Access lista problem
Pozdrav,
imam cisco861 router. Na njemu treba da limitiram bandiwdth po ip adresama i zabranim nekoliko destinacijskih ip adresa.
Limit po IP adresama radi ali droopanje destinacijskih ip adresa ne radi. Konfiguracija:
************************************************************************
!
class-map match-all Limit-256K
match access-group 102
class-map match-all Limit-1M
match access-group 100
class-map match-all Limit-512K
match access-group 101
class-map match-all Limit-128K
match access-group 103
class-map match-all QOS
!
!
policy-map Limit-128K
class Limit-128K
policy-map QOS
class Limit-1M
police 1000000 conform-action transmit exceed-action drop
class Limit-512K
police 512000 conform-action transmit exceed-action drop
class Limit-256K
police 256000 conform-action transmit exceed-action drop
class Limit-128K
police 128000 conform-action transmit exceed-action drop
!
interface FastEthernet4
ip address 10.10.0.xx 255.255.255.0
duplex auto
speed auto
service-policy input QOS
!
interface Vlan1
ip address 192.168.1.254 255.255.255.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.0.xx
no ip http server
no ip http secure-server
!
!
access-list 100 permit ip host 192.168.1.1 any
access-list 100 permit ip any host 192.168.1.1
access-list 100 permit ip host 192.168.1.2 any
access-list 100 permit ip any host 192.168.1.2
************************************************************************
za dropanje destinacijskih IP koristio sam ACL npr access-list 100 deny ip any host xxx.xxx.xxx.xxx
u cemu je problem ?
hvala i pozdrav.
 |  |
 |
