ACADEMIA
REGIONAL CISCO
ESPOL
CCNA 4
Acceso a la WAN

CASO DE ESTUDIO
NOMBRE: IRWIN ALBERTO VITERI RAMBAY
PROFESOR: Ing. J...
OBJETIVOS

{https://twitter.com/IrWiN_ViTeRi}

Página 2 de 23
ROUTER ISP
hostname ISP
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
ip dhcp excluded-address 10.10.0.1
ip dhcp excl...
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 192.168.4.97 255.255.255.252
encapsulation frame-relay
...
{https://twitter.com/IrWiN_ViTeRi}

Página 5 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 6 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 7 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 8 de 23
ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet
ISP(config)#access-list 110 permit tcp h...
{https://twitter.com/IrWiN_ViTeRi}

Página 10 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 11 de 23
ROUTER SIDNEY
hostname SIDNEY
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
aaa new-model
!
aaa authentication login ...
shutdown
!
router eigrp 100
redistribute static
network 192.168.1.128 0.0.0.3
network 192.168.2.0 0.0.0.3
network 172.16.4...
{https://twitter.com/IrWiN_ViTeRi}

Página 14 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 15 de 23
SIDNEY(config)#access-list 110 permit udp any host 192.168.4.97 eq domain
SIDNEY(config)#access-list 110 permit tcp any ho...
ROUTER TOKYO
hostname TOKYO
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
no ip domain-lookup
!
spanning-tree mode pv...
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
end

{https...
{https://twitter.com/IrWiN_ViTeRi}

Página 19 de 23
ROUTER AUCKLAND
hostname AUCKLAND
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
username SIDNEY password 7 080D786B5D...
logging synchronous
login
!
line aux 0
!
line vty 0 4
password 7 0822455D0A16
logging synchronous
login
line vty 5 15
pass...
{https://twitter.com/IrWiN_ViTeRi}

Página 22 de 23
{https://twitter.com/IrWiN_ViTeRi}

Página 23 de 23
Upcoming SlideShare
Loading in …5
×

Caso de estudio(ccna4)

1,050 views

Published on

https://twitter.com/IrWiN_ViTeRi

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,050
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Caso de estudio(ccna4)

  1. 1. ACADEMIA REGIONAL CISCO ESPOL CCNA 4 Acceso a la WAN CASO DE ESTUDIO NOMBRE: IRWIN ALBERTO VITERI RAMBAY PROFESOR: Ing. JAIME LUCERO {https://twitter.com/IrWiN_ViTeRi} Página 1 de 23
  2. 2. OBJETIVOS {https://twitter.com/IrWiN_ViTeRi} Página 2 de 23
  3. 3. ROUTER ISP hostname ISP ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! ip dhcp excluded-address 10.10.0.1 ip dhcp excluded-address 10.10.0.5 ! ip dhcp pool LANisp network 10.10.0.0 255.255.0.0 default-router 10.10.0.1 dns-server 10.10.0.5 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 10.10.0.1 255.255.0.0 ip access-group 110 in ip nat inside duplex auto speed auto ! interface FastEthernet0/1 no ip address {https://twitter.com/IrWiN_ViTeRi} Página 3 de 23
  4. 4. duplex auto speed auto shutdown ! interface Serial0/0/0 ip address 192.168.4.97 255.255.255.252 encapsulation frame-relay frame-relay map ip 192.168.4.98 101 broadcast ip nat outside ! interface Serial0/0/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! ip nat pool pool-NATisp 192.168.100.11 192.168.100.20 netmask 255.255.255.0 ip nat inside source list listaNAT pool pool-NATisp ip nat inside source static 10.10.0.1 192.168.100.1 ip classless ip route 172.16.0.0 255.255.0.0 192.168.4.98 ip route 192.168.0.0 255.255.0.0 192.168.4.98 ! ip access-list extended listaNAT permit ip 10.10.0.0 0.0.255.255 any access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password cisco logging synchronous login ! line aux 0 ! line vty 0 4 password cisco logging synchronous login line vty 5 15 password cisco logging synchronous login end {https://twitter.com/IrWiN_ViTeRi} Página 4 de 23
  5. 5. {https://twitter.com/IrWiN_ViTeRi} Página 5 de 23
  6. 6. {https://twitter.com/IrWiN_ViTeRi} Página 6 de 23
  7. 7. {https://twitter.com/IrWiN_ViTeRi} Página 7 de 23
  8. 8. {https://twitter.com/IrWiN_ViTeRi} Página 8 de 23
  9. 9. ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.4.98 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.2.2 eq telnet ISP(config)#access-list 110 permit tcp host 10.10.0.5 host 192.168.1.130 eq telnet ISP(config)#end ISP(config)#interface fastEthernet 0/0 ISP(config-if)#ip access-group 110 in ISP(config-if)#end Solamente desde el Servidor DNS se puede hacer Telnet a los ruteadores. {https://twitter.com/IrWiN_ViTeRi} Página 9 de 23
  10. 10. {https://twitter.com/IrWiN_ViTeRi} Página 10 de 23
  11. 11. {https://twitter.com/IrWiN_ViTeRi} Página 11 de 23
  12. 12. ROUTER SIDNEY hostname SIDNEY ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! aaa new-model ! aaa authentication login SIDNEY_LOCAL local ! username AUCKLAND password 7 080D786B5D username SIDNEY password 7 0822455D0A16 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.4.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/1/0 ip address 192.168.4.98 255.255.255.252 encapsulation frame-relay frame-relay map ip 192.168.4.97 101 broadcast ip access-group 110 out ! interface Serial0/1/1 no ip address shutdown ! interface Serial0/3/0 ip address 192.168.1.129 255.255.255.252 clock rate 64000 ! interface Serial0/3/1 ip address 192.168.2.1 255.255.255.252 encapsulation ppp ppp authentication chap ! interface Vlan1 no ip address {https://twitter.com/IrWiN_ViTeRi} Página 12 de 23
  13. 13. shutdown ! router eigrp 100 redistribute static network 192.168.1.128 0.0.0.3 network 192.168.2.0 0.0.0.3 network 172.16.4.0 0.0.0.255 no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 192.168.4.97 ! access-list 110 permit udp any host 192.168.4.97 eq domain access-list 110 permit tcp any host 192.168.4.97 eq smtp access-list 110 permit tcp any host 192.168.4.97 eq www access-list 110 deny ip any any ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 logging synchronous login authentication SIDNEY_LOCAL ! line aux 0 ! line vty 0 4 logging synchronous login authentication SIDNEY_LOCAL line vty 5 15 logging synchronous login authentication SIDNEY_LOCAL end {https://twitter.com/IrWiN_ViTeRi} Página 13 de 23
  14. 14. {https://twitter.com/IrWiN_ViTeRi} Página 14 de 23
  15. 15. {https://twitter.com/IrWiN_ViTeRi} Página 15 de 23
  16. 16. SIDNEY(config)#access-list 110 permit udp any host 192.168.4.97 eq domain SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq smtp SIDNEY(config)#access-list 110 permit tcp any host 192.168.4.97 eq www SIDNEY(config)#access-list 110 deny ip any any SIDNEY(config)#int s0/1/0 SIDNEY(config-if)#ip access-group 110 out SIDNEY(config-if)#end {https://twitter.com/IrWiN_ViTeRi} Página 16 de 23
  17. 17. ROUTER TOKYO hostname TOKYO ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.20.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/2/0 ip address 192.168.1.130 255.255.255.252 ! interface Serial0/2/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! router eigrp 100 network 172.16.20.0 0.0.0.255 network 192.168.1.128 0.0.0.3 auto-summary ! ip classless ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password cisco logging synchronous login ! line aux 0 ! {https://twitter.com/IrWiN_ViTeRi} Página 17 de 23
  18. 18. line vty 0 4 password cisco logging synchronous login line vty 5 15 password cisco logging synchronous login ! end {https://twitter.com/IrWiN_ViTeRi} Página 18 de 23
  19. 19. {https://twitter.com/IrWiN_ViTeRi} Página 19 de 23
  20. 20. ROUTER AUCKLAND hostname AUCKLAND ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! username SIDNEY password 7 080D786B5D ! no ip domain-lookup ! spanning-tree mode pvst ! interface FastEthernet0/0 ip address 172.16.15.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/1/0 ip address 192.168.2.2 255.255.255.252 encapsulation ppp ppp authentication chap clock rate 64000 ! interface Serial0/1/1 no ip address shutdown ! interface Vlan1 no ip address shutdown ! router eigrp 100 network 192.168.2.0 0.0.0.3 network 172.16.15.0 0.0.0.255 no auto-summary ! ip classless ! banner motd *******************************UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED. ! line con 0 password 7 0822455D0A16 {https://twitter.com/IrWiN_ViTeRi} Página 20 de 23
  21. 21. logging synchronous login ! line aux 0 ! line vty 0 4 password 7 0822455D0A16 logging synchronous login line vty 5 15 password 7 0822455D0A16 logging synchronous login ! end {https://twitter.com/IrWiN_ViTeRi} Página 21 de 23
  22. 22. {https://twitter.com/IrWiN_ViTeRi} Página 22 de 23
  23. 23. {https://twitter.com/IrWiN_ViTeRi} Página 23 de 23

×