This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
использование_списков_доступа [2012/08/23 08:39] val |
использование_списков_доступа [2015/04/29 16:17] val [для организации сервиса NAT] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Использование списков доступа ====== | ====== Использование списков доступа ====== | ||
- | ===== Доступ к vty ===== | + | ===== для ограничения доступа к vty ===== |
<code> | <code> | ||
no access-list 1 | no access-list 1 | ||
Line 15: | Line 15: | ||
</code> | </code> | ||
- | ===== Фильтрация пакетов ===== | + | ===== для организации пакетного фильтра ===== |
<code> | <code> | ||
no ip access-list extended ACL_FIREWALL | no ip access-list extended ACL_FIREWALL | ||
Line 33: | Line 33: | ||
</code> | </code> | ||
- | ===== NAT ===== | + | ===== для организации сервиса NAT ===== |
<code> | <code> | ||
ip access-list standard ACL_NAT | ip access-list standard ACL_NAT | ||
Line 42: | Line 42: | ||
ip nat inside source list ACL_NAT interface FastEthernet1/1 overload | ip nat inside source list ACL_NAT interface FastEthernet1/1 overload | ||
- | ip nat inside source static udp 192.168.X.10 53 172.16.1.X 53 extendable | ||
- | ip nat inside source static tcp 192.168.X.10 53 172.16.1.X 53 extendable | ||
ip nat inside source static tcp 192.168.X.10 22 172.16.1.X 22 extendable | ip nat inside source static tcp 192.168.X.10 22 172.16.1.X 22 extendable | ||
ip nat inside source static tcp 192.168.X.10 80 172.16.1.X 80 extendable | ip nat inside source static tcp 192.168.X.10 80 172.16.1.X 80 extendable | ||
Line 60: | Line 58: | ||
</code> | </code> | ||
- | ===== Policy Routing ===== | + | ===== для управления политиками маршрутизации ===== |
<code> | <code> | ||
ip access-list extended ACL_REDIRECT_HTTP | ip access-list extended ACL_REDIRECT_HTTP | ||
Line 71: | Line 69: | ||
interface FastEthernet1/0 | interface FastEthernet1/0 | ||
+ | description connection to LAN | ||
ip policy route-map RM_REDIRECT_HTTP | ip policy route-map RM_REDIRECT_HTTP | ||
</code> | </code> | ||
- | |||
- | FastEthernet1/0 - интерфейс подключенный к LAN | ||
- | |||