Cisco 2600的访问列表的配置

1/6/2008来源:Cisco网络人气:2597


  我在配置了这样一个访问列表,
  access-list 102 deny tcp any lt 1024 any
  access-list 102 permit tcp any any
  但是却不能ping对方网段,我想把1024以下的端口全部封了,但能ping通对方,该如何配置用的是静态路由配置文件如下(部分)
  Current configuration:
  !
  version 11.3
  service timestamps debug uptime
  service timestamps log uptime
  no service passWord-encryption
  !
  hostname fenghua02
  !
  enable secret 5 $1$SGEA$bcQ2n0TKJ4zbIzEy.lpci1
  !
  chat-script backup ABORT ERROR ABORT BUSY ABORT "" "ATDT 7718690" TIMEOUT 30 CPc
  !
  !
  PRocess-max-time 200
  !
  interface Ethernet0/0
  ip address 199.1.1.0 255.255.255.0
  no ip redirects
  no ip directed-broadcast
  standby 1 priority 110
  standby 1 preempt standby 1 authentication cisco
  standby 1 ip 132.5.1.155
  !
  interface Ethernet0/1
  no ip address
  shutdown
  
  ...
  
  interface Serial1/6
  ip address 10.1.1.12 255.255.255.0
  no ip redirects
  ip access-group 102 ininterface Async65
  !
  ip address 137.5.250.2 255.255.0.0
  encapsulation ppp
  dialer in-band
  dialer string 320012
  async default routing
  async mode dedicated
  !
  
  ...
  
  ip classless
  ip route 199.1.1.0 255.255.255.0 10.1.1.11
  !
  
  access-list 102 deny tcp any lt 1024 any
  access-list 102 permit tcp any any
  !