关于华为交换机VLAN间不可互访的配置
acl 3000rule 0 permit ip source 1.1.1.0 0.0.0.255 destination 2.2.2.0 0.0.0.255-------不能互访的两个网段
[rule 1 permit ip source 2.2.2.0 0.0.0.255 destination 1.1.1.0 0.0.0.255
quit
traffic> if-match acl 3000
quit
traffic behavior 1
deny
quit
traffic policy 1
classifier 1 behavior 1
quit
vlan 600
traffic-policy 1 inbound
quit
vlan400
traffic-policy 1 inbound
quit
如果接的设备少,在端口下下发会更简单:
前边acl配置不变,在端口下下发:
traffic-filter inbound acl 3000
页:
[1]