1.搭建的拓扑图
2.配置命令:
R7(config)#ip access-list extended ref_gjp
R7(config-ext-nacl)#permit ip 192.168.1.0 0.0.0.255 any reflect ref_gjp1
R7(config-ext-nacl)#exit
R7(config)#ip access-list extended ref_gjp2
R7(config-ext-nacl)#evaluate ref_gjp1
R7(config-ext-nacl)#exit
R7(config)#int f1/0
R7(config-if)#ip access-group ref_gjp out
R7(config-if)#ip access-group ref_gjp2 in
R7(config-if)#end
3. 配置截图:
测试:
R7#show ip access-list
Extended IP access list ref_gjp
10 permit ip 192.168.1.0 0.0.0.255 any reflect ref_gjp1 (41 matches)
Reflexive IP access list ref_gjp1
permit icmp host 192.168.101.128 host 192.168.1.10 (14 matches) (time left 240)
Extended IP access list ref_gjp2
10 evaluate ref_gjp1
(如有误,请多多指教!)
本文转自 gjp0731 51CTO博客,原文链接:http://blog.51cto.com/guojiping/957706
