要求:
1. PC1 属于VLAN10,PC2属于VLAN20,网关:Master Router
2. VLAN10、20 的网段为:192.168.10.0/24 、 192.168.20.0/24 ,使用DHCP服务器动态获取地址
3. DHCP 服务器为 VLAN200,IP:192.168.200.1/24 ,网关:Master Router
4. 总部的交换机管理VLAN 255,IP段:192.168.255.0/24,只允许总部内网的VLAN10\20可以telnet到交换机
5. PC3 IP:192.168.30.1/24 ,通过总部出口访问外网和总部资源,网关:Branch Router
6. VLAN10\20 都能访问Internet 和PC3
7. 分部 PC3能访问总部
8. Internet 能访问总部WEB server的 http资源,通过8080端口访问
9. 总部与Internet 的链路使用PPP封装,使用PAP认证,用户名: test, 密码:test.123
配置:
switch 0:
# 配置管理IP和默认网关
Switch(config)#vlan 10
Switch(config-vlan)#vlan 200
Switch(config-vlan)#vlan 255
Switch(config-vlan)#exit
Switch(config)#inter vlan 255
Switch(config-if)#ip add 192.168.255.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Router(config)#ip default-gateway 192.168.255.254
# 配接口
Switch(config)#inter f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config)#exit
Switch(config)#inter f0/2
Switch(config-if)#switchport mode trunk
Switch(config)#exit
Switch(config)#inter f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 200
Switch(config)#exit
#设置远程密码
Switch(config)#line vty 0 4
Switch(config-line)#pass
Switch(config-line)#password 1234
Switch(config-line)#login
Switch(config-line)#exit
Switch 1:
# 配置管理IP和默认网关
Switch(config)#vlan 10
Switch(config)#vlan 20
Switch(config-vlan)#vlan 200
Switch(config-vlan)#vlan 255
Switch(config-vlan)#exit
Switch(config)#inter vlan 255
Switch(config-if)#ip add 192.168.255.2 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Router(config)#ip default-gateway 192.168.255.254
# 配接口
Switch(config)#inter f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config)#exit
Switch(config)#inter f0/2
Switch(config-if)#switchport mode trunk
Switch(config)#exit
Switch(config)#inter f0/3
Switch(config-if)#switchport mode trunk
Switch(config)#exit
#设置远程密码
Switch(config)#line vty 0 4
Switch(config-line)#pass
Switch(config-line)#password 1234
Switch(config-line)#login
Switch(config-line)#exit
DHCP Server:
Router(config)#no ip routing
Router(config)#inter f0/1
Router(config-if)#ip ad 192.168.200.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#ip default-gateway 192.168.200.254
#配置DHCP
Router(config)#ip dhcp pool vlan10
Router(dhcp-config)#network 192.168.10.0 255.255.255.0
Router(dhcp-config)#default-router192.168.10.254
Router(dhcp-config)#exit
Router(config)#ip dhcp pool vlan20
Router(dhcp-config)#network 192.168.20.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.20.254
Router(dhcp-config)#exit
Router(config)#ip dhcp excluded-address 192.168.20.254
Router(config)#ip dhcp excluded-address 192.168.10.254
Router(config)#exit
Internet:
Router>en
Router#conf t
Router(config)#inter ser
Router(config)#inter serial 1/0
Router(config-if)#ip address 202.101.100.1 255.255.255.224
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication pa
Router(config-if)#ppp authentication pap
Router(config-if)#exit
Router(config)#username test pass
Router(config)#username test password test.123
Master Router:
# 配置单臂路由
Router(config)#inter f 0/0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#inter f 0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 192.168.10.254 255.255.255.0
Router(config-subif)#exit
Router(config)#inter f 0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 192.168.200.254 255.255.255.0
Router(config-subif)#exit
Router(config)#inter f 0/0.200
Router(config-subif)#encapsulation dot1Q 200
Router(config-subif)#ip address 192.168.200.254 255.255.255.0
Router(config-subif)#exit
Router(config)#inter f 0/0.255
Router(config-subif)#encapsulation dot1Q 255
Router(config-subif)#ip address 192.168.255.254 255.255.255.0
# 配置DHCP转发,让来自VLAN10和20 的都丢向192.168.200.1
Router(config)#inter f0/0.10
Router(config-subif)#ip helper-address 192.168.200.1
Router(config-subif)#inter f0/0.20
Router(config-subif)#ip helper-address 192.168.200.1
Router(config-subif)#exit
#配置ppp认证协议
Router(config)#interface serial 1/1
Router(config-if)#encapsulation ppp
Router(config-if)#ip address 202.101.100.2 255.255.255.224
Router(config-if)#no shutdown
Router(config-if)#ppp pap sent-username test password test.123
Router(config)#exit
#配置默认路由和到VLAN30的静态路由
Router(config)#ip route 0.0.0.0 0.0.0.0 202.101.100.1
Router(config)# ip route 192.168.30.0 255.255.255.0 192.168.250.2
#配置NAT
Router(config)#access-list 1 permit 192.168.10.0 0.0.0.255
Router(config)#access-list 1 permit 192.168.20.0 0.0.0.255
Router(config)#access-list 1 permit 192.168.30.0 0.0.0.255
Router(config)#access-list 1 permit 192.168.200.0 0.0.0.255
Router(config)#ip nat inside source list 1 interface s1/1 over
Router(config)#inter f0/0.10
Router(config-subif)#ip nat inside
Router(config-subif)#inter f0/0.20
Router(config-subif)#ip nat inside
Router(config-subif)#inter f0/0.200
Router(config-subif)#ip nat inside
Router(config-subif)#exit
Router(config)#interface s1/0
Router(config-if)#ip nat inside
Router(config)#exit
Router(config)#ip nat inside source static tcp 192.168.200.2 80 202.101.100.3 8080
Router(config)#exit
配置帧中继:
Router(config)#inter s1/0
Router(config-if)#encapsulation frame-relay
Router(config-if)#no frame-relay inverse-arp
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.250.1 255.255.255.252
Router(config-if)#frame-relay map ip 192.168.250.2 117 broadcast
Router(config-if)#exit
Branch Router路由器:
Router#conf terminal
Router(config)#inter serial 1/1
Router(config-if)#encapsulation frame-relay
Router(config-if)#no frame-relay inverse-arp
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.250.2 255.255.255.252
Router(config-if)#frame-relay map ip 192.168.250.1 133 broadcast
Router(config-if)#exit
Router(config)#inter f 0/1
Router(config-if)#ip address 192.168.30.254 255.255.255.0
Router(config-if)#no shutdown
Router(config)# ip route 0.0.0.0 0.0.0.0 192.168.252.1
帧中继交换机:
Router(config)#frame-relay switching
Router(config)#interface serial s0
Router(config-if)#no shutdown
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay intf-type dce
Router(config-if)#clock rate 64000
Router(config-if)#frame-relay route 117 interface s1 133
Router(config-if)#exit
Router(config)#interface serial s0
Router(config-if)#no shutdown
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay intf-type dce
Router(config-if)#clock rate 64000
Router(config-if)# frame-relay route 133 interface s0 117
如果使用帧中继交换机设备模拟,直接在上面可以设置:
