prev
next
out of 2

prakt.txt

Embed Size (px)

Citation preview

  • 7/28/2019 prakt.txt

    1/2

    Step 1HQ(config)#username B1 password cisco123HQ(config)#interface s0/0/0HQ(config-if)#encapsulation pppHQ(config-if)#ppp authentication chapB1(config)#username HQ password cisco123B1(config)#interface s0/0/0B1(config-if)#encapsulation pppB1(config-if)#ppp authentication chap

    Step 2.HQ(config)#username B2 password cisco123HQ(config)#interface s0/0/1HQ(config-if)#encapsulation pppHQ(config-if)#ppp authentication chapB2(config)#username HQ password cisco123B2(config)#interface s0/0/0B2(config-if)#encapsulation ppp

    Step 3.

    HQ(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0HQ(config)#router ospf 1HQ(config-router)#network 10.1.1.0 0.0.0.3 area 0HQ(config-router)#network 10.1.1.4 0.0.0.3 area 0HQ(config-router)#network 10.1.40.0 0.0.0.255 area 0HQ(config-router)#network 10.1.50.0 0.0.0.255 area 0HQ(config-router)#default-information originateHQ(config-router)#passive-interface fa0/0HQ(config-router)#passive-interface fa0/1HQ(config-router)#passive-interface s0/1/0

    B1(config)#router ospf 1

    B1(config-router)#network 10.1.1.0 0.0.0.3 area 0B1(config-router)#network 10.1.10.0 0.0.0.255 area 0B1(config-router)#network 10.1.20.0 0.0.0.255 area 0B1(config-router)#passive-interface fa0/0B1(config-router)#passive-interface fa0/1B1(config)#router ospf 1B1(config-router)#network 10.1.1.4 0.0.0.3 area 0B1(config-router)#network 10.1.70.0 0.0.0.255 area 0B1(config-router)#network 10.1.80.0 0.0.0.255 area 0B1(config-router)#passive-interface fa0/0B1(config-router)#passive-interface fa0/1

    HQ(config)#access-list 10 deny 10.1.10.0 0.0.0.255HQ(config)#access-list 10 permit anyHQ(config)#int fa0/1HQ(config-if)#ip access-group 10 out

    B1(config)#access-list 115 deny ip host 10.1.10.5 host 10.1.50.7B1(config)#access-list 115 permit ip any anyB1(config)#int fa0/0B1(config-if)#ip access-group 115 in

  • 7/28/2019 prakt.txt

    2/2

    Step 5. Verify that security policy number 2 is implemented.

    HQ(config)#access-list 101 deny tcp 10.1.50.0 0.0.0.63 host 10.1.80.16 eq wwwHQ(config)#access-list 101 permit ip any anyHQ(config)#interface fa0/0HQ(config-if)#ip access-group 101 inStep 8. Verify that security policy number 3 is implemented.To test this policy, click PC3, then the Desktop tab, and then Web Browser. Forthe URL, type in the IP address for the Intranet server, 10.1.80.16, and press Enter. After a few seconds, you should receive a Request Timeout message. PC2 andany other PC in the network should be able to access the Intranet server.Step 9. Check results.Your completion percentage should be 90%. If not, click Check Results to see which required components are not yet completed.Step 10. Implement security policy number 4.Use the name NO_FTP to configure a named ACL that blocks the 10.1.70.0/24 network from accessing FTP services (port 21) on the file server at 10.1.10.2. All other access should be allowed.

    B2(config)#ip access-list extended NO_FTPB2(config-ext-nacl)#deny tcp 10.1.70.0 0.0.0.255 host 10.1.10.2 eq ftpB2(config-ext-nacl)#permit ip any anyB2(config-ext-nacl)#interface fa0/1B2(config-if)#ip access-group NO_FTP in

    Step 11. Check results.Packet Tracer does not support testing FTP access, so you will not be able to verify this policy. However, your completion percentage should be 95%. If not, click Check Results to see which required components are not yet completed.Step 12. Implement security policy number 5.Since ISP represents connectivity to the Internet, configure a named ACL calledFIREWALL in the following order:1. Allow only inbound ping replies from ISP and any source beyond ISP.2. Allow only established TCP sessions from ISP and any source beyond ISP.3. Explicitly block all other inbound access from ISP and any source beyondISP.

    HQ(confi)#ip access-list extended FIREWALL

    HQ(config-ext-nacl)#permit icmp any any echo-replyHQ(config-ext-nacl)#permit tcp any any establishedHQ(config-ext-nacl)#deny ip any anyHQ(config-ext-nacl)#interface s0/1/0HQ(config-if)#ip access-group FIREWALL inStep 13. Verify that security policy number 5 is implemented.To test this policy, any PC should be able to ping ISP or Web Server. However, neither ISP nor Web Server should beable to ping HQ or any other device behind the ACL. FIREWALLStep 14. Check results.Your completion percentage should be 100%. If not, click Check Results to see which required components are not yet completed.


Improve the Color Quality Of Your Monitor

Improve the Color Quality Of Your Monitor

Documents
How Computer Monitors Work

How Computer Monitors Work

Documents
I Am a Holocaust Denier and I Am Unafraid

I Am a Holocaust Denier and I Am Unafraid

Documents
Simple Functions in Haskell

Simple Functions in Haskell

Documents
Disclaimer

Disclaimer

Documents
Keyboard Shortcuts for the Opera Browser for Mac OS X

Keyboard Shortcuts for the Opera Browser for Mac OS X

Documents
Venture Capital

Venture Capital

Documents
Explore The Levels of Creation

Explore The Levels of Creation

Documents
The Last Carnival I Ever Saw

The Last Carnival I Ever Saw

Documents
Plato - Symposium

Plato - Symposium

Documents
Chapter 23

Chapter 23

Documents
Who Killed God

Who Killed God

Documents
Acetone Peroxide

Acetone Peroxide

Documents
Aesops Fables

Aesops Fables

Documents
Star Wars Original Trilogy Trivia (Episodes IV-VI)

Star Wars Original Trilogy Trivia (Episodes IV-VI)

Documents
Tragic Heroes

Tragic Heroes

Documents
Introduction to Six Sigma

Introduction to Six Sigma

Documents
Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Bodybuilding - The Rock Hard Challenge (Month 1 Training)

Documents
Chapter-01

Chapter-01

Documents
How Computer Keyboards Work

How Computer Keyboards Work

Documents
Oedipus The King: The Ideal Tragic Play

Oedipus The King: The Ideal Tragic Play

Documents
Bhagavad Gita

Bhagavad Gita

Documents
Effective Parenting: Establishing Boundaries

Effective Parenting: Establishing Boundaries

Documents
The Best American Humorous Short Stories

The Best American Humorous Short Stories

Documents
Barclays1

Barclays1

Documents
Star Wars Trivia!

Star Wars Trivia!

Documents
18 Tricks to Teach Your Body

18 Tricks to Teach Your Body

Documents
Daniel Zanella and Alexander Weygers

Daniel Zanella and Alexander Weygers

Documents
United States Constitution

United States Constitution

Documents
European Colinization of Latin America

European Colinization of Latin America

Documents