**Asigne el nombre de host del switch

hostname S1

**Configurar la encriptaci�n de contrase�as / Cifre las contrase�as de texto no

cifrado***
service password-encryption

**Asigne class como contrase�a secreta para el acceso al modo EXEC privilegiado
enable secret class

enable secret academy123

**Evite las b�squedas de DNS no deseadas.

no ip domain-lookup

**Configure un mensaje MOTD.

banner motd # "Unauthoried Acess is strictly prohibited" #

**** todas las contrase�as tengan como m�nimo 10 caracteres***

security passwords min-length 10

line con 0
password cisco
login
exit

logging synchronous

***establezca un tiempo de espera***

exec-timeout 5 0

**Configure las l�neas de terminal virtual (vty) para que el switch permita el
acceso por Telnet
line vty 0 15
password cisco
login
logging synchronous
exit

**GUARDAR

copy running-config startup-config

****Configure el reloj en el router ***

clock set 18:00:00 04 Jun 2017

**direcci�n IP de la SVI del switch

configure terminal
vlan 99
name
exit
interface vlan 99
ip address 192.168.1.2 255.255.255.0
no shutdown
exit

ip default-gateway 192.168.1.1

interface f0/1
switchport access vlan 99
exit

ip default-gateway 192.168.99.254

*** CONFIGURAR SSH

ip domain-name CCNA2-EXAM.com
username admin privilege 15 secret sshadmin
line vty 0 15
transport input ssh
login local
exit
crypto key generate rsa modulus 1024
ip ssh time-out 75
ip ssh authentication-retries 2
end
show ip ssh

*Modifique la configuraci�n predeterminada de SSH.

config t
ip ssh time-out 75
ip ssh authentication-retries 2

*Verificar
ssh -l admin 172.16.99.11

***Desactive todos los puertos sin utilizar en el switch.

interface range f0/0-24

shutdown
show ip interface brief

interface range f0/3-21 , f0/23-24 , g0/1-2

***PORT- SECURITY
do show interface g0/1
interface f0/5
shutdown
switchport port-security
switchport port-security mac-address xxxx.xxxx.xxxx
no shutdown
show port-security interface f0/5

**CONFIGURAR UNA NUEVA MAC ADDRESS *******

interface g0/1
shutdown
mac-address aaaa.bbbb.cccc
no shutdown
***VLAN **********

Vlan 99
name Management
exit
show vlan

** QUITAR IP A UNA VLAN *****

interface vlan 1
no ip address
exit
show ip interface brief

*** ASIGNAR MODO ACCES A UNA VLAN (para ssh debe estar configurado en los dos
puertos)

interface f0/5
switchport mode access
switchport access vlan 99
no shutdown
exit

***MODO VLAN TRUNK DINAMICO***

interface f0/1
switchport mode dynamic desirable

show interfaces trunk

***ELIMINA VLAN.DAT DE LA FLASH / BORRAR INFORMACION****

delete vlan.dat
erase startup-config
reload

**** DHCP *******

ip dhcp excluded-address 192.168.1.1 192.168.1.9
ip dhcp pool R1G0
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 209.165.200.225
domain-name ccna-lab.com
lease 2 **Arrendamiento de 2 dias

int g0/1
ip helper-address 192.168.2.254 ---- la ip del siguiente salto del servidor

int g0/0
ip helper-address 192.168.2.254