Escolar Documentos
Profissional Documentos
Cultura Documentos
R2(config)#interface FastEthernet0/0
R2(config-if)#ip address 192.168.2.1 255.255.255.0
R2(config-if)#no shutdown
R3(config)#interface FastEthernet0/0
R3(config-if)#ip address 192.168.3.1 255.255.255.0
R3(config-if)#no shutdown
R2(config)#interface Serial0/1/0
R2(config-if)#ip address 10.0.0.5 255.255.255.252
R2(config-if)#no shutdown
R3(config)#interface Serial0/1/0
R3(config-if)#ip address 10.0.0.9 255.255.255.252
R3(config-if)#no shutdown
R2(config)#interface Serial0/1/0
R2(config-if)#encapsulation frame-relay
R3(config)#interface Serial0/1/0
R3(config-if)#encapsulation frame-relay
///////////////*VPN*////////////////////////////
------ROUTE 0 ---------------------------------------------------------
conf t
crypto isakmp policy 10
autentication pre-share
hash sha
int fa0/0
crypto map CMAP
-------------------------------------------------------------------------
------ROUTE 1 ---------------------------------------------------------
conf t
crypto isakmp policy 10
autentication pre-share
hash sha
int fa0/0
crypto map CMAP
-------------------------------------------------------------------------
//////////////////////////////*Access list*///////////////////////
configuracion ACL estandar 1-99
se aplican dentro de la interfas del router mas cercano al destino
conf t
access-list 1 deny 192.168.10.0 0.0.0.255 // se niega la red con su wildcard - el
numero ade acces-list es de 1 a 99
access-list 1 permit any // permite todo lo demas
conf t
int gi0/0
ip access-group 1 out
end
wr
conf t
access-list 100 deny ip 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255 // se
declara la red denegada con su wildcard y la red a donde no se quiere llegar
con wildcard
int gi0/0ip // se aplica a la interfas
access-group 100 in
end
wr
// para desabilitar ACL EXTENDIDA
conf t
int gi0/0
no ip access-group 100 in
-----------------------------------
DENEGAR PROTOCOLO HTTP PUERTO 80
conf t
access-list 101 deny tcp 192.168.10.0 0.0.0.255 host 192.168.30.10 eq 80
access-list 101 permit ip any any // permite todo lo demas
conf t
int gi0/0
ip access-list 101 in // se aplica a la interfas
en
wr