CONFIGURACION BASICA EN 3 SW
____________________
enable
config t
hostname servidor
enable secret class
no ip domain-lookup
ip default-gateway 172.17.99.1
line con 0
password cisco
login
line vty 0 15
password cisco
login
end
CONFIGURACION VTP Y SEGURIDAD EN LOS PUERTOS
____________________________________________
paso 1.Habilitar los puertos del usuario en S2 y S3
____________________________________________
config t
int fa0/6
switchport mode access
no sh
int fa0/7
switchport mode access
no sh
int fa0/8
switchport mode access
no sh
int fa0/1
switchport mode access
no sh
end
____________________________________________
paso 2.Comprobar la config vtp en los 3 SW
____________________________________________
show vtp status
____________________________________________
paso 3.Config modo funcionamiento, nombre dominio, contraseña VTP
____________________________________________
EN S1
config t
vtp mode server
vtp domain BANCAFINANCIERA1
vtp password finanzas2015
end
EN S2
config t
vtp mode client
vtp domain University
vtp password educa2015
end
EN S3
config t
vtp mode transparent
vtp domain access
vtp password lab4
end
____________________________________________
paso 4.Config enlaces troncales y vlan nativa
____________________________________________
EN S1-S2-S3
config t
int range fa0/1-5
switchport mode trunk
switchport trunk native vlan 99
no sh
end
______________________________________________
paso 5.Config seguridad del puerto del sw S2 y S3
______________________________________________
config t
int fa0/13
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
no sh
int fa0/14
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
no sh
end
_______________________________________________
paso 6.Config VLAN en el servidor vtp - S1
_______________________________________________
config t
vlan 99
name ADMIN
exit
vlan 25
name GUEST
exit
vlan 30
name ADMINISTRADORES
exit
vlan 35
name SCIENTISIS
exit
end
________________________________________________
paso 7.Comprobar que vlan en S1 se distribuieran a S2 y S3
________________________________________________
show vlan brief
__________________________________________________
paso 8.config direccion de la int de administracion en los 3 SW
__________________________________________________
EN S1
config t
int vlan99
ip add 10.10.99.31 255.255.252.0
no sh
end
EN S2
config t
int vlan 99
ip add 10.10.99.32 255.255.252.0
no sh
end
EN S3
config t
int vlan 99
ip add 10.10.99.33 255.255.255.0
no sh
end
___________________________________________________
paso 9.Asignar puertos de SW S2 y S3 a las VLAN
___________________________________________________
config t
int fa0/6
switchport access vlan 30
switchport mode access
no sh
int fa0/7
switchport access vlan 31
switchport mode access
no sh
int fa0/8
switchport access vlan 32
switchport mode access
no sh
end
copy running-config startup-config
show vtp status
show vtp password
_________________________________________
configurar el BID en 2 SW METODO 1
_________________________________________
config t
spanninig-tree vlan 1 root primary
end
_________________________________________
configurar el BID en SW METODO 2
_________________________________________
config t
spanning-tree vlan 1 priority 4096
end
_________________________________________
configurar prioridad en el puerto
_________________________________________
config t
int fa0/1
spanning-tree vlan 30 priority 4096
end
_________________________________________
verificacion funciones y prioridad de puertos
_________________________________________
show spanninig-tree
_________________________________________
diametro de la red(temporizador de BPDU)
_________________________________________
config t
spanning-tree vlan 20 root primary diameter 5
end
_________________________________________
habilitar portfast
_________________________________________
config t
int fa0/11
spanninig-tree portfast
end
_________________________________________
desahabilitar portfast
_________________________________________
config t
int fa0/11
no spanninig-tree portfast
end
_________________________________________
verificar portfast
_________________________________________
show running-config
_________________________________________
config PVST+
_________________________________________
config t
spanning-tree vlan 21 priority 24576
end
_________________________________________
verificar PVST+
_________________________________________
spanninig-tree active
_________________________________________
config Rapid-PVST+
_________________________________________
config t
spanninig-tree mode rapid-pvst
int fa0/2
spanninig-tree link-type point-to-point
end
clear spanning-tree detected-protocols
_________________________________________
verificar Rapid-PVST+
_________________________________________
show spanning-tree vlan 10
CONFIGURAR LA INT
config t
int f0/0
ip add 172.17.10.1 255.255.255.0
no sh
end
____________________________
TABLA DE ENRUTAMIENTO
show ip route
____________________________
CONFIGURAR SUBINT tradicional
-configuracion del sw
config t
vlan 10
vlan 30
exit
int f0/9
switchport mode access
switchport access vlan 10
int f0/4
switchport access vlan 10
int f0/6
switchport mode access
switchport access vlan 30
int f0/5
switchport access vlan 30
end
-configuracion del router
config t
int f0/0
ip add 172.17.10.1 255.255.255.0
no sh
int f0/1
ip add 172.17.30.1 255.255.255.0
no sh
end
____________________________
VERIFICAR ENRUTAMIENTO DE ROUTER
show run
____________________________
CONFIGURAR SUBINT router-on-a-stick
-configuracion del sw
config t
vlan 10
vlan 30
exit
int fa0/5
switchport mode trunk
end
-configuracion del router
config t
int f0/0.30
encapsulation dot1Q 30
ip add 10.10.240.254 255.255.254.0
int f0/0.31
encapsulation dot1Q 31
ip add 10.10.242.254 255.255.254.0
int f0/0.32
encapsulation dot1Q 32
ip add 10.10.244.254 255.255.254.0
int f0/0.99
encapsulation dot1Q 99 native
ip add 10.10.248.1 255.255.254.0
int f0/0
no sh
end
No hay comentarios:
Publicar un comentario