我在配置了这样一个访问列表,
Access-list 102 deny tcp any lt 1024 any
access-list 102 permit tcp any any
但是却不能ping对方网段,我想把1024以下的端口全部封了,但能ping通对方,该如何配置用的是静态路由配置文件如下(部分)
Current configuration: ! version 11.3 service timestamps debug uptime service timestamps log uptime no service passWord-encryption ! hostname fenghua02 ! enable secret 5 $1$SGEA$bcQ2n0TKJ4zbIzEy.lpci1 ! chat-script backup ABORT ERROR ABORT BUSY ABORT "" "ATDT 7718690" TIMEOUT 30 CPc ! ! process-max-time 200 ! interface Ethernet0/0 ip address 199.1.1.0 255.255.255.0 no ip redirects no ip directed-broadcast standby 1 priority 110 standby 1 preempt standby 1 authentication cisco standby 1 ip 132.5.1.155 ! interface Ethernet0/1 no ip address shutdown ... interface Serial1/6 ip address 10.1.1.12 255.255.255.0 no ip redirects ip access-group 102 ininterface Async65 ! ip address 137.5.250.2 255.255.0.0 encapsulation ppp dialer in-band dialer string 320012 async default routing async mode dedicated ! ... ip classless ip route 199.1.1.0 255.255.255.0 10.1.1.11 ! access-list 102 deny tcp any lt 1024 any access-list 102 permit tcp any any ! |
;QQ联络:1360095750。