R1>en R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface G0/0 R1(config-if)#ip access-group FROM_192 out R1(config-if)#interface G0/2 R1(config-if)#ip access-group FROM_192 in R1(config-if)#ex R1(config)#ip access-list standard FROM_10 R1(config-std-nacl)#no permit any R1(config)#end R1#show access-list Standard IP access list FROM_192 10 deny 192.168.0.00.0.0.255 (4 match(es)) 20 permit any Standard IP access list FROM_10 10 deny host 10.0.0.22 Standard IP access list FROM_172 10 deny host 172.16.0.2 (5 match(es)) 20 permit any
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip access-list standard FROM_10 R1(config-std-nacl)#no 10 deny host 10.0.0.22 R1(config-std-nacl)#10 deny host 10.0.0.2 R1(config-std-nacl)#permit any R1(config-std-nacl)#end R1# %SYS-5-CONFIG_I: Configured from console by console show access-list Standard IP access list FROM_192 10 deny 192.168.0.00.0.0.255 (4 match(es)) 20 permit any Standard IP access list FROM_10 10 deny host 10.0.0.2 20 permit any Standard IP access list FROM_172 10 deny host 172.16.0.2 (5 match(es)) 20 permit any
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip access-list standard FROM_172 R1(config-std-nacl)#no deny host 172.16.0.2 R1(config-std-nacl)#ex R1(config)#ex R1#show run interface GigabitEthernet0/0 ip address 10.0.0.1255.0.0.0 ip access-group FROM_10 in ip access-group FROM_192 out duplex auto speed auto ! interface GigabitEthernet0/1 ip address 172.16.0.1255.255.0.0 ip access-group FROM_172 in duplex auto speed auto ! interface GigabitEthernet0/2 ip address 192.168.0.1255.255.255.0 ip access-group FROM_192 in duplex auto speed auto
ip access-list standard FROM_192 deny 192.168.0.00.0.0.255 permit any ip access-list standard FROM_10 deny host 10.0.0.2 permit any ip access-list standard FROM_172 permit any
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#inter g0/1 R1(config-if)#no ip access-group FROM_172 in
