用Packet Tracer模拟个网

Standard

隔段时间要拿出来用用,否则真的要忘记的…

路由器Firewall

Firewall#show running-config 
Building configuration...
 
Current configuration : 856 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Firewall
!
interface FastEthernet0/0
 ip address 192.10.10.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 202.1.1.1 255.255.255.0
 ip nat outside
!
router rip
 version 2
 network 192.10.10.0
 default-information originate
 no auto-summary
!
ip nat inside source list 1 interface Serial0/0 overload
ip nat inside source static tcp 192.10.1.3 80 202.1.1.1 80
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0 
!
access-list 1 permit 192.10.1.0 0.0.0.255
access-list 1 permit 192.10.2.0 0.0.0.255
access-list 1 permit 192.10.3.0 0.0.0.255
access-list 1 permit 192.10.4.0 0.0.0.255
access-list 1 permit 192.10.10.0 0.0.0.255
!
no cdp run
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end

ISP

ISP#show running-config 
Building configuration...
 
Current configuration : 441 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname ISP
!
interface FastEthernet0/0
 ip address 202.1.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 202.1.1.2 255.255.255.0
 clock rate 64000
!
ip classless
!
no cdp run
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end

中心交换CW

CW#show running-config 
Building configuration...
 
Current configuration : 1675 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname CW
!
ip routing
!
spanning-tree mode pvst
!
interface FastEthernet0/1
 no switchport
 ip address 192.10.10.2 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/3
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/4
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
.
.
.
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.10.0.2 255.255.255.0
!
interface Vlan2
 ip address 192.10.1.2 255.255.255.0
!
interface Vlan3
 ip address 192.10.2.2 255.255.255.0
!
interface Vlan4
 ip address 192.10.3.2 255.255.255.0
!
router rip
 version 2
 network 192.10.1.0
 network 192.10.2.0
 network 192.10.3.0
 network 192.10.4.0
 network 192.10.10.0
 no auto-summary
!
ip classless
!
line con 0
!
line aux 0
!
line vty 0 4
 login
!
end

服务器汇聚SW

SW#show running-config 
Building configuration...
 
Current configuration : 1244 bytes
!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname SW
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
 switchport mode trunk
!
interface FastEthernet0/2
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 2
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 2
 switchport mode access
!
.
.
.

一楼

Floor1#sh running-config 
Building configuration...
 
Current configuration : 1206 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Floor1
!
spanning-tree mode pvst
!
interface FastEthernet0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/2
 switchport access vlan 3
 switchport mode access
!
.
.
.

源文件

Cisco案例小复习

Standard

照着他做的:http://ltyluck.blog.51cto.com/170459/209991

模拟一个小企业的实际情况,ISP分了几个IP给公司,想用一个给内部PC访问外网用,另外几个分配给内部的服务器用,这些内部的服务器要能被外网用户访问到。

ISP给他们分配了一个网段,公网IP地址如下:
218.2.135.1/29 – 218.2.135.6/29

想用218.2.135.1/29这个IP地址让内部的PC去访问外网,其它的几个IP地址都分配给内部的服务器使用,这三台内部的服务器需要提供给外网用户访问。
在这里PC1与PC2在VLAN 10里面,PC3和PC4在VLAN 20里面。

ISP(config)#username yemaosheng password test    //PC的上拨号使用此用户名密码 
ISP(config)#ip dhcp pool PSTN                             //拨号成功后ISP自动分配的IP地址就从名为PSTN的地址池中调用 
ISP(dhcp-config)#network 202.1.1.0 255.255.255.0  //给我们客户机分配的IP地址段 
ISP(dhcp-config)#default-router 202.1.1.1              //分配的默认网关 
ISP(dhcp-config)#dns-server 202.1.2.2                  //指定的DNS 
ISP(dhcp-config)#exit 
ISP(config)#ip dhcp excluded-address 202.1.1.1      //把网关IP地址排除掉
ISP(config)#int fa0/0              //连DNS服务器 
ISP(config-if)#ip add 202.1.2.1 255.255.255.0 
ISP(config-if)#no shut 
ISP(config-if)#exit 
ISP(config)#int fa0/1              //连WWW服务器 
ISP(config-if)#ip add 202.1.3.1 255.255.255.0 
ISP(config-if)#no shut 
ISP(config-if)#exit 
ISP(config)#int s0/0/0            //连公司的路由器 
ISP(config-if)#ip add 218.2.135.6 255.255.255.248 
ISP(config-if)#clock rate 64000 
ISP(config-if)#no shut 
ISP(config-if)#exit 
ISP(config)#

Enterprise(config)#int s0/0/0 
Enterprise(config-if)#ip add  218.2.135.1 255.255.255.248 
Enterprise(config-if)#no shut 
Enterprise(config-if)#int fa0/0 
Enterprise(config-if)#no shut 
Enterprise(config-if)#exit 
//以下这几行是做<a href='http://yemaosheng.com/?p=1314'>单臂路由</a> 
Enterprise(config)#int fa0/0.1 
Enterprise(config-subif)#encapsulation dot1Q 10 
Enterprise(config-subif)#ip add 192.168.1.1 255.255.255.0 
Enterprise(config-subif)#exit 
Enterprise(config)#int fa0/0.2 
Enterprise(config-subif)#encapsulation dot1Q 20 
Enterprise(config-subif)#ip add 192.168.2.1 255.255.255.0 
Enterprise(config-subif)#exit 
Enterprise(config)#int fa0/1 
Enterprise(config-if)#ip add 192.168.3.1 255.255.255.0 
Enterprise(config-if)#no shut 
Enterprise(config-if)#exit 
//以下是自动给两个VLAN分配不同IP地址的DHCP功能
Enterprise(config)#ip dhcp pool VLAN10 
Enterprise(dhcp-config)#network 192.168.1.0 255.255.255.0 
Enterprise(dhcp-config)#default-router 192.168.1.1 
Enterprise(dhcp-config)#dns-server 202.1.2.2 
Enterprise(dhcp-config)#exit 
Enterprise(config)#ip dhcp pool VLAN20 
Enterprise(dhcp-config)#network 192.168.2.0 255.255.255.0 
Enterprise(dhcp-config)#default-router 192.168.2.1 
Enterprise(dhcp-config)#dns-server 202.1.2.2 
Enterprise(dhcp-config)#exit 
Enterprise(config)#ip dhcp excluded-address 192.168.1.1 
Enterprise(config)#ip dhcp excluded-address 192.168.2.1 
//这下面是做PAT,以使内部PC可以正常访问我们的外网
Enterprise(config)#access-list 1 permit 192.168.1.0 0.0.0.255 
Enterprise(config)#access-list 1 permit 192.168.2.0 0.0.0.255 
Enterprise(config)#access-list 1 permit 192.168.3.0 0.0.0.255 //让内网的服务器也能访问外网
Enterprise(config)#ip nat inside source list 1 interface s0/0/0 overload 
Enterprise(config)#int s0/0/0 
Enterprise(config-if)#ip nat outside 
Enterprise(config-if)#exit 
Enterprise(config)#int fa0/0.1 
Enterprise(config-subif)#ip nat inside 
Enterprise(config-subif)#exit 
Enterprise(config)#int fa0/0.2 
Enterprise(config-subif)#ip nat inside 
Enterprise(config-subif)#exit 
//内网要想访问公网就必须使用一条默认路由出去,否则就只能访问到我们的ISP路由器那里
Enterprise(config)#ip route 0.0.0.0 0.0.0.0 s0/0/0
Switch(config)#vlan 10           //创建VLAN10 
Switch(config-vlan)#exit 
Switch(config)#vlan 20           //创建VLAN20 
Switch(config-vlan)#exit 
Switch(config)#int range fa0/1 - 2     //将fa0/1与fa0/2两个端口加入到我们的VLAN10中 
Switch(config-if-range)#sw mo acc 
Switch(config-if-range)#sw acc vlan 10 
Switch(config-if-range)#exit 
Switch(config)#int range fa0/3 - 4    //将fa0/3与fa0/4两个端口加入到我们的VLAN20中       
Switch(config-if-range)#sw mo acc 
Switch(config-if-range)#sw acc vlan 20 
Switch(config-if-range)#exit 
Switch(config)#int fa0/24               //将fa0/24口接路由器这个端口配置成trunk端口 
Switch(config-if)#sw mo trunk 
Switch(config-if)#exit 
Switch(config)#
Enterprise(config)#ip nat inside source static 192.168.3.3 218.2.135.2   //给Server0指定公网IP地址218.2.135.2 
Enterprise(config)#ip nat inside source static 192.168.3.4 218.2.135.3   //给Server1指定公网IP地址218.2.135.3 
Enterprise(config)#ip nat inside source static 192.168.3.2 218.2.135.4   //给Server2指定公网IP地址218.2.135.4
Enterprise(config)#int fa0/1 
Enterprise(config-if)#ip nat inside

Cisco复习(帧中继)

Standard


帧中继

Router0>en
Router0#conf t
 
Router0(config)#int fa0/1
Router0(config-if)#ip add 172.16.1.1 255.255.255.0
Router0(config-if)#no shut
 
Router0(config-if)#int serial0/1/0
Router0(config-if)#encapsulation frame-relay //进行frame-relay封装
Router0(config-if)#no shut
 
Router0(config-if)#int serial0/1/0.1 point-to-point //子接口配置
Router0(config-subif)#ip address 192.168.3.2 255.255.255.0
Router0(config-subif)#description Link Router2 DLCI 41 //添加描述备注
Router0(config-subif)#frame-replay interface-dlci 20 //配置DLCI
 
Router0(config-subif)#int serial0/1/0.2 point-to-point
Router0(config-subif)#ip address 192.168.2.2 255.255.255.0
Router0(config-subif)#description Link Router1 DLCI 31
Router0(config-subif)#frame-replay interface-dlci 21
...
Router0(config)#router eigrp 100
Router0(config-router)#network 172.16.0.0
Router0(config-router)#network 192.168.3.0
Router0(config-router)#network 192.168.2.0
Router0(config-router)#end
//--------------------------
Router1>en
Router1#conf t
 
Router1(config)#int fa0/1
Router1(config-if)#ip add 172.17.1.1 255.255.255.0
Router1(config-if)#no shut
 
Router1(config-if)#int serial0/1/0
Router1(config-if)#encapsulation frame-relay
Router1(config-if)#no shut
 
Router1(config-if)#int serial0/1/0.1 point-to-point
Router1(config-subif)#ip address 192.168.1.2 255.255.255.0
Router1(config-subif)#description Link Router2 DLCI 40
Router1(config-subif)#frame-replay interface-dlci 30
 
Router1(config-subif)#int serial0/1/0.2 point-to-point
Router1(config-subif)#ip address 192.168.2.1 255.255.255.0
Router1(config-subif)#description Link Router0 DLCI 21
Router1(config-subif)#frame-replay interface-dlci 31
...
Router1(config)#router eigrp 100
Router1(config-router)#network 172.17.0.0
Router1(config-router)#network 192.168.1.0
Router1(config-router)#network 192.168.2.0
Router1(config-router)#end
//--------------------------
Router2>en
Router2#conf t
 
Router2(config)#int fa0/1
Router2(config-if)#ip add 172.18.1.1 255.255.255.0
Router2(config-if)#no shut
 
Router2(config-if)#int serial0/1/0
Router2(config-if)#encapsulation frame-relay
Router2(config-if)#no shut
 
Router2(config-if)#int serial0/1/0.1 point-to-point
Router2(config-subif)#ip address 192.168.1.1 255.255.255.0
Router2(config-subif)#description Link Router1 DLCI 30
Router2(config-subif)#frame-replay interface-dlci 40
 
Router2(config-subif)#int serial0/1/0.2 point-to-point
Router2(config-subif)#ip address 192.168.3.1 255.255.255.0
Router2(config-subif)#description Link Router0 DLCI 20
Router2(config-subif)#frame-replay interface-dlci 41
Router2(config-subif)#end
...
Router2(config)#router eigrp 100
Router2(config-router)#network 172.18.0.0
Router2(config-router)#network 192.168.3.0
Router2(config-router)#network 192.168.1.0
Router2(config-router)#end

转载请注明出处:http://yemaosheng.com

Cisco复习(VOIP)

Standard


VOIP

CM#conf t
CM(config)#int fa 0/1
CM(config-if)#ip add 192.168.10.1 255.255.255.0
CM(config-if)#no shut
CM(config-if)#exit
CM(config)#ip dhcp pool voip
CM(dhcp-config)#network 192.168.10.0 255.255.255.0
CM(dhcp-config)#default-router 192.168.10.1
CM(dhcp-config)#option 150 ip 192.168.10.1
CM(dhcp-config)#exit
 
CM(config)#telephony-service
CM(config-telephony)#max-ephones 30 //定义最大电话数
CM(config-telephony)#max-dh 30 //定义最大目录号
CM(config-telephony)#ip source-address 192.168.10.1 port 2000 //IP电话充通信IP及端口
CM(config-telephony)#create cnf-files //建个xml文件记录每个电话的配置信息
CM(config)#ephone-dn 1 //设逻辑电话目录号
CM(config-ephone-dn)#number 1001 //电话号1001
CM(config)#ephone-dn 2 //设逻辑电话目录号
CM(config-ephone-dn)#number 1002 //电话号1001
CM(config)#ephone-dn 3 //设逻辑电话目录号
CM(config-ephone-dn)#number 1003 //电话号1001
CM(config)#ephone-dn 4 //设逻辑电话目录号
CM(config-ephone-dn)#number 1004 //电话号1001
CM(config)#ephone-dn 5 //设逻辑电话目录号
CM(config-ephone-dn)#number 1005 //电话号1001
CM(config)#ephone 1 //物理电话配置
CM(config-ephone)#mac-address 000D.BD7D.0C91
CM(config-ephone)#type CIPC //CIPC是软电话,7960是CISCO硬件电话,ata是模拟电话
CM(config-ephone)#button 1:1 //第一位数字你可以把它当vlan来理解,后面一个数字对应的是电话目录号
CM(config)#ephone 2
CM(config-ephone)#mac-address 0002.4A15.3CD7
CM(config-ephone)#type 7960
CM(config-ephone)#button 1:2
CM(config)#ephone 3
CM(config-ephone)#mac-address 000A.F34D.1A01
CM(config-ephone)#type ata
CM(config-ephone)#button 1:3
CM(config)#ephone 4
CM(config-ephone)#mac-address 00E0.A354.AA97
CM(config-ephone)#type CIPC
CM(config-ephone)#button 1:4
CM(config)#ephone 5
CM(config-ephone)#mac-address 0060.7035.0745
CM(config-ephone)#type CIPC
CM(config-ephone)#button 1:5
 
SW#conf t
SW(config)#int range fa 0/10-20
SW(config-if-range)#switchport mode access
SW(config-if-range)#switchport voice vlan 1
SW(config-if-range)#no shut
SW(config-if-range)#exit

转载请注明出处:http://yemaosheng.com

Cisco复习(配置、CDP、静态、RIP、OSPF)

Standard

不用就忘,复习复习.
备份配置文件

Router>en
Router#int fa 0/0
Router#ip address 192.168.0.1 255.255.255.0
Router#no shut
Router#copy running-config tftp:
Address or name of remote host []? 192.168.0.2
Destination filename [Router-confg]? Router-config-bak-2011-7-20
 
Writing running-config...!!
[OK - 463 bytes]
 
463 bytes copied in 0.063 secs (7000 bytes/sec)
Router#

通过tftp加载配置文件

Router#copy tftp://192.168.0.2/Router-config-bak-2011-7-20 running-config
Accessing tftp://192.168.0.2/Router-config-bak-2011-7-20...
Loading Router-config-bak-2011-7-20 from 192.168.0.2: !
[OK - 463 bytes]
 
463 bytes copied in 0.031 secs (14935 bytes/sec)
Router#

Copy IOS到tftp

Router#copy flash: tftp:
Source filename []? c2800nm-advipservicesk9-mz.124-15.T1.bin
Address or name of remote host []? 192.168.0.2
Destination filename [c2800nm-advipservicesk9-mz.124-15.T1.bin]? c2800nm-advipservicesk9-mz.124-15.T1_bak.bin
 
Writing c2800nm-advipservicesk9-mz.124-15.T1.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 50938004 bytes]
 
50938004 bytes copied in 27.891 secs (1826000 bytes/sec)

使用CDP获取相连设备信息

Router>en
Router#conf t
Router(config)#hostname Router0
Router0(config)#int fa 0/0
Router0(config-if)#ip address 192.168.1.1 255.255.255.0
Router0(config-if)#no shut
 
Router>en
Router#conf t
Router(config)#hostname Router1
Router1(config)#int fa 0/0
Router1(config-if)#ip address 192.168.1.2 255.255.255.0
Router1(config-if)#no shut
Router1(config)#int fa 0/1
Router1(config-if)#ip address 192.168.2.1 255.255.255.0
Router1(config-if)#no shut
Router1(config-if)#exit
Router1(config)#show cdp neighbors
Router1#no cdp run
Router1#cdp run
 
Switch>en
Switch#conf t
Switch(config)#hostname Switch0
Switch0(config)#int fa 0/1
Switch0(config-if)#cdp enable
Switch0(config-if)#no cdp enable
Switch0(config-if)#cdp enable

禁用域名解析

Router0>en
Router0#conf t
Router0(config)#no ip domain-lookup
Router0(config)#end
Router0#

静态路由

Router0#conf t
Router0(config)#ip route 192.168.4.0 255.255.255.0 192.168.2.2
 
Router1#conf t
Router1(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1
Router1(config)#ip route 192.168.4.0 255.255.255.0 192.168.3.2
 
Router2#conf t
Router2(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1
//PC0 ping 192.168.4.1 ok
//PC0 ping 192.168.3.1 unreachable
//PC1 ping 192.168.1.1 ok
//PC1 ping 192.168.2.1 unreachable
 
Router0(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.2
//PC0 ping 192.168.3.1 ok
Router2(config)#ip route 192.168.2.0 255.255.255.0 192.168.3.2
//PC1 ping 192.168.2.1 ok

RIP

Router1#conf t
Router1(config)#int se 1/0
Router1(config-if)#ip address 192.168.1.1 255.255.255.0
Router1(config-if)#clock rate 64000
Router1(config)#int se 1/1
Router1(config-if)#ip address 10.3.1.1 255.255.255.0
Router1(config-if)#clock rate 64000
Router1#show interfaces serial 1/0
Serial1/1 is up, line protocol is up (connected)
...
Router1#show interfaces serial 1/1
Serial1/1 is up, line protocol is up (connected)
...
 
Router2#conf t
Router2(config)#int se 1/0
Router2(config-if)#ip address 192.168.1.2 255.255.255.0
Router2(config)#int fa 0/0
Router2(config-if)#ip address 192.168.3.1 255.255.255.0
 
Router3#conf t
Router3(config)#int se 1/1
Router3(config-if)#ip address 10.3.1.2 255.255.255.0
Router3(config)#int fa 0/0
Router3(config-if)#ip address 10.3.3.1 255.255.255.0
 
Router1(config)#router rip
Router1(config-router)#network 192.168.1.0
Router1(config-router)#network 10.3.1.0
 
Router2(config)#router rip
Router2(config-router)#network 192.168.1.0
Router2(config-router)#network 192.168.3.0
 
Router3(config)#router rip
Router3(config-router)#network 10.3.1.0
Router3(config-router)#network 10.3.3.0
 
Router1#debug ip rip
RIP protocol debugging is on
Router1#RIP: received v2 update from 10.3.1.2 on Serial1/1
      10.3.3.0/24 via 0.0.0.0 in 1 hops
      ...
 
Router1#show ip route
...
     10.0.0.0/24 is subnetted, 2 subnets
C       10.3.1.0 is directly connected, Serial1/1
R       10.3.3.0 [120/1] via 10.3.1.2, 00:00:08, Serial1/1
C    192.168.1.0/24 is directly connected, Serial1/0
R    192.168.3.0/24 [120/1] via 192.168.1.2, 00:00:15, Serial1/0
 
PC0>tracert 10.3.3.2
Tracing route to 10.3.3.2 over a maximum of 30 hops:
  1   62 ms     32 ms     31 ms     192.168.3.1
  2   62 ms     62 ms     63 ms     192.168.1.1
  3   78 ms     94 ms     94 ms     10.3.1.2
  4   *         125 ms    125 ms    10.3.3.2
Trace complete.

OSPF

采集站请慢,还没写完呢,有空再加…

转载请注明出处:http://yemaosheng.com