第一步：配置接口IP地址R1(config)#interfaceg0/1R1(config-if)#ipaddress192.168.10.254255.255.255.0R1(config-if)#noshutdownR1(config)#interfaceg0/0R1(config-if)#ipaddress192.168.20.1255.255.255.0R1(config-if)#noshutdownR2(config)#interfaceg0/1R2(config-if)#ipaddress192.168.30.2255.255.255.0R2(config-if)#noshutdownR2(config)#interfaceg0/0R2(config-if)#ipaddress192.168.20.2255.255.255.0R2(config-if)#noshutdownR3(config)#interfaceg0/1R3(config-if)#ipaddress192.168.40.254255.255.255.0R3(config-if)#noshutdownR3(config)#interfaceg0/0R3(config-if)#ipaddress192.168.30.3255.255.255.0R3(config-if)#noshutdown第二步：配置OSPF，实现全网互通R1(config)#routerospf10R1(config-router)#router-id1.1.1.1R1(config-router)#network192.168.10.00.0.0.255area0R1(config-router)#network192.168.20.00.0.0.255area0R2(config)#routerospf10R2(config-router)#router-id2.2.2.2R2(config-router)#network192.168.20.00.0.0.255area0R2(config-router)#network192.168.30.00.0.0.255area0R3(config)#routerospf10R3(config-router)#router-id3.3.3.3R3(config-router)#network192.168.30.00.0.0.255area0R3(config-router)#network192.168.40.00.0.0.255area0第三步：配置扩展ACLR1(config)#access-list100permittcphost192.168.10.1host192.168.40.10eq80R1(config)#access-list100denyiphost192.168.10.1host192.168.40.10R1(config)#access-list100permitip192.168.10.00.0.0.255host192.168.40.10R1(config)#interfaceg0/1R1(config-if)#ipaccess-group100in第四步：验证结果PC3可以访问server1的web界面PC3无法ping通server1PC4可以访问server1的任何服务，没有限制