Scribd Logo
Upload

Welcome to Scribd!

  • Conf Intervlan Sede Independencia

    Uploaded by

    jhonatan huaman tineo
    9 views8 pages

    Original Title

    conf intervlan sede independencia.txt

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views8 pages

    Conf Intervlan Sede Independencia

    Uploaded by

    jhonatan huaman tineo

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    ///////////////////////////////////////////////

    ROUTER PRINCIPAL
    ///////////////////////////////////////////////

    en
    conf t
    hostname ROUT_PRIN
    ip domain-name cisco.com
    username cisco privilege 15 password cisco
    crypto key generate rsa
    1024
    ip ssh version 2
    line vty 0 15
    password cisco
    login local
    transport input all
    logging synchronous
    exit

    line console 0
    password cisco
    login local
    logging synchronous
    exit

    enable password cisco


    service password-encryption

    configure terminal
    int gi0/0
    description RED-WAN_ISP_01
    ip add 192.168.0.2 255.255.255.0
    ip nat outside
    no sh

    int gi0/1
    description RED-WAN_ISP_02
    ip add 192.168.1.2 255.255.255.0
    ip nat outside
    no sh

    int gi0/2
    no sh

    int gi0/2.10
    encapsulation dot1q 10
    description RED-VLAN10
    ip add 192.168.10.1 255.255.255.0
    ip nat inside
    no sh

    int gi0/2.20
    encapsulation dot1q 20
    description RED-VLAN20
    ip add 192.168.20.1 255.255.255.0
    ip nat inside
    no sh
    int gi0/2.30
    encapsulation dot1q 30
    description RED-VLAN30
    ip add 192.168.30.1 255.255.255.0
    ip nat inside
    no sh
    exit

    ip access-list standard restriccion_red-10


    deny 192.168.20.0 0.0.0.253
    deny 192.168.30.0 0.0.0.255
    permit host 192.168.20.230
    permit host 192.168.20.231
    permit any

    ip access-list standard restriccion_red-20


    deny 192.168.10.0 0.0.0.253
    deny 192.168.30.0 0.0.0.253
    permit host 192.168.10.254
    permit host 192.168.30.254
    permit any

    ip access-list standard restriccion_red-30


    deny 192.168.10.0 0.0.0.255
    deny 192.168.20.0 0.0.0.253
    permit host 192.168.20.230
    permit host 192.168.20.231
    permit any
    exit

    int gi0/2.10
    ip access-group restriccion_red-10 out

    int gi0/2.20
    ip access-group restriccion_red-20 out

    int gi0/2.30
    ip access-group restriccion_red-30 out
    exit

    ip access-list standard restriccion-ssh


    permit host 192.168.20.230
    permit host 192.168.20.231
    deny any
    exit

    line vty 0 15
    access-class restriccion-ssh in

    ip dhcp excluded-address 192.168.10.1


    ip dhcp excluded-address 192.168.10.250 192.168.10.254
    ip dhcp excluded-address 192.168.20.230 192.168.20.254
    ip dhcp excluded-address 192.168.30.1
    ip dhcp excluded-address 192.168.30.250 192.168.30.254

    ip dhcp pool LAN_VLAN10


    network 192.168.10.0 255.255.255.0
    default-router 192.168.10.1
    dns-server 8.8.8.8

    ip dhcp pool LAN_VLAN20


    network 192.168.20.0 255.255.255.0
    default-router 192.168.20.1
    dns-server 8.8.8.8

    ip dhcp pool LAN_VLAN30


    network 192.168.30.0 255.255.255.0
    default-router 192.168.30.1
    dns-server 8.8.8.8
    exit

    ip access-list standard lan_02


    permit 192.168.10.0 0.0.0.255
    permit 192.168.20.0 0.0.0.255
    permit 192.168.30.0 0.0.0.255
    deny any

    route-map isp1 permit 10


    match ip address NAT
    match interface FastEthernet0/0

    ip nat inside source route-map isp1 interface FastEthernet0/0 overload

    do wr

    /////////////////////////////////////////
    SW PRINCIPAL
    //////////////////////////////////////////

    en
    conf t
    hostname SW_PRINCIPAL
    ip domain-name cisco.com
    username cisco privilege 15 password cisco
    crypto key generate rsa
    1024
    ip ssh version 2

    line vty 0 15
    password cisco
    login local
    transport input all
    logging synchronous
    exit

    line console 0
    password cisco
    login local
    logging synchronous
    exit

    enable password cisco


    service password-encryption

    vlan 10
    name vlan-10
    vlan 20
    name vlan_20
    vlan 30
    name vlan_30
    exit

    int vlan 20
    ip add 192.168.20.240 255.255.255.0

    ip access-list standard restriccion-ssh


    permit host 192.168.20.230
    permit host 192.168.20.231
    deny any
    exit

    line vty 0 15
    access-class restriccion-ssh in
    exit

    int gi0/1
    switchport mode trunk

    int range fa0/1-2


    switchport mode trunk
    ip default-gateway 192.168.20.1

    int range fa0/23-24


    switchport mode access
    switchport access vlan 20
    do wr
    end

    /////////////////////////////////////////
    SW ACCESO - OPERACIONES
    //////////////////////////////////////////

    en
    conf t
    hostname SW_ACCE_OPER
    ip domain-name cisco.com
    username cisco privilege 15 password cisco
    crypto key generate rsa
    1024
    ip ssh version 2

    line vty 0 15
    password cisco
    login local
    transport input ssh
    logging synchronous
    exit

    line console 0
    password cisco
    login local
    logging synchronous
    exit
    enable password cisco
    service password-encryption

    vlan 10
    name vlan-10
    vlan 20
    name vlan_20
    vlan 30
    name vlan_30
    exit

    int vlan 20
    ip add 192.168.20.241 255.255.255.0

    ip access-list standard restriccion_red_20


    permit 192.168.20.0 0.0.0.255
    deny any

    ip access-list standard restriccion-ssh


    permit host 192.168.20.230
    permit host 192.168.20.231
    exit

    line vty 0 15
    access-class restriccion-ssh in
    exit

    int gi0/1
    switchport mode trunk

    int range fa0/1-23


    switchport mode access
    switchport access vlan 10

    int range fa0/24


    switchport mode access
    switchport access vlan 20
    ip access-group restriccion_red_20 out
    exit

    int gi0/2
    switchport mode access
    switchport access vlan 10

    ip default-gateway 192.168.20.1
    do wr
    end

    /////////////////////////////////////////
    SW ACCESO - ADMINISTRACION
    //////////////////////////////////////////

    en
    conf t
    hostname SW_ACCE_ADM
    ip domain-name cisco.com
    username cisco privilege 15 password cisco
    crypto key generate rsa
    1024
    ip ssh version 2
    line vty 0 15
    password cisco
    login local
    transport input all
    logging synchronous
    exit

    line console 0
    password cisco
    login local
    logging synchronous
    exit

    enable password cisco


    service password-encryption

    vlan 10
    name vlan-10
    vlan 20
    name vlan_20
    vlan 30
    name vlan_30
    exit

    int vlan 20
    ip add 192.168.20.242 255.255.255.0

    ip access-list standard restriccion_red_30


    permit 192.168.30.0 0.0.0.255
    deny any

    ip access-list standard restriccion-ssh


    permit host 192.168.20.230
    permit host 192.168.20.231
    exit

    line vty 0 15
    access-class restriccion-ssh in
    exit

    int gi0/1
    switchport mode trunk

    int range fa0/1-23


    switchport mode access
    switchport access vlan 20

    int range fa0/24


    switchport mode access
    switchport access vlan 30
    ip access-group restriccion_red_30 out

    int gi0/2
    switchport mode access
    switchport access vlan 20
    exit

    ip default-gateway 192.168.20.1
    do wr
    end

    /////////////////////////////////////////
    SW ACCESO - RR.HH
    //////////////////////////////////////////

    en
    conf t
    hostname SW_ACCE_RR.HH
    ip domain-name cisco.com
    username cisco privilege 15 password cisco
    crypto key generate rsa
    1024
    ip ssh version 2
    line vty 0 15
    password cisco
    login local
    transport input all
    logging synchronous
    exit

    line console 0
    password cisco
    login local
    logging synchronous
    exit

    enable password cisco


    service password-encryption

    vlan 10
    name vlan-10
    vlan 20
    name vlan_20
    vlan 30
    name vlan_30
    exit

    int vlan 20
    ip add 192.168.20.243 255.255.255.0

    ip access-list standard restriccion_red_20


    permit 192.168.20.0 0.0.0.255
    deny any
    exit

    ip access-list standard restriccion-ssh


    permit host 192.168.20.230
    permit host 192.168.20.231
    exit

    line vty 0 15
    access-class restriccion-ssh in
    exit

    int gi0/1
    switchport mode trunk
    int range fa0/1-23
    switchport mode access
    switchport access vlan 30

    int range fa0/24


    switchport mode access
    switchport access vlan 20
    ip access-group restriccion_red_20 out

    int gi0/2
    switchport mode access
    switchport access vlan 30
    exit

    ip default-gateway 192.168.20.1
    do wr
    end

    You might also like