I
CONFIGURACION DE:
SWITCH 1 L3
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/2-5
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE RANGE
FASTETHERNET 0/23-24
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.1 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 6
NAME GERENCIA
EXIT
INTERFACE VLAN 6
IP ADDRESS 192.168.6.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 100
NAME SERVIDORES
EXIT
INTERFACE VLAN 100
IP ADDRESS 10.1.100.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.2.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.3.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.4.0 255.255.255.0 172.16.20.5
IP ROUTE 192.168.5.0 255.255.255.0 172.16.20.5
IP ROUTE 0.0.0.0 0.0.0.0 INTERNET
EXIT
SWITCH 2 L3
INTERFACE VLAN 1
IP ADDRESS 172.16.20.1 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 6
NAME GERENCIA
EXIT
INTERFACE VLAN 6
IP ADDRESS 192.168.6.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 100
NAME SERVIDORES
EXIT
INTERFACE VLAN 100
IP ADDRESS 10.1.100.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.2.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.3.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.4.0 255.255.255.0 172.16.20.5
IP ROUTE 192.168.5.0 255.255.255.0 172.16.20.5
IP ROUTE 0.0.0.0 0.0.0.0 INTERNET
EXIT
SWITCH 2 L3
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/1-3
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.2 255.255.255.0
NO SHUTDOWN
EXIT
SWITCH 3 L3
INTERFACE VLAN 1
IP ADDRESS 172.16.20.2 255.255.255.0
NO SHUTDOWN
EXIT
SWITCH 3 L3
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/1-3
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.3 255.255.255.0
NO SHUTDOWN
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.3 255.255.255.0
NO SHUTDOWN
EXIT
SWITCH 4 L3
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/1-3
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.4 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE VLAN 2
IP ADDRESS 192.168.2.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE VLAN 3
IP ADDRESS 192.168.3.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.4.0 255.255.255.0 172.16.20.5
IP ROUTE 192.168.5.0 255.255.255.0 172.16.20.5
IP ROUTE 0.0.0.0 0.0.0.0 172.16.20.1
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.4 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE VLAN 2
IP ADDRESS 192.168.2.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE VLAN 3
IP ADDRESS 192.168.3.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.4.0 255.255.255.0 172.16.20.5
IP ROUTE 192.168.5.0 255.255.255.0 172.16.20.5
IP ROUTE 0.0.0.0 0.0.0.0 172.16.20.1
EXIT
SWITCH 5 L3
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/1-3
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE
FASTETHERNET 0/1-3
SWITCHPORT
TRUNK ENCAPSULATION DOT1Q
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.5 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE VLAN 4
IP ADDRESS 192.168.4.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 5
NAME SUMINISTROS
EXIT
INTERFACE VLAN 5
IP ADDRESS 192.168.5.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.2.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.3.0 255.255.255.0 172.16.20.4
IP ROUTE 0.0.0.0 0.0.0.0 172.16.20.1
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.5 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE VLAN 4
IP ADDRESS 192.168.4.254 255.255.255.0
NO SHUTDOWN
EXIT
VLAN 5
NAME SUMINISTROS
EXIT
INTERFACE VLAN 5
IP ADDRESS 192.168.5.254 255.255.255.0
NO SHUTDOWN
EXIT
IP ROUTE 192.168.2.0 255.255.255.0 172.16.20.4
IP ROUTE 192.168.3.0 255.255.255.0 172.16.20.4
IP ROUTE 0.0.0.0 0.0.0.0 172.16.20.1
EXIT
SWITCH 0 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.6 255.255.255.0
NO SHUTDOW
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 2
INTERFACE VLAN 1
IP ADDRESS 172.16.20.6 255.255.255.0
NO SHUTDOW
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 2
SWITCH 1 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.7 255.255.255.0
NO SHUTDOW
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 3
INTERFACE VLAN 1
IP ADDRESS 172.16.20.7 255.255.255.0
NO SHUTDOW
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 3
SWITCH 2 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.8 255.255.255.0
NO SHUTDOW
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 4
INTERFACE VLAN 1
IP ADDRESS 172.16.20.8 255.255.255.0
NO SHUTDOW
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 4
SWITCH 3 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.9 255.255.255.0
NO SHUTDOW
EXIT
VLAN 6
NAME GERENCIA
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 6
INTERFACE VLAN 1
IP ADDRESS 172.16.20.9 255.255.255.0
NO SHUTDOW
EXIT
VLAN 6
NAME GERENCIA
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 6
SWITCH 4 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.10 255.255.255.0
NO SHUTDOW
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 2
INTERFACE VLAN 1
IP ADDRESS 172.16.20.10 255.255.255.0
NO SHUTDOW
EXIT
VLAN 2
NAME ADM
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 2
SWITCH 5 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.11 255.255.255.0
NO SHUTDOW
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 3
SWITCH 6 L2
INTERFACE VLAN 1
IP ADDRESS 172.16.20.11 255.255.255.0
NO SHUTDOW
EXIT
VLAN 3
NAME FINANZAS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 3
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.12 255.255.255.0
NO SHUTDOW
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 4
INTERFACE VLAN 1
IP ADDRESS 172.16.20.12 255.255.255.0
NO SHUTDOW
EXIT
VLAN 4
NAME RRHH
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 4
SWITCH 7 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE FASTETHERNET
0/1
SWITCHPORT
MODE TRUNK
EXIT
INTERFACE VLAN 1
IP ADDRESS 172.16.20.13 255.255.255.0
NO SHUTDOW
EXIT
VLAN 5
NAME SUMINISTROS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 5
INTERFACE VLAN 1
IP ADDRESS 172.16.20.14 255.255.255.0
NO SHUTDOW
EXIT
VLAN 100
NAME SERVIDORES
EXIT
INTERFACE FASTETHERNET 0/3-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 100
ENABLE
CONFIGURE TERMINAL
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.2
ENCAPSULATION DOT1Q 2
IPV6 ADDRESS 2800:10:12:2::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.3
ENCAPSULATION DOT1Q 3
IPV6 ADDRESS 2800:10:12:3::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.4
ENCAPSULATION DOT1Q 4
IPV6 ADDRESS 2800:10:12:4::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.5
ENCAPSULATION DOT1Q 5
IPV6 ADDRESS 2800:10:12:5::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.6
ENCAPSULATION DOT1Q 6
IPV6 ADDRESS 2800:10:12:6::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.100
ENCAPSULATION DOT1Q 100
IPV6 ADDRESS 2800:10:12:100::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1
NO SHUTDOWN
EXIT
Y EN EL L3 CORE DEPENDIENDO EL PUERTO LO PASAN A ENLACE TRUNK EL QUE VA AL ROUTER. TAMBIEN ASIGANARLES LAS DIRECCIONES IPV6 EMPEZANDO DE LA 2 EN ADELANTE A TODAS LAS PC:
PARA PONERLE IPV6 SIN QUITARLE IPV4 A LAS MAQUINAS SE VAN A LA PC EN CONFIG EN GLOBAL LE PIDEN EL GW IPV6 Y DONDE DICE INTERFACE EN FASTETHERNET LE DAN EN STATIC Y LE PONEN LA DIRECCION IPV6 Y SU MASCARA /64 CORRESPONDIENTE A CADA VLAN
EJEMPLO DE MAQUINAS DE LA VLAN 2
2800:10:12:2::2 /64
2800:10:12:2::3 /64
2800:10:12:2::4 /64
2800:10:12:2::5 /64
CONFIGURACION NAT PARA NAT 01 Y 02
INTERFACE VLAN 1
IP ADDRESS 172.16.20.13 255.255.255.0
NO SHUTDOW
EXIT
VLAN 5
NAME SUMINISTROS
EXIT
INTERFACE FASTETHERNET 0/2-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 5
SWITCH 7 L2
ENABLE
CONFIGURE
TERMINAL
INTERFACE RANGE FASTETHERNET
0/1-2
SWITCHPORT
MODE TRUNK
EXITINTERFACE VLAN 1
IP ADDRESS 172.16.20.14 255.255.255.0
NO SHUTDOW
EXIT
VLAN 100
NAME SERVIDORES
EXIT
INTERFACE FASTETHERNET 0/3-24
SWITCHPORT MODE ACCESS
SWITCHPORT ACCESS VLAN 100
ROUTER
ENABLE
CONFIGURE TERMINAL
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.2
ENCAPSULATION DOT1Q 2
IPV6 ADDRESS 2800:10:12:2::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.3
ENCAPSULATION DOT1Q 3
IPV6 ADDRESS 2800:10:12:3::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.4
ENCAPSULATION DOT1Q 4
IPV6 ADDRESS 2800:10:12:4::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.5
ENCAPSULATION DOT1Q 5
IPV6 ADDRESS 2800:10:12:5::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.6
ENCAPSULATION DOT1Q 6
IPV6 ADDRESS 2800:10:12:6::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1.100
ENCAPSULATION DOT1Q 100
IPV6 ADDRESS 2800:10:12:100::1/64
EXIT
INTERFACE FASTETHERNET (DEPENDIENDO EL PUERTO DONDE LO CONECTEN) 0/1
NO SHUTDOWN
EXIT
Y EN EL L3 CORE DEPENDIENDO EL PUERTO LO PASAN A ENLACE TRUNK EL QUE VA AL ROUTER. TAMBIEN ASIGANARLES LAS DIRECCIONES IPV6 EMPEZANDO DE LA 2 EN ADELANTE A TODAS LAS PC:
PARA PONERLE IPV6 SIN QUITARLE IPV4 A LAS MAQUINAS SE VAN A LA PC EN CONFIG EN GLOBAL LE PIDEN EL GW IPV6 Y DONDE DICE INTERFACE EN FASTETHERNET LE DAN EN STATIC Y LE PONEN LA DIRECCION IPV6 Y SU MASCARA /64 CORRESPONDIENTE A CADA VLAN
EJEMPLO DE MAQUINAS DE LA VLAN 2
2800:10:12:2::2 /64
2800:10:12:2::3 /64
2800:10:12:2::4 /64
2800:10:12:2::5 /64
Solo esos dos numeros van a cambiar el primero corresponde al numero de la vlan y el segundo el id de cada maquina
ROUTER NAT 01
ENABLE
CONFIGURE TERMINAL
INTERFACE TUNNEL 200
IP ADDRESS 1.1.1.1 255.255.255..0
TUNNEL SOURCE F0/0 (O LA IP DE ESA INTERFAZ)
TUNNEL DESTINATION 72.30.38.140
EXIT
ROUTER NAT 02
ENABLE
CONFIGURE TERMINAL
INTERFACE TUNNEL 200
IP ADDRESS 1.1.1.2 255.255.255.0
TUNNEL SOURCE F0/0 (O IP DE ESA INTERFAZ)
TUNNEL DESTINATION 74.125.229.40
EXIT
ENRUTAMIENTO ENTRE ROUTER
YO LO HICE CON OSPF QUE ES UN PROTOCOLO ESTADO ENLACE ESTE ENVIA ACTUALIZACION EN SU TABLA CADA VEZ Q HAY UN CAMBIO EN LA INTERFAZ LO CUAL OPTIMIZA EL ANCHO DE BANDA EN CAMBIO LOS PROTOCOLOS VECTOR DISTANCIA EJEMPLO RIP V1 V2 ENVIAN ACTUALIZACIONES CADA CIERTO TIEMPO Y LIMITA Y CONSUME SIN NECESIDAD EL ANCHO DE BANDA
EJEMPLO OSPF EN NAT 01
ENABLE
CONFIGURE TERMINAL
ROUTER OSPF 1 (DETERMINA EL CODIGO DE PROCESO EL NUMERO 1)
NETWORK 74.125.229.0 255.255.255.0 AREA 2 (EL DOS SIGNIFICA EL NUMERO DE AREA TODOS LOS ROUTER TIENEN QUE MANTENER EL MISMO NUMERO)
EXIT
EJEMPLO RIP V1 EN NAT 01
ENABLE
CONF T
ROUTER RIP
NETWORK 74.125.229.0
EXIT
EJEMPLO RIP V 2 EN NAT 01
ENABLE
CONF T
ROUTER RIP
VERSION 2
NETWORK 74.125.229.0
EXIT
ROUTER RIP VERSION 2 SOLO SE OCUPA PARA REDES CON MASCARAS VARIABLES EN NUESTRO CASO TODA LA TOPOLOGIA ES /24
Y POR ULTIMO SEA CUAL SEA EL PROTOCOLO SOLO SE DECLARAN LAS REDES CONECTADAS DIRECTAMENTE
CONFIGURACION NAT PARA NAT 01 Y 02
ENABLE
CONFIGURE TERMINAL
IP NAT POOL UCA(CUALQUIER NOMBRE) 74.125.229.40 74.125.229.40 NETMASK 255.255.255.0
ACCESS LIST 1 PERMIT 192.168.2.0 0.0.0.255
ACCESS LIST 1 PERMIT 192.168.3.0 0.0.0.255
ACCESS LIST 1 PERMIT 192.168.4.0 0.0.0.255
ACCESS LIST 1 PERMIT 192.168.5.0 0.0.0.255
ACCESS LIST 1 PERMIT 192.168.3.0 0.0.0.255
ACCESS LIST 1 PERMIT 10.1.100.0 0.0.0.255
IP NAT INSIDE SOURCE LIST 1 POOL UCA OVERLOAD
LUEGO DEFINEN LAS INTERFACES CUAL ES INSIDE Y CUAL OUTSIDE
MI CASO MI INTERFACE INSIDE ES LA 1/0 Y LA 0/1 QUE SON MIS INTERFACES LAN OSEA LOCALES Y LA 0/0 ES MI INTERFAZ WAN POR LO QUE SERA LA OUTSIDE
ENA
CONF T
INTERFACE F0/1
IP NAT INSIDE
EXIT
INTERFACE F1/0
IP NAT INSIDE
EXIT
INTERFACE F0/0
IP NAT OUTSIDE
EXIT
LUEGO LE DAN UN PING DE CUALQUIER MAQUINA AL SERVER Q ESTA EN LA PARTE DE ARRIBA DIRECTO AL ROUTER ISP02 SE VAN AL NAT 01 Y LE DAN SHOW IP NAT TRANSLATIONS Y VERFICAN
a que hora lo actualizas......!!!!!! es para guiarme
ResponderEliminar