Лабораторная 10.5: Проверка расширенных списков доступа

Лабораторная 10.5: Проверка расширенных списков доступа

Мы будем использовать здесь те же команды, что и при проверке стандартных списков (лаб. 10.2)

1. На 2600A выполните show access-list

2600A#show access-list

2. Проверьте список 110 с помощью show access-list 110.

2600A#show access-list 110

3. Выполните просмотр только IP списков (других правда и нет на этом маршрутизаторе).

2600A#show ip access-list

4. Для определения на каких интерфейсах применены списки доступа, выполните show ip interface

2600A#show ip interface
vedro-compota's picture

2600A>enable
Password: 
2600A#show access-list
Extended IP access list 110
    deny tcp host 172.16.50.3 172.16.40.0 0.0.0.255 eq telnet (12 match(es))
    permit ip any any (35 match(es))
2600A#show access-list 110
Extended IP access list 110
    deny tcp host 172.16.50.3 172.16.40.0 0.0.0.255 eq telnet (12 match(es))
    permit ip any any (35 match(es))
2600A#show ip access-list 
Extended IP access list 110
    deny tcp host 172.16.50.3 172.16.40.0 0.0.0.255 eq telnet (12 match(es))
    permit ip any any (37 match(es))
2600A#show ip interface
FastEthernet0/0 is up, line protocol is up (connected)
  Internet address is 172.16.40.1/24
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500
  Helper address is not set
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Security level is default
  Split horizon is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
  ICMP mask replies are never sent
  IP fast switching is disabled
  IP fast switching on the same interface is disabled
  IP Flow switching is disabled
  IP Fast switching turbo vector
  IP multicast fast switching is disabled
  IP multicast distributed fast switching is disabled
  Router Discovery is disabled
  IP output packet accounting is disabled
  IP access violation accounting is disabled
  TCP/IP header compression is disabled
  RTP/IP header compression is disabled
  Probe proxy name replies are disabled
  Policy routing is disabled
  Network address translation is disabled
  WCCP Redirect outbound is disabled
  WCCP Redirect exclude is disabled
  BGP Policy Mapping is disabled
Serial0/0 is up, line protocol is up (connected)
  Internet address is 172.16.20.2/24
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500
  Helper address is not set
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is 110
  Proxy ARP is enabled
  Security level is default
  Split horizon is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
  ICMP mask replies are never sent
  IP fast switching is disabled
  IP fast switching on the same interface is disabled
  IP Flow switching is disabled
  IP Fast switching turbo vector
  IP multicast fast switching is disabled
  IP multicast distributed fast switching is disabled
  Router Discovery is disabled
  IP output packet accounting is disabled
  IP access violation accounting is disabled
  TCP/IP header compression is disabled
  RTP/IP header compression is disabled
  Probe proxy name replies are disabled
  Policy routing is disabled
  Network address translation is disabled
  WCCP Redirect outbound is disabled
  WCCP Redirect exclude is disabled
  BGP Policy Mapping is disabled
Serial0/1 is administratively down, line protocol is down (disabled)
  Internet protocol processing disabled
2600A#
2600A#

_____________
матфак вгу и остальная классика =)