You are on page 1of 8

------ Switch Capa 3 ------ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname S2 exit vlan database

vlan 10 name Usuarios vlan 20 name Soporte vlan 30 name Redes exit conf t interface fastethernet 0/5 switchport mode access switchport access vlan 10 exit interface fastethernet 0/10 switchport mode access switchport access vlan 20 exit interface fastethernet 0/15 switchport mode access switchport access vlan 30 exit interface fastethernet 0/0 switchport mode trunk switchport trunk allowed vlan all exit ---- Direccionamiento ---- R1 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname R1 interface ethernet 0/0 ip add 10.10.10.1 255.255.255.0 no shut exit interface ethernet 0/1 ip add 20.20.20.1 255.255.255.0 no shut interface ethernet 0/2 duplex full no shut exit interface ethernet 0/2.10 encapsulation dot1q 10 ip add 192.168.10.1 255.255.255.0 exit interface ethernet 0/2.20 encapsulation dot1q 20 ip add 192.168.20.1 255.255.255.0 exit interface ethernet 0/2.30

encapsulation dot1q 30 ipv6 add 2001:1:1:1::1/64 exit ipv6 unicast-routing **** router ospf 1 network 192.168.10.0 0.0.0.255 area 0 network 192.168.20.0 0.0.0.255 area 0 network 10.10.10.0 0.0.0.255 area 0 network 20.20.20.0 0.0.0.255 area 0 exit ---- Direccionamiento ---- R2 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname R2 interface ethernet 1/2 ip add 10.10.10.2 255.255.255.0 no shut exit interface serial 0/0 ip add 2.2.2.1 255.255.255.252 no shut exit **** router eigrp 100 network 2.2.2.0 0.0.0.3 no auto-summary exit router ospf 1 network 10.10.10.0 0.0.0.255 area 0 network 10.0.0.0 0.0.0.3 area 0 network 20.0.0.0 0.0.0.3 area 0 exit ---- Direccionamiento ---- R3 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname R3 interface ethernet 1/3 ip add 20.20.20.2 255.255.255.0 no shut exit interface serial 0/0 ip add 3.3.3.1 255.255.255.252 no shut exit ipv6 unicast-routing

**** router eigrp 100 network 3.3.3.0 0.0.0.3 no auto-summary exit router ospf 1 network 20.20.20.0 0.0.0.255 area 0 network 11.0.0.0 0.0.0.3 area 0 network 21.0.0.0 0.0.0.3 area 0 exit ---- Direccionamiento ---- ISP1 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname ISP1 interface serial 0/1 ip add 2.2.2.2 255.255.255.252 no shut exit interface serial 0/0 ip add 4.4.4.1 255.255.255.252 no shut exit interface serial 0/2 ip add 5.5.5.1 255.255.255.252 no shut exit **** router eigrp 100 network 2.2.2.0 0.0.0.3 network 4.4.4.0 0.0.0.3 network 5.5.5.0 0.0.0.3 no auto-summary exit ---- Direccionamiento ---- ISP2 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname ISP2 interface serial 0/1 ip add 3.3.3.2 255.255.255.252 no shut exit interface serial 0/0 ip add 6.6.6.1 255.255.255.252 no shut exit interface serial 0/2 ip add 7.7.7.1 255.255.255.252 no shut exit

**** router eigrp 100 network 3.3.3.0 0.0.0.3 network 6.6.6.0 0.0.0.3 network 7.7.7.0 0.0.0.3 no auto-summary exit ---- Direccionamiento ---- R6 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname R6 interface serial 0/2 ip add 4.4.4.2 255.255.255.252 no shut exit interface serial 0/1 ip add 6.6.6.2 255.255.255.252 no shut exit interface ethernet 1/0 ip add 172.16.10.1 255.255.255.0 no shut exit **** router eigrp 100 network 4.4.4.0 0.0.0.3 network 6.6.6.0 0.0.0.3 no auto-summary exit router ospf 1 network 172.16.10.0 0.0.0.255 area 0 network 10.0.0.0 0.0.0.3 area 0 network 11.0.0.0 0.0.0.3 area 0 exit ---- Direccionamiento ---- R7 ena conf t line console 0 exec-timeout 0 logging synchronous exit hostname R7 interface serial 0/0 ip add 5.5.5.2 255.255.255.252 no shut exit interface serial 0/3 ip add 7.7.7.2 255.255.255.252 no shut exit interface ethernet 1/2 ipv6 add 2001:2:2:2::1/64

no shut exit interface ethernet 1/1 ip add 172.16.20.1 255.255.255.0 no shut exit **** router eigrp 100 network 5.5.5.0 0.0.0.3 network 7.7.7.0 0.0.0.3 no auto-summary exit router ospf 1 network 172.16.20.0 0.0.0.255 area 0 network 20.0.0.0 0.0.0.3 area 0 network 21.0.0.0 0.0.0.3 area 0 exit ------------------------------------------- :D tuneles R2 crypto isakmp policy 10 authentication pre-share encryption aes 256 lifetime 86400 group 2 exit crypto isakmp key 6 RONALDO address 4.4.4.2 crypto isakmp key 6 MADRID address 5.5.5.2 crypto ipsec transform-set R2 esp-aes 256 esp-sha-hmac exit crypto ipsec profile TUNEL set transform-set R2 exit crypto ipsec profile TUNEL2 set transform-set R2 exit interface tunnel 10 ip add 10.0.0.1 255.255.255.252 tunnel source serial 0/0 tunnel destination 4.4.4.2 tunnel protection ipsec profile TUNEL exit interface tunnel 20 ip add 20.0.0.1 255.255.255.252 tunnel source serial 0/0 tunnel destination 5.5.5.2 tunnel protection ipsec profile TUNEL2 exit ---------------------------- R3 crypto isakmp policy 10 authentication pre-share encryption aes 256 lifetime 86400

group 2 exit crypto isakmp key 6 MESSI address 6.6.6.2 crypto isakmp key 6 BARCA address 7.7.7.2 crypto ipsec transform-set R3 esp-aes 256 esp-sha-hmac exit crypto ipsec profile TUNEL set transform-set R3 exit crypto ipsec profile TUNEL2 set transform-set R3 exit interface tunnel 11 ip add 11.0.0.1 255.255.255.252 tunnel source serial 0/0 tunnel destination 6.6.6.2 tunnel protection ipsec profile TUNEL exit interface tunnel 21 ip add 21.0.0.1 255.255.255.252 tunnel source serial 0/0 tunnel destination 7.7.7.2 tunnel protection ipsec profile TUNEL2 exit ---------------------------- R6 crypto isakmp policy 10 authentication pre-share encryption aes 256 lifetime 86400 group 2 exit crypto isakmp key 6 RONALDO address 2.2.2.1 crypto isakmp key 6 MESSI address 3.3.3.1 crypto ipsec transform-set R6 esp-aes 256 esp-sha-hmac exit crypto ipsec profile TUNEL set transform-set R6 exit crypto ipsec profile TUNEL2 set transform-set R6 exit interface tunnel 10 ip add 10.0.0.2 255.255.255.252 tunnel source serial 0/2 tunnel destination 2.2.2.1

tunnel protection ipsec profile TUNEL exit interface tunnel 11 ip add 11.0.0.2 255.255.255.252 tunnel source serial 0/1 tunnel destination 3.3.3.1 tunnel protection ipsec profile TUNEL2 exit -------------------------------------- R7 crypto isakmp policy 10 authentication pre-share encryption aes 256 lifetime 86400 group 2 exit crypto isakmp key 6 MADRID address 2.2.2.1 crypto isakmp key 6 BARCA address 3.3.3.1 crypto ipsec transform-set R7 esp-aes 256 esp-sha-hmac exit crypto ipsec profile TUNEL set transform-set R7 exit crypto ipsec profile TUNEL2 set transform-set R7 exit interface tunnel 20 ip add 20.0.0.2 255.255.255.252 tunnel source serial 0/0 tunnel destination 2.2.2.1 tunnel protection ipsec profile TUNEL exit interface tunnel 21 ip add 21.0.0.2 255.255.255.252 tunnel source serial 0/3 tunnel destination 3.3.3.1 tunnel protection ipsec profile TUNEL2 exit -------------------IP SLA MONITOR----------------------ip sla monitor 1 type echo protocol ipIcmpEcho 10.0.0.1 timeout 1000 threshold 1000 frequency 5 exit ip sla monitor schedule 1 life forever start-time now ip sla monitor 2 type echo protocol ipIcmpEcho 11.0.0.1 timeout 1000 threshold 1000

frequency 5 exit ip sla monitor schedule 2 life forever start-time now ip sla monitor 3 type echo protocol ipIcmpEcho 20.0.0.1 timeout 1000 threshold 1000 frequency 5 exit ip sla monitor schedule 3 life forever start-time now ip sla monitor 4 type echo protocol ipIcmpEcho 21.0.0.1 timeout 1000 threshold 1000 frequency 5 exit ip sla monitor schedule 4 life forever start-time now track 1 rtr 1 reachability delay up 30 exit track 2 rtr 2 delay up 30 exit track 3 rtr 3 reachability delay up 30 exit track 4 rtr 4 delay up 30 exit -------------------------Access List y PBR-----------------------access-list 100 permit ip 192.168.10.0 0.0.0.255 172.16.10.0 0.0.0.255 access-list 100 permit ip 192.168.10.0 0.0.0.255 172.16.20.0 0.0.0.255 access-list 100 permit ip 192.168.10.0 0.0.0.255 any access-list 101 permit ip 192.168.10.0 0.0.0.255 172.16.10.0 0.0.0.255 access-list 101 permit ip 192.168.10.0 0.0.0.255 172.16.20.0 0.0.0.255 access-list 101 permit ip 192.168.10.0 0.0.0.255 any route-map IP_SLA permit 10 match ip address 100 set ip next-hop verify-availability 10.10.10.2 1 track 1 set ip next-hop verify-availability 10.10.10.2 2 track 2 exit route-map IP_SLA permit 20 match ip address 101 set ip next-hop verify-availability 20.20.20.2 3 track 3 set ip next-hop verify-availability 20.20.20.2 4 track 4 exit IMPORTANT! ip policy route-map IP_SLA