Caso de estudio(ccna4)

{https://twitter.com/IrWiN_ViTeRi} Página 1 de 23

ACADEMIA

REGIONAL CISCO

ESPOL CCNA 4

Acceso a la WAN

CASO DE ESTUDIO

NOMBRE: IRWIN ALBERTO VITERI RAMBAY

PROFESOR: Ing. JAIME LUCERO


OBJETIVOS


ROUTER ISP hostname ISP

! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

! ip dhcp excluded-address 10.10.0.1 ip dhcp excluded-address 10.10.0.5

! ip dhcp pool LANisp

network 10.10.0.0 255.255.0.0 default-router 10.10.0.1 dns-server 10.10.0.5

! no ip domain-lookup

! spanning-tree mode pvst

! interface FastEthernet0/0 ip address 10.10.0.1 255.255.0.0

ip access-group 110 in ip nat inside

duplex auto speed auto !

interface FastEthernet0/1 no ip address


duplex auto

speed auto shutdown

! interface Serial0/0/0 ip address 192.168.4.97 255.255.255.252

encapsulation frame-relay frame-relay map ip 192.168.4.98 101 broadcast

ip nat outside ! interface Serial0/0/1

no ip address shutdown

! interface Vlan1 no ip address

shutdown !

ip nat pool pool-NATisp 192.168.100.11 192.168.100.20 netmask 255.255.255.0

ip nat inside source list listaNAT pool pool-NATisp ip nat inside source static 10.10.0.1 192.168.100.1 ip classless

ip route 172.16.0.0 255.255.0.0 192.168.4.98 ip route 192.168.0.0 255.255.0.0 192.168.4.98

! ip access-list extended listaNAT permit ip 10.10.0.0 0.0.255.255 any

access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet

access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ! banner motd

*******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED.

! line con 0 password cisco

logging synchronous login

! line aux 0 !

line vty 0 4 password cisco

logging synchronous login line vty 5 15

password cisco logging synchronous

login end






ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet ISP(config)#end ISP(config)#interface fastEthernet 0/0 ISP(config-if)#ip access-group 110 in ISP(config-if)#end

Solamente desde el Servidor DNS se puede hacer Telnet a los ruteadores.




ROUTER SIDNEY hostname SIDNEY

! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 !

aaa new-model !

aaa authentication login SIDNEY_LOCAL local ! username AUCKLAND password 7 080D786B5D

username SIDNEY password 7 0822455D0A16 !

no ip domain-lookup ! spanning-tree mode pvst

! interface FastEthernet0/0

ip address 172.16.4.1 255.255.255.0 duplex auto

speed auto ! interface FastEthernet0/1

no ip address duplex auto

speed auto shutdown !

interface Serial0/1/0 ip address 192.168.4.98 255.255.255.252

encapsulation frame-relay frame-relay map ip 192.168.4.97 101 broadcast ip access-group 110 out

! interface Serial0/1/1

no ip address shutdown !


clock rate 64000 ! interface Serial0/3/1

ip address 192.168.2.1 255.255.255.252 encapsulation ppp

ppp authentication chap ! interface Vlan1

no ip address


shutdown

! router eigrp 100

redistribute static network 192.168.1.128 0.0.0.3 network 192.168.2.0 0.0.0.3

network 172.16.4.0 0.0.0.255 no auto-summary

! ip classless ip route 0.0.0.0 0.0.0.0 192.168.4.97

! access-list 110 permit udp any host 192.168.4.97 eq domain

access-list 110 permit tcp any host 192.168.4.97 eq smtp access-list 110 permit tcp any host 192.168.4.97 eq www access-list 110 deny ip any any

! banner motd

*******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED.

! line con 0 logging synchronous

login authentication SIDNEY_LOCAL !

line aux 0 ! line vty 0 4

logging synchronous login authentication SIDNEY_LOCAL

line vty 5 15 logging synchronous login authentication SIDNEY_LOCAL

end




SIDNEY(config)#access-list 110 permit udp any host 192.168.4.97 eq domain SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq smtp SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq www SIDNEY(config)#access-list 110 deny ip any any SIDNEY(config)#int s0/1/0 SIDNEY(config-if)#ip access-group 110 out SIDNEY(config-if)#end


ROUTER TOKYO hostname TOKYO


! no ip domain-lookup !

spanning-tree mode pvst !

interface FastEthernet0/0 ip address 172.16.20.1 255.255.255.0 duplex auto

speed auto !

interface FastEthernet0/1 no ip address duplex auto

speed auto shutdown

! interface Serial0/2/0 ip address 192.168.1.130 255.255.255.252



interface Vlan1 no ip address

shutdown ! router eigrp 100

network 172.16.20.0 0.0.0.255 network 192.168.1.128 0.0.0.3

auto-summary ! ip classless

! banner motd �

*******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED.�

! line con 0 password cisco


! line aux 0 !


line vty 0 4

password cisco logging synchronous

login line vty 5 15 password cisco


! end



ROUTER AUCKLAND hostname AUCKLAND


! username SIDNEY password 7 080D786B5D !

no ip domain-lookup !

spanning-tree mode pvst ! interface FastEthernet0/0

ip address 172.16.15.1 255.255.255.0 duplex auto

speed auto ! interface FastEthernet0/1

no ip address duplex auto

speed auto shutdown !


encapsulation ppp ppp authentication chap clock rate 64000



interface Vlan1 no ip address

shutdown ! router eigrp 100

network 192.168.2.0 0.0.0.3 network 172.16.15.0 0.0.0.255

no auto-summary !

ip classless ! banner motd �

*******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED.�

! line con 0 password 7 0822455D0A16


logging synchronous

login !

line aux 0 ! line vty 0 4

password 7 0822455D0A16 logging synchronous

login line vty 5 15 password 7 0822455D0A16


! end



Technology

Caso de estudio(ccna4)