Scribd
Upload
60 views5 pages

Script

Script

Uploaded by

arlethcnt00
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
60 views5 pages

Script

Script

Uploaded by

arlethcnt00
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 5

---------------------------------------------------------------------

SUBNETEO IPv6
---------------------------------------------------------------------
2001::/19 = 2001:0

VLAN 20 = 2001::/19
VLAN 30 = 2001:2000::/19
VLAN 40 = 2001:4000::/19
LOOPBACK1 = 2001:6000::/19

INICIO: 2001:0000::/19 --> FIN: 2001:1FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/19


INICIO: 2001:2000::/19 --> FIN: 2001:3FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/19
INICIO: 2001:4000::/19 --> FIN: 2001:5FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/19
INICIO: 2001:6000::/19 --> FIN: 2001:7FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/19

--------------------------------------------------------------------
Configuración de Direccionamiento IPv6
---------------------------------------------------------------------

R1

ipv6 unicast-routing
interface G0/0/1.20
description Administracion
encapsulation dot1q 20
ipv6 address 2001::1/19

interface G0/0/1.30
description Operaciones
encapsulation dot1q 30
ipv6 address 2001:2000::1/19

interface G0/0/1.40
description Ventas
encapsulation dot1q 40
ipv6 address 2001:4000::1/19

interface G0/0/1.1000
description Operaciones Nativa
encapsulation dot1q 1000 native

interface G0/0/1
no shutdown

interface loopback1
ipv6 address 2001:6000::1/19

R2

ipv6 unicast-routing
interface G0/0/1
ipv6 address 2001::4/19
no shutdown

---------------------------------------------------------------------
Configuración Basica de Seguridad *Routers & SWT*
---------------------------------------------------------------------

R1

hostname R1
enable secret class
username sshAdmin secret $cisco123!
no ip domain-lookup
service password-encryption
line console 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
logging synchronous
login
banner motd 3 #### ACCESO SOLO PERSONAL AUTORIZADO #### 3
end
wr

R2

hostname R2
enable secret class
username sshAdmin secret $cisco123!
no ip domain-lookup
service password-encryption
line console 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
logging synchronous
login
banner motd 3 #### ACCESO SOLO PERSONAL AUTORIZADO #### 3
end
wr

S1

hostname S1
enable secret class
username sshAdmin secret $cisco123!
no ip domain-lookup
service password-encryption
line console 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
logging synchronous
login
banner motd 3 #### ACCESO SOLO PERSONAL AUTORIZADO #### 3
end
wr

S2

hostname S2
enable secret class
username sshAdmin secret $cisco123!
no ip domain-lookup
service password-encryption
line console 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
logging synchronous
login
banner motd 3 #### ACCESO SOLO PERSONAL AUTORIZADO #### 3
end
wr

---------------------------------------------------------------------
CREACIÓN DE VLANS , TRONCALES & ACCESO
---------------------------------------------------------------------

S1
vlan 20
name Administracion
vlan 30
name Operaciones
vlan 40
name Ventas
vlan 999
name ParkingLot
vlan 1000
name Nativo

interface range Fa0/1, Fa0/5


switchport mode trunk
switchport trunk native vlan 1000
interface Fa0/1
switchport trunk allowed vlan 20,30,40,999,1000

interface Fa0/6
switchport mode access
switchport access vlan 30

interface range Fa0/2-4, Fa0/7-24, G0/1-2


switchport mode access
switchport access vlan 999
shutdown

S2
vlan 20
name Administracion
vlan 30
name Operaciones
vlan 40
name Ventas
vlan 999
name ParkingLot
vlan 1000
name Nativo

interface Fa0/1
switchport mode trunk
switchport trunk native vlan 1000
interface Fa0/1
switchport trunk allowed vlan 20,30,40,999,1000

interface Fa0/5
switchport mode access
switchport access vlan 20

interface Fa0/18
switchport mode access
switchport access vlan 40

interface range Fa0/2-4, Fa0/6-17, Fa0/19-24, G0/1-2


switchport mode access
switchport access vlan 999
shutdown

---------------------------------------------------------------------
ACCESO REMOTO (SSH)
---------------------------------------------------------------------

R1,R2,S1,S2

ip domain-name ccna-lab.com
crypto key generate rsa
1024
ip ssh version 2
line vty 0 4
login local
transport input ssh

---------------------------------------------------------------------
SERVICIOS WEB
---------------------------------------------------------------------

R1,R2

ip http secure-server
ip http authentication local
---------------------------------------------------------------------
ACCESS LISTS
---------------------------------------------------------------------

R1

ipv6 access-list IPV6-ACL


deny tcp 2001:4000::/19 2001::/19 eq 22
deny tcp 2001:4000::/19 2001::/19 eq 80
deny tcp 2001:4000::/19 host 2001:2000::1 eq 80
deny tcp 2001:4000::/19 host 2001:4000::1 eq 80
deny tcp 2001:4000::/19 2001::/19 eq 443
deny tcp 2001:4000::/19 host 2001:2000::1 eq 443
deny tcp 2001:4000::/19 host 2001:4000::1 eq 443
deny icmp 2001:4000::/19 2001::/19 echo-request
deny icmp 2001:4000::/19 2001:2000::/19 echo-request
permit ipv6 any any
interface G0/0/1.40
ipv6 traffic-filter IPV6-ACL in

ipv6 access-list PROHIBIDO-OPERACIONES-PING-VENTAS


deny icmp 2001:2000::/19 2001:4000::/19 echo-request
permit ipv6 any any
interface G0/0/1.30
ipv6 traffic-filter PROHIBIDO-OPERACIONES-PING-VENTAS in

You might also like