HCIA-R&S自用笔记(27)综合实验

于 2022-07-28 21:05:44 发布
阅读量829 收藏 13
点赞数 1
分类专栏: 数通 HCIA-RS 文章标签: 网络 网络协议
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_51770049/article/details/126041750
版权
数通 同时被 2 个专栏收录
47 篇文章 32 订阅
订阅专栏
HCIA-RS
27 篇文章 1 订阅
订阅专栏

实验拓扑及需求

配置所需的IP地址

配置Telnet,要求园区网内所有设备均支持远程管理
配置Trunk,交换机之间链路均为Trunk模式
配置Vlan,SW2与SW3上创建相关VLAN,关联4台PC到对应的VLAN接口
配置MLS,通过SW1实现VLAN间路由
配置DHCP,使SW1可以为各个VLAN内主机分配地址
配置STP,使SW1成为所有VLAN的根桥,要求手动修改优先级为4096
配置OSPF,企业网内为进程1
配置缺省路由与NAT,R1上配置静态缺省路由,SW1通过OSPF学习缺省路由
配置NAT,在R1上配置EasyIP
配置PPP,R1与R2之间封装协议为PPP,使用CHAP认证
配置OSPF,运营商网络为进程2
配置DNS,通过www.ayanami.com访问HTTP服务器,通过www.izuminoa.com访问FTP服务器
配置ACL,在R1上配置ACL,拒绝VLAN 20的流量访问HTTP服务器

配置

直接给出各个设备配置,不逐一按要求分步列出。

SW1:

 sysname SW1
#
undo info-center enable
#
vlan batch 10 12 20 30 40 50
#
stp instance 0 priority 4096
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif10
 ip address 192.168.10.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif12
 ip address 192.168.12.1 255.255.255.0
#
interface Vlanif20
 ip address 192.168.20.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif30
 ip address 192.168.30.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif40
 ip address 192.168.40.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif50
 ip address 192.168.50.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 12

#
ospf 1 router-id 1.1.1.1
 area 0.0.0.0
  network 192.168.0.0 0.0.255.255
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

SW2:

 sysname SW2
#
undo info-center enable
#
vlan batch 10 20 30 40 50
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif50
 ip address 192.168.50.2 255.255.255.0
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 10
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 20
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

SW3:

 sysname SW3
#
undo info-center enable
#
vlan batch 10 20 30 40 50
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif50
 ip address 192.168.50.3 255.255.255.0
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 30
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 40
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

R1:

 sysname R1
#
 board add 0/4 2SA 
#
acl number 2000  
 rule 1 permit 
#
acl number 3000  
 rule 1 deny tcp source 192.168.20.0 0.0.0.255 destination 4.0.0.1 0 destination
-port eq www 
#
aaa 
 local-user admin password cipher %$%$~sn^$)7\*0J*n6'!{LM0gq58%$%$
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Serial4/0/0
 link-protocol ppp
 ppp authentication-mode chap 
 ppp chap user pppadmin
 ppp chap password simple pppayanami
 ip address 12.0.0.1 255.255.255.0 
 nat outbound 2000
#
interface Serial4/0/1
 link-protocol ppp
#
interface GigabitEthernet0/0/0
 ip address 192.168.12.2 255.255.255.0 
 traffic-filter inbound acl 3000
#
ospf 1 router-id 2.2.2.2 
 default-route-advertise
 area 0.0.0.0 
  network 192.168.12.0 0.0.0.255 
#
ip route-static 0.0.0.0 0.0.0.0 Serial4/0/0
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

R2:

 sysname R2
#
 board add 0/4 2SA 
#
 undo info-center enable
#
aaa 
 local-user pppadmin password cipher %$%$+%\~//=&`X*P,<,=|fFQgx:;%$%$
 local-user pppadmin service-type ppp
#
interface Serial4/0/0
 link-protocol ppp
 ppp authentication-mode chap 
 ip address 12.0.0.2 255.255.255.0 
#
interface GigabitEthernet0/0/0
 ip address 23.0.0.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 24.0.0.2 255.255.255.0 
#
ospf 2 router-id 2.2.2.2 
 area 0.0.0.0 
  network 12.0.0.0 0.0.0.255 
  network 23.0.0.0 0.0.0.255 
  network 24.0.0.0 0.0.0.255 
#

R3:

 sysname R3
#
 undo info-center enable
#
interface GigabitEthernet0/0/0
 ip address 23.0.0.3 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 34.0.0.3 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 3.0.0.254 255.255.255.0 
#
ospf 2 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.0.0.0 0.0.0.255 
  network 23.0.0.0 0.0.0.255 
  network 34.0.0.0 0.0.0.255 
#

R4:

 sysname R4
#
 undo info-center enable
#
interface GigabitEthernet0/0/0
 ip address 24.0.0.4 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 34.0.0.4 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 4.0.0.254 255.255.255.0 
#
ospf 2 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.0.0.0 0.0.0.255 
  network 24.0.0.0 0.0.0.255 
  network 34.0.0.0 0.0.0.255
筐瓢大师小吕
关注
专栏目录
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值