Cisco Vs Huawei LAB J – 2 (Configuring Extended & Advanced ACL)

TASK: Deny only telnet access from source 1.1.1.1 to destination 1.1.1.2

CISCO
NetworksHeaven(config)# access-list 110 deny tcp 1.1.1.1 0.0.0.0 1.1.1.2 0.0.0.0 eq 23
NetworksHeaven(config)# access-list 110 permit ip any any
NetworksHeaven(config)# interface Serial 1/0/0
NetworksHeaven(config-if)# ip access-group 110 in
NetworksHeaven(config-if)# end
Useful Commands
NetworksHeaven# show access-lists
NetworksHeaven# show access-lists 110
HUAWEI
[NetworksHeaven] acl 3001
[NetworksHeaven-acl-adv-3001] rule permit tcp source 1.1.1.1 0.0.0.0 destination 1.1.1.2 0.0.0.0 destination-port eq telnet
[NetworksHeaven-acl-adv-3001] quit

 

[NetworksHeaven] traffic classifier tc
[NetworksHeaven-classifier-tc] if-match acl 3001
[NetworksHeaven-classifier-tc] quit

[NetworksHeaven] traffic behavior tb
[NetworksHeaven-behavior-tb] deny
[NetworksHeaven-behavior-tb] quit

[NetworksHeaven] traffic policy tp
[NetworksHeaven -trafficpolicy-tp] classifier tc behavior tb
[NetworksHeaven -trafficpolicy-tp] quit

[NetworksHeaven ]interface Serial 1/0/0
[NetworksHeaven-Serial1/0/0] traffic-policy tp inbound
[NetworksHeaven-Serial1/0/0] return

Useful Commands
<NetworksHeaven> display acl all
<NetworksHeaven> display acl 3001
<NetworksHeaven> display traffic classifier user-defined tc
<NetworksHeaven> display traffic behavior user-defined tb
<NetworksHeaven> display traffic policy user-defined tp

Cisco Vs Huawei CLI Commands in Slides