The configuration requirements are as follows: The host whose source IP address is 10.1.1.1 needs to access the hosts on the network segment 10.1.1.18/26 and the host whose IP address is 10.10.10.10; the host whose source IP address is 10.1.1.2 needs to access all addresses on the network. In this case, the following configuration is needed:

acl number 3000 
rule 0 permit ip source 10.1.1.1 0 destination 10.1.1.18 0.0.0.63 
rule 1 permit ip source 10.1.1.1 0 destination 10.10.10.10 0 
rule 2 permit ip source 10.1.1.2 0 
rule 3 deny ip 


traffic classifier 1 operator or 
if-match acl 3000 


traffic behavior 1 
# 
traffic policy tp1 
share-mode 
classifier 1 behavior 1 
# 
interface GigabitEthernet1/0/0 
undo shutdown 
ip address 10.10.1.1 255.255.255.252 
traffic-policy tp1 inbound 

good post

helpful note

good note

helpful info