Sie sind auf Seite 1von 22

enable show vtp status show vtp counters show vlan brief show interface fastethernet 0/1 switchport

show interfaces trunk

config t vtp domain <naam> vtp version <nummer> vtp mode client vtp password <pass> vtp pruning

vlan <nummer> name <naam>

(ook 99 (trunk)

interface fastethernet 0/1 switchport mode trunk switchport mode access switchport trunk native vlan 99 switchport access vlan 10

interface range fa0/1-24 shutdown

//standaardmeuk

Switch(config)#hostname S1 S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#line vty 0 15 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#end

//banner banner motd # blablabla#

//set default route ip route 0.0.0.0 0.0.0.0 Serial0/1/0

//enable ripv2 RouterA(config)#router rip RouterA(config-router)#version 2 RouterA(config-router)#network 192.168.10.0 RouterA(config-router)#network 195.14.25.0 RouterA(config-router)#network 195.14.125.0 RouterA(config-router)#no auto-summary

//enable ripv2 set passive and acl

ip route 0.0.0.0 0.0.0.0 s0/1/0 router rip version 2 network 192.168.20.0 network 10.1.1.0 default-information originate passive-interface s0/1/0 passive-interface fa0/1 no auto-summary ip access-list extended FIREWALL permit tcp host 192.168.1.10 host 192.168.20.254 eq www permit tcp host 192.168.2.10 host 192.168.20.254 eq www permit icmp any any echo-reply permit tcp any any established deny ip any any int s0/1/0 ip access-group FIREWALL in

S1#copy running-config startup-config

//port security switchport port-security

switchport port-security maximum 1 switchport port-security mac-address sticky

//spanning tree enable show spanning tree

int f0/1 spanning-tree portfast spanning-tree cost 25 spanning-tree port priority 112 (default is 128) no spanning-tree cost

------------init config

Switch>enable Switch#config term Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname S1 S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#ip default-gateway 172.17.99.1 S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login

S1(config-line)#line vty 0 15 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#end %SYS-5-CONFIG_I: Configured from console by console S1#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration...

------------config interface to acces mode

S2(config)#interface fa0/6 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/11 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/18 S2(config-if)#switchport mode access S2(config-if)#no shutdown

-------------config vtp mode

S1(config)#vtp mode server Device mode already VTP SERVER. S1(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S1(config)#vtp password cisco Setting device VLAN database password to cisco S1(config)#end

---------------config trunking ports on switches

S1(config)#interface fa0/1 S1(config-if)#switchport mode trunk S1(config-if)#switchport trunk native vlan 99 S1(config-if)#no shutdown S1(config)#end

------------config vlans on server switch

S1(config)#vlan 99 S1(config-vlan)#name management S1(config)#vlan 10 S1(config-vlan)#name faculty-staff S1(config)#vlan 20

S1(config-vlan)#name students S1(config)#vlan 30 S1(config-vlan)#name guest S1(config-vlan)#end

--------------config managament interface

S1(config)#interface vlan99 S1(config-if)#ip address 172.17.99.11 255.255.255.0

S2(config)#interface vlan99 S2(config-if)#ip address 172.17.99.12 255.255.255.0

S3(config)#interface vlan99 S3(config-if)#ip address 172.17.99.13 255.255.255.0

-------------config vlans to s2

S2(config)#interface fa0/6 S2(config-if)#switchport access vlan 30 S2(config-if)#interface fa0/11

S2(config-if)#switchport access vlan 10 S2(config-if)#interface fa0/18 S2(config-if)#switchport access vlan 20 S2(config-if)#end S2#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration... [OK]

--------------config router als router on a stick

R1(config)#interface fastethernet 0/0 R1(config-if)#no shutdown R1(config-if)#interface fastethernet 0/0.1 R1(config-subif)#encapsulation dot1q 1 R1(config-subif)#ip address 172.17.1.1 255.255.255.0 R1(config-if)#interface fastethernet 0/0.10 R1(config-subif)#encapsulation dot1q 10 R1(config-subif)#ip address 172.17.10.1 255.255.255.0 R1(config-if)#interface fastethernet 0/0.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip address 172.17.20.1 255.255.255.0 R1(config-if)#interface fastethernet 0/0.30 R1(config-subif)#encapsulation dot1q 30

R1(config-subif)#ip address 172.17.30.1 255.255.255.0 R1(config-if)#interface fastethernet 0/0.99 R1(config-subif)#encapsulation dot1q 99 native R1(config-subif)#ip address 172.17.99.1 255.255.255.0

-----------------------------------------------------------ppp

------------------ospf (optional) router ospf 1 network 192.168.0.1 0.0.0.255 area 0

------------------ospf with simple auth

R2(config)#interface S0/0/0 R2(config-if)#ip ospf authentication R2(config-if)#ip ospf authentication-key cisco123

------------------ospf with md5 auth

R2(config)#interface S0/0/0 R2(config-if)#ip ospf authentication R2(config-if)#ip ospf authentication-key cisco123

-------------------static default route to isp

ip route 0.0.0.0 0.0.0.0 s0/1/0 default-information originate

---------------------ppp with PAP

R1(config)#username R2 password cisco123 R1(config)#interface s0/0/0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication pap R1(config-if)#ppp pap sent-username R1 password cisco123

R1(config-if)#end

---------------------ppp with chap

R3(config)#username R2 password cisco123 R3(config)#interface s0/0/1 R3(config-if)#encapsulation ppp R3(config-if)#ppp authentication chap

-----------------------------------------------------------frame relay

---------enable

R1(config)#interface serial0/0/0 R1(config-if)#encapsulation frame-relay

R1(config-if)#no shutdown

--------map

R1(config-if)#frame-relay map ip 10.1.1.2 102 broadcast R1(config-if)#frame-relay map ip 10.1.1.3 103 broadcast

-----------conf ansi as LMI type

R1(config-if)#frame-relay lmi-type ansi

----------------------------------------------------------ACL standard 1-99 extended 100+

---------------standaard

R1(config)#access-list 10 deny 192.168.10.0 0.0.0.255 R1(config)#access-list 10 permit any

R1(config)#interface fa0/1 R1(config-if)#ip access-group 10 out

---------------named acl

R3(config)#ip access-list standard NO_ACCESS R3(config-std-nacl)#deny host 192.168.30.128 R3(config-std-nacl)#permit any

R3(config)#interface fa0/0 R3(config-if)#ip access-group NO_ACCESS in

------------- extended acl

R1(config)#access-list 110 deny tcp 192.168.10.0 0.0.0.255 any eq telnet R1(config)#access-list 110 deny udp 192.168.10.0 0.0.0.255 host 192.168.20.254 eq tftp R1(config)#access-list 110 permit ip any any

R1(config)#interface fa0/0 R1(config-if)#ip access-group 110 in

-----------------------------------------------------------DHCP

-----------excluded address range

R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.9

-----------config address pool

R3(config)#ip dhcp pool R3LAN R3(dhcp-config)#network 192.168.30.0 255.255.255.0 R3(dhcp-config)#default-router 192.168.30.1 R3(dhcp-config)#dns-server 192.168.20.254

------------nat

R2(config)#ip nat inside source static 192.168.20.254 209.165.202.131

------------dynamic nat

R2(config)#ip access-list standard R2NAT R2(config-std-nacl)# permit 192.168.10.0 0.0.0.255 R2(config-std-nacl)# permit 192.168.20.0 0.0.0.255

R2(config-std-nacl)# permit 192.168.30.0 0.0.0.255

R2(config)#ip nat pool R2POOL 209.165.202.128 209.165.202.130 netmask 255.255.255.252 R2(config)#ip nat inside source list R2NAT pool R2POOL overload

interface s0/0/0 ip nat inside of ip nat outside

-------------show nat

show ip nat translations

7.5.1

R1:

hostname R1 enable secret class line vty 0 4 password cisco login line con 0 password cisco login exit banner motd %AUTHORIZED ACCESS ONLY!% int fa0/0 ip addr 192.168.10.1 255.255.255.0 no shut int fa0/1 ip addr 192.168.11.1 255.255.255.0 no shut int s0/0/0 ip addr 10.1.1.1 255.255.255.252 clock rate 64000

no shut exit username R2 password cisco123 int s0/0/0 encapsulation ppp ppp authentication chap exit router ospf 1 network 192.168.10.0 0.0.0.255 area 0 network 192.168.11.0 0.0.0.255 area 0 network 10.1.1.0 0.0.0.3 area 0 passive-interface fa0/0 passive-interface fa0/1 exit ip dhcp excluded-address 192.168.10.1 192.168.10.9 ip dhcp excluded-address 192.168.11.1 192.168.11.9 ip dhcp pool R1LAN1 network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 dns-server 192.168.20.254 exit ip dhcp pool R1LAN2 network 192.168.11.0 255.255.255.0 default-router 192.168.11.1 dns-server 192.168.20.254 !

R2:

hostname R2 enable secret class line vty 0 4 password cisco login line con 0 password cisco login exit banner motd %AUTHORIZED ACCESS ONLY!% int fa0/0 ip addr 192.168.20.1 255.255.255.0 no shut int s0/0/0 ip addr 10.1.1.2 255.255.255.252 no shut int s0/0/1 ip addr 10.2.2.1 255.255.255.252 no shut clock rate 64000 int s0/1/0 ip addr 209.165.200.225 255.255.255.224 no shut exit

username R1 password cisco123 int s0/0/0 encapsulation ppp ppp authentication chap exit username R3 password cisco123 int s0/0/1 encapsulation ppp ppp authentication chap exit router ospf 1 network 192.168.20.0 0.0.0.255 area 0 network 10.1.1.0 0.0.0.3 area 0 network 10.2.2.0 0.0.0.3 area 0 passive-interface fa0/0 default-information originate exit ip route 0.0.0.0 0.0.0.0 s0/1/0 ip access-list standard R2NAT permit 192.168.10.0 0.0.0.255 permit 192.168.20.0 0.0.0.255 permit 192.168.30.0 0.0.0.255 permit 192.168.11.0 0.0.0.255 exit int fa0/0 ip access-group R2NAT in exit

ip nat inside source static 192.168.20.254 209.165.202.131 ip nat pool R2POOL 209.165.202.129 209.165.202.130 netmask 255.255.255.252 int fa0/0 ip nat inside int s0/0/0 ip nat inside int s0/0/1 ip nat inside int s0/1/0 ip nat outside exit ip nat inside source list R2NAT pool R2POOL overload !

R3:

hostname R3 enable secret class line vty 0 4 password cisco login line con 0 password cisco login exit banner motd %AUTHORIZED ACCESS ONLY!%

int fa0/0 ip addr 192.168.30.1 255.255.255.0 no shut int s0/0/1 ip addr 10.2.2.2 255.255.255.252 clock rate 64000 no shut exit username R2 password cisco123 int s0/0/1 encapsulation ppp ppp authentication chap exit router ospf 1 network 192.168.30.0 0.0.0.255 area 0 network 10.2.2.0 0.0.0.3 area 0 passive-interface fa0/0 exit ip dhcp excluded-address 192.168.30.1 192.168.30.9 ip dhcp pool R3LAN network 192.168.30.0 255.255.255.0 default-router 192.168.30.1 dns-server 192.168.20.254 !

ISP:

ip route 209.165.202.128 255.255.255.224 s0/0/0 !

PC1, 2, 3:

Go to config tab and click DHCP

pt practica sba

Das könnte Ihnen auch gefallen