interface Ethernet0/0
description SAMS network whose IP address is 10.40.15.x
ip address 10.40.15.1 255.255.255.0
!
interface Ethernet0/1
description ITEd network whose IP address is 10.40.0.x
ip address 10.40.0.1 255.255.255.0
ip access-group 101 in
!
access-list 101 permit tcp 10.40.0.0 0.0.0.255 10.40.15.0 0.0.0.255 gt 1023 established
access-list 101 permit udp 10.40.0.0 0.0.0.255 10.40.15.0 0.0.0.255 gt 1023
access-list 101 permit udp host 10.40.0.254 eq netbios-dgm 10.40.15.0 0.0.0.255 eq netbios-dgm
access-list 101 permit tcp host 10.40.0.254 gt 1023 10.40.15.0 0.0.0.255 eq 139
access-list 101 permit icmp any 10.40.15.0 0.0.0.255 echo-reply
access-list 101 permit icmp any 10.40.15.0 0.0.0.255 packet-too-big
access-list 101 permit tcp host 10.40.0.101 host 10.40.15.201 eq 8009
access-list 101 permit tcp host 10.40.0.101 host 10.40.15.201 eq 7009
access-list 101 deny ip any any log
沒有留言:
張貼留言