华为eNSP配置应用ACL控制企业数据访问

1、一、搭建本次实验环境的拓扑本次环境下的五台路由器模拟总部与分部，SW1、SW2仅做透明转发工作，不配置任何信息

7、七、配置outside、inside并设置优先级[R4]firewall zone outside [R4-zone-outside]priority 1 [R4-zone-outside]quit [R4]firewall zone inside [R4-zone-inside]priority 10

9、九、验证此时的ACL的作用<R2>ping 10.0.24.1 PING 10.0.24.1: 56 data bytes, press CTRL_C to break Request time out Request time out Request time out Request time out Request time out --- 10.0.24.1 ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss<SW3>ping 10.0.0.6 PING 10.0.0.6: 56 data bytes, press CTRL_C to break Reply from 10.0.0.6: bytes=56 Sequence=1 ttl=253 time=140 ms Reply from 10.0.0.6: bytes=56 Sequence=2 ttl=253 time=80 ms Reply from 10.0.0.6: bytes=56 Sequence=3 ttl=253 time=80 ms Reply from 10.0.0.6: bytes=56 Sequence=4 ttl=253 time=100 ms Reply from 10.0.0.6: bytes=56 Sequence=5 ttl=253 time=90 ms --- 10.0.0.6 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 80/98/140 ms策略生效后S1能访问到R2、R3、R5，而R2、R3、R5无法访问S1