Scribd
Upload
31 views11 pages

Answmer

The document contains configuration files for routers R1 and R2 and switches S1, S2, S3, and S4. R1 and R2 are configured with OSPF routing, VLAN interfaces, NAT, and SSH access. Switches S1-S3 are configured with VLAN interfaces, default gateways, and SSH access control lists. S3 additionally downloads and installs a new IOS image from R2 and saves its configuration.

Uploaded by

Mehedi Hasan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views11 pages

Answmer

The document contains configuration files for routers R1 and R2 and switches S1, S2, S3, and S4. R1 and R2 are configured with OSPF routing, VLAN interfaces, NAT, and SSH access. Switches S1-S3 are configured with VLAN interfaces, default gateways, and SSH access control lists. S3 additionally downloads and installs a new IOS image from R2 and saves its configuration.

Uploaded by

Mehedi Hasan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

Page |1

R1
enable
configure terminal

no ip domain lookup
hostname R1
enable secret ciscoenpass
line console 0
password ciscoconpass
login
exit

security passwords min-length 10


service password-encryption
banner motd #Unauthorized Acess is Prohibited#

interface GigabitEthernet0/0/0
description Connection to R2
ip address 198.51.100.1 255.255.255.252
no shutdown

interface GigabitEthernet0/0/1
Page |2

description Connection to S2
ip address 192.168.1.1 255.255.255.0
no shutdown

interface GigabitEthernet0/0/2
description Connection to S1
ip address 64.100.1.1 255.255.255.248
no shutdown

ip domain name ccna-lab.com


username admin secret admin1pass

line vty 0 15
login local
transport input ssh
exit

crypto key generate rsa


1024

ip ssh version 2

router ospf 1
router-id 0.0.0.1
Page |3

network 64.100.1.0 0.0.0.7 area 0


network 198.51.100.0 0.0.0.3 area 0
exit

router ospf 1
passive-interface GigabitEthernet0/0/1
passive-interface GigabitEthernet0/0/2
auto-cost reference-bandwidth 1000
exit

interface GigabitEthernet0/0/0
ip ospf network point-to-point
ip ospf hello-interval 30
exit

ip nat inside source static 192.168.1.5 64.100.1.7

interface GigabitEthernet0/0/0
ip nat outside
interface GigabitEthernet0/0/1
ip nat inside

ip access-list standard R1-VTY-LIMIT


permit host 192.168.1.5
Page |4

line vty 0 15
access-class R1-VTY-LIMIT in
exit

R2
enable
configure terminal

no ip domain lookup
hostname R2
enable secret ciscoenpass
line console 0
password ciscoconpass
login
exit

security passwords min-length 10


service password-encryption
banner motd #Unauthorized Acess is Prohibited#

interface GigabitEthernet0/0/0
description Connection to R1
Page |5

ip address 198.51.100.2 255.255.255.252


no shutdown

interface GigabitEthernet0/0/1
description Connection to S4
ip address 172.16.2.1 255.255.255.0
no shutdown

interface GigabitEthernet0/0/2
description Connection to S3
ip address 209.165.202.129 255.255.255.224
no shutdown

ip domain name ccna-lab.com


username admin secret admin1pass

line vty 0 15
login local
transport input ssh
exit

crypto key generate rsa


1024
Page |6

ip ssh version 2

router ospf 1
router-id 0.0.0.2
network 209.165.202.128 0.0.0.31 area 0
network 198.51.100.0 0.0.0.3 area 0
exit

router ospf 1
passive-interface GigabitEthernet0/0/1
passive-interface GigabitEthernet0/0/2
auto-cost reference-bandwidth 1000
exit

interface GigabitEthernet0/0/0
ip ospf network point-to-point
ip ospf hello-interval 30
exit

ip nat pool IPNAT1 209.165.202.140 209.165.202.150 netmask 255.255.255.224


ip nat inside source list 1 pool IPNAT1 overload
access-list 1 permit 172.16.2.0 0.0.0.15

interface GigabitEthernet0/0/1
Page |7

ip nat inside

ip access-list standard R2-VTY-LIMIT


permit host 172.16.2.5

line vty 0 15
access-class R2-VTY-LIMIT in
exit

ip access-list extended R2-SECURITY


permit tcp host 64.100.1.7 host 209.165.202.131 eq ftp
deny tcp any any eq ftp
deny tcp any any eq 22
permit ip any any

interface GigabitEthernet0/0/0
ip access-group R2-SECURITY in
ip nat outside
exit
Page |8

S1
enable
configure ter
configure terminal

hostname S1
interface Vlan1
ip address 64.100.1.2 255.255.255.248
no shutdown

ip default-gateway 64.100.1.1

ip access-list standard S1-VTY-LIMIT


permit host 192.168.1.5

line vty 0 15
access-class S1-VTY-LIMIT in
exit
S1>en
S1#copy running-config tftp
Address or name of remote host []? 192.168.1.5
Destination filename [S1-confg]? S1-Run-Config
Page |9

S2
enable
configure terminal

hostname S2
interface Vlan1
ip address 192.168.1.2 255.255.255.0
no shutdown

ip default-gateway 192.168.1.1

S2>en
S2#copy running-config tftp
Address or name of remote host []? 192.168.1.5
Destination filename [S2-confg]? S2-Run-Config

Writing running-config....!!
[OK - 1122 bytes]
1122 bytes copied in 3.003 secs (373 bytes/sec)
P a g e | 10

S3
enable
config ter
hostname S3
interface Vlan1
ip address 209.165.202.130 255.255.255.224
no shutdown
ip default-gateway 209.165.202.129
ip access-list standard S3-VTY-LIMIT
permit host 172.16.2.5
line vty 0 15
access-class S3-VTY-LIMIT in

S3#copy tftp flash:


Address or name of remote host []? 209.165.202.131
Source filename []? c2960-lanbasek9-mz.150-2.SE4.bin
Destination filename [c2960-lanbasek9-mz.150-2.SE4.bin]?

Accessing tftp://209.165.202.131/c2960-lanbasek9-mz.150-2.SE4.bin....
Loading c2960-lanbasek9-mz.150-2.SE4.bin from 209.165.202.131:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 4670455 bytes]

S3#configure terminal
S3(config)#boot system flash:c2960-lanbasek9-mz.150-2.SE4.bin
S3(config)#exit
S3#
%SYS-5-CONFIG_I: Configured from console by console
P a g e | 11

S3#copy running-config startup-config


Destination filename [startup-config]?
Building configuration...
[OK]
S3#reload
Proceed with reload? [confirm]

S4
enable
config ter
hostname S4
interface Vlan1
ip address 172.16.2.2 255.255.255.0
no shutdown

ip default-gateway 172.16.2.1

You might also like