问题描述
/Traffic_Filter/Huaiwe,_Traffic_Filter_with_MQC/LAN,_Isolation/pasted_image.png)
部门1、2、3的网关都在RTA上,现要求在RTA上使用Traffic-Filter限制部门2与部门3之间的相互访问。
解决方案
// Traffic Classifier Configuration [RTA] acl number 3000 [RTA-acl-adv-3000] rule 1 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.3.0 0.0.0.255 [RTA] traffic classifier 2_3 [RTA-classifier-2_3] if-match acl 3000 // Traffic Behavior Configuration [RTA] traffic behavior 2_3 [RTA-behavior-2_3] deny // Traffic Policy Configuration [RTA] traffic policy 2_3 [RTA-trafficpolicy-2_3] classifier 2_3 behavior 2_3 [RTA] interface GigabitEthernet 0/0/1 [RTA-GigabitEthernet0/0/1] traffic-policy 2_3 inbound