You are on page 1of 6

pc 0 /26/ 172.18.67.129 / 172.18.67.

190
pc 1 /25/ 172.18.67.1 / 172.18.67.126
pc 2 /24/ 172.18.66.1 / 172.18.66.254
pc 3 /27/ 172.18.67.193 / 172.18.67.222
pc 4 /29/ 172. 18.67.225/ 172.18.67.230
pc 5 /23/ 172.18.64.1 / 172.18.64.254
_
R
ENABLE
CONF T
ipv6 unicast-routing
ip domain-name www.ccna.cl
enable secret redes
username admin password taller
crypto key generate rsa
2048
ip ssh version 2
line vty 0 15
transport input ssh
login local
exit
ip ssh time-out 20
_
SWITCH
ENABLE
CONF T
vlan 10
name MARKETING
EXIT
VLAN 20
NAME PUBLICIDAD
EXIT
INTERFACE RANGE F0/1-F0/24
SHUTDOWN
EXIT
INTERFACE RANGE F0/4-F0/19
SWITCHPORT MODE ACCESS
SWITCHPORT PORT-SECURITY
SWITCHPORT PORT-SECURITY MAXIMUM 1
SWITCHPORT PORT-SECURITY VIOLATION SHUTDOWN
SWITCHPORT PORT-SECURITY MAC-ADDRESS STICKY
EXIT
INTERFACE RANGE F0/6,F0/13,F0/1
NO SHUTDOWN
EXIT
SWITCHPORT MODE ACCESS
SWITCHPORT MODE TRUNK
EXIT
INTERFACE RANGE F0/4-F0/9
SWITCHPORT ACCESS VLAN 10
INTERFACE RANGE F0/10-F0/19
SWITCHPORT ACCESS VLAN 20
EXIT
_

RA

ENABLE
CONF T
ROUTER OSPF 40
ROUTER-ID 1.1.1.1
network 1.1.1.0 0.0.0.31 area 0
network 10.10.10.128 0.0.07 area 0
passive-interface g0/0
exit
int g0/1
ip ospf priority 10
exit
IPV6 ROUTER OSPF 40
int range g0/0,g0/1
IPV6 OSPF 40 AREA 0

exIT
int range g0/0,g0/1
IPV6 OSPF 40 AREA 0
ex
ospf router ospf 40
redistribute static

RB
ENABLE
CONF T
INTERFACE G0/0.10
ENCAPSULATION DOT1Q 10
IP ADD 2.2.2.14 255.255.255.240
IPV6 ADD 2015:2:2:1::1/64
EXIT
INTERFACE G0/0.20
ENCAPSULATION DOT1Q 20
ip add 2.2.2.126 255.255.255.192
IPV6 ADD 2015:2:2:2::1/64
exit
ROUTER OSPF 40
ROUTER-ID 5.5.5.5
DO SH IP ROUTE CON
NETWORK 2.2.2.0 0.0.0.15 AREA 0
network 2.2.2.64 0.0.0.63 area 0
network 10.10.10.128 0.0.0.7 area 0
passive-interface g0/0
EXIT
IPV6 ROUTER OSPF 40
ROUTER-ID 5.5.5.5
int range g0/0,g0/1
IPV6 OSPF 40 AREA 0
exit
int range g0/0,g0/1
IPV6 OSPF 40 AREA 0
exit
ospf router ospf 40
redistribute static

_
RC
ENABLE
CONF T
ROUTER OSPF 40
ROUTER-ID 3.3.3.3
network 3.3.3.0 0.0.0.7 area 0
network 10.10.10.128 0.0.0.7 area 0
passive-interface g0/0
exit
int g0/1
ip ospf priority 20
EXIT
ip route 0.0.0.0 0.0.0.0 20.20.20.194
p route 5.5.5.0 255.255.255.192 40.40.40.82
ipv6 route ::/0 2015:2:8:1::2
ipv6 route 2015:2:5:1::0/64 2015:2:A:1::2
ipv6 router ospf 40
ROUTER-ID 3.3.3.3
int range g0/0,g0/1
IPV6 OSPF 40 area 0
ex
ospf router ospf 40
redistribute static
_
RE
ENABLE
CONF T
IP ROUTE 0.0.0.0 0.0.0.0 40.40.40.81
ipv6 route ::/0 2015:2:A:1::1
_________________________________________________________________________

ACL/NAT: Configurar los siguientes requerimientos en RC (ítem Activity Grader:NAT-


IPV4):

● ACL STD igual a 10, permitiendo traducir las direcciones de las redes LAN (ingresar
cada subred en orden creciente)
● Crear un POOL con sobrecarga y nombre: WEB, que utilice la ACL creada en el
punto anterior y las primeras 3 direcciones IP de la subred100.30.20.0/29 para la
traducción
● Crear NAT estático de entrada y salida, con el que se relacione la dirección IP del
servidor “S1” y del servidor “S2” con la cuarta y quinta dirección IP de la subred
100.30.20.0/29, respectivamente
● Router ISP se encuentra configurado previamente por lo que debería poder hacer
pruebas de conectividad a la dirección WAN IPv4 e IPv6 de dicho router.
__

http://recursostic.educacion.es/observatorio/web/es/component/content/article/1065-listas-
de-control-de-acceso-acl?start=3

___ Numero ___


access-list 20 deny 1.1.1.3 // denega los pc mediante la ip

access-list 20 permit 1.1.1.0 0.0.0.31 // permite la salida mediante la sub red

___ Nombre __

ip access-list standard REDES (nombre)

deny host 1.1.1.3 (ip bloqueo)

permit 1.1.1.0 0.0.0.31 (permite la sub red)

__ Aplicar a int ___

RA(config)#int g0/0
RA(config-if)#ip access-group 20 in
ACL NUMERADA:
access-list 20 deny host 1.1.1.3
access-list 20 permit 1.1.1.0 0.0.0.31
!

ACL NOMBRADA:
ip access-list standard REDES
deny host 1.1.1.3
permit 1.1.1.0 0.0.0.31
!

interface GigabitEthernet0/0
ip access-group 20 in

&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

access-list 30 permit host 1.1.1.3

access-list 30 deny any

&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

access-list 40 deny any


access-list 40 permit host 1.1.1.3

&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&

access-list 50 deny host 1.1.1.3


access-list 50 permit host 1.1.1.3

http://atc2.aut.uah.es/~rosa/LabRC/Prac_5/Listas%20de%20Control%20de%20acceso.pdf
redistribute static

Only classful networks will be redistributed


default-information originate