S7506E
- 0关注
- 1收藏,2766浏览
问题描述:
下面这份配置是6503上的 现在要把这份配置腾到新设备7506E上,acl是可以写进去的 ,但是接口下的配置写不了,请问一下,需要怎么操作呢?
注:两个acl报文过滤都同时写在接口里面的
pinterface GigabitEthernet1/0/7
description toGuangBoJiFang<172.20.80.105>
duplex full
speed 1000
port link-type trunk
port trunk permit vlan all
port trunk pvid vlan 200
qosacket-filter inbound ip-group 3050 rule 57 system-index 412
packet-filter inbound ip-group 3050 rule 58 system-index 413
packet-filter inbound ip-group 3051 rule 0 system-index 532
packet-filter inbound ip-group 3051 rule 1 system-index 533
packet-filter inbound ip-group 3051 rule 2 system-index 534
packet-filter inbound ip-group 3051 rule 3 system-index 535
acl number 3050
rule 0 deny tcp source-port eq 3127
rule 1 deny tcp source-port eq 1025
rule 2 deny tcp source-port eq 5554
rule 3 deny tcp source-port eq 9995
rule 4 deny udp source-port eq 9995
rule 5 deny tcp source-port eq 9996
rule 6 deny udp source-port eq 9996
rule 7 deny tcp source-port eq 1068
rule 8 deny tcp source-port eq 135
rule 9 deny tcp source-port eq 136
rule 10 deny tcp source-port eq 137
rule 11 deny tcp source-port eq 138
rule 12 deny tcp source-port eq 139
rule 13 deny udp source-port eq 135
rule 14 deny udp source-port eq 136
rule 15 deny udp source-port eq netbios-ns
rule 16 deny udp source-port eq netbios-dgm
rule 17 deny udp source-port eq netbios-ssn
rule 18 deny tcp source-port eq 593
rule 19 deny tcp source-port eq 4444
rule 20 deny tcp source-port eq 5800
rule 21 deny tcp source-port eq 5900
rule 22 deny tcp source-port eq 8998
rule 23 deny tcp source-port eq 445
rule 24 deny udp source-port eq 445
rule 25 deny tcp source-port eq 446
rule 26 deny udp source-port eq 446
rule 27 deny tcp source-port eq 1434
rule 28 deny udp source-port eq 1434
rule 29 deny tcp destination-port eq 3127
rule 30 deny tcp destination-port eq 1025
rule 31 deny tcp destination-port eq 5554
rule 32 deny tcp destination-port eq 9995
rule 33 deny udp destination-port eq 9995
rule 34 deny tcp destination-port eq 9996
rule 35 deny udp destination-port eq 9996
rule 36 deny tcp destination-port eq 1068
rule 37 deny tcp destination-port eq 135
rule 38 deny tcp destination-port eq 136
rule 39 deny tcp destination-port eq 137
rule 40 deny tcp destination-port eq 138
rule 41 deny tcp destination-port eq 139
rule 42 deny udp destination-port eq 135
rule 43 deny udp destination-port eq 136
rule 44 deny udp destination-port eq netbios-ns
rule 45 deny udp destination-port eq netbios-dgm
rule 46 deny udp destination-port eq netbios-ssn
rule 47 deny tcp destination-port eq 593
rule 48 deny tcp destination-port eq 4444
rule 49 deny tcp destination-port eq 5800
rule 50 deny tcp destination-port eq 5900
rule 51 deny tcp destination-port eq 8998
rule 52 deny tcp destination-port eq 445
rule 53 deny udp destination-port eq 445
rule 54 deny tcp destination-port eq 446
rule 55 deny udp destination-port eq 446
rule 56 deny tcp destination-port eq 1434
rule 57 deny udp destination-port eq 1434
rule 58 permit ip
acl number 3051
rule 0 deny ip destination 222.186.189.144 0
rule 1 deny ip destination 222.186.189.145 0
rule 2 deny ip destination 125.89.73.70 0
rule 3 deny ip destination 125.89.73.74 0
rule 4 deny ip destination 220.181.24.100 0
rule 5 deny ip destination 61.188.87.235 0
rule 6 deny ip destination 220.181.24.75 0
rule 7 deny ip destination 54.251.107.25 0
interface GigabitEthernet1/0/7
description toGuangBoJiFang<172.20.80.105>
duplex full
speed 1000
port link-type trunk
port trunk permit vlan all
port trunk pvid vlan 200
qos
packet-filter inbound ip-group 3050 rule 0 system-index 355
packet-filter inbound ip-group 3050 rule 1 system-index 356
packet-filter inbound ip-group 3050 rule 2 system-index 357
packet-filter inbound ip-group 3050 rule 3 system-index 358
packet-filter inbound ip-group 3050 rule 4 system-index 359
packet-filter inbound ip-group 3050 rule 5 system-index 360
packet-filter inbound ip-group 3050 rule 6 system-index 361
packet-filter inbound ip-group 3050 rule 7 system-index 362
packet-filter inbound ip-group 3050 rule 8 system-index 363
packet-filter inbound ip-group 3050 rule 9 system-index 364
packet-filter inbound ip-group 3050 rule 10 system-index 365
packet-filter inbound ip-group 3050 rule 11 system-index 366
packet-filter inbound ip-group 3050 rule 12 system-index 367
packet-filter inbound ip-group 3050 rule 13 system-index 368
packet-filter inbound ip-group 3050 rule 14 system-index 369
packet-filter inbound ip-group 3050 rule 15 system-index 370
packet-filter inbound ip-group 3050 rule 16 system-index 371
packet-filter inbound ip-group 3050 rule 17 system-index 372
packet-filter inbound ip-group 3050 rule 18 system-index 373
packet-filter inbound ip-group 3050 rule 19 system-index 374
packet-filter inbound ip-group 3050 rule 20 system-index 375
packet-filter inbound ip-group 3050 rule 21 system-index 376
packet-filter inbound ip-group 3050 rule 22 system-index 377
packet-filter inbound ip-group 3050 rule 23 system-index 378
packet-filter inbound ip-group 3050 rule 24 system-index 379
packet-filter inbound ip-group 3050 rule 25 system-index 380
packet-filter inbound ip-group 3050 rule 26 system-index 381
packet-filter inbound ip-group 3050 rule 27 system-index 382
packet-filter inbound ip-group 3050 rule 28 system-index 383
packet-filter inbound ip-group 3050 rule 29 system-index 384
packet-filter inbound ip-group 3050 rule 30 system-index 385
packet-filter inbound ip-group 3050 rule 31 system-index 386
packet-filter inbound ip-group 3050 rule 32 system-index 387
packet-filter inbound ip-group 3050 rule 33 system-index 388
packet-filter inbound ip-group 3050 rule 34 system-index 389
packet-filter inbound ip-group 3050 rule 35 system-index 390
packet-filter inbound ip-group 3050 rule 36 system-index 391
packet-filter inbound ip-group 3050 rule 37 system-index 392
packet-filter inbound ip-group 3050 rule 38 system-index 393
packet-filter inbound ip-group 3050 rule 39 system-index 394
packet-filter inbound ip-group 3050 rule 40 system-index 395
packet-filter inbound ip-group 3050 rule 41 system-index 396
packet-filter inbound ip-group 3050 rule 42 system-index 397
packet-filter inbound ip-group 3050 rule 43 system-index 398
packet-filter inbound ip-group 3050 rule 44 system-index 399
packet-filter inbound ip-group 3050 rule 45 system-index 400
packet-filter inbound ip-group 3050 rule 46 system-index 401
packet-filter inbound ip-group 3050 rule 47 system-index 402
packet-filter inbound ip-group 3050 rule 48 system-index 403
packet-filter inbound ip-group 3050 rule 49 system-index 404
packet-filter inbound ip-group 3050 rule 50 system-index 405
packet-filter inbound ip-group 3050 rule 51 system-index 406
packet-filter inbound ip-group 3050 rule 52 system-index 407
packet-filter inbound ip-group 3050 rule 53 system-index 408
packet-filter inbound ip-group 3050 rule 54 system-index 409
packet-filter inbound ip-group 3050 rule 55 system-index 410
packet-filter inbound ip-group 3050 rule 56 system-index 411
packet-filter inbound ip-group 3050 rule 57 system-index 412
packet-filter inbound ip-group 3050 rule 58 system-index 413
packet-filter inbound ip-group 3051 rule 0 system-index 532
packet-filter inbound ip-group 3051 rule 1 system-index 533
packet-filter inbound ip-group 3051 rule 2 system-index 534
packet-filter inbound ip-group 3051 rule 3 system-index 535
packet-filter inbound ip-group 3051 rule 4 system-index 536
packet-filter inbound ip-group 3051 rule 5 system-index 537
packet-filter inbound ip-group 3051 rule 6 system-index 538
packet-filter inbound ip-group 3051 rule 7 system-index 539
- 2017-08-17提问
- 举报
-
(0)
最佳答案
新的设备接口下只需要引用ACL即可。不需要再配置ACL条目了
- 2017-08-17回答
- 评论(1)
- 举报
-
(0)
好的 谢谢 能举个列子吗?
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
好的 谢谢 能举个列子吗?