Scribd
Upload
240 views

Clase 13072019 Ccna2

This document describes the configuration of VLANs, access ports, trunk ports, and routing on switches and routers to segment network traffic and allow communication between the VLANs. VLANs 10, 20, and 30 are created for data, voice, and admin traffic respectively. Ports on switches SW-L2 and SW-L3 are assigned to the appropriate VLANs. Routing is configured using both router-on-a-stick on router R-Lima and layer 3 switching capabilities on SW-L3 to route between the VLANs. NAT is configured on R-Lima to allow internal hosts access to the internet. DHCP is also configured to automate IP address assignment.

Uploaded by

Carlos Luis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
240 views

Clase 13072019 Ccna2

This document describes the configuration of VLANs, access ports, trunk ports, and routing on switches and routers to segment network traffic and allow communication between the VLANs. VLANs 10, 20, and 30 are created for data, voice, and admin traffic respectively. Ports on switches SW-L2 and SW-L3 are assigned to the appropriate VLANs. Routing is configured using both router-on-a-stick on router R-Lima and layer 3 switching capabilities on SW-L3 to route between the VLANs. NAT is configured on R-Lima to allow internal hosts access to the internet. DHCP is also configured to automate IP address assignment.

Uploaded by

Carlos Luis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 5

!

SW-L2
hostname SW-L2
!
!Seguridad de Acceso fortificado
!
vlan 10
name DATOS
vlan 20
name Voz
vlan 30
name ADMIN
!
interface f0/1
switchport mode trunk
!
interface range f0/5,f0/7,f0/9,f0/11
switchport mode access
switchport access vlan 10
!
interface range f0/6,f0/8,f0/10,f0/12
switchport mode access
switchport access vlan 20
!
interface range f0/13 - 18
switchport mode access
switchport access vlan 30
!
-----
configuramos switch capa 3 administrable
!SW-L3
!
hostname SW-L3
!
Vlan 10
name DATOS
vlan 20
name Voz
vlan 30
name ADMIN
!
interface range f0/1 - 2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface range f0/5 - 10
switchport mode access
switchport access vlan 10
!
interface range f0/11 - 15
switchport mode access
switchport access vlan 20
!
interface range f0/16 - 20
switchport mode access
switchport access vlan 30
!

---
fortificacion de acceso
--
!
service password-encryption
!
banner motd #ACCESO RESTRINGIDO#
!
enable secret class
!
line console 0
password cisco
login
!
ip domain-name uni.edu.pe
!
username admin secret passadmin
!
crypto key generate rsa modulus 1024
!
line vty 0 4
login local
transport input ssh
!
----------------------
CONFIGURANDO ROUTING ON A STICK PARA EL ENRUTAMIENTO ENTRE VLAN'S

!R-Lima
hostname R-Lima
!
interface f0/0
no shutdown
!
interface f0/0.10 //define la subinterfaz f0/0.xx//
encapsulation dot1q 10 //identificador de vlan//
ip address 172.20.10.1 255.255.255.0
!
interface f0/0.20
encapsulation dot1q 20
ip address 172.20.20.1 255.255.255.0
!
interface f0/0.30
encapsulation dot1q 30
ip address 172.20.30.1 255.255.255.0
!

---
para salir a internet configurando NAT.
--
!ruta por defecto
ip route 0.0.0.0 0.0.0.0 172.17.3.254

!
ip nat inside source list 20 interface f0/1 overload
access-list 20 permit 172.20.10.0 0.0.0.255
access-list 20 permit 172.20.20.0 0.0.0.255
access-list 20 permit 172.20.30.0 0.0.0.255
!
interface f0/1
ip nat outside
!
interface f0/0.10
ip nat inside
!
interface f0/0.20
ip nat inside
!
interface f0/0.30
ip nat inside
!
!aplicando dhcp
!
ip dhcp excluded-address 172.20.10.1
ip dhcp excluded-address 172.20.20.1
ip dhcp excluded-address 172.20.30.1
!
ip dhcp pool LAN1
network 172.20.10.0 255.255.255.0
default-router 172.20.10.1
dns-server 8.8.8.8
ip dhcp pool LAN2
network 172.20.20.0 255.255.255.0
default-router 172.20.20.1
dns-server 8.8.8.8
ip dhcp pool LAN3
network 172.20.30.0 255.255.255.0
default-router 172.20.30.1
dns-server 8.8.8.8
!
interface f0/1
ip address 172.17.2.35 255.255.252.0
no shutdown
!
--
- En R-Lima: borrar los subinterfaces
no interface f0/0.10
no interface f0/0.20
no interface f0/0.30
- en SW-L3 deshacer la troncal de f0/1
interface f0/1
no switchport mode trunk
---
CONFIGURANDO EL ENRUTAMIENTO ENTRE VLAN'S EN EL SWITCH CAPA 3
---
SW-L3
------
!
interface vlan 10
ip add 172.20.10.1 255.255.255.0
no shutdown
!
interface vlan 20
ip add 172.20.20.1 255.255.255.0
no shutdown
!
interface vlan 30
ip add 172.20.30.1 255.255.255.0
no shutdown
!
ip routing //activa enrutamiento ipv4 en switch capa 3.
------
configurando el puerto f0/1 dek switch capa 3(SW-L3)
------
!
interface f0/1
no switchport
!
---
CONFIGURANDO IP AL PUERTO RUTEADO
---
Para poder usar la capa 3 hay que quitar el switchport osea ya no esta commutada
con el switch capa 2
!
interface f0/1
ip add 10.10.10.2 255.255.255.252
no shutdown
!
----
EN EL ROUTER R-LIMA configurar la ip de la interface f0/0
----
!
interface f0/0
ip address 10.10.10.1 255.255.255.252
no shutdown
!
--------
Configurando enrutamiento
--------
En R-Lima
!
router rip
version 2
network 10.0.0.0
default-information originate
!
---
En el switch SW-L3
---
!
router rip
version 2
network 172.20.0.0
network 10.0.0.0
!
--
COMPLETANDO LA CONFIGURACION NAT en el router.
--
!
interface f0/0
ip nat inside
!

R-Lima#sh ip nat translation


Pro Inside global Inside local Outside local Outside global
tcp 172.17.2.35:49478 172.20.10.2:49478 173.194.212.188:443 173.194.212.188:443
tcp 172.17.2.35:49516 172.20.10.2:49516 104.20.243.79:443 104.20.243.79:443
tcp 172.17.2.35:49532 172.20.10.2:49532 172.217.8.106:443 172.217.8.106:443
tcp 172.17.2.35:49577 172.20.10.2:49577 172.17.3.205:2222 172.17.3.205:2222
udp 172.17.2.35:50234 172.20.10.2:50234 192.168.30.12:5060 192.168.30.12:5060
udp 172.17.2.35:63229 172.20.10.2:63229 8.8.8.8:53 8.8.8.8:53
udp 172.17.2.35:63230 172.20.10.2:63230 172.217.3.78:443 172.217.3.78:443
udp 172.17.2.35:65206 172.20.10.2:65206 8.8.8.8:53 8.8.8.8:53
tcp 172.17.2.35:49454 172.20.30.2:49454 104.244.42.129:443 104.244.42.129:443
R-Lima#

You might also like