Topología
Cada uno de los elementos utilizados en la topología han sido configurados de la siguiente manera:
FIREWALL
configure terminal
interface gi0/0
nameif inside
security-level 100
ip address 172.16.27.129 255.255.255.252
no shutdown
exit
interface gi0/1
nameif DMZ
security-level 50
ip address 192.168.77.1 255.255.255.252
no shutdown
exit
interface gi0/2
nameif outside
security-level 0
ip address dhcp
no shutdown
exit
router ospf 1
network 192.168.77.0 255.255.255.252 area 0
network 172.16.27.128 255.255.255.252 area 1
exit
access-list ICMP_DM permit icmp any any
access-group ICMP_DM in interface DMZ
end
copy running-config startup-config
R-DMZ
configure terminal
interface f0/0
ip address dhcp
no shutdown
exit
interface f0/1
ip address 192.168.77.2 255.255.255.252
no shutdown
exit
access-list 100 permit ip any any
ip nat inside source list 100 interface f0/0 overload
interface f0/1
ip nat inside
exit
interface f0/0
ip nat outside
exit
ip route 0.0.0.0 0.0.0.0 192.168.122.1
router ospf 1
network 192.168.77.0 0.0.0.3 area 0
default-information originate
end
copy running-config startup-config
R-INTERNA
configure terminal
interface f0/0
ip address 172.16.27.130 255.255.255.252
no shutdown
exit
interface f0/1
ip address 172.16.27.133 255.255.255.252
no shutdown
exit
interface f1/0
ip address 172.16.27.137 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.128 0.0.0.3 area 1
network 172.16.27.132 0.0.0.3 area 1
network 172.16.27.136 0.0.0.3 area 1
end
copy running-config startup-config
INTERNET-ISP
configure terminal
interface f0/0
ip address 172.16.27.138 255.255.255.252
no shutdown
exit
interface f0/1
ip address 172.16.27.141 255.255.255.252
no shutdown
exit
interface f1/0
ip address 172.16.27.145 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.136 0.0.0.3 area 1
network 172.16.27.140 0.0.0.3 area 1
network 172.16.27.144 0.0.0.3 area 1
end
copy running-config startup-config
SS-R1
configure terminal
ip dhcp pool ventas
network 172.16.0.0 /21
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.0.1
exit
ip dhcp excluded-address 172.16.0.1 172.16.0.25
ip dhcp pool finanzas
network 172.16.8.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.8.1
exit
ip dhcp excluded-address 172.16.8.1 172.16.8.25
ip dhcp pool produccion
network 172.16.12.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.12.1
exit
ip dhcp excluded-address 172.16.12.1 172.16.12.25
end
configure terminal
interface f0/0
ip address 172.16.27.134 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.110
encapsulation dot1q 110
ip address 172.16.0.1 255.255.248.0
no shutdown
exit
interface f0/1.120
encapsulation dot1q 120
ip address 172.16.8.1 255.255.252.0
no shutdown
exit
interface f0/1.130
encapsulation dot1q 130
ip address 172.16.12.1 255.255.252.0
no shutdown
exit
interface f0/1.140
encapsulation dot1q 140
ip address 172.16.27.149 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.132 0.0.0.3 area 1
network 172.16.27.148 0.0.0.3 area 1
network 172.16.0.0 0.0.7.255 area 1
network 172.16.8.0 0.0.3.255 area 1
network 172.16.12.0 0.0.3.255 area 1
end
copy running-config startup-config
SM-R1
configure terminal
ip dhcp pool ventas
network 172.16.16.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.16.1
exit
ip dhcp excluded-address 172.16.16.1 172.16.16.25
ip dhcp pool finanzas
network 172.16.20.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.20.1
exit
ip dhcp excluded-address 172.16.20.1 172.16.20.25
ip dhcp pool produccion
network 172.16.22.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.22.1
exit
ip dhcp excluded-address 172.16.22.1 172.16.22.25
end
configure terminal
interface f0/0
ip address 172.16.27.142 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.210
encapsulation dot1q 210
ip address 172.16.16.1 255.255.252.0
no shutdown
exit
interface f0/1.220
encapsulation dot1q 220
ip address 172.16.20.1 255.255.254.0
no shutdown
exit
interface f0/1.230
encapsulation dot1q 230
ip address 172.16.22.1 255.255.254.0
no shutdown
exit
interface f0/1.240
encapsulation dot1q 240
ip address 172.16.27.153 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.140 0.0.0.3 area 1
network 172.16.27.152 0.0.0.3 area 1
network 172.16.16.0 0.0.3.255 area 1
network 172.16.20.0 0.0.1.255 area 1
network 172.16.22.0 0.0.1.255 area 1
end
copy running-config startup-config
SA-R1
configure terminal
ip dhcp pool ventas
network 172.16.24.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.24.1
exit
ip dhcp excluded-address 172.16.24.1 172.16.24.25
ip dhcp pool finanzas
network 172.16.26.0 /24
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.26.1
exit
ip dhcp excluded-address 172.16.26.1 172.16.26.25
ip dhcp pool produccion
network 172.16.27.0 /25
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.27.1
exit
ip dhcp excluded-address 172.16.27.1 172.16.27.25
end
configure terminal
interface f0/0
ip address 172.16.27.146 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.310
encapsulation dot1q 310
ip address 172.16.24.1 255.255.254.0
no shutdown
exit
interface f0/1.320
encapsulation dot1q 320
ip address 172.16.26.1 255.255.255.0
no shutdown
exit
interface f0/1.330
encapsulation dot1q 330
ip address 172.16.27.1 255.255.255.128
no shutdown
exit
interface f0/1.340
encapsulation dot1q 340
ip address 172.16.27.157 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.144 0.0.0.3 area 1
network 172.16.27.156 0.0.0.3 area 1
network 172.16.24.0 0.0.1.255 area 1
network 172.16.26.0 0.0.0.255 area 1
network 172.16.27.0 0.0.0.127 area 1
end
copy running-config startup-config
SS-SW1
vlan database
vlan 110 name ventas
vlan 120 name finanzas
vlan 130 name produccion
vlan 140 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 110,120,130,140
exit
interface f1/1
switchport mode access
switchport access vlan 120
exit
interface f1/2
switchport mode access
switchport access vlan 110
exit
interface f1/3
switchport mode access
switchport access vlan 130
exit
interface vlan 140
ip address 172.16.27.150 255.255.255.252
no shutdown
end
copy running-config startup-config
SM-SW1
vlan database
vlan 210 name ventas
vlan 220 name finanzas
vlan 230 name produccion
vlan 240 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 210,220,230,240
exit
interface f1/1
switchport mode access
switchport access vlan 220
exit
interface f1/2
switchport mode access
switchport access vlan 210
exit
interface f1/3
switchport mode access
switchport access vlan 230
exit
interface vlan 240
ip address 172.16.27.154 255.255.255.252
no shutdown
end
copy running-config startup-config
SA-SW1
vlan database
vlan 310 name ventas
vlan 320 name finanzas
vlan 330 name produccion
vlan 340 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 310,320,330,340
exit
interface f1/1
switchport mode access
switchport access vlan 320
exit
interface f1/2
switchport mode access
switchport access vlan 310
exit
interface f1/3
switchport mode access
switchport access vlan 330
exit
interface vlan 340
ip address 172.16.27.158 255.255.255.252
no shutdown
end
copy running-config startup-config
VPCS-EXTERNA
ip dhcp
save
configure terminal
interface f0/0
ip address 172.16.27.130 255.255.255.252
no shutdown
exit
interface f0/1
ip address 172.16.27.133 255.255.255.252
no shutdown
exit
interface f1/0
ip address 172.16.27.137 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.128 0.0.0.3 area 1
network 172.16.27.132 0.0.0.3 area 1
network 172.16.27.136 0.0.0.3 area 1
end
copy running-config startup-config
INTERNET-ISP
configure terminal
interface f0/0
ip address 172.16.27.138 255.255.255.252
no shutdown
exit
interface f0/1
ip address 172.16.27.141 255.255.255.252
no shutdown
exit
interface f1/0
ip address 172.16.27.145 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.136 0.0.0.3 area 1
network 172.16.27.140 0.0.0.3 area 1
network 172.16.27.144 0.0.0.3 area 1
end
copy running-config startup-config
SS-R1
configure terminal
ip dhcp pool ventas
network 172.16.0.0 /21
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.0.1
exit
ip dhcp excluded-address 172.16.0.1 172.16.0.25
ip dhcp pool finanzas
network 172.16.8.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.8.1
exit
ip dhcp excluded-address 172.16.8.1 172.16.8.25
ip dhcp pool produccion
network 172.16.12.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.12.1
exit
ip dhcp excluded-address 172.16.12.1 172.16.12.25
end
configure terminal
interface f0/0
ip address 172.16.27.134 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.110
encapsulation dot1q 110
ip address 172.16.0.1 255.255.248.0
no shutdown
exit
interface f0/1.120
encapsulation dot1q 120
ip address 172.16.8.1 255.255.252.0
no shutdown
exit
interface f0/1.130
encapsulation dot1q 130
ip address 172.16.12.1 255.255.252.0
no shutdown
exit
interface f0/1.140
encapsulation dot1q 140
ip address 172.16.27.149 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.132 0.0.0.3 area 1
network 172.16.27.148 0.0.0.3 area 1
network 172.16.0.0 0.0.7.255 area 1
network 172.16.8.0 0.0.3.255 area 1
network 172.16.12.0 0.0.3.255 area 1
end
copy running-config startup-config
SM-R1
configure terminal
ip dhcp pool ventas
network 172.16.16.0 /22
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.16.1
exit
ip dhcp excluded-address 172.16.16.1 172.16.16.25
ip dhcp pool finanzas
network 172.16.20.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.20.1
exit
ip dhcp excluded-address 172.16.20.1 172.16.20.25
ip dhcp pool produccion
network 172.16.22.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.22.1
exit
ip dhcp excluded-address 172.16.22.1 172.16.22.25
end
configure terminal
interface f0/0
ip address 172.16.27.142 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.210
encapsulation dot1q 210
ip address 172.16.16.1 255.255.252.0
no shutdown
exit
interface f0/1.220
encapsulation dot1q 220
ip address 172.16.20.1 255.255.254.0
no shutdown
exit
interface f0/1.230
encapsulation dot1q 230
ip address 172.16.22.1 255.255.254.0
no shutdown
exit
interface f0/1.240
encapsulation dot1q 240
ip address 172.16.27.153 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.140 0.0.0.3 area 1
network 172.16.27.152 0.0.0.3 area 1
network 172.16.16.0 0.0.3.255 area 1
network 172.16.20.0 0.0.1.255 area 1
network 172.16.22.0 0.0.1.255 area 1
end
copy running-config startup-config
SA-R1
configure terminal
ip dhcp pool ventas
network 172.16.24.0 /23
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.24.1
exit
ip dhcp excluded-address 172.16.24.1 172.16.24.25
ip dhcp pool finanzas
network 172.16.26.0 /24
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.26.1
exit
ip dhcp excluded-address 172.16.26.1 172.16.26.25
ip dhcp pool produccion
network 172.16.27.0 /25
lease 1
dns-server 10.116.0.2 8.8.8.8 8.8.4.4
default-router 172.16.27.1
exit
ip dhcp excluded-address 172.16.27.1 172.16.27.25
end
configure terminal
interface f0/0
ip address 172.16.27.146 255.255.255.252
no shutdown
exit
interface f0/1
no ip address
no shutdown
exit
interface f0/1.310
encapsulation dot1q 310
ip address 172.16.24.1 255.255.254.0
no shutdown
exit
interface f0/1.320
encapsulation dot1q 320
ip address 172.16.26.1 255.255.255.0
no shutdown
exit
interface f0/1.330
encapsulation dot1q 330
ip address 172.16.27.1 255.255.255.128
no shutdown
exit
interface f0/1.340
encapsulation dot1q 340
ip address 172.16.27.157 255.255.255.252
no shutdown
exit
router ospf 1
network 172.16.27.144 0.0.0.3 area 1
network 172.16.27.156 0.0.0.3 area 1
network 172.16.24.0 0.0.1.255 area 1
network 172.16.26.0 0.0.0.255 area 1
network 172.16.27.0 0.0.0.127 area 1
end
copy running-config startup-config
SS-SW1
vlan database
vlan 110 name ventas
vlan 120 name finanzas
vlan 130 name produccion
vlan 140 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 110,120,130,140
exit
interface f1/1
switchport mode access
switchport access vlan 120
exit
interface f1/2
switchport mode access
switchport access vlan 110
exit
interface f1/3
switchport mode access
switchport access vlan 130
exit
interface vlan 140
ip address 172.16.27.150 255.255.255.252
no shutdown
end
copy running-config startup-config
SM-SW1
vlan database
vlan 210 name ventas
vlan 220 name finanzas
vlan 230 name produccion
vlan 240 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 210,220,230,240
exit
interface f1/1
switchport mode access
switchport access vlan 220
exit
interface f1/2
switchport mode access
switchport access vlan 210
exit
interface f1/3
switchport mode access
switchport access vlan 230
exit
interface vlan 240
ip address 172.16.27.154 255.255.255.252
no shutdown
end
copy running-config startup-config
SA-SW1
vlan database
vlan 310 name ventas
vlan 320 name finanzas
vlan 330 name produccion
vlan 340 name conexion
exit
configure terminal
interface range f1/0 - 15
switchport
exit
interface f1/0
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan add 310,320,330,340
exit
interface f1/1
switchport mode access
switchport access vlan 320
exit
interface f1/2
switchport mode access
switchport access vlan 310
exit
interface f1/3
switchport mode access
switchport access vlan 330
exit
interface vlan 340
ip address 172.16.27.158 255.255.255.252
no shutdown
end
copy running-config startup-config
VPCS-EXTERNA
ip dhcp
save
Comentarios
Publicar un comentario