Caso de Estudio (Ccna4) PDF

ACADEMIA REGIONAL CISCO ESPOL
CCNA 4
Acceso a la WAN
CASO DE ESTUDIO
NOMBRE: IRWIN ALBERTO VITERI RAMBAY PROFESOR: Ing. JAIME LUCERO
{https://twitter.com/IrWiN_ViTeRi}
Pgina 1 de 23
OBJETIVOS
Pgina 2 de 23
ROUTER ISP
hostname ISP ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! ip dhcp excluded-address 10.10.0.1 ip dhcp excluded-address 10.10.0.5 ! ip dhcp pool LANisp network 10.10.0.0 255.255.0.0 default-router 10.10.0.1 dns-server 10.10.0.5 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 10.10.0.1 255.255.0.0 ip access-group 110 in ip nat inside duplex auto speed auto ! interface FastEthernet0/1 no ip address {https://twitter.com/IrWiN_ViTeRi} Pgina 3 de 23
duplex auto speed auto shutdown ! interface Serial0/0/0 ip address 192.168.4.97 255.255.255.252 encapsulation frame-relay frame-relay map ip 192.168.4.98 101 broadcast ip nat outside ! interface Serial0/0/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! ip nat pool pool-NATisp 192.168.100.11 192.168.100.20 netmask 255.255.255.0 ip nat inside source list listaNAT pool pool-NATisp ip nat inside source static 10.10.0.1 192.168.100.1 ip classless ip route 172.16.0.0 255.255.0.0 192.168.4.98 ip route 192.168.0.0 255.255.0.0 192.168.4.98 ! ip access-list extended listaNAT permit ip 10.10.0.0 0.0.255.255 any access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password cisco logging synchronous login ! line aux 0 ! line vty 0 4 password cisco logging synchronous login line vty 5 15 password cisco logging synchronous login end {https://twitter.com/IrWiN_ViTeRi} Pgina 4 de 23
Pgina 5 de 23
Pgina 6 de 23
Pgina 7 de 23
Pgina 8 de 23
ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet ISP(config)#end ISP(config)#interface fastEthernet 0/0 ISP(config-if)#ip access-group 110 in ISP(config-if)#end
Solamente desde el Servidor DNS se puede hacer Telnet a los ruteadores.
Pgina 9 de 23
Pgina 10 de 23
Pgina 11 de 23
ROUTER SIDNEY
hostname SIDNEY ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! aaa new-model ! aaa authentication login SIDNEY_LOCAL local ! username AUCKLAND password 7 080D786B5D username SIDNEY password 7 0822455D0A16 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.4.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/1/0 ip address 192.168.4.98 255.255.255.252 encapsulation frame-relay frame-relay map ip 192.168.4.97 101 broadcast ip access-group 110 out ! interface Serial0/1/1 no ip address shutdown ! interface Serial0/3/0 ip address 192.168.1.129 255.255.255.252 clock rate 64000 ! interface Serial0/3/1 ip address 192.168.2.1 255.255.255.252 encapsulation ppp ppp authentication chap ! interface Vlan1 no ip address {https://twitter.com/IrWiN_ViTeRi} Pgina 12 de 23
shutdown ! router eigrp 100 redistribute static network 192.168.1.128 0.0.0.3 network 192.168.2.0 0.0.0.3 network 172.16.4.0 0.0.0.255 no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.4.97 ! access-list 110 permit udp any host 192.168.4.97 eq domain access-list 110 permit tcp any host 192.168.4.97 eq smtp access-list 110 permit tcp any host 192.168.4.97 eq www access-list 110 deny ip any any ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 logging synchronous login authentication SIDNEY_LOCAL ! line aux 0 ! line vty 0 4 logging synchronous login authentication SIDNEY_LOCAL line vty 5 15 logging synchronous login authentication SIDNEY_LOCAL end
Pgina 13 de 23
Pgina 14 de 23
Pgina 15 de 23
SIDNEY(config)#access-list 110 permit udp any host 192.168.4.97 eq domain SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq smtp SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq www SIDNEY(config)#access-list 110 deny ip any any
SIDNEY(config)#int s0/1/0 SIDNEY(config-if)#ip access-group 110 out SIDNEY(config-if)#end
Pgina 16 de 23
ROUTER TOKYO
hostname TOKYO ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.20.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/2/0 ip address 192.168.1.130 255.255.255.252 ! interface Serial0/2/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! router eigrp 100 network 172.16.20.0 0.0.0.255 network 192.168.1.128 0.0.0.3 auto-summary ! ip classless ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password cisco logging synchronous login ! line aux 0 ! {https://twitter.com/IrWiN_ViTeRi} Pgina 17 de 23
line vty 0 4 password cisco logging synchronous login line vty 5 15 password cisco logging synchronous login ! end
Pgina 18 de 23
Pgina 19 de 23
ROUTER AUCKLAND
hostname AUCKLAND ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! username SIDNEY password 7 080D786B5D ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.15.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/1/0 ip address 192.168.2.2 255.255.255.252 encapsulation ppp ppp authentication chap clock rate 64000 ! interface Serial0/1/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! router eigrp 100 network 192.168.2.0 0.0.0.3 network 172.16.15.0 0.0.0.255 no auto-summary ! ip classless ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password 7 0822455D0A16 {https://twitter.com/IrWiN_ViTeRi} Pgina 20 de 23
logging synchronous login ! line aux 0 ! line vty 0 4 password 7 0822455D0A16 logging synchronous login line vty 5 15 password 7 0822455D0A16 logging synchronous login ! end
Pgina 21 de 23
Pgina 22 de 23
Pgina 23 de 23

Caso de Estudio (Ccna4) PDF

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Caso de Estudio (Ccna4) PDF

Diunggah oleh

Hak Cipta:

Format Tersedia

ACADEMIA REGIONAL CISCO ESPOL

Solamente desde el Servidor DNS se puede hacer Telnet a los ruteadores.

SIDNEY(config)#int s0/1/0 SIDNEY(config-if)#ip access-group 110 out SIDNEY(config-if)#end

Anda mungkin juga menyukai