H3C 5500 实现单向访问

2020-01-08 16:00:43 浏览数 (1)

vlan2 地址:192.168.2.0

vlan3 地址:192.168.3.0

允许 vlan 3 单向访问 vlan 2,vlan 2 不能访问vlan 3 

[S5500F]acl number 3200

[S5500_903F-acl-adv-3200]rule 0 permit tcp established source 192.168.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

[S5500_903F-acl-adv-3200]rule 1 deny tcp source 192.168.2.0 0.0.0.255 destination 192.168.3.0 0.0.0.255

[S5500_903F-Vlan-interface2]packet-filter 3200 inbound  

#packet-filter 只支持 Version 5.20, Release 2210 以上版本

0 人点赞