Objetivo
Consideraciones
Entregables
DIAGRAMA DE INTERCONEXION
TABLA DE CONFIGURACIÓN
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
ROUTER1
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
hostname ROUTER1
!
interface FastEthernet0/0
ip address 10.10.10.30 255.255.255.240
ip address 10.10.10.62 255.255.255.224 secondary
ip address 10.10.10.14 255.255.255.240 secondary
no shutdown
!
interface Serial0/0/0
ip address 10.10.11.2 255.255.255.252
encapsulation frame-relay
#frame-relay map ip 10.10.11.2 201
#frame-relay map ip 10.10.11.1 201 broadcast
#no frame-relay inverse-arp
clock rate 64000
no shutdown
!
line vty 0 4
password ciscopass
login
!
!
#Configurando EIGRP
!
router eigrp 100
network 10.10.11.0 0.0.0.3
network 10.10.10.16 0.0.0.15
network 10.10.10.32 0.0.0.31
network 10.10.10.0 0.0.0.15
no auto-summary
!
!
#Configurando ruta x default
!
ip route 0.0.0.0 0.0.0.0 10.10.11.1
!
!
#Configurando Puertos
!
access-list 11 permit 10.10.10.16 0.0.0.15
access-list 12 permit 10.10.10.32 0.0.0.31
!
!
ip nat pool SRA 172.17.33.203 172.17.33.203 netmask 255.255.255.248
ip nat pool SRB 172.17.33.204 172.17.33.204 netmask 255.255.255.248
ip nat inside source list 11 pool SRA overload
ip nat inside source list 12 pool SRB overload
interface FastEthernet0/0
ip nat inside
interface Serial0/0/0
ip nat outside
# Configurando NAT - statico para los servers
#Configurando ACLs
#Permitir que usuarios de Internet acedan al servidor de correo interno
#Permitir que usuarios de Internet acedan al servidor www de la red interna
#via http
!
access-list 101 permit tcp any host 172.17.33.201 eq smtp
access-list 102 permit tcp any host 172.17.33.202 eq www
!
interface Serial0/0/0
ip access-group 101 in
ip access-group 102 in
!
#Autentificacion AAA
# Subred A
#Pueda acceder libremente a Internet pero
#No pueda descargar archivos usando aplicaciones P2P
#No pueda usar mensajeria instantanea
interface fa0/0
ip access-group 103 in
# Subred B
#Pueda usar http y https pero
#No tenga acceso a paginas de servicios de correo electrónico (hotmail,
#yahoo) sin embargo de (13 horas hasta 14 horas) si pueda entrar a su
#correo y usar Mensajeria instantanea
# www http
access-list 104 permit tcp host 172.17.33.204 any eq 80
# www https
access-list 104 permit tcp host 172.17.33.204 any eq 443
# domain
access-list 104 permit tcp host 172.17.33.204 any eq 53
# mail
access-list 104 deny tcp host 172.17.33.204 any eq smtp
access-list 104 deny tcp host 172.17.33.204 any eq pop3
hostname Router2
interface FastEthernet0/0
ip address 10.5.5.1 255.255.255.0
no shutdown
interface Serial0/0/0
ip address 10.10.11.1 255.255.255.252
encapsulation frame-relay
#frame-relay map ip 10.10.11.2 201
#frame-relay map ip 10.10.11.1 201 broadcast
#no frame-relay inverse-arp
clock rate 64000
no shutdown
!
line vty 0 4
password cisco
login
!
#Configurando EIGRP
!
router eigrp 100
network 10.10.11.0 0.0.0.3
#network 10.5.5.0 0.0.0.255
no auto-summary
#Configurando ruta estatica para el NAT