要求：Pc1可以trlnetR1，但是不能pingR1

PC1可以pingR2，但是不能trlnetR2Pc2所有要求与Pc1相反

<R1>system-view 

<R2>system-view....配静态 。。。之后：

[R1]

[R1-aaa]local-user WYK privilege level 15 password cipher 123

[R1-aaa]local-user WYK service-type telnet

[R1]user-interface vty 0 4

[R1-ui-vty0-4]authentication-mode aaa

[R1]q

[R1]acl 3000

[R1-acl-adv-3000]rule deny ip source 192.168.1.3 0.0.0.0 destination 192.168.1.1 0.0.0.0

[R1-acl-adv-3000]rule deny icmp source 192.168.1.3 0.0.0.0 destination 192.168.2.2 0.0.0.0

[R2]

[R2-aaa]local-user WYK2 privilege level 15 password cipher 123

[R2-aaa]local-user WYK2 service-type telnet

[R2]user-interface vty 0 4

[R2-ui-vty0-4]authentication-mode aaa

[R2]q

[R2]acl 3000

[R2-acl-adv-3000]rule deny ip source 192.168.1.4 0.0.0.0 destination 192.168.2.2 0.0.0.0

[R2-acl-adv-3000]rule deny icmp source 192.168.1.4 0.0.0.0 destination 192.168.1.1 0.0.0.0