actividad 7.doc
TRANSCRIPT
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 1/18
1
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 2/18
Actividad 7.4.1: Configuración básica de DHCP y NATTarea 2: Configurar un servidor de DHCP del IOS de Cisco R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.10 R1(config)#ip dhcp excluded-address 192.168.11.1 192.168.11.10
Paso 2. Configurar el pool. R1(config)#ip dhcp pool R1Fa0 R1(dhcp-config)#network 192.168.10.0 255.255.255.0 R1(dhcp-config)#dns-server 192.168.11.5 R1(dhcp-config)#default-router 192.168.10.1 R1(config)#ip dhcp pool R1Fa1 R1(dhcp-config)#network 192.168.11.0 255.255.255.0 R1(dhcp-config)#dns-server 192.168.11.5 R1(dhcp-config)#default-router 192.168.11.1Paso 3. Verificar la configuración del DHCP. R1#show ip dhcp binding IP address Client-ID/ Lease expiration Type Dirección de Hardware192.168.10.11 0007.EC66.8752 -- Automatic192.168.11.11 00E0.F724.8EDA -- AutomaticTarea 3: Configurar el enrutamiento estático y predeterminado ISP(config)#ip route 209.165.200.240 255.255.255.240 serial 0/0/1
Tarea 4: Configurar NAT estática R2(config)#ip route 0.0.0.0 0.0.0.0 209.165.200.226 R2(config)#router ospf 1 R2(config-router)#default-information originateTarea 5: Configurar NAT dinámica con un conjunto de direcciones R2(config)#ip nat inside source static 192.168.20.254 209.165.200.254 R2(config)#interface serial 0/0/1 R2(config-if)#ip nat outside R2(config-if)#interface fa0/0
R2(config-if)#ip nat inside R2(config)#ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246netmask255.255.255.248 R2(config)#ip access-list extended NAT R2(config-std-nacl)#permit ip 192.168.10.0 0.0.0.255 any R2(config-std-nacl)#permit ip 192.168.11.0 0.0.0.255 any R2(config)#ip nat inside source list NAT pool MY-NAT-POOL R2(config)#interface serial 0/0/0
R2(config-if)#ip nat inside
2
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 3/18
R2#show ip nat translations Pro Inside global Inside local Outside local Outside global --- 209.165.200.241 192.168.10.11 --- ------ 209.165.200.242 192.168.11.11 --- ---
--- 209.165.200.254 192.168.20.254 --- ---Tarea 6: Configurar NAT con sobrecarga R2(config)#no ip nat pool MY-NAT-POOL 209.165.200.241 209.165.200.246netmask255.255.255.248 R2(config)#no ip nat inside source list NAT pool MY-NAT-POOL R2(config)#ip nat inside source list NAT interface S0/0/1 overload R2#show ip nat translations Pro Inside global Inside local Outside local Outside global
icmp 209.165.200.225:3 192.168.10.11:3 209.165.200.226:3209.165.200.226:3icmp 209.165.200.225:1024192.168.11.11:3 209.165.200.226:3209.165.200.226:1024--- 209.165.200.254 192.168.20.254 --- ---
Actividad 7.4.2: Desafío de configuración de DHCP y NAT En esta actividad, configure los servicios de dirección IP mediante la red quese muestra en el diagrama de topología. Si necesita ayuda, consultenuevamente la práctica de laboratorio de configuración básica de NAT y DHCP. Sin embargo, intente hacer todo lo posible por su cuenta.Configure el nombre de host del dispositivo. --> hostname Desactive la búsqueda DNS. --> no ip domainlookupConfigure una contraseña de modo EXEC privilegiado. --> enable secret Configure un mensaje del día. --> banner motd Configure una contraseña para las conexiones de la consola. --> enable password
Habilite RIPv2 en R1 y R2. No publique la red 209.165.200.224/27. --> routerripConfigure el nombre de host del dispositivo. --> hostnameDesactive labúsqueda DNS. --> no ip domainlookupConfigure una contraseña de modo EXEC privilegiado. --> enable secretConfigure un mensaje del día. --> bannermotdConfigure una contraseña para las conexiones de la consola. --> enable passwordHabilite RIPv2 en R1 y R2. No publique la red 209.165.200.224/27.--> router rip
3
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 4/18
Search .. Search
Configuraciónbásica de DHCPy NATHarol André Páramo Díaz cisco, CONFIGURACIÓN DE DISPOSITIVOS, dhcp, nat domingo, 17 de julio de2011
Para los que están siguiendo el currículo de cisco CCNA Exploration, esta es la solución a la
actividad 7.4.1 En el cual nos plantea como objetivo lo siguiente.
Preparar la red•
Realizar las configuraciones básicas del router•
Configurar un servidor de DHCP del IOS de Cisco•
Configurar el enrutamiento estático y predeterminado•
Configurar NAT estática.•
TAREA1 CONFIGURACIÓNBÁSICA.
Router#erasestartup-config
Router#configureterminal
Router(config)#hostnameR1
R1(config)#noip domain-lookup
R1(config-line)#enablepasswordcisco
R1(config)#lineconsole0
R1(config-line)#passwordcisco
R1(config-line)#loggingsynchronousR1(config)#linevty 0 4
4
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 5/18
R1(config-line)#passwordcisco
R1(config-line)#loggingsynchronous
R1(config)#bannerlogin "Personalautorizado"
R1(config)#bannermotd"Revision1"
Luegodebede ingresarel siguientedireccionamientoip.
Al finalizar esta actividaddebe de aparecerun 50%de la actividadcompleta.
Tarea 2: Configurarun servidor de DHCPdel IOS de Cisco
R1(config)#ipdhcpexcluded-address192.168.10.1192.168.10.10
R1(config)#ipdhcpexcluded-address192.168.11.1192.168.11.10
Paso 2. Configurarel pool.
R1(config)#ipdhcppool R1Fa0
R1(dhcp-config)#network192.168.10.0255.255.255.0
R1(dhcp-config)#dns-server 192.168.11.5
R1(dhcp-config)#default-router 192.168.10.1
R1(config)#ipdhcppool R1Fa1
R1(dhcp-config)#network192.168.11.0255.255.255.0
R1(dhcp-config)#dns-server 192.168.11.5
R1(dhcp-config)#default-router 192.168.11.1
Paso 3. Verificar la configuracióndel DHCP.
R1#showip dhcpbinding
IP addressClient-ID/ LeaseexpirationType
Direcciónde Hardware
192.168.10.110007.EC66.8752– Automatic
192.168.11.1100E0.F724.8EDA– Automatic
5
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 6/18
Tarea 3: Configurarel enrutamientoestático y predeterminado
ISP(config)#iproute 209.165.200.240255.255.255.240serial 0/0/1
Tarea 4: ConfigurarNAT estática
R2(config)#iproute 0.0.0.0 0.0.0.0 209.165.200.226
R2(config)#routerospf 1
R2(config-router)#default-informationoriginate
Tarea 5: ConfigurarNAT dinámicacon un conjuntode direcciones
R2(config)#ipnat inside sourcestatic 192.168.20.254209.165.200.254
R2(config)#interfaceserial 0/0/1
R2(config-if)#ip nat outside
R2(config-if)#interfacefa0/0
R2(config-if)#ip nat inside
R2(config)#ipnat pool MY-NAT-POOL209.165.200.241209.165.200.246netmask255.255.255.248
R2(config)#ipaccess-list extendedNAT
R2(config-std-nacl)#permitip 192.168.10.00.0.0.255any
R2(config-std-nacl)#permitip 192.168.11.00.0.0.255any
R2(config)#ipnat inside sourcelist NATpool MY-NAT-POOL
R2(config)#interfaceserial 0/0/0
R2(config-if)#ip nat inside
R2#showip nat translations
Pro Inside global Inside local Outsidelocal Outsideglobal
--- 209.165.200.241192.168.10.11--- ---
--- 209.165.200.242192.168.11.11--- ---
--- 209.165.200.254192.168.20.254--- ---
Tarea 6: ConfigurarNAT con sobrecarga
R2(config)#noip nat pool MY-NAT-POOL209.165.200.241209.165.200.246netmask255.255.255.248R2(config)#noip nat inside sourcelist NAT pool MY-NAT-POOL
6
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 7/18
R2(config)#ipnat inside sourcelist NATinterfaceS0/0/1 overload
R2#showip nat translations
Pro Inside global Inside local Outsidelocal Outsideglobal
icmp209.165.200.225:3192.168.10.11:3209.165.200.226:3209.165.200.226:3
icmp209.165.200.225:1024192.168.11.11:3209.165.200.226:3209.165.200.226:1024---
7
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 8/18
PAP
R4username R2 password cisco
interface Serial0/1ip address 200.10.10.4 255.255.255.240
encapsulation pppppp authentication papppp pap sent-username R4 password ciscoip nat outside
R2username R4 password ciscointerface Serial0/1ip address 200.10.10.2 255.255.255.240encapsulation ppp
ppp authentication papppp pap sent-username R2 password cisco
clock rate 128000
CHAP
R3username R5 password ciscointerface Serial0/1
encapsulation ppp
ppp authentication chap
8
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 9/18
R5username R3 password ciscointerface Serial0/1
encapsulation pppppp authentication chap
PAP con chancho
R1username R6 password ciscointerface Serial0/2encapsulation pppppp authentication pap chap
ppp pap sent-username R1 password cisco
R6username R1 password ciscointerface Serial0/2
encapsulation pppppp authentication pap chap
ppp pap sent-username R6 password cisco
CHAP con PAN
R1username R7 password ciscointerface Serial0/1
encapsulation pppppp authentication chap papppp pap sent-username R1 password cisco
R7username R1 password ciscointerface Serial0/1encapsulation pppppp authentication chap pap
ppp pap sent-username R7 password cisco
FRAME RELAY...
9
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 10/18
R1int s0/0encapsulation frame-relay ietf
frame-relay lmi-type ansi
interface serial 0/0.10 point-to-point
frame-relay interface-dlci 101ip address 192.168.10.1 255.255.255.0
interface serial 0/0.20 point-to-point
frame-relay interface-dlci 201ip address 192.168.20.1 255.255.255.0
interface serial 0/0
no shut
R2int s0/0
encapsulation frame-relay ietf frame-relay lmi-type ansi
interface serial 0/0.10 point-to-point
frame-relay interface-dlci 100ip address 192.168.10.2 255.255.255.0
interface serial 0/0no shut
R3int s0/0encapsulation frame-relay ietf frame-relay lmi-type ansi
interface serial 0/0.20 point-to-pointframe-relay interface-dlci 200
ip address 192.168.20.2 255.255.255.0interface serial 0/0no shut
10
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 11/18
Swtich 1 ConfigurationSwitch>enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#no ip domain-lSwitch(config)#host SW1SW1(config)#enable secret ciscoSW1(config)#line con 0SW1(config-line)#pass ciscoSW1(config-line)#loginSW1(config-line)#exitSW1(config)#line vty 0 4SW1(config-line)#pass ciscoSW1(config-line)#loginSW1(config-line)#exitSW1(config)#vtp mode server Device mode already VTP SERVERSW1(config)#vtp domain radianceChanging VTP domain name from NULL to radianceSW1(config)#vlan 2
11
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 12/18
SW1(config-vlan)#name ITSW1(config-vlan)#exitSW1(config)#vlan 3SW1(config-vlan)#name HRSW1(config-vlan)#exitSW1(config)#int range fa0/1-3SW1(config-if-range)#switchport mode trunkSW1(config-if-range)#exitSW1(config)#int range fa0/11-20SW1(config-if-range)#switchport access vlan 2SW1(config-if-range)#exSW1(config)#int range fa0/21-24SW1(config-if-range)#switchport access vlan 3SW1(config-if-range)#endSW1#SW1#copy run startDestination filename [startup-config]?Building configuration...[OK]SW1# _____________________________________ Swtich 2 ConfigurationSwitch>enSwitch#conf t
Enter configuration commands, one per line. End with CNTL/Z.Switch(config)#no ip domain-lSwitch(config)#host SW2SW2(config)#vtp mode clientSetting device to VTP CLIENT mode.SW2(config)#vtp domain radianceDomain name already set to radiance.SW2(config)#int fa0/1SW2(config-if)#switchport mode trunkSW2(config-if)#exit
SW2(config)#int range fa0/10-20SW2(config-if-range)#switchport access vlan 2SW2(config-if-range)#exSW2(config)#int range fa0/21-24SW2(config-if-range)#switchport access vlan 3SW2(config-if-range)#exitSW2(config)#exSW2#%SYS-5-CONFIG_I: Configured from console by console
SW2#copy run startDestination filename [startup-config]?
12
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 13/18
Building configuration...[OK]SW2# ________________________________________________ Switch>enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#no ip domain-lSwitch(config)#host SW3SW3(config)#vtp mode clientSetting device to VTP CLIENT mode.SW3(config)#vtp domain radianceDomain name already set to radiance.SW3(config)#int fa0/1SW3(config-if)#switchport mode trunkSW3(config-if)#exSW3(config)#int range fa0/10-20SW3(config-if-range)#switchport access vlan 2SW3(config-if-range)#exSW3(config)#int range fa0/21-24SW3(config-if-range)#switchport access vlan 3SW3(config-if-range)#endSW3#%SYS-5-CONFIG_I: Configured from console by console
SW3#copy run startDestination filename [startup-config]?Building configuration...[OK]SW3# _______________________________ Radiance Router ConfigurationRouter>enRouter#conf t
Enter configuration commands, one per line. End with CNTL/Z.Router(config)#no ip domain-lRouter(config)#host R1R1(config)#host RadianceRadiance(config)#int fa0/0Radiance(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to
up
13
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 14/18
Radiance(config-if)#int fa0/0.1
%LINK-5-CHANGED: Interface FastEthernet0/0.1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.1, changed state toupRadiance(config-subif)#encap dot1q 1Radiance(config-subif)#ip add 192.168.1.1 255.255.255.0Radiance(config-subif)#ip nat insideRadiance(config-subif)#ip helper 192.168.1.2Radiance(config-subif)#exRadiance(config)#int fa0/0.2
%LINK-5-CHANGED: Interface FastEthernet0/0.2, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.2, changed state toupRadiance(config-subif)#encap dot1q 2Radiance(config-subif)#ip add 192.168.2.1 255.255.255.0Radiance(config-subif)#ip nat insideRadiance(config-subif)#ip helper 192.168.1.2Radiance(config-subif)#exRadiance(config)#int fa0/0.3Radiance(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.3, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.3, changed state toup
Radiance(config-subif)#encap dot1q 3Radiance(config-subif)#ip add 192.168.3.1 255.255.255.0Radiance(config-subif)#ip nat insideRadiance(config-subif)#ip helper 192.168.1.2Radiance(config-subif)#exit
Radiance(config)#ip route 192.168.1.0 255.255.255.0 fa0/0.1Radiance(config)#ip route 192.168.2.0 255.255.255.0 fa0/0.2Radiance(config)#ip route 192.168.3.0 255.255.255.0 fa0/0.3Radiance(config)#ip route 0.0.0.0 0.0.0.0 198.0.0.1Radiance(config)#acceRadiance(config)#access-list 1 permit 192.168.1.0 0.0.0.255Radiance(config)#access-list 1 permit 192.168.2.0 0.0.0.255Radiance(config)#access-list 1 permit 192.168.3.0 0.0.0.255Radiance(config)#ip nat inside sRadiance(config)#ip nat inside source li
Radiance(config)#ip nat inside source list 1 int s0/0/1Radiance(config)#int s0/0/1
14
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 15/18
Radiance(config-if)#ip add 198.0.0.2 255.255.255.252Radiance(config-if)#ip nat outsideRadiance(config-if)#no shut
%LINK-5-CHANGED: Interface Serial0/0/1, changed state to downRadiance(config-if)#endRadiance#%SYS-5-CONFIG_I: Configured from console by console
Radiance#copy run startDestination filename [startup-config]?Building configuration...[OK]Radiance# _____________________________________ ISP Router configurationRouter>enRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#no ip domain-lRouter(config)#host ISPISP(config)#int s0/0/0ISP(config-if)#ip add 198.0.0.1 255.255.255.252ISP(config-if)#clock rate 56000
ISP(config-if)#no shut
ISP(config-if)#%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
ISP(config-if)#exISP(config)#int fa0/0ISP(config-if)#%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
ISP(config-if)#ip add 198.0.0.10 255.255.255.252ISP(config-if)#no shut
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state toup
ISP(config-if)#exISP(config)#int fa0/1
ISP(config-if)#ip add 198.0.0.6 255.255.255.252ISP(config-if)#no shut
15
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 16/18
ISP(config-if)#%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state toup
ISP(config-if)#exISP(config)#router ripISP(config-router)#ver 2ISP(config-router)#net 198.0.0.0ISP(config-router)#net 198.0.0.4ISP(config-router)#net 198.0.0.8ISP(config-router)#endISP#%SYS-5-CONFIG_I: Configured from console by console
ISP#copy run startDestination filename [startup-config]?Building configuration...[OK]ISP#
16
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 17/18
R1(config-if)#ip address <public ip> 255.255.255.0R1(config-if)#ip nat outsideR1(config-if)#no shutR1(config-if)#int s1/0R1(config-if)#ip 192.168.1.241 255.255.255.252R1(config-if)#ip nat insideR1(config-if)#ip no shutR1(config-if)#int s1/4R1(config-if)#ip 192.168.1.245 255.255.255.252R1(config-if)#ip nat insideR1(config-if)#no shutR1(config-if)#exit
R1(config)#ip nat pool natpool 192.168.1.1 192.168.1.254 prefix 24 ---- not sure about thisR1(config)#access-list 1 permit ip 192.168.1.0 0.0.0.255
17
8/22/2019 Actividad 7.doc
http://slidepdf.com/reader/full/actividad-7doc 18/18
R1(config)#ip nat inside source list 1 pool natpoolR1(config)#ip nat inside source list 1 int s0/0 overload --- not sure about this
My second question is should I configure DHCP on the border router, R1, or should it be configured onrouters R2 and R3 because they have the LANs with hosts connected to them? Would this be the correctway to configure DHCP on router R2... R1(config)#ip dhcp pool HOME_CLIENTSR1(dhcp-config)#network 192.168.1.0 255.255.255.0R1(dhcp-config)#default-router 192.168.1.1R1(dhcp-config)#import allR1(dhcp-config)#dns-server 192.168.1.2
I have not configured either NAT or DHCP in my lab yet, as I wanted to make sure I had a goodunderstanding first of what I was doing. Thank you for any help you can provide to help clarify these
questions. Brian
Respuesta correcta por cadetalain en Feb 3, 2013 5:34 AM
Hi, 1° on R1no ip route 0.0.0.0 0.0.0.0 fastethernet0/0 2° on R1
no ip dhcp pool insideDHCPip dhcp pool subnet_1import allnetwork 192.168.1.0 255.255.255.240default-router 192.168.1.1ip dhcp pool subnet_2import allnetwork 192.168.1.16 255.255.255.240default-router 192.168.1.17 3°
on R2 link to switchip helper-address 192.168.1.141
on R3 link to switchip helper-address 192.168.1.145
Regards
18