Você está na página 1de 3

R1

en
conf t
hostname R1
interface fa0/0
ip address 192.168.1.1 255.255.255.0
np shutdown
exit

ip dhcp pool CCNAS


network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
ip dhcp excluded-address 192.168.1.1 192.168.1.4

ip dhcp pool 20Users


network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
ip dhcp excluded-address 192.168.20.1

interface f0/0
shutdown
no ip address 192.168.1.1 255.255.255.0
no shutdown
int g0/1.1
encapsulation dot1q 1
ip address 192.168.1.1 255.255.255.0
int g0/1.20
encapsulation dot1q 20
ip address 192.168.20.1 255.255.255.0
int g0/1.99
encapsulation dot1q 99
ip address 192.168.99.1 255.255.255.0
nt f0/5
switchport mode trunk switchport trunk native vlan 99
___________________________________________________________--

S1

en
conf t
hostname S1
interface vlan 1
ip address 192.168.1.2 255.255.255.0
no shutdown
no ip domain-lookup

enable secret cisco12345


line console 0
password ciscoconpass
exec-timeout 5 0
login
logging synchronous

ip domain-name ccnasecurity.com
username admin privilege secret cisco12345
crypto key generate rsa ____________________________ 1024
ip ssh version 2
ip ssh time-out 90
ip ssh authentication-retries 2

line vty 0 4
privilege level 15
exec-timeout 5 0
login local
transport input ssh
exit
line vty 5 15
transport input none
exit
spanning-tree vlan 1 priority 0
exit
interface f0/1
switchport mode trunk
switchport trunk native vlan 99
switchport nonegotiate
exit

interface f0/5
switchport mode access
spanning-tree portfast
interface f0/6
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable

interface range f0/2 - 4


shutdown
interface range f0/7 - 24
shutdown
interface range g0/1 - 2
shutdown

vlan 20
name Users
interface f0/6
switchport access vlan 20

interface f0/6
switchport protected
interface f0/7
switchport protected
no shut
end

ip dhcp snooping
ip dhcp snooping information option
ip dhcp snooping vlan 1,20
interface f0/6
ip dhcp snooping limit rate 10
exit
interface f0/5
description connects to DHCP server
ip dhcp snooping trust
_____________________________________________________________

S2
en
conf t
hostname S2
interface vlan 1
ip address 192.168.1.3 255.255.255.0
no shutdown
no ip domain-lookup

enable secret cisco12345


line console 0
password ciscoconpass
exec-timeout 5 0
login
logging synchronous

interface f0/1
switchport mode trunk
switchport trunk native vlan 99
switchport nonegotiate
exit

interface f0/18
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable

interface f0/18
switchport mode access
switchport port-security
switchport port-security maximum 3
switchport port-security violation shutdown
switchport port-security aging time 120

interface range f0/2 � 17 , f0/19 � 24 , g0/1 - 2


shutdown

vlan 20
name Users
interface f0/18
switchport access vlan 20