Scribd Logo
Upload

Welcome to Scribd!

  • Ccna 5

    Uploaded by

    Carlos Alberto Perdomo Polania
    14 views7 pages
    BUENOS

    Original Title

    ccna 5

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    BUENOS

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views7 pages

    Ccna 5

    Uploaded by

    Carlos Alberto Perdomo Polania
    BUENOS

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    JUN 1717

    enable
    configure terminal
    hostname S1
    service password-encryption
    enable secret class
    no ip domain-lookup
    banner motd #warn#
    vlan 99
    name admin
    interface vlan 1
    ip address 192.168.1.2 255.255.255.0
    no shutdown
    ip default-gateway 192.168.1.1
    ip domain-name R4
    crypto key generate rsa
    username admin password cisco
    interface fastEthernet 0/2
    switchport mode access
    switchport port-security mac-address sticky
    switchport port-security maximum 3
    switchport port-security violation shutdown
    switchport port-security mac-address 2222.4444.6666
    switchport port-security aging time 60

    line con 0
    password cisco
    login
    logging synchronous
    line vty 0 4
    transport input ssh
    login local
    mac address-table static 00E0.B027.2245 vlan 1 interface fastethernet 0/1
    vlan
    name
    vlan
    name
    vlan
    name
    vlan
    name

    10
    Faculty/Staff
    20
    Students
    30
    Guest(Default)
    99
    Management&Native

    interface FastEthernet0/1
    switchport trunk native vlan 99
    switchport trunk allowed vlan 10,99
    switchport mode trunk
    interface range FastEthernet 0/2-24

    switchport access vlan 20


    switchport mode access
    -----------------------------------------------------------------statico ipv6
    R1
    interface GigabitEthernet0/0
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:1:1::1/64
    interface Serial0/0/0
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:1:A001::1/64
    ipv6 unicast-routing
    ipv6 router ospf 1
    router-id 1.1.1.1
    ipv6 ospf 1 area 0
    ipv6 route 2001:DB8:1:2::/64 2001:DB8:1:A001::2
    ipv6 route 2001:DB8:1:3::/64 2001:DB8:1:A001::2
    ipv6 route 2001:DB8:1:A002::/64 2001:DB8:1:A001::2
    show ipv6 route ospf
    R1
    interface GigabitEthernet0/0
    ipv6 address fe80::1 link-local
    ipv6 address 2001:db8:cafe:2::1/64
    interface Serial0/0/0
    ipv6 address fe80::1 link-local
    ipv6 address 2001:db8:cafe:a001::2/64
    interface Serial0/0/1
    ipv6 address fe80::1 link-local
    ipv6 address 2001:db8:cafe:a002::1/64
    clock rate 64000
    R3
    interface GigabitEthernet0/0
    ipv6 address FE80::3 link-local
    ipv6 address 2001:DB8:1:3::1/64
    interface Serial0/0/1
    ipv6 address FE80::3 link-local
    ipv6 address 2001:DB8:1:A002::2/64
    ipv6 unicast-routing
    ipv6 route ::/0 2001:DB8:1:A002::1
    ----------------------------------------------------------------------R1(config)# ipv6 unicast-routing

    ipv6 unicast-routing
    ipv6 route ::/0 2001:DB8:1:A002::1
    ipv6 router ospf 10
    router-id 1.1.1.1
    log-adjacency-changes
    passive-interface GigabitEthernet0/0
    ipv6 router ospf 1
    router-id 1.1.1.1
    log-adjacency-changes
    interface g0/1
    ipv6 address 2001:DB8:ACAD:A::/64 eui-64
    no shutdown
    interface serial 0/0/1
    ipv6 address FC00::1/64
    no shutdown
    ipv6 route 2001:DB8:ACAD:B::/64 serial 0/0/1 O
    ipv6 route 2001:DB8:ACAD:B::/64 FC00::2 O
    ipv6 route ::/0 serial 0/0/1
    R3(config)# ipv6 unicast-routing
    interface GigabitEthernet0/0
    description R1 LAN
    no ip address
    duplex auto
    speed auto
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:CAFE:1::1/64
    ipv6 ospf 10 area 0
    interface Serial0/0/0
    description Link to R2
    no ip address
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:CAFE:A001::1/64
    ipv6 ospf 1 area 0
    clock rate 64000
    !
    interface Serial0/0/1
    description Link to R3
    no ip address
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:CAFE:A003::1/64
    ipv6 ospf 10 area 0
    interface Loopback0
    ipv6 address 2001:DB8:5F73:6::1/64
    ipv6 router ospf 10
    router-id 1.1.1.1
    log-adjacency-changes
    passive-interface GigabitEthernet0/0
    network 172.16.2.0 0.0.0.255 area 0
    network 192.168.10.8 0.0.0.3 area 0

    network 172.16.3.0 0.0.0.3 area 0


    router ospf 1
    router-id 1.1.1.1
    log-adjacency-changes
    passive-interface GigabitEthernet0/0
    network 172.31.0.0 0.0.1.255 area 0
    network 172.31.4.0 0.0.0.3 area 0
    router eigrp 100
    passive-interface GigabitEthernet0/0
    passive-interface GigabitEthernet0/1
    network 192.168.10.0
    network 192.168.11.0
    network 10.0.0.0
    no auto-summary
    access-list 1 deny 192.168.11.0 0.0.0.255
    access-list 1 permit any
    interface GigabitEthernet0/0
    ip access-group 1 out
    access-list 1 deny 192.168.10.0 0.0.0.255
    access-list 1 permit any
    interface GigabitEthernet0/0
    ip access-group 1 out
    access-list 1 remark Allow R1 LANs Access
    access-list 1 permit 192.168.10.0 0.0.0.255
    access-list 1 permit 192.168.20.0 0.0.0.255
    access-list 1 deny any
    interface g0/1
    ip access-group 1 out
    ip access-list standard BRANCH-OFFICE-POLICY
    permit host 192.168.30.3
    permit 192.168.40.0 0.0.0.255
    interface g0/1
    ip access-group BRANCH-OFFICE-POLICY out
    ip access-list standard File_Server_Restrictions
    permit host 192.168.20.4
    deny any
    ip access-group File_Server_Restrictions out
    access-list 99 permit host 10.0.0.1
    access-list 99 deny any
    line vty 0 4
    login local
    transport input ssh
    access-class 99 in
    access-list 100 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ftp
    access-list 100 permit icmp 172.22.34.64 0.0.0.31 host 172.22.34.62
    interface gigabitEthernet 0/0
    ip access-group 100 in

    permit tcp 172.22.34.96 0.0.0.15 host 172.22.34.62 eq www


    permit icmp 172.22.34.96 0.0.0.15 host 172.22.34.62
    interface gigabitEthernet 0/1
    ip access-group HTTP_ONLY in
    access-list 199 permit tcp 10.101.117.32 0.0.0.15 10.101.117.0 0.0.0.31 eq telne
    t
    access-list 199 permit icmp any any
    access-list 100
    access-list 100
    access-list 100
    int s0/0/0
    ip access-group

    remark Allow Web & SSH Access


    permit tcp host 192.168.10.3 host 10.2.2.1 eq 22
    permit tcp any any eq 80
    100 out

    ip access-list extended WEB-POLICY


    permit tcp 192.168.30.0 0.0.0.255 host 10.1.1.1 eq 80
    permit tcp 192.168.30.0 0.0.0.255 209.165.200.224 0.0.0.31 eq 80
    int S0/0/1
    ip access-group WEB-POLICY out
    ip access-list extended 100
    30 permit ip 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
    ip access-list extended WEB-POLICY
    30 permit ip 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255
    deny tcp any host 2001:DB8:1:30::30 eq www
    deny tcp any host 2001:DB8:1:30::30 eq 443
    ipv6 traffic-filter BLOCK_HTTP in
    ipv6 access-list RESTRICT-VTY
    permit tcp 2001:db8:acad:a::/64 any
    permit tcp any any eq 22
    line vty 0 4
    ipv6 access-class RESTRICT-VTY in
    ipv6 access-list RESTRICTED-LAN
    remark Block Telnet from outside
    deny tcp any 2001:db8:acad:a::/64 eq telnet
    permit ipv6 any any
    int g0/1
    ipv6 traffic-filter RESTRICTED-LAN out
    ipv6 access-list RESTRICTED-LAN
    permit tcp 2001:db8:acad:b::/64 host 2001:db8:acad:a::a eq 23 sequence 15
    permit tcp any host 2001:db8:acad:a::3 eq www
    int g0/1
    ipv6 traffic-filter RESTRICTED-LAN out
    R1
    router eigrp 1
    network 192.168.0.0 0.0.0.255
    network 192.168.1.0 0.0.0.255
    network 192.168.2.252 0.0.0.3
    no auto-summary
    interface g0/0

    ip helper-address 192.168.2.254
    interface g0/1
    ip helper-address 192.168.2.254
    R2
    router eigrp 1
    network 192.168.2.252 0.0.0.3
    redistribute static
    ip route 0.0.0.0 0.0.0.0 209.165.200.225
    ip route 192.168.0.0 255.255.252.0 209.165.200.226
    ip dhcp excluded-address 192.168.0.1 192.168.0.9
    ip dhcp excluded-address 192.168.1.1 192.168.1.9
    ip dhcp pool R1G1
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.1
    dns-server 209.165.200.225
    domain-name ccna-lab.com
    lease 2
    ip dhcp pool R1G0
    network 192.168.0.0 255.255.255.0
    default-router 192.168.0.1
    dns-server 209.165.200.225
    domain-name ccna-lab.com
    lease 2
    interface g0/0
    ip address dhcp
    interface GigabitEthernet0/0
    ip address 192.168.10.1 255.255.255.0
    ip helper-address 10.1.1.1
    ip helper-address 10.1.1.2
    duplex auto
    speed auto
    iip dhcp excluded-address 10.10.4.1
    !
    ip dhcp pool R4
    network 10.10.4.0 255.255.255.0
    default-router 10.10.4.1
    dns-server 209.165.44.2

    interface GigabitEthernet0/0
    ip address 10.10.4.1 255.255.255.0
    duplex auto
    speed auto
    ipv6 address FE80::1 link-local
    ipv6 address 2001:DB8:A:4::1/64
    ipv6 ospf 1 area 0
    !
    !
    interface Serial0/0/1
    ip address 64.103.17.2 255.255.255.252

    ipv6 address FE80::4 link-local


    ipv6 address 2001:DB8:A:103::2/64
    ipv6 ospf 1 area 0
    router ospf 1
    log-adjacency-changes
    passive-interface GigabitEthernet0/0
    network 10.10.4.0 0.0.0.255 area 0
    network 64.103.17.0 0.0.0.3 area 0
    !
    ipv6 router ospf 1
    router-id 1.1.1.1
    log-adjacency-changes
    !
    ipv6 route ::/0 Serial0/0/1
    !
    !
    interface Serial0/0/0
    ip address 10.1.1.1 255.255.255.252
    encapsulation ppp
    ppp authentication pap
    ppp pap sent-username R1 password 0 cisco

    You might also like