VERIFICACION DE LA CONFIGURACION

SHOW RUNNING:

[rSERVICIOS_COMPARTAMOS_VES_VISA]
[rSERVICIOS_COMPARTAMOS_VES_VISA]display current-configuration
[V200R009C00SPC500]
#
sysname rSERVICIOS_COMPARTAMOS_VES_VISA
#
drop illegal-mac alarm
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name portal_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name multi_authen_profile
#
dhcp enable
#
radius-server template default
#
hwtacacs-server template Claro_aaa
hwtacacs-server authentication 172.19.216.47
hwtacacs-server authorization 172.19.216.47
hwtacacs-server accounting 172.19.216.47
hwtacacs-server source-ip 10.234.200.42
hwtacacs-server shared-key cipher %^%#q#b-7QE>!0VRH(YMI%Z
%~#Mf5%v]u&<@+O@WLZ0%%^%#
undo hwtacacs-server user-name domain-included
#
pki realm default
#
ssl policy default_policy type server
pki-realm default
version tls1.0 tls1.1
ciphersuite rsa_aes_128_cbc_sha
#
acl number 3002
rule 0 permit ip source 10.162.133.64 0.0.0.7
#
ike proposal default
encryption-algorithm aes-256
dh group14
authentication-algorithm sha2-256
authentication-method pre-share
integrity-algorithm hmac-sha2-256
prf hmac-sha2-256
#
traffic classifier cs2 operator or
if-match dscp cs2
traffic classifier P2 operator or
if-match dscp cs2
if-match acl 3002
#
traffic behavior cs2
queue af bandwidth 512
car cir 512 pir 512 cbs 96000 pbs 96000 mode color-blind green pass
yellow discard red discard
statistic enable
traffic behavior shape512
gts cir 512 cbs 96000 queue-length 64
traffic-policy wan
traffic behavior default
remark dscp cs2
statistic enable
traffic behavior P2
remark dscp cs2
statistic enable
#
traffic policy SetDscpLan
classifier P2 behavior P2 precedence 5
classifier default-class behavior default precedence 10
traffic policy shape512
classifier default-class behavior shape512 precedence 5
traffic policy wan
classifier cs2 behavior cs2 precedence 5
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaa
authentication-scheme default
authentication-scheme radius
authentication-mode radius
authentication-scheme hwtacacs
authentication-mode hwtacacs local
authorization-scheme default
authorization-scheme hwtacacs
authorization-mode hwtacacs local
accounting-scheme default
accounting-scheme hwtacacs
accounting-mode hwtacacs
domain default
authentication-scheme default
domain default_admin
authentication-scheme hwtacacs
authorization-scheme hwtacacs
hwtacacs-server Claro_aaa
domain default_domain
 authentication-scheme hwtacacs
accounting-scheme hwtacacs
authorization-scheme hwtacacs
radius-server default
hwtacacs-server Claro_aaa
local-user admin password irreversible-cipher %^%#:
%/&I&pALY)>6LVvI.OAza/p;xa7wMQ.P8XYFjD0#t4M6h:~NKG.Q1H*d8OB%^
%#
local-user admin privilege level 15
local-user admin service-type terminal http
local-user huawei password irreversible-cipher %^%#'!<V,3`}.12]}!W/>
%^#`{Cu;X9_~4aQz99Sp0XI.N_`1NNsc.uz[6P!&5*I%^%#
local-user huawei privilege level 15
local-user huawei ftp-directory flash:
#
web
user-set Default
user-set VIP
#
firewall zone Local
#
interface Vlanif1
description RED LAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
set flow-stat interval 10
ip address 10.162.133.65 255.255.255.248
traffic-policy SetDscpLan inbound
#
interface GigabitEthernet0/0/0
set flow-stat interval 10
#
interface GigabitEthernet0/0/1
set flow-stat interval 10
#
interface GigabitEthernet0/0/2
set flow-stat interval 10
#
interface GigabitEthernet0/0/3
set flow-stat interval 10
#
interface GigabitEthernet0/0/4
description RED WAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
set flow-stat interval 10
undo negotiation auto
combo-port copper
#
interface GigabitEthernet0/0/4.10
description RED WAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
dot1q termination vid 2418
ip address 10.162.133.4 255.255.255.224
 traffic-policy shape512 outbound
statistic enable inbound
statistic enable outbound
#
interface GigabitEthernet0/0/5
description VirtualPort
#
interface Cellular0/0/0
#
interface NULL0
#
interface LoopBack0
description LOOPBACK DE GESTION
ip address 10.234.200.42 255.255.255.255
#
snmp-agent local-engineid 800007DB0340EEDD296AB7
#
stelnet server enable
telnet server enable
#
set web login-style simple
http secure-server ssl-policy default_policy
http server enable
http secure-server enable
http server permit interface Vlanif1
#
ip route-static 0.0.0.0 0.0.0.0 10.162.133.1
#
fib regularly-refresh disable
#
user-interface con 0
authentication-mode password
set authentication password cipher %^%#zppG"U
%5X2gr#I-]'K(5^`Dr0U7mt0[R7I@b]{eFFV.&(EEd=4j!>x8~Fi9A%^%#
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
#
wlan ac
traffic-profile name default
security-profile name default
security-profile name default-wds
security wpa2 psk pass-phrase %^%#zC6[HXV>bDn0L.3>)<23@Hn4,`!
3;<5~00ABfkKT%^%# aes
ssid-profile name default
vap-profile name default
wds-profile name default
regulatory-domain-profile name default
air-scan-profile name default
rrm-profile name default
radio-2g-profile name default
radio-5g-profile name default
 wids-spoof-profile name default
wids-profile name default
ap-system-profile name default
port-link-profile name default
wired-port-profile name default
ap-group name default
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
ops
#
autostart
#
secelog
#
return
[rSERVICIOS_COMPARTAMOS_VES_VISA]
[rSERVICIOS_COMPARTAMOS_VES_VISA]

SHOW START:
[rSERVICIOS_COMPARTAMOS_VES_VISA]display saved-configuration
[V200R009C00SPC500]
#
sysname rSERVICIOS_COMPARTAMOS_VES_VISA
#
drop illegal-mac alarm
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name portal_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name multi_authen_profile
#
dhcp enable
#
radius-server template default
#
hwtacacs-server template Claro_aaa
hwtacacs-server authentication 172.19.216.47
hwtacacs-server authorization 172.19.216.47
hwtacacs-server accounting 172.19.216.47
hwtacacs-server source-ip 10.234.200.42
hwtacacs-server shared-key cipher %^%#q#b-7QE>!0VRH(YMI%Z
%~#Mf5%v]u&<@+O@WLZ0%%^%#
undo hwtacacs-server user-name domain-included
#
pki realm default
#
ssl policy default_policy type server
pki-realm default
version tls1.0 tls1.1
ciphersuite rsa_aes_128_cbc_sha
#
acl number 3002
rule 0 permit ip source 10.162.133.64 0.0.0.7
#
ike proposal default
encryption-algorithm aes-256
dh group14
authentication-algorithm sha2-256
authentication-method pre-share
integrity-algorithm hmac-sha2-256
prf hmac-sha2-256
#
traffic classifier cs2 operator or
if-match dscp cs2
traffic classifier P2 operator or
if-match dscp cs2
if-match acl 3002
#
traffic behavior cs2
queue af bandwidth 512
car cir 512 pir 512 cbs 96000 pbs 96000 mode color-blind green pass yellow discard red discard
statistic enable
traffic behavior shape512
gts cir 512 cbs 96000 queue-length 64
traffic-policy wan
traffic behavior default
remark dscp cs2
statistic enable
traffic behavior P2
remark dscp cs2
statistic enable
#
traffic policy SetDscpLan
classifier P2 behavior P2 precedence 5
classifier default-class behavior default precedence 10
traffic policy shape512
classifier default-class behavior shape512 precedence 5
traffic policy wan
classifier cs2 behavior cs2 precedence 5
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaa
authentication-scheme default
 authentication-scheme radius
authentication-mode radius
authentication-scheme hwtacacs
authentication-mode hwtacacs local
authorization-scheme default
authorization-scheme hwtacacs
authorization-mode hwtacacs local
accounting-scheme default
accounting-scheme hwtacacs
accounting-mode hwtacacs
domain default
authentication-scheme default
domain default_admin
authentication-scheme hwtacacs
authorization-scheme hwtacacs
hwtacacs-server Claro_aaa
domain default_domain
authentication-scheme hwtacacs
accounting-scheme hwtacacs
authorization-scheme hwtacacs
radius-server default
hwtacacs-server Claro_aaa
local-user admin password irreversible-cipher %^%#:
%/&I&pALY)>6LVvI.OAza/p;xa7wMQ.P8XYFjD0#t4M6h:~NKG.Q1H*d8OB%^%#
local-user admin privilege level 15
local-user admin service-type terminal http
local-user huawei password irreversible-cipher %^%#'!<V,3`}.12]}!W/>
%^#`{Cu;X9_~4aQz99Sp0XI.N_`1NNsc.uz[6P!&5*I%^%#
local-user huawei privilege level 15
local-user huawei ftp-directory flash:
#
web
user-set Default
user-set VIP
#
firewall zone Local
#
interface Vlanif1
description RED LAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
set flow-stat interval 10
ip address 10.162.133.65 255.255.255.248
traffic-policy SetDscpLan inbound
#
interface GigabitEthernet0/0/0
set flow-stat interval 10
#
interface GigabitEthernet0/0/1
set flow-stat interval 10
#
interface GigabitEthernet0/0/2
set flow-stat interval 10
#
interface GigabitEthernet0/0/3
set flow-stat interval 10
#
interface GigabitEthernet0/0/4
description RED WAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
set flow-stat interval 10
undo negotiation auto
combo-port copper
#
interface GigabitEthernet0/0/4.10
description RED WAN |SERVICIOS COMPARTIDOS DE RESTAURANTES | RPV
ACCESO POS VISA 512 KBPS | CID:9994872|
dot1q termination vid 2418
ip address 10.162.133.4 255.255.255.224
traffic-policy shape512 outbound
statistic enable inbound
statistic enable outbound
#
interface GigabitEthernet0/0/5
description VirtualPort
#
interface Cellular0/0/0
#
interface NULL0
#
interface LoopBack0
description LOOPBACK DE GESTION
ip address 10.234.200.42 255.255.255.255
#
snmp-agent local-engineid 800007DB0340EEDD296AB7
#
stelnet server enable
telnet server enable
#
set web login-style simple
http secure-server ssl-policy default_policy
http server enable
http secure-server enable
http server permit interface Vlanif1
#
ip route-static 0.0.0.0 0.0.0.0 10.162.133.1
#
fib regularly-refresh disable
#
user-interface con 0
authentication-mode password
 set authentication password cipher %^%#zppG"U%5X2gr#I-]'K(5^`Dr0U7mt0[R7I@b]
{eFFV.&(EEd=4j!>x8~Fi9A%^%#
user-interface vty 0 4
authentication-mode aaa
user privilege level 15
#
wlan ac
traffic-profile name default
security-profile name default
security-profile name default-wds
security wpa2 psk pass-phrase %^%#zC6[HXV>bDn0L.3>)<23@Hn4,`!3;<5~00ABfkKT%^
%# aes
ssid-profile name default
vap-profile name default
wds-profile name default
regulatory-domain-profile name default
air-scan-profile name default
rrm-profile name default
radio-2g-profile name default
radio-5g-profile name default
wids-spoof-profile name default
wids-profile name default
ap-system-profile name default
port-link-profile name default
wired-port-profile name default
ap-group name default
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
ops
#
autostart
#
secelog
#
return
[rSERVICIOS_COMPARTAMOS_VES_VISA]
SHOW VERSION:
SHOW FLASH:

SHOW CDP:

SHOW INVENTORY
VERIFICACION DE CONECTIVIDAD:
SHOW IP ROUTE:

PING WAN:

PRVL 01

PRVL 02
PING LAN:

[rSERVICIOS_COMPARTAMOS_VES_VISA]ping ip -c 30 -s 1500 -tos 64

10.162.133.65
PING 10.162.133.65: 1500 data bytes, press CTRL_C to break
Reply from 10.162.133.65: bytes=1500 Sequence=1 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=2 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=3 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=4 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=5 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=6 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=7 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=8 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=9 ttl=255 time=2 ms
Reply from 10.162.133.65: bytes=1500 Sequence=10 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=11 ttl=255 time=1
ms
Reply from 10.162.133.65: bytes=1500 Sequence=12 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=13 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=14 ttl=255 time=3
ms
Reply from 10.162.133.65: bytes=1500 Sequence=15 ttl=255 time=2
ms
 Reply from 10.162.133.65: bytes=1500 Sequence=16 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=17 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=18 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=19 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=20 ttl=255 time=1
ms
Reply from 10.162.133.65: bytes=1500 Sequence=21 ttl=255 time=3
ms
Reply from 10.162.133.65: bytes=1500 Sequence=22 ttl=255 time=3
ms
Reply from 10.162.133.65: bytes=1500 Sequence=23 ttl=255 time=4
ms
Reply from 10.162.133.65: bytes=1500 Sequence=24 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=25 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=26 ttl=255 time=3
ms
Reply from 10.162.133.65: bytes=1500 Sequence=27 ttl=255 time=2
ms
Reply from 10.162.133.65: bytes=1500 Sequence=28 ttl=255 time=3
ms
Reply from 10.162.133.65: bytes=1500 Sequence=29 ttl=255 time=10
ms
Reply from 10.162.133.65: bytes=1500 Sequence=30 ttl=255 time=2
ms

--- 10.162.133.65 ping statistics ---

30 packet(s) transmitted
30 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/2/10 ms

[rSERVICIOS_COMPARTAMOS_VES_VISA]
PING LAN TO LAN:
PRUEBAS DE SATURACION:

SHOW POLICY-MAP INTERFACE WAN (aplica solo para RPV)

COS1:

COS2:

COS3:
SHOW POLICY-MAP INTERFACE WAN (aplica solo para RPV)

COS1:

COS2:

COS3:

SHOW POLICY-MAP INTERFACE LAN (aplica solo para RPV)

COS2:
SHOW ACCESS-LIST: (aplica solo para RPV)

SHOW INTERFACE:

WAN:
LAN: