhuǎn)換2600-R-1（config）# int f0/12600-R-1（config-if）# ip nat inside.定義 NAT inside2600-R-1（config）# int f0/02600-R-1（config-if）# ip nat outside.定義 NAToutside 端口Vlan 流量控制制造部、設(shè)備部 vlan 實(shí)現(xiàn)互訪，禁止訪問(wèn)其它部門(mén) vlan制造部、設(shè)備部上班時(shí)間禁止訪問(wèn) internet(8:00-12:00 2:00-6:00)研發(fā)中心、質(zhì)保部 vlan 實(shí)現(xiàn)互訪，禁止訪問(wèn)其它部門(mén) vlan財(cái)務(wù)部 vlan 實(shí)現(xiàn)與采購(gòu)部、銷(xiāo)售部 vlan 的單向訪問(wèn)10總經(jīng)辦 vlan 實(shí)現(xiàn)與財(cái)務(wù)部、管理部 vlan 的單向訪問(wèn)管理部 vlan 禁止訪問(wèn)其它部門(mén) vlan各部門(mén) vlan 都能訪問(wèn)服務(wù)器區(qū)3550-S-1(config) # time-range restrict3550-S-1(config-time-range) # periodic daily start 12:00 to 2:00.設(shè)置時(shí)間范圍3550-S-1 (config) # ip access-list extend yfzx .研發(fā)中心 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.20.00.0.0.255.訪問(wèn)質(zhì)保部3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any3550-S-1 (config) # ip access-list extend zbb.質(zhì)保部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.10.00.0.0.255.訪問(wèn)研發(fā)中心3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend zzb.制造部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.40.00.0.0.255.訪問(wèn)設(shè)備部3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any time-range restrict.上班時(shí)間禁止上網(wǎng)3550-S-1 (config) # ip access-list extend sbb.設(shè)備部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.30.0 0.0.0.255.訪問(wèn)制造部3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)113550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend cgb.采購(gòu)部 ACL3550-S-1 (config-ext-nacl) # evaluate cwb-cgb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any-3550-S-1 (config) # ip access-list extend xsb.銷(xiāo)售部 ACL3550-S-1 (config-ext-nacl) # evaluate cwb-xsb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any-3550-S-1 (config) # ip access-list extend cwb.財(cái)務(wù)部 ACL3550-S-1 (config-ext-nacl) # permint ip any 172.16.60.00.0.0.255 reflect cwb-cgb.創(chuàng)建自反 ACL cwb-cgb3550-S-1 (config-ext-nacl) # permint ip any 172.16.70.00.0.0.255 reflect cwb-xsb.創(chuàng)建自反 ACL cwb-xsb3550-S-1 (config-ext-nacl) # evaluate zjb-cwb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any-3550-S-1 (config) # ip access-list extend cwb.管理部 ACL3550-S-1 (config-ext-nacl) # evaluate zjb-glb .計(jì)算匹配自反 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any any12-3550-S-1 (config) # ip access-list extend zjb.總經(jīng)辦 ACL3550-S-1 (config-ext-nacl) # permint ip any 172.16.80.00.0.0.255 reflect zjb-cwb.創(chuàng)建自反 ACL zjb-cwb3550-S-1 (config-ext-nacl) # permint ip any 172.16.90.00.0.0.255 reflect zjb-glb.創(chuàng)建自反 ACL zjb-glb3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) # deny ip any 192.168.0.0 0.0.255.255.禁止訪問(wèn)其它部門(mén)3550-S-1 (config-ext-nacl) # permit ip any anyACL 應(yīng)用：3550-S-13550-S-13550-S-13550-S-13550-S-13550-S-1(config) # int vlan 2 .研發(fā)中心(config-if) #ip access-group yfzx in(config) # int vlan 3 .質(zhì)保部(config-if) #ip access-group zbb in(config) # int vlan 4 制造部(config-if) #ip access-group zzb in(略)附：關(guān)鍵字 established 的 ACL 應(yīng)用(單向訪問(wèn))3550-S-1 (config) # ip access-list extend cgb.采購(gòu)部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.80.0 0.0.0.0.255estab3550-S-1 (config-ext-nacl) # permit ip any 172.16.100.0 0.0.0.255訪問(wèn)服務(wù)器區(qū)3550-S-1 (config-ext-nacl) #deny ip any 192.168.0.0 0.0.255.2553550-S-1 (config-ext-nacl) #permit ip any any3550-S-1 (config) # ip access-list extend xsb.銷(xiāo)售部 ACL3550-S-1 (config-ext-nacl) # permit ip any 172.16.80.0 0.

注意事項(xiàng)

本文（Cisco組建中小型企業(yè)網(wǎng)絡(luò)實(shí)例.doc）為本站會(huì)員（w****2）主動(dòng)上傳，裝配圖網(wǎng)僅提供信息存儲(chǔ)空間，僅對(duì)用戶(hù)上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理，對(duì)上載內(nèi)容本身不做任何修改或編輯。若此文所含內(nèi)容侵犯了您的版權(quán)或隱私，請(qǐng)立即通知裝配圖網(wǎng)（點(diǎn)擊聯(lián)系客服），我們立即給予刪除！

溫馨提示：如果因?yàn)榫W(wǎng)速或其他原因下載失敗請(qǐng)重新下載，重復(fù)下載不扣分。