Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Seguridad de acceso
sw1(config)#
#
#
#
#
int f0/1
sw port-security
sw port-security max 2
sw port-security mac "dir mac" (estatico) ; sticky (dinamico)
sw port-security violation shutdown
SSH
Se puede administrar remotamente un equipo por su linea de comandos
obteniendo un control total
R1(config)# ip domain name cisco.com
# crypto key generate RSA
[512]: 1024
# ip ssh time-out 30 (tiempo muerto en seg)
# ip ssh authentication-retries 10 ( numero intentos conexion)
# ip ssh version 2
# line vty 0 4
# transport input ssh
VTP
Replica las vlan del server hacia los clientes
#
#
#
#
vtp
vtp
vtp
vtp
Crear vlan
# vlan 20
# name MKD
vlan 88
name ADM-NATIVA
vtp domain cisco.com
vtp mode server
vtp version 2
vtp password cisco
ip default-gateway 88.0.0.1
interface vlan 88
ip add 88.0.0.2 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 88
interface f 0/8
switchport mode acc
switchport acc vlan 40
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
-- SW2 --hostname SW2
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version 2
vtp domain cisco.com
vtp mode client
vtp version 2
vtp password cisco
ip default-gateway 88.0.0.1
interface vlan 88
ip add 88.0.0.3 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 88
interface f 0/10
switchport mode acc
switchport acc vlan 60
exit
-- SW 3 -hostname SW3
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version 2
vtp domain cisco.com
vtp mode client
vtp version 2
vtp password cisco
ip default-gateway 88.0.0.1
interface vlan 88
ip add 88.0.0.4 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 88
interface f 0/10
switchport mode acc
switchport acc vlan 50
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
13:04
Matias Karsek Flores Fuentes
LADO B
--------------------------------13:04
Matias Karsek Flores Fuentes
-- Server -hostname SERVER
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version2
vlan 10
name GERENCIA
vlan 20
name VENTAS
vlan 30
name NEGOCIOS
vlan 99
name ADM&NATIVA
vtp domain duoc.cl
vtp mode server
vtp version 2
vtp password class
ip default-gateway 99.0.0.1
interface vlan 99
ip add 99.0.0.3 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 99
exit
sp vlan 30 priority 12288
interface range f 0/1-3
switchport port-security
switchport port-security maximum 1
switchport port-security violation protect
-- CLIENTE-1 ---
hostname CLIENTE-1
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version2
vtp domain duoc.cl
vtp mode client
vtp version 2
vtp password class
ip default-gateway 99.0.0.1
interface vlan 99
ip add 99.0.0.4 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 99
interface f 0/10
switchport mode acc
switchport acc vlan 10
exit
sp vlan 10 priority 12288
interface range f 0/10
switchport port-security
switchport port-security mac-address 0060.3E4B.57EB
switchport port-security maximum 1
switchport port-security violation protect
-- CLIENTE 2 -hostname CLIENTE-2
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version2
vtp domain duoc.cl
vtp mode client
vtp version 2
vtp password class
ip default-gateway 99.0.0.1
interface vlan 99
ip add 99.0.0.5 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 99
interface f 0/10
switchport mode acc
switchport acc vlan 20
exit
sp vlan 20 priority 12288
interface f 0/10
switchport port-security
switchport port-security mac-address 0030.F27C.8542
switchport port-security maximum 1
switchport port-security violation protect
-- CLIENTE 3-hostname CLIENTE-3
username admin password admin123
enable secret cisco
line console 0
login local
line vty 0 15
login local
ip domain-name cisco.com
crypto key generate rsa
ip ssh authe 4
ip ssh time-out 40
ip ssh version2
vtp domain duoc.cl
vtp mode client
vtp version 2
vtp password class
ip default-gateway 99.0.0.1
interface vlan 99
ip add 99.0.0.2 255.255.255.248
interface range f 0/1-3
switchport mode trunk
switchport trunk native vlan 99
exit
sp vlan 99 priority 12288