CCNA綜合實驗題

原創 weipure88 2019-02-22 18:13

wKiom1WKr_6AAPapAAGP85Yftw0383.jpg

R1配置:


username weishuai password 0 weishuai123

!
crypto isakmp policy 10
 encr aes
 hash md5
 authentication pre-share
 group 2
crypto isakmp key qytang address 192.168.1.2    
!
!
crypto ipsec transform-set QYT esp-aes
!

crypto map CCNA 10 ipsec-isakmp
 set peer 192.168.1.2
 set transform-set QYT
 match address ***      
!
interface Ethernet0/0
 no ip address
!
interface Ethernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.10.254 255.255.255.0
 ip helper-address 192.168.200.1
 ip nat inside
 ip virtual-reassembly in
!
interface Ethernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.20.254 255.255.255.0
 ip helper-address 192.168.200.1
 ip nat inside
 ip virtual-reassembly in
!
interface Ethernet0/0.200
 encapsulation dot1Q 200
 ip address 192.168.200.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Serial1/0
 ip address 192.168.1.1 255.255.255.252
 ip nat inside
 ip virtual-reassembly in
 encapsulation ppp
 ppp authentication pap
 serial restart-delay 0
 crypto map CCNA
!
interface Serial1/1
 ip address 123.10.1.2 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 ppp chap hostname weichun
 ppp chap password 0 weichun123
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip nat inside source list 10 interface Serial1/1 overload
ip nat inside source static tcp 192.168.200.1 80 123.10.1.2 8008 extendable
ip route 0.0.0.0 0.0.0.0 123.10.1.1
ip route 192.168.30.0 255.255.255.0 192.168.1.2
!
ip access-list extended ***
 permit ip 192.168.10.0 0.0.0.255 192.168.30.0 0.0.0.255
 permit ip 192.168.20.0 0.0.0.255 192.168.30.0 0.0.0.255
!
access-list 10 permit 192.168.10.0 0.0.0.255
access-list 10 permit 192.168.30.0 0.0.0.255
access-list 10 permit 192.168.20.0 0.0.0.255
access-list 10 permit 192.168.200.0 0.0.0.255
!



R2配置:

crypto isakmp policy 10
 encr aes
 hash md5
 authentication pre-share
 group 2
crypto isakmp key qytang address 192.168.1.1    
!
crypto ipsec transform-set QYT esp-aes
!
crypto map CCNA 10 ipsec-isakmp
 set peer 192.168.1.1
 set transform-set QYT
 match address ***
!
interface Ethernet0/0
 ip address 192.168.30.254 255.255.255.0
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Serial1/0
 ip address 192.168.1.2 255.255.255.252
 encapsulation ppp
 ppp pap sent-username weishuai password 0 weishuai123
 serial restart-delay 0
 crypto map CCNA
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
ip access-list extended ***
 permit ip 192.168.30.0 0.0.0.255 192.168.10.0 0.0.0.255
 permit ip 192.168.30.0 0.0.0.255 192.168.20.0 0.0.0.255


ISP配置:


interface Loopback1
 ip address 200.200.200.1 255.255.255.255

!
interface Serial1/1
 ip address 123.10.1.1 255.255.255.252
 encapsulation ppp
 ppp authentication chap



SW1配置:

interface Port-channel1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
!
interface Ethernet0/0
 switchport trunk encapsulation dot1q
 switchport mode trunk
 duplex auto
!         
interface Ethernet0/1
 switchport access vlan 10
 switchport mode access
 duplex auto
!
interface Ethernet0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
 duplex auto
 channel-group 1 mode on
!
interface Ethernet0/3
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
 duplex auto
 channel-group 1 mode on


SW2配置:

interface Port-channel1
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
!
interface Ethernet0/0
 switchport access vlan 200
 switchport mode access
 duplex auto
!         
interface Ethernet0/1
 switchport access vlan 20
 switchport mode access
 duplex auto
!
interface Ethernet0/2
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
 duplex auto
 channel-group 1 mode on
!
interface Ethernet0/3
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 10,20,200
 switchport mode trunk
 duplex auto
 channel-group 1 mode on






發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

CCNA綜合實驗題

weipure88 2018-09-11 07:48:02

CCNA綜合實驗(一):實驗實現(Ⅰ)

471630654 2018-09-11 04:51:34

Packet Tracer 建構CCNA實驗攻略(轉載閒雲野鶴百度空間)

l1ngyun 2019-07-19 13:40:20

CCNA培訓課總結筆記--配置EIGRP實驗(十)

85671778 2019-07-17 14:22:37

CCNA培訓課總結筆記--擴展訪問控制列表實驗(九)

85671778 2019-07-17 14:22:25

CCNA培訓課總結筆記--RIPv2的彙總實驗(七)

85671778 2019-07-17 14:22:25

CCNA培訓課總結筆記--標準訪問控制列表實驗(八)

85671778 2019-07-17 14:22:25

CCNA培訓課總結筆記--配置OSPF實驗(十一)

85671778 2019-07-17 14:22:25

Cisco PIX中的網絡訪問認證相關配置實例

swver 2019-07-17 12:50:35

cisco3750-12G匯聚配置

swver 2019-07-17 12:50:34

用Cisco IOS阻止訪問特定網站具體步驟

swver 2019-07-17 12:50:34

配置風暴控制(storm control)

swver 2019-07-16 12:49:40

在Cisco交換機上實現隔離訪問

swver 2019-07-16 12:49:40

路由器的廣域網協議配置

swver 2019-07-16 12:49:40

如何使用HSRP確保路由器冗餘

swver 2019-07-16 12:49:40