Scribd
Upload
385 views3 pages

Skills Integration

The document provides configuration instructions for a Cisco router to: 1) Configure remote access, IP addressing, SSH, and encryption. 2) Create and assign VLANs to interface ranges and configure trunking between them. 3) Implement port security on an interface and disable unused ports. 4) Configure inter-VLAN routing, DHCP services, OSPF routing, and a default route. 5) Establish NAT to allow internal networks to access the internet using public IP pools and ACLs.

Uploaded by

anon_618764244
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
385 views3 pages

Skills Integration

The document provides configuration instructions for a Cisco router to: 1) Configure remote access, IP addressing, SSH, and encryption. 2) Create and assign VLANs to interface ranges and configure trunking between them. 3) Implement port security on an interface and disable unused ports. 4) Configure inter-VLAN routing, DHCP services, OSPF routing, and a default route. 5) Establish NAT to allow internal networks to access the internet using public IP pools and ACLs.

Uploaded by

anon_618764244
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

Cnt-Sw

Configure remote management access including IP addressing and SSH:


Domain is cisco.com
ip domain-name cisco.com
User HQadmin with password ciscoclass
username HQadmin password ciscoclass
Crypto key length of 1024
crypto key generate rsa
1024
SSH version 2, limited to 2 authentication attempts and a 60 second time
out
line vty 0 15
login local
transport input ssh
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
Clear text passwords should be encrypted.
service password-encryption

Configure, name and assign VLANs. Ports should be manually configured as


access ports.
vlan 15
name Servers
vlan 30
name PCs
vlan 45
name Native
vlan 60
name Management
exit
interface vlan 60
ip address 10.10.10.146 255.255.255.240
no shutdown
exit
ip default-gateway 10.10.10.145
exit
interface range fa0/11-20
switchport mode access
switchport access vlan 15
interface range fa0/1-10
switchport mode access
switchport access vlan 30

Configure trunking.
interface g0/1
switchport mode trunk
switchport trunk native vlan 45

Implement port security:

On Fa0/1, allow 2 MAC addresses that are automatically added to the conf
iguration file when detected.
The port should not be disabled, but a syslog message should be captured if a vi
olation occurs.
interface fa0/1
switchport port-security mac-address sticky
switchport port-security violation restrict ==>tiene un mensaje syslog

Disable all other unused ports.


interface range fa0/2-10, fa0/12-24, g0/2
shutdown
done!!!
Central

Configure inter-VLAN routing.


interface g0/0.15
encapsulation dot1Q 15
ip address 10.10.10.161 255.255.255.224
interface g0/0.30
encapsulation dot1Q 30
ip address 10.10.10.161 255.255.255.224
aces
interface g0/0.45
encapsulation dot1Q 45 native
exit

asi con todas las interf

==>mencionar que la Vlan 45 es nativa

interface g0/0
no shutdown
==>interface g0/0 es interface fisica

Configure DHCP services for VLAN 30. Use LAN as the case-sensitive name
for the pool.
ip dhcp pool LAN
network 10.10.10.192 255.255.255.192
default-router 10.10.10.193
exit

Implement routing:
Use OSPF process ID 1 and router ID 1.1.1.1
router ospf 1
router-id 1.1.1.1
Configure one network statement for the entire 192.168.45.0/24 address s
pace
network 192.168.45.0 0.0.0.255 area 0
Disable interfaces that should not send OSPF messages.
passive-interface g0/0.15
passive-interface g0/0.30
passive-interface g0/0.45
passive-interface g0/0.60
passive-interface s0/1/0
exit
Configure a default route to the Internet.
ip route 0.0.0.0 0.0.0.0 s0/1/0
router ospf 1

default-information originate
exit

Implement NAT:
Configure a standard, one statement ACL number 1. All IP addresses belon
ging to the
192.168.45.0/24 address space are allowed.
access-list 1 permit 10.10.10.0 0.0.0.255
Refer to your documentation and configure static NAT for the File Server
.
ip nat inside source static 10.10.10.162 198.133.219.130
Configure dynamic NAT with PAT using a pool name of your choice, a /30 m
ask, and these two public addresses:
209.165.200.225 and 209.165.200.226
ip nat pool INTERNET 198.133.219.128 198.133.219.129 netmask 255.255.255.252
ip nat inside source list 1 pool INTERNET overload
passive-interface g0/0.15
ip nat inside
passive-interface g0/0.30
ip nat inside
passive-interface g0/0.45
ip nat inside
passive-interface s0/0/0
ip nat inside
passive-interface s0/0/1
ip nat inside
passive-interface s0/1/0
ip nat outside
end
NetAdmin
Verify NetAdmin has received full addressing information from Central.
voy a configuracion y click en DHCP
luego ponemos las interfaces a no pasivas
router ospf 1
no passive-interface g0/0.15
no passive-interface g0/0.30
no passive-interface g0/0.45
no passive-interface g0/0.60
passive-interface g0/0
do wr
done!!!

You might also like