Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • 1

    Enviado por

    JonathanGomez
    15 visualizações9 páginas
    133

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    DOCX, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    133

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    15 visualizações9 páginas

    1

    Enviado por

    JonathanGomez
    133

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 9

    Main – Router

    enable
    configure terminal
    no ip domain-lookup
    hostname Main
    service password-encryption
    enable secret class
    banner motd $users that unauthorized access is prohibited$
    line console 0
    logging synchronous
    password cisco
    login
    exit
    ip domain-name cisco.com
    username admin password class
    crypto key generate rsa
    yes
    1024
    ip ssh version 2
    line vty 0 15
    transport input ssh
    login local
    exit

    interface gigabitEthernet 0/1


    ip address 192.168.2.1 255.255.255.0
    no shutdown
    description Local-1

    int s0/0/0
    ip address 10.1.1.1 255.255.255.252
    no shutdown
    description Connection-to-Branch
    exit

    interface g0/0.5
    encapsulation dot1Q 5
    ip address 192.168.1.1 255.255.255.240

    interface g0/0.10
    encapsulation dot1Q 10
    ip address 192.168.1.17 255.255.255.240

    interface g0/0.15
    encapsulation dot1Q 15
    ip address 192.168.1.33 255.255.255.240

    interface g0/0.50
    encapsulation dot1Q 50
    ip address 192.168.1.49 255.255.255.240
    exit

    int g0/0
    no sh
    no shutdown
    exit

    ip access-list standard block15


    deny 192.168.1.32 0.0.0.15
    permit any

    ip access-list standard ACL


    line vty 0
    access-class ACL in

    int g0/0.10
    ip access-group block15 out
    exit

    Router rip
    version 2
    network 10.1.1.0
    network 192.168.1.0
    network 192.168.1.16
    network 192.168.1.32
    network 192.168.1.48
    network 192.168.2.0
    no auto-summary
    passive-interface g0/0.5
    passive-interface g0/0.10
    passive-interface g0/0.15
    passive-interface g0/0.50
    passive-interface g0/0
    passive-interface g0/1
    exit
    service timestamps log datetime msec
    service timestamps debug datetime msec
    ntp server 192.168.2.10

    logging 192.168.2.10

    logging trap debugging


    ntp update-calendar

    Remote – Router
    en
    conf ter
    router rip
    version 2
    network 10.1.1.0
    network 192.168.3.0
    default-information originate
    no auto-summary
    passive-interface s0/0/1
    passive-interface g0/0
    Main-1-SW (Switch)
    enable
    configure terminal
    vlan 5
    name ACAD
    vlan 10
    name TEACH
    vlan 15
    name STUDENT
    vlan 50
    name NETADMIN
    exit

    interface range f0/23, f0/24, g0/1


    switchport mode trunk
    exit

    int vlan 50
    ip address 192.168.1.50 255.255.255.240
    no shutdown
    exit
    ip default-gateway 192.168.1.49
    Main-2-SW
    enable
    configure terminal
    vlan 5
    name ACAD
    vlan 10
    name TEACH
    vlan 15
    name STUDENT
    vlan 50
    name NETADMIN
    exit
    int f0/23
    switchport mode trunk
    int f0/5
    switchport mode access
    switchport access vlan 5
    int f0/10
    switchport mode access
    switchport access vlan 10

    int f0/15
    switchport mode access
    switchport access vlan 15

    int f0/20
    switchport mode access
    switchport access vlan 50
    exit

    int vlan 50
    ip address 192.168.1.51 255.255.255.240
    no shutdown
    exit

    ip default-gateway 192.168.1.49
    int range f0/1-4, f0/6-9, f0/11-14, f0/16-19, f0/21-22,
    f0/24, g0/1-2
    shutdown

    int range f0/5, f0/10, f0/15, f0/20


    switchport mode access
    switchport port-security
    switchport port-security maximum 2
    switchport port-security mac-add sticky
    switchport port-security violation protect
    Main-3-SW
    enable
    configure terminal

    vlan 5
    name ACAD
    vlan 10
    name TEACH
    vlan 15
    name STUDENT
    vlan 50
    name NETADMIN

    exit
    int f0/24
    switchport mode trunk
    exit
    interface f0/5
    switchport mode access
    switchport access vlan 5
    interface f0/10
    switchport mode access
    switchport access vlan 10
    interface f0/15
    switchport mode access
    switchport access vlan 15

    interface f0/20
    switchport mode access
    switchport access vlan 50

    int vlan 50
    ip add 192.168.1.52 255.255.255.240
    no sh
    exit
    ip default-gateway 192.168.1.49
     Preparar la red
     Realizar las configuraciones básicas del router
     Configurar un servidor de DHCP del IOS de Cisco
     Configurar el enrutamiento estático y predeterminado

     Configurar NAT estática.

    Contenido del artículo [hide]


     TAREA 1 CONFIGURACIÓN BÁSICA.
     Tarea 2: Configurar un servidor de DHCP del IOS de Cisco
     Tarea 3: Configurar el enrutamiento estático y predeterminado
     Tarea 4: Configurar NAT estática
     Tarea 5: Configurar NAT dinámica con un conjunto de direcciones
     Tarea 6: Configurar NAT con sobrecarga

    TAREA 1 CONFIGURACIÓN BÁSICA.


    Router#erase startup-config
    Router#configure terminal
    Router(config)#hostname R1
    R1(config)#no ip domain-lookup
    R1(config-line)#enable password cisco
    R1(config)#line console 0
    R1(config-line)#password cisco
    R1(config-line)#logging synchronous
    R1(config)#line vty 0 4
    R1(config-line)#password cisco
    R1(config-line)#logging synchronous
    R1(config)#banner login “Personal autorizado”
    R1(config)#banner motd “Revision 1” Luego debe de ingresar el siguiente
    direccionamiento ip.
    Al finalizar esta actividad debe de aparecer un 50% de la actividad completa.

    TAREA 2: CONFIGURAR UN
    SERVIDOR DE DHCP DEL IOS DE
    CISCO
    R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.10
    R1(config)#ip dhcp excluded-address 192.168.11.1 192.168.11.10

    Paso 2. Configurar el pool.


    R1(config)#ip dhcp pool R1Fa0
    R1(dhcp-config)#network 192.168.10.0 255.255.255.0
    R1(dhcp-config)#dns-server 192.168.11.5
    R1(dhcp-config)#default-router 192.168.10.1
    R1(config)#ip dhcp pool R1Fa1
    R1(dhcp-config)#network 192.168.11.0 255.255.255.0
    R1(dhcp-config)#dns-server 192.168.11.5
    R1(dhcp-config)#default-router 192.168.11.1 Paso 3. Verificar la configuración del DHCP.
    R1#show ip dhcp binding
    IP address Client-ID/ Lease expiration Type
    Dirección de Hardware
    192.168.10.11 0007.EC66.8752 – Automatic
    192.168.11.11 00E0.F724.8EDA – Automatic

    TAREA 3: CONFIGURAR EL
    ENRUTAMIENTO ESTÁTICO Y
    PREDETERMINADO
    ISP(config)#ip route 209.165.200.240 255.255.255.240 serial 0/0/1

    TAREA 4: CONFIGURAR NAT


    ESTÁTICA
    R2(config)#ip route 0.0.0.0 0.0.0.0 209.165.200.226
    R2(config)#router ospf 1
    R2(config-router)#default-information originate
    TAREA 5: CONFIGURAR NAT
    DINÁMICA CON UN CONJUNTO DE
    DIRECCIONES
    R2(config)#ip nat inside source static 192.168.20.254 209.165.200.254
    R2(config)#interface serial 0/0/1
    R2(config-if)#ip nat outside
    R2(config-if)#interface fa0/0
    R2(config-if)#ip nat inside
    R2(config)#ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246 netmask
    255.255.255.248
    R2(config)#ip access-list extended NAT
    R2(config-std-nacl)#permit ip 192.168.10.0 0.0.0.255 any
    R2(config-std-nacl)#permit ip 192.168.11.0 0.0.0.255 any
    R2(config)#ip nat inside source list NAT pool MY -NAT-POOL
    R2(config)#interface serial 0/0/0
    R2(config-if)#ip nat inside
    R2#show ip nat translations
    Pro Inside global Inside local Outside local Outside global
    — 209.165.200.241 192.168.10.11 — —
    — 209.165.200.242 192.168.11.11 — —
    — 209.165.200.254 192.168.20.254 — —

    TAREA 6: CONFIGURAR NAT CON


    SOBRECARGA
    R2(config)#no ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246 netmask
    255.255.255.248
    R2(config)#no ip nat inside source list NAT pool MY-NAT-POOL
    R2(config)#ip nat inside source list NAT interface S0/0/1 overload
    R2#show ip nat translations
    Pro Inside global Inside local Outside local Outside global
    icmp 209.165.200.225:3 192.168.10.11:3 209.165.200.226:3 209.165.200.226:3
    icmp 209.165.200.225:1024192.168.11.11:3 209.165.200.226:3 209.165.200.226:1024

    Você também pode gostar