CCNA Presentation Part 3

OSPF
OSPF(Open Short Path First) is of two types : 1) Single Area OSPF and
2) Multi Area OSPF.
Area0 S0
S0 Area2
IR
ABR
ABR
Internal Routers
IR
Area Border Router
Area1
OSPF under Single Area
S 0 192.168.1.194/252 192.168.1.193/252 S 0
Router A Router B
E 0 1.33 E 0 1.65
192.168.1.32/ 192.168.1.64/
255.255.255.224 255.255.255.224
(Config)# ip routing
(Config-Router)# router OSPF 6573
(Config-Router)# network 192.168.1.32 0.0.0.31 area 1
(Config-Router)# area 1 range 192.168.1.32
255.255.255.224
255.255.255.224
Configuration of Router B
--------------------------------
255.255.255.224
255.255.255.252
OSPF under Different Areas
Area 0
Area 2
Area 1
Router A Router B
E0 E0
1.50 5.50 192.168.5.0

192.168.1.0
Configuration of Router A
--------------------------------
(Config-Router)# area 1 range 192.168.1.0 255.255.255.0
--------------------------------
Access Control List
It is also called Network Traffic Control
Management (NTCM). We can provide restrictions to
individual users, subnets and services etc.
ACL
Standard ACL Extended ACL

Any access list is identified by its number.
S. A. L 1 – 99
Ex. A. L 100 - 199
Rules for creating and implementing
Access List
1. Access list must begin with the Deny Statements (If
exists) then Permit Statements must follow.
2. There must be at least one Permit Statement as an
Implicit “Deny All” always exists.
3. While Implementation of Access list, There must be
only one Access list per Interface, per direction and
per protocol.
Standard Access List
S 0 172.16.1.1 172.16.1.2 S 0
Router A Router B
E 0 1.50 E 0 5.50
5.4 5.1
1.4 1.1
5.3 5.2
1.3 1.2
Syntax
Router(config)# Access-list ALNO P/D Src Src-WCM
Router(config)# Int <name of interface>
Router(Config-if)#Ip Access-Group <Direction>
Configuration Standard Access-list For
Router A
Restricting particular user
(Config)# Access-list 1 deny 192.168.1.3 0.0.0.0
(Config)# Access-list 1 permit 0.0.0.0
255.255.255.255
or
Access-list 1 permit any
Restricting a Network
(Config)# Access-list 1 deny 192.168.3.0 0.0.0.255
(Config)# Access-list 1 permit any
Extended Access List
S 0 172.16.1.1 172.16.1.2 S 0
Router A Router B
E 0 1.50 E 0 5.50
1.4 1.1 5.4 5.1
1.3 1.2 5.3 5.2
1.20
(Config)# Access-list 101 deny TCP 192.168.5.0 0.0.0.255

192.168.1.20 0.0.0.0 eq FTP
(Config)# Access-list 101 permit IP any any
Implementation
(Config)#int E0
(config-if)# IP Access-group 101 Out
NAT(Network Address Translation)
S 0 172.16.1.1 172.16.1.2 S 0
Router B
Router A
E 0 1.50 E 0 5.50
1.4 1.1 5.4 5.1
192.168.1.3 1.2 5.3 5.2
Note : 192.168.1.3 is denied from entering the network of 5.0.So it will enter
with mask.
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# ip address 192.168.1.50 255.255.255.0
(Config-if)# no shut
(Config-if)# exit
(Config)# int S 0
(Config-if)# clock rate 56000
(Config-if)# bandwidth 64
(Config-if)# exit
(Config-Router)# ip route 192.168.5.0 255.255.255.0 172.16.1.2
(Config)# int E 0
(Config-if)# ip nat inside
(Config)# int S 0
(Config-if)# ip nat outside
(Config)# access-list 1 permit 192.168.1.3 0.0.0.0

(Config)# ip nat inside source list 1 int S 0 overload
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# access-list 10 deny 192.168.1.3 0.0.0.0

(Config)# access-list 10 permit any
(Config)# int E 0
(Config-if)# ip access-group 10 out
Note : Only Public IP can go to the Internetworking world.

A Scenario of providing Net access to the IP's of Router B
172.16.1.1 172.16.1.2
Routing
1.50 Router A 5.50 Router B

5.0
Routing
Switch
Leased line 192.168.1.99
Natting
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# clock rate 56000(for DCE)
(Config-if)# exit
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
((Config-if)# exit

(Config)# ip nat inside source list 10 int E 0 overload
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit

(Config)# ip nat inside source list 10 int E 0 overload
PPP(Point-to-Point) using PAP protocol
Internet based leased line
S 0 172.16.1.1 172.16.1.2 S 0
Router A Router B
(ISDN) (Zoom)
E 0 1.50 E 0 5.50
1.4 1.1 5.4 5.1
1.3 1.2 5.3 5.2
NOTE : Passwords of both should be same.

--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# encapsulation ppp
(Config-if)# ppp authentication PAP
(Config-if)# ppp PAP sent-username zoom password cisco
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# ppp authentication PAP
(Config-if)# ppp PAP sent-username ISP password cisco
PPP(Point-to-Point) using CHAP protocol
Internet based leased line
S 0 172.16.1.1 172.16.1.2 S 0
Router A Router B
(ISDN) (Zoom)
E 0 1.50 E 0 5.50
1.4 1.1 5.4 5.1
1.3 1.2 5.3 5.2
NOTE : Passwords of both should be same.

--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# ppp authentication CHAP
(Config-if)# ppp CHAP hostname zoom
(Config-if)# ppp CHAP password cisco
--------------------------------
# Config t
(Config)# int E 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# exit
(Config)# int S 0
(Config-if)# ppp authentication CHAP
(Config-if)# ppp CHAP hostname ISP
(Config-if)# ppp CHAP password cisco
DDR(Dial on Demand Routing)
ISP
S 0 172.16.1.1 172.16.1.2 S 0
Router A Router B
E 0 1.50 E 0 5.50
1.4 1.1 5.4 5.1
1.3 1.2 5.3 5.2
# Config t
(Config)# isdn switch-type basic-net 3
(Config)# int E 0/1

(Config-if)# exit
(Config)# int Bri 1/0

(Config-if)# no ip address
(Config-if)# no cdp enable
(Config-if)# exit
(Config)# int dialer 1

(Config-if)# ip address negotiated
(Config-if)# no cdp enable
(Config-if)# ppp authentication CHAP PAP callin
(Config-if)# ppp CHAP hostname unicomin@hd2
(Config-if)# ppp CHAP password password

CCNA Presentation Part 3

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

CCNA Presentation Part 3

Hochgeladen von

Copyright:

Verfügbare Formate

OSPF

1.50 5.50 192.168.5.0

Standard ACL Extended ACL

(Config)# Access-list 101 deny TCP 192.168.5.0 0.0.0.255

(Config)# access-list 1 permit 192.168.1.3 0.0.0.0

(Config)# access-list 10 deny 192.168.1.3 0.0.0.0

Note : Only Public IP can go to the Internetworking world.

1.50 Router A 5.50 Router B

Leased line 192.168.1.99

(Config)# access-list 10 permit 172.16.0.0 0.0.255.255

(Config)# access-list 10 permit 192.168.5.0 0.0.0.255

Internet based leased line

NOTE : Passwords of both should be same.

Internet based leased line

NOTE : Passwords of both should be same.

(Config)# int E 0/1

(Config)# int Bri 1/0

(Config)# int dialer 1

Das könnte Ihnen auch gefallen