Scribd Logo
Upload

Welcome to Scribd!

  • 9.3.1.2 CCNA Skills Integration Challenge

    Uploaded by

    CristianFelipeSolarteOrozco
    295 views7 pages
    CCNA4 Laboratorio 9.3.1.2

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    CCNA4 Laboratorio 9.3.1.2

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    295 views7 pages

    9.3.1.2 CCNA Skills Integration Challenge

    Uploaded by

    CristianFelipeSolarteOrozco
    CCNA4 Laboratorio 9.3.1.2

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    9.3.1.

    2 CCNA SKILLS INTEGRATION CHALLENGE


    TOPOLOGA

    CONFIGURACIN DE SSH EN HQ
    HQ(config)#crypto key generate rsa
    How many bits in the modulus [512]: 2048
    HQ(config)#ip domain-name CCNASkills.com
    HQ(config)#username admin password adminonly
    HQ(config)#line vty 0 4
    HQ(config-line)#transport input ssh
    HQ(config-line)#login local
    HQ(config)#ip ssh version 2
    HQ(config)#ip ssh authentication-retries 2
    HQ(config)#ip ssh time-out 60

    CONFIGURACIN DE FRAME RELAY ENTRE HQ Y B1


    HQ(config)#interface Serial0/0/0
    HQ(config-if)#encapsulation frame-relay
    HQ(config-if)#frame-relay lmi-type q933a
    HQ(config-if)#no shutdown
    HQ(config-if)#interface Serial0/0/0.41 point-to-point
    HQ(config-subif)#ip address 10.255.255.1 255.255.255.252
    HQ(config-subif)#frame-relay interface-dlci 41
    B1(config)#interface Serial0/0/0
    B1(config-if)#encapsulation frame-relay
    B1(config-if)#frame-relay lmi-type q933a

    CONFIGURACIN DE PPP EN HQ A INTERNET Y NEWB


    HQ(config)#username ISP password cisco
    HQ(config)#username NewB password cisco
    HQ(config)#interface Serial0/0/1
    HQ(config-if)#encapsulation ppp
    HQ(config-if)#ppp authentication pap
    HQ(config-if)#ppp pap sent-username HQ password cisco
    HQ(config-if)#interface Serial0/1/0
    HQ(config-if)#encapsulation ppp
    HQ(config-if)#ppp authentication chap

    CONFIGURACIN DE NAT EN HQ
    HQ(config)#ip nat pool HQ 209.165.200.241 209.165.200.245 netmask
    255.255.255.248
    HQ(config)#ip nat inside source list NAT pool HQ overload
    HQ(config)#ip nat inside source static 10.0.1.2 209.165.200.246
    HQ(config)#ip access-list standard NAT
    HQ(config-std-nacl)#permit 10.0.0.0 0.255.255.255
    HQ(config)#interface Gig0/0
    HQ(config-if)#ip nat inside
    HQ(config-if)#interface Serial0/0/0.41 point-to-point
    HQ(config-subif)#ip nat inside
    HQ(config-subif)#interface Serial0/0/1
    HQ(config-if)#ip nat inside
    HQ(config-if)#interface Serial0/1/0
    HQ(config-if)#ip nat outside

    CONFIGURACIN DEL SERVIDOR DHCP EN B1


    B1(config)#ip dhcp excluded-address 10.1.20.1 10.1.20.10
    B1(config)#ip dhcp pool VLAN20
    B1(dhcp-config)#network 10.1.20.0 255.255.255.0
    B1(dhcp-config)#default-router 10.1.20.1
    B1(dhcp-config)#dns-server 10.0.1.4
    CONFIGURACIN DE ENRUTAMIENTO ESTTICO Y PREDETERMINADO
    HQ(config)#ip route 0.0.0.0 0.0.0.0 Serial0/1/0
    HQ(config)#ip route 10.4.5.0 255.255.255.0 Serial0/0/1

    CONFIGURACIN DE ENRUTAMIENTO EIGRP (HQ, B1) Y ENRUTAMIENTO DE


    VLANS EN B1
    HQ(config)#router eigrp 100
    HQ(config-router)#passive-interface Gig0/0
    HQ(config-router)#passive-interface Serial0/0/1
    HQ(config-router)#passive-interface Serial0/1/0
    HQ(config-router)#network 10.0.0.0
    HQ(config-router)#redistribute static
    HQ(config-router)#no auto-summary

    B1(config)#interface Serial0/0/0
    B1(config-if)#ip summary-address eigrp 100 10.1.0.0 255.255.0.0 5

    B1(config)#interface Gig0/0
    B1(config-if)#no shutdown
    B1(config-if)#interface Gig0/0.10
    B1(config-subif)#description Admin VLAN 10
    B1(config-subif)#encapsulation dot1Q 10
    B1(config-subif)#ip address 10.1.10.1 255.255.255.0
    B1(config-subif)#interface Gig0/0.20
    B1(config-subif)#description Sales VLAN 20
    B1(config-subif)#encapsulation dot1Q 20
    B1(config-subif)#ip address 10.1.20.1 255.255.255.0
    B1(config-subif)#interface Gig0/0.30
    B1(config-subif)#description Production VLAN 30
    B1(config-subif)#encapsulation dot1Q 30
    B1(config-subif)#ip address 10.1.30.1 255.255.255.0
    B1(config-subif)#interface Gig0/0.99
    B1(config-subif)#description Mgmt&Native VLAN 99
    B1(config-subif)#encapsulation dot1Q 99 native
    B1(config-subif)#ip address 10.1.99.1 255.255.255.0

    B1(config)#router eigrp 100


    B1(config-router)#passive-interface Gig0/0.10
    B1(config-router)#passive-interface Gig0/0.20
    B1(config-router)#passive-interface Gig0/0.30
    B1(config-router)#passive-interface Gig0/0.99
    B1(config-router)#network 10.0.0.0
    B1(config-router)#no auto-summary

    CONFIGURACIN DE VLAN, ENLACES TRONCALES Y SEGURIDAD E


    PUERTOS EN SWITCH B1-S2
    B1-S2(config)#vlan 10
    B1-S2(config-vlan)#name Admin
    B1-S2(config-vlan)#vlan 20
    B1-S2(config-vlan)#name Sales
    B1-S2(config-vlan)#vlan 30
    B1-S2(config-vlan)#name Production
    B1-S2(config-vlan)#vlan 99
    B1-S2(config-vlan)#name Mgmt&Native
    B1-S2(config-vlan)#vlan 999
    B1-S2(config-vlan)#name BlackHole
    B1-S2(config)#interface range fastEthernet 0/1-4
    B1-S2(config-if-range)#switchport trunk native vlan 99
    B1-S2(config-if-range)#switchport mode trunk
    B1-S2(config-if-range)#interface range fa0/5, fa0/7-10, fa0/12-15, fa0/17-24, Gi0/1-
    2
    B1-S2(config-if-range)#description Unused port
    B1-S2(config-if-range)#switchport access vlan 999
    B1-S2(config-if-range)#switchport mode access
    B1-S2(config-if-range)#shutdown
    B1-S2(config-if-range)#interface FastEthernet0/6
    B1-S2(config-if)#switchport access vlan 10
    B1-S2(config-if)#switchport mode access
    B1-S2(config-if)#switchport port-security
    B1-S2(config-if)#switchport port-security mac-address sticky
    B1-S2(config-if)#interface FastEthernet0/11
    B1-S2(config-if)#switchport access vlan 20
    B1-S2(config-if)#switchport mode access
    B1-S2(config-if)#switchport port-security
    B1-S2(config-if)#switchport port-security mac-address sticky
    B1-S2(config-if)#interface FastEthernet0/16
    B1-S2(config-if)#switchport access vlan 30
    B1-S2(config-if)#switchport mode access
    B1-S2(config-if)#switchport port-security
    B1-S2(config-if)#switchport port-security mac-address sticky
    B1-S2(config-if)#interface Vlan99
    B1-S2(config-if)#ip address 10.1.99.22 255.255.255.0
    B1-S2(config-if)#ip default-gateway 10.1.99.1

    CONFIGURACIN DE POLTICA DE LISTA DE ACCESO EN HQ


    HQ(config)#ip access-list extended HQINBOUND
    HQ(config-ext-nacl)#permit tcp any host 209.165.200.246 eq www
    HQ(config-ext-nacl)#permit tcp any any established
    HQ(config-ext-nacl)#permit icmp any any echo-reply
    HQ(config-ext-nacl)#deny ip any any

    VERIFICACIN DE CONECTIVIDAD
    CONCLUSIN DEL LABORATORIO

    La configuracin del VTP en los switches B1-S3, B1-S2, B1S1 no tena definido un
    dominio por lo cual no permita la salida de los host admin, sales y produccin. Se
    le asign el dominio ccna.

    Para encontrar la solucin al problema de conectividad en los anteriores switches


    se hiso uso del mtodo de solucin de problemas ascendente, ya que se
    sospechaba que el problema incida en la configuracin de los dispositivos.

    You might also like