Шпора по курсу Cisco, CCNA 4 CN: PPP, frame-relay, NAT, PPPoE, NTP, SNMP, SysLog

/ Просмотров: 1765
Шпора по курсу Cisco, CCNA 4 CN: PPP, frame-relay, NAT, PPPoE, NTP, SNMP, SysLog

PPP

R1(config)# username R2 password/secret cisco
R2(config)# username R1 password/secret cisco
R1(config)# interface serial 0/0/0
R1(config-if)# encapsulation ppp
R1(config-if)# ppp authentication chap
R1(config-if)# ppp authentication pap
R1(config-if)# ppp pap sent-username R1 password cisco
R1(config-if)# compress [ predictor | stac ]
R1(config-if)# ppp quality 80 
show interface serial

frame-relay

R1(config-if)# encapsulation frame-relay [ietf]
R1(config-if)# no frame-relay inverse-arp
R1(config-if)# frame-relay map ip 10.10.1.1 102 broadcast
R2(config-if)# frame-relay map ip 10.10.1.2 201 broadcast
R1(config-if)# frame-relay lmi-type [ansi/cisco]
R1(config-if)# frame-relay intf-type dce
R1(config-if)# frame-relay route 301 interface s0/0/0 103
R1(config)# interface s0/0/0.2 point-to-point
R1(config-subif)# ip address 10.1.1.1 255.255.255.252
R1(config-subif)# frame-relay interface-dlci 102
show frame-relay map
show frame-relay pvc
show frame-relay lmi
show frame-relay route

FRAME-RELAY P2P

RX(config-if)# encapsulation frame-relay
RX(config-if)# no keepalive
RX(config-if)# interface Serial0/0/0.1 point-to-point
RX(config-subif)# ip address 192.168.1.X 255.255.255.0
RX(config-subif)# frame-relay interface-dlci 101

NAT

R1(config)# ip nat pool NAT-POOL1 201.201.201.226 201.201.201.240 netmask 255.255.255.224
R1(config)# access-list 1 permit 192.168.1.0 0.0.0.255
R1(config)# ip nat inside source list 1 pool NAT-POOL1 [overload]
R1(config)# ip nat inside source list 1 interface xxx.xxx.xxx.xxx [overload]
R1(config)# interface fa 0/1 | ip nat inside
R1(config)# interface fa 0/2 | ip nat outside
R1(config)# ip nat inside source static local-ip global-ip
clear ip nat translation *
show ip nat translations
show ip nat statistics

PPPoE

ISP(config)# username Cust1 password ciscopppoe
ISP(config)# ip local pool PPPoEPOOL 10.0.0.1 10.0.0.10
SP(config)# interface virtual-template 1
ISP(config-if)# ip address 10.0.0.254 255.255.255.0
ISP(config-if)# mtu 1492
ISP(config-if)# peer default ip address pool PPPoEPOOL
ISP(config-if)# ppp authentication chap callin
ISP(config)# bba-group pppoe global
ISP(config-bba-group)# virtual-template 1
ISP(config)# interface g0/1
ISP(config-if)# pppoe enable group global
Cust1(config)# interface dialer 1
Cust1(config-if)#mtu 1492
Cust1(config-if)# ip address negotiated
Cust1(config-if)# encapsulation ppp
Cust1(config-if)# dialer pool 1
Cust1(config-if)# ppp authentication chap callin
Cust1(config-if)# ppp chap hostname Cust1
Cust1(config-if)# ppp chap password ciscopppoe
show pppoe session

VPN

R1(config)# license boot module c2900 technology-package securityk9
R1(config)# access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
R1(config)# crypto isakmp policy 10
R1(config-isakmp)# encryption aes
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# group 2
R1(config)# crypto isakmp key cisco address 10.2.2.2
R1(config)# crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
R1(config)# crypto map VPN-MAP 10 ipsec-isakmp
R1(config-crypto-map)# description VPN connection to R3
R1(config-crypto-map)# set peer 10.2.2.2
R1(config-crypto-map)# set transform-set VPN-SET
R1(config-crypto-map)# match address 110
R1(config)# interface S0/0/0
R1(config-if)# crypto map VPN-MAP
R3(config)# access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255
R3(config)# crypto isakmp policy 10
R3(config-isakmp)# encryption aes
R3(config-isakmp)# authentication pre-share
R3(config-isakmp)# group 2
R3(config)# crypto isakmp key cisco address 10.1.1.2
R3(config)# crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
R3(config)# crypto map VPN-MAP 10 ipsec-isakmp
R3(config-crypto-map)# description VPN connection to R1
R3(config-crypto-map)# set peer 10.1.1.2
R3(config-crypto-map)# set transform-set VPN-SET
R3(config-crypto-map)# match address 110
show crypto ipsec sa

GRE

WEST(config)# interface tunnel 0
WEST(config-if)# ip address 172.16.12.1 255.255.255.252
WEST(config-if)# tunnel source s0/0/0
WEST(config-if)# tunnel destination 10.2.2.1
EAST(config)# interface tunnel 0
EAST(config-if)# ip address 172.16.12.2 255.255.255.252
EAST(config-if)# tunnel source 10.2.2.1
EAST(config-if)#tunnel destination 10.1.1.1

NTP

R2(config)# ntp server 10.1.1.1 [key 15]
R2(config)# ntp update-calendar

SNMP

R2(config)# snmp-server community CoscoPTSA RO

SysLog

R2(config)#logging trap debugging
R2(config)#logging 10.10.1.2
R3(config)#service timestamps log datetime msec

Топология