Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Ingeniería De Sistemas
Seguridad en Redes
Ricardo Alfredo Lopez Bulla
17 de marzo de 2024
Tabla de Contenido
Inducción
Objetivo General
Objetivos Específicos
Tabla de Direccionamiento
Topografía
Credenciales Asignadas en los Router´s
R1-RED-LAN
R2-SERVER
Análisis de seguridad de red
Conclusión
Bibliografía
Objetivo General
Diseñar e implementar l a conf iguración básica del router añadiendo autenticación del
protocolo de enrutamiento OSPF y creando ACL estándar y ACL extendida.
Objetivos Específicos
Topografía
Credenciales Asignadas en los Router´s
R1-RED-LAN
R2-SERV ER
R1-RED-LAN
R1-RED-LAN(config)#do sh access
Standard IP access list 1
10 deny 192.168.20.0 0.0.0.255
20 permit 192.168.40.0 0.0.0.255
Extended IP access list 101
10 deny icmp 192.168.10.0 0.0.0.255 192.168.40.0 0.0.0.255
20 permit tcp 192.168.10.0 0.0.0.255 192.168.40.0 0.0.0.255 eq www
30 deny icmp 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
40 permit tcp 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255 eq www
R1-RED-LAN(config)#int g0/0
R1-RED-LAN(config-if)#ip access-group 101 in
R1-RED-LAN(config-if)#exit
R1-RED-LAN(config)#do show running-config
Building configuration...
Current configuration : 2000 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname R1-RED-LAN
!
!
!
enable secret 5 $1$mERr$lb/BsHN1GkW1HpLrHWkFB1
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
username Usuario1 secret 5 $1$mERr$M5bOG0986tDGNNWCA5Vjr0
username Usuario2 secret 5 $1$mERr$yJ7gahfswwEb8u3DEMGZm0
!
!
license udi pid CISCO291 1/K9 sn FTX1524BCVS -
!
!
!
!
!
!
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 90
ip domain-name www .cibersax.com
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.10.1 255.255.255.0
ip access-group 101 in
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 192.168.20.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
no ip address
clock rate 2000000
shutdown
!
interface Serial0/0/1
ip address 20.20.20.1 255.255.255.252
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 Cibersax*
ip access-group 1 in
clock rate 128000
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 20.20.20.0 0.0.0.3 area 0
network 192.168.10.0 0.0.0.255 area 0
network 192.168.20.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
access-list 1 remark bloquea trafico 192.168.20.0
access-list 1 deny 192.168.20.0 0.0.0.255
access-list 1 permit 192.168.40.0 0.0.0.255
access-list 101 deny icmp 192.168.10.0 0.0.0.255 192.168.40.0 0.0.0.255
access-list 101 permit tcp 192.168.10.0 0.0.0.255 192.168.40.0 0.0.0.255 eq www
access-list 101 deny icmp 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
access-list 101 permit tcp 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255 eq www
!
banner motd ^C
Propiedad de CiberSax, Prohibido el ingreso
^C
!
!
!
!
line con 0
exec-timeout 2 0
login local
!
line aux 0
!
line vty 0 4
login local
transport input ssh
!
!
!
end
R2-SERVER