华为s5700怎么做vlan间禁止访问?

vlan 2      vlan 3

用ACL来实现,具体如下:
acl number 3002
 rule deny ip source 192.168.1.0 0.0.0.255 destination 192.168.2.0 0.0.0.255

 acl number 3003
 rule deny ip source 192.168.2.0 0.0.0.255 destination 192.168.1.0 0.0.0.255

 
用traffic-filter在vlan下应用ACL,
 traffic-filter vlan 2 inbound acl 3002
 traffic-filter vlan 3 inbound acl 3003

查看 acl   

dis acl 3002

删除 acl 删除 过滤

undo acl  3002

undo acl  3003

undo  traffic-filter vlan 2 inbound acl 3002

undo  traffic-filter vlan 2 inbound acl 3003

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/kofsony/p/12192343.html