Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Caso de Estudio CCNA3

    Cargado por

    Javier De La Cruz
    59 vistas13 páginas
    Este documento presenta la configuración de red de la Pontificia Universidad Católica del Perú que incluye la configuración de dos routers y dos switches. Se configura OSPF, VLANs, trunking, autenticación, puertos seguros y otras funciones para proporcionar conectividad entre las VLANs Facultad y Estudiante a través de la red.

    Descripción original:

    Derechos de autor

    © Attribution Non-Commercial (BY-NC)

    Formatos disponibles

    DOC, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    Este documento presenta la configuración de red de la Pontificia Universidad Católica del Perú que incluye la configuración de dos routers y dos switches. Se configura OSPF, VLANs, trunking, autenticación, puertos seguros y otras funciones para proporcionar conectividad entre las VLANs Facultad y Estudiante a través de la red.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOC, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    59 vistas13 páginas

    Caso de Estudio CCNA3

    Cargado por

    Javier De La Cruz
    Este documento presenta la configuración de red de la Pontificia Universidad Católica del Perú que incluye la configuración de dos routers y dos switches. Se configura OSPF, VLANs, trunking, autenticación, puertos seguros y otras funciones para proporcionar conectividad entre las VLANs Facultad y Estudiante a través de la red.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOC, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 13

    Pontificia Universidad Catlica del Per

    Facultad de Ciencias e Ingeniera Caso de Estudio CCNA 3-2008

    Elaborado por: Nel Ricardo Ramrez Bulln

    Lima, Junio de 2008

    CCNA3: Caso de Estudio

    tems resueltos: 1. Configuracin OSPF 2. Configuracin Autenticacin OSPF 3. Configuracin de ruta por defecto 4. Configuracin VLAN en Vargas 5. Configuracin bsica de switch 6. Configuracin de VLANs en los switches 7. Configuracin de VLAN Trunking 8. Configuracin de VTP 9. Configuracin de Switch Port Security 10. Verificacin de Switch Port Security 11. Verificacin de Conectividad

    Configuracin de router Merida: Configuracin de nombre y contraseas: Router>enable Router#en Router#conf t Router(config)#hostname Merida Merida(config)#enable secret class Merida(config)#line console 0 Merida(config-line)#password cisco Merida(config-line)#login Merida(config-line)#line vty 0 4 Merida(config-line)#password cisco Merida(config-line)#login Merida(config-line)#exit

    Configuracin de interfaces: Router(config)#hostname Merida Merida(config-if)#ip address 192.168.1.1 255.255.255.0 Merida(config-if)#no shut Merida(config-if)#int s0/0 Merida(config-if)#ip address 172.168.100.2 255.255.255.252 Merida(config-if)#clock rate 56000 Merida(config-if)#no shut Configuracin de router ID: Configuracin de loopback (id del router) Merida(config)#int loopback 0 Merida(config-if)#ip address 10.10.10.1 255.255.255.255 Otra opcin de configuracin: Merida(config)#router ospf 1 Merida(config-router)#ospf router-id 10.10.10.1 Configuracin de enrutamiento OSPF: Merida(config)# router ospf 1 Merida(config-router)#network 172.16.100.0 0.0.0.3 area 0 Merida(config-router)#end Costo OSPF de la interfase serial: El valor de costo debe reflejar el enlace de 64k. Costo de ancho de banda real 10(8)/64000 = 1562.5 Merida(config)#int s0/0 Merida(config-if)#ip ospf cost 1562 Verificacin de cambio de costo de 64(T1) a 1562 (64k) Merida#sh ip ospf int Otra opcin de configuracin: Merida#conf t Merida(config)#int s0/0 Merida(config-if)#bandwidth 64 Verificacin de configuracin: Merida#sh int s0/0 Serial0/0 is up, line protocol is up (connected) Hardware is HD64570 Internet address is 172.16.100.2/30 MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Merida#sh ip ospf int Serial0/0 is up, line protocol is up Internet address is 172.16.100.2/30, Area 0 Process ID 1, Router ID 10.10.10.1, Network Type POINT-TO-POINT, Cost: 1562 Configuracin de OSPF Autenticacin: Merida(config)#int s0/0

    Merida(config-if)#ip ospf message-digest-key 1 md5 ? LINE The OSPF password (key) (maximum 16 characters) Merida(config-if)#ip ospf message-digest-key 1 md5 asecret Otra opcin para la configuracin: Merida(config-if)#ip ospf message-digest-key 1 md5 7 asecret Habilitacin de autenticacin: Merida(config)#router ospf 1 Merida(config-router)#area 0 authentication message-digest Verificacin de configuracin: Merida# sh ip ospf nei Merida# sh ip route Configuracin de ruta por defecto: Merida#conf t Merida(config)#ip route 0.0.0.0 0.0.0.0 f0/0 Redistribucin de ruta por defecto: Merida#conf t Merida(config)#router ospf 1 Merida(config-router)#default-information originate Configuracin de router Vargas: Configuracin de nombre y contraseas: Router>enable Router#en Router#conf t Router(config)#hostname Vargas Vargas(config)#enable secret class Vargas(config)#line console 0 Vargas(config-line)#password cisco Vargas(config-line)#login Vargas(config-line)#line vty 0 4 Vargas(config-line)#password cisco Vargas(config-line)#login Vargas(config-line)#exit Configuracin de interfaces: Router(config)#hostname Vargas Vargas(config)#int s0/0 Vargas(config-if)#ip address 172.16.100.1 255.255.255.252 Vargas(config-if)#no shut Configuracin de router ID: Vargas(config)#int loopback 0 Vargas(config-if)#ip address 10.10.10.2 255.255.255.255 Configuracin de enrutamiento OSPF: Vargas(config)# router ospf 1

    Vargas(config-router)#network 172.16.100.0 0.0.0.3 area 0 Vargas(config-router)#network 172.16.1.0 0.0.0.255 area 0 Vargas(config-router)#network 172.16.10.0 0.0.0.255 area 0 Vargas(config-router)#network 172.16.20.0 0.0.0.255 area 0 Costo OSPF de la interfase serial: Costo OSPF de la interfase serial El valor de costo debe reflejar el enlace de 64k. Costo de ancho de banda real 10(8)/64000 = 1562.5 Vargas(config-if)#ip ospf cost 1562 Otra opcin de configuracin: Vargas(config)#int s0/0 Vargas(config-if)#bandwidth 64 Configuracin de autenticacin: Vargas#conf t Vargas(config)#int s0/0 Vargas(config-if)#ip ospf message-digest-key 1 md5 ? LINE The OSPF password (key) (maximum 16 characters) Vargas(config-if)#ip ospf message-digest-key 1 md5 asecret Otra opcin para la configuracin: Merida(config-if)#ip ospf message-digest-key 1 md5 7 asecret Habilitacin de autenticacin: Vargas#conf t Vargas(config)#router ospf 1 Vargas(config-router)#area 0 authentication message-digest Configuracin de trunking (802.1Q) entre Switch_2 y router Vargas, enrutamiento entre VLANs: Vargas#conf t Vargas(config)#int f0/0 Vargas(config-if)#no shut Vargas(config-if)#int f0/0.1 Vargas(config-subif)#encapsulation dot1Q 1 Vargas(config-subif)#ip address 172.16.1.1 255.255.255.0 Vargas(config-subif)#int f0/0.2 Vargas(config-subif)#encapsulation dot1Q 10 Vargas(config-subif)#ip address 172.16.10.1 255.255.255.0 Vargas(config-subif)#int f0/0.3 Vargas(config-subif)#encapsulation dot1Q 20 Vargas(config-subif)#ip address 172.16.20.1 255.255.255.0 Vargas(config-subif)#end Verificacin de configuracin: Vargas# sh ip route Configuracin de Switch_1: Configuracin de nombre y contraseas: Switch#con t Switch(config)# hostname Switch_1 Switch_1(config)# exit

    Switch_1#conf t Switch_1(config)#line console 0 Switch_1(config-line)#password cisco Switch_1(config-line)#login Switch_1(config-line)#line vty 0 15 Switch_1(config-line)#password cisco Switch_1(config-line)#login Switch_1(config-line)#exit Switch_1(config)# enable secret class Configuracin inicial: Switch_1#conf t Switch_1(config)#int vlan 1 Switch_1(config-if)#ip address 172.16.1.2 255.255.255.0 Switch_1(config-if)#exit Switch_1(config)#ip default-gateway 172.16.1.1 Switch_1(config)#int vlan 1 Switch_1(config-if)#no shut Configuracin de VTP - Switch server: Switch_1#vlan database Switch_1(vlan)#vtp server Switch_1(vlan)#vtp domain group1 Switch_1(vlan)#exit Creacin y otorgamiento de nombres a VLAN 10 y 20: Switch_1#vlan database Switch_1(vlan)#vlan 10 name Faculty Switch_1(vlan)#vlan 20 name Student Switch_1(vlan)#exit Asignacin de puertos a VLAN 10 y 20: Switch_1#conf t Switch_1(config)#int f0/5 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport access vlan 10 Switch_1(config-if)#int f0/6 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport access vlan 10 Switch_1(config-if)#int f0/7 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport access vlan 20 Switch_1(config-if)#int f0/8 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport access vlan 20 //Configurar en Switch_2 VTP cliente Creacin de enlace troncal: Switch_1(config)#int f0/1 Switch_1(config-if)#switchport mode trunk Switch_1(config-if)#end Verificacin de configuracin:

    Switch_1#sh int f0/1 switchport Configuracin de puertos para que acepte un solo dispositivo: Switch_1(config)#int f0/5 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport port-security mac-address sticky Switch_1(config-if)#switchport port-security violation shutdown Switch_1(config-if)#exit Switch_1(config)#int f0/6 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport port-security mac-address sticky Switch_1(config-if)#switchport port-security violation shutdown Switch_1(config-if)#exit Switch_1(config)#int f0/7 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport port-security mac-address sticky Switch_1(config-if)#switchport port-security violation shutdown Switch_1(config-if)#exit Switch_1(config)#int f0/8 Switch_1(config-if)#switchport mode access Switch_1(config-if)#switchport port-security mac-address sticky Switch_1(config-if)#switchport port-security violation shutdown Switch_1(config-if)#exit Otra opcin de configuracin: Switch_1(config-if)#port secure max-mac-count 1 Switch_1(config-if)#switchport port-security violation shutdown Verificacin de configuracin: Switch_1#sh mac-address-table Switch_1#sh run Switch_1#sh ip int brief Configuracin de Switch_2 Configuracin de nombre y contraseas: Switch#con t Switch(config)# hostname Switch_2 Switch_2(config)# exit Switch_2#conf t Switch_2(config)#line console 0 Switch_2(config-line)#password cisco Switch_2(config-line)#login Switch_2(config-line)#line vty 0 15 Switch_2(config-line)#password cisco Switch_2(config-line)#login Switch_2(config-line)#exit Switch_2(config)# enable secret class Configuracin inicial: Switch_2(config)#int vlan1 Switch_2(config-if)#ip address 172.16.1.3 255.255.255.0 Switch_2(config-if)#no shut

    Switch_2(config-if)#exit Switch_2(config)#ip default-gateway 172.16.1.1 Configuracin de VTP - Switch cliente: Switch_2#vlan database Switch_2(vlan)#vtp client Switch_2(vlan)#vtp domain group1 Switch_2(vlan)#exit Creacin de enlace troncal: Switch_2#conf t Switch_2(config)#int f0/1 Switch_2(config-if)#switchport mode trunk Switch_2(config-if)#end Verificacin de configuration: Switch_1#sh int f0/1 switchport Asignacin de puertos a VLANs aprendidas: Switch_2#conf t Switch_2(config)#int f0/5 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport access vlan 10 Switch_2(config-if)#int f0/6 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport access vlan 10 Switch_2(config-if)#int f0/7 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport access vlan 20 Switch_2(config-if)#int f0/8 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport access vlan 20 Configuracin de puertos para que acepte un solo dispositivo: Switch_2(config)#int f0/5 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport port-security mac-address sticky Switch_2(config-if)#switchport port-security violation shutdown Switch_2(config-if)#exit Switch_2(config)#int f0/6 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport port-security mac-address sticky Switch_2(config-if)#switchport port-security violation shutdown Switch_2(config-if)#exit Switch_2(config)#int f0/7 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport port-security mac-address sticky Switch_2(config-if)#switchport port-security violation shutdown Switch_2(config-if)#exit Switch_2(config)#int f0/8 Switch_2(config-if)#switchport mode access Switch_2(config-if)#switchport port-security mac-address sticky Switch_2(config-if)#switchport port-security violation shutdown Switch_2(config-if)#exit

    Configuracin de trunking (802.1Q) entre Switch_2 y router Vargas, enrutamiento entre VLANs: Switch_2#conf t Switch_2(config)#int f0/2 Switch_2(config-if)#switchport mode trunk // Por defecto encapsulacion 802.1Q (Serie 2950) Verificacin de configuracin: Switch_2(config-if)#end Switch_2#sh int f0/2 switchport //Configurar subinterfaces en router Vargas

    Simulacin en Packet Tracert 4.1:

    Archivos de configuraciones:
    Router Merida: Merida#sh run Building configuration... Current configuration : 740 bytes ! version 12.2 no service password-encryption ! hostname Merida ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! interface FastEthernet0/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface Serial0/0 bandwidth 64 ip address 172.16.100.2 255.255.255.252 ip ospf message-digest-key 1 md5 asecret clock rate 56000 !

    interface Serial0/1 no ip address shutdown ! interface Loopback0 ip address 10.10.10.1 255.255.255.255 ! router ospf 1 log-adjacency-changes area 0 authentication message-digest network 172.16.100.0 0.0.0.3 area 0 default-information originate ! ip classless ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 ! line con 0 password cisco login line vty 0 4 password cisco login ! end Router Vargas: Vargas#sh run Building configuration... Current configuration : 1024 bytes ! version 12.2 no service password-encryption ! hostname Vargas ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! interface FastEthernet0/0 no ip address duplex auto speed auto ! interface FastEthernet0/0.1 encapsulation dot1Q 1 native ip address 172.16.1.1 255.255.255.0 ! interface FastEthernet0/0.2 encapsulation dot1Q 10 ip address 172.16.10.1 255.255.255.0 ! interface FastEthernet0/0.3 encapsulation dot1Q 20 ip address 172.16.20.1 255.255.255.0 ! interface Serial0/0 bandwidth 64 ip address 172.16.100.1 255.255.255.252 ip ospf message-digest-key 1 md5 asecret ! interface Serial0/1 no ip address shutdown ! interface Loopback0

    ip address 10.10.10.2 255.255.255.255 ! router ospf 1 log-adjacency-changes area 0 authentication message-digest network 172.16.100.0 0.0.0.3 area 0 network 172.16.1.0 0.0.0.255 area 0 network 172.16.10.0 0.0.0.255 area 0 network 172.16.20.0 0.0.0.255 area 0 ! ip classless ! line con 0 password cisco login line vty 0 4 password cisco login ! end Switch_1 Switch_1#sh run Building configuration... Current configuration : 1484 bytes ! version 12.1 no service password-encryption ! hostname Switch_1 ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 interface FastEthernet0/3 interface FastEthernet0/4 ! interface FastEthernet0/5 switchport access vlan 10 switchport mode access switchport port-security mac-address sticky switchport port-security mac-address sticky 0001.96CC.1407 ! interface FastEthernet0/6 switchport access vlan 10 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/7 switchport access vlan 20 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/8 switchport access vlan 20 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/9 interface FastEthernet0/10 interface FastEthernet0/11 interface FastEthernet0/12

    interface FastEthernet0/13 interface FastEthernet0/14 interface FastEthernet0/15 interface FastEthernet0/16 interface FastEthernet0/17 interface FastEthernet0/18 interface FastEthernet0/19 interface FastEthernet0/20 interface FastEthernet0/21 interface FastEthernet0/22 interface FastEthernet0/23 interface FastEthernet0/24 interface Vlan1 ip address 172.16.1.2 255.255.255.0 ! ip default-gateway 172.16.1.1 ! line con 0 password cisco login ! line vty 0 4 password cisco login line vty 5 15 password cisco login ! end

    Switch_2 Switch_2#sh run Building configuration... Current configuration : 1447 bytes ! version 12.1 no service password-encryption ! hostname Switch_2 ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 interface FastEthernet0/4 ! interface FastEthernet0/5 switchport access vlan 10 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/6 switchport access vlan 10 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/7 switchport access vlan 20 switchport mode access

    switchport port-security mac-address sticky ! interface FastEthernet0/8 switchport access vlan 20 switchport mode access switchport port-security mac-address sticky ! interface FastEthernet0/9 interface FastEthernet0/10 interface FastEthernet0/11 interface FastEthernet0/12 interface FastEthernet0/13 interface FastEthernet0/14 interface FastEthernet0/15 interface FastEthernet0/16 interface FastEthernet0/17 interface FastEthernet0/18 interface FastEthernet0/19 interface FastEthernet0/20 interface FastEthernet0/21 interface FastEthernet0/22 interface FastEthernet0/23 interface FastEthernet0/24 ! interface Vlan1 ip address 172.16.1.3 255.255.255.0 ! ip default-gateway 172.16.1.1 ! line con 0 password cisco login ! line vty 0 4 password cisco login line vty 5 15 password cisco login ! end

    También podría gustarte