Scribd Logo
Carica

Benvenuto in Scribd!

  • Informe Lab Cisco

    Caricato da

    Mauricio Salazar
    67 visualizzazioni8 pagine
    Laboratorios 5.3.4 y 6.4.1.3 ccna4

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Laboratorios 5.3.4 y 6.4.1.3 ccna4

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    67 visualizzazioni8 pagine

    Informe Lab Cisco

    Caricato da

    Mauricio Salazar
    Laboratorios 5.3.4 y 6.4.1.3 ccna4

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 8

    Actividad de PT 5.3.

    4: Configuracin de las ACL extendidas

    Configurar la primera ACL extendida para R1


    R1(config)#access-list 110 deny tcp 192.168.10.0 0.0.0.255 any eq telnet
    R1(config)#access-list 110 deny udp 192.168.10.0 0.0.0.255 host 192.168.20.254 eq tftp
    R1(config)#access-list 110 permit ip any any

    Configurar la segunda ACL extendida para R1


    R1(config)#access-list 111 permit tcp 192.168.11.0 0.0.0.255 host 192.168.20.254 eq
    www
    R1(config)#access-list 111 permit udp 192.168.11.0 0.0.0.255 host 192.168.20.254 eq tftp
    R1(config)#access-list 111 deny ip 192.168.11.0 0.0.0.255 192.168.20.0 0.0.0.255
    R1(config)#access-list 111 permit ip any any

    Verificar las configuraciones de ACL


    R1#show access-lists
    Extended IP access list 110
    deny tcp 192.168.10.0 0.0.0.255 any eq telnet
    deny udp 192.168.10.0 0.0.0.255 host 192.168.20.254 eq tftp
    permit ip any any
    Extended IP access list 111
    permit tcp 192.168.11.0 0.0.0.255 host 192.168.20.254 eq www
    permit udp 192.168.11.0 0.0.0.255 host 192.168.20.254 eq tftp
    deny ip 192.168.11.0 0.0.0.255 192.168.20.0 0.0.0.255
    permit ip any any

    Aplicar las sentencias a las interfaces


    R1(config)#interface fastEthernet 0/0
    R1(config-if)#ip access-group 110 in
    R1(config-if)#interface fastEthernet 0/1
    R1(config-if)#ip access-group 111 in

    Configurar la ACL extendida en R3


    R3(config)#access-list 130 deny ip 192.168.30.0 0.0.0.255 192.168.20.0 0.0.0.255
    R3(config)#access-list 130 permit ip 192.168.30.0 0.0.0.127 any
    R3(config)#access-list 130 permit ip 192.168.30.128 0.0.0.127 192.168.10.0 0.0.0.255
    R3(config)#access-list 130 permit ip 192.168.30.128 0.0.0.127 192.168.11.0 0.0.0.255
    R3(config)#access-list 130 permit tcp 192.168.30.128 0.0.0.127 any eq www
    R3(config)#access-list 130 permit icmp 192.168.30.128 0.0.0.127 any
    R3(config)#access-list 130 deny ip any any

    Aplicar las sentencias a la interfaz


    R3(config)#interface fastEthernet 0/0
    R3(config-if)#ip access-group 130 in

    Configurar una ACL extendida y nombrada en R2


    R2(config)#ip access-list extended FIREWALL
    R2(config-ext-nacl)#permit tcp any host 192.168.20.254 eq www
    R2(config-ext-nacl)#permit tcp any any established
    R2(config-ext-nacl)#permit icmp any any echo-reply
    R2(config-ext-nacl)#deny ip any any
    R2#show access-lists
    Extended IP access list FIREWALL
    10 permit tcp any host 192.168.20.254 eq www
    20 permit tcp any any established
    30 permit icmp any any echo-reply
    40 deny ip any any

    Aplicar las sentencias a la interfaz


    R2(config)# interface serial 0/1/0
    R2(config-if)#ip access-group FIREWALL in

    Actividad del PT 6.4.1: Desafo de integracin de aptitudes del


    Packet Tracer

    Aplicar las configuraciones bsicas del router


    R1(config)#line con 0
    R1(config-line)#pass cisco
    R1(config-line)#login
    R1(config-line)#exit
    R1(config)#line vty 0 4
    R1(config-line)#pass cisco
    R1(config-line)#login
    R1(config-line)#exit
    R1(config)#banner motd " ACCESO SOLO A PERSONAL AUTORIZADO "
    R1(config)#no ip domain-lookup
    R1(config)#interface serial 0/0/0
    R1(config-if)#description line to cloud-PT
    R1(config)#interface fastEthernet 0/0
    R1(config-if)#description fa
    R1(config-if)#description LAN
    R1(config-if)#exit
    R2(config)#line console 0

    R2(config-line)#password cisco
    R2(config-line)#login
    R2(config-line)#exit
    R2(config)#line vty 0 4
    R2(config-line)#password cisco
    R2(config-line)#login
    R2(config-line)#exit
    R2(config)#banner motd "ACCESO SOLO A PERSONAL AUTORIZADO"
    R2(config)#no ip domain-lookup
    R2(config)#interface serial 0/0/0
    R2(config-if)#description line to cloud-PT
    R2(config)#interface serial 0/1/0
    R2(config-if)#description ISP
    R2(config)#interface fastEthernet 0/0
    R2(config-if)#description LAN
    R2(config-if)#exit

    R3(config)#line console 0
    R3(config-line)#password cisco
    R3(config-line)#login
    R3(config-line)#exit
    R3(config)#line vty 0 4
    R3(config-line)#password cisco
    R3(config-line)#login
    R3(config-line)#exit
    R3(config)#banner motd " SOLO ACCESO A PERSONAL AUTORIZADO"
    R3(config)#no ip domain-lookup
    R3(config)#interface serial 0/0/0
    R3(config-if)#description line to cloud-PT
    R3(config)#interface fastEthernet 0/0
    R3(config-if)#description LAN
    R3(config-if)#exit

    Configurar el enrutamiento dinmico y predeterminado


    Configurar el enrutamiento predeterminado
    R2(config)#ip route 0.0.0.0 0.0.0.0 serial 0/1/0

    Configurar el enrutamiento dinmico

    R1(config)#router rip
    R1(config-router)#version 2
    R1(config-router)#network 10.1.1.0
    R1(config-router)#network 192.168.10.0
    R1(config-router)#passive-interface fastEthernet 0/1
    R1(config-router)#no auto-summary
    R1(config-router)#exit

    R2(config)#router rip
    R2(config-router)#version 2
    R2(config-router)#network 10.1.1.0
    R2(config-router)#network 192.168.20.0
    R2(config-router)#default-information originate
    R2(config-router)#passive-interface serial 0/1/0
    R2(config-router)#passive-interface fastEthernet 0/1
    R2(config-router)#no auto-summary
    R2(config-router)#exit

    R3(config)#router rip
    R3(config-router)#version 2
    R3(config-router)#network 10.1.1.0
    R3(config-router)#network 192.168.30.0
    R3(config-router)#passive-interface fastEthernet 0/1
    R3(config-router)#no auto-summary
    R3(config-router)#exit

    Establecer servicios de teletrabajador

    Aplicar polticas de ACL


    R2(config)#ip access-list extended FIREWALL
    R2(config-ext-nacl)#permit tcp host 192.168.1.10 host 192.168.20.254 eq www
    R2(config-ext-nacl)#permit tcp host 192.168.2.10 host 192.168.20.254 eq www
    R2(config-ext-nacl)#permit icmp any any echo-reply
    R2(config-ext-nacl)#permit tcp any any established
    R2(config-ext-nacl)#deny ip any any
    R2(config-ext-nacl)#inter
    R2(config-ext-nacl)#exit
    R2(config)#interface serial 0/1/0
    R2(config-if)#ip access-group FIREWALL in
    R2(config-if)#exit

    R3(config)#access-list 101 permit tcp 192.168.30.0 0.0.0.255 any eq www


    R3(config)#access-list 101 permit icmp 192.168.30.0 0.0.0.255 any
    R3(config)#access-list 101 deny ip any any
    R3(config)#interface fastEthernet 0/1
    R3(config-if)#ip access-group 101 in
    R3(config-if)#exit

    Potrebbero piacerti anche