Tarea 8 Cisco
Tarea 8 Cisco
Tarea 8 Cisco
Computacionales
CISCO II
ESTUDIO DE CASO
Enrutamiento
Descripcin general y objetivos
En este estudio de caso los estudiantes realizarn un proyecto de diseo, de puesta en
marcha y de diagnstico de fallas de una red, y harn uso de las capacidades adquiridas en
el curso. Debern usar las capacidades que ya han desarrollado para utilizar, preparar y
conectar el cableado apropiado a los dispositivos correspondientes.
Es muy importante leer y comprender las distintas situaciones que se plantean, y asegurarse
de haber cumplido todos los requisitos. Cada situacin lo guiar a travs de los pasos
correctos, los cuales aseguran que el proyecto se lleve a cabo adecuadamente.
Este estudio de caso requiere que se realicen las siguientes actividades:
Establecer la configuracin fsica de la red, de acuerdo con el diagrama y la
descripcin correspondiente.
Efectuar correctamente una configuracin bsica de los routers.
Instalar y activar un servidor TFTP en una estacin de trabajo.
Crear y activar listas de control de acceso en los routers e interfaces apropiadas.
Una empresa tiene un grupo de personas a cargo del mantenimiento de las diversas
secciones de la infraestructura de redes. Varios tcnicos han hecho un excelente trabajo
dentro de las pequeas secciones de la red de la cuales son responsables.
Uno de los responsables de una seccin ms amplia de la infraestructura renuncia
repentinamente a la empresa. Esto deja a mitad de camino el rediseo y la puesta en marcha
de dicha seccin de la red. Se le asigna a un tcnico la tarea de finalizar el diseo y la puesta
en marcha que quedaron inconclusas.
Despus de estudiar la documentacin en casa durante el fin de semana, el tcnico descubre
por qu el otro renunci repentinamente a su trabajo. Los escasos documentos que existan
estaban muy mal escritos. Por lo tanto, durante el fin de semana, el tcnico reconstruye el
diagrama mostrado arriba a partir de un croquis que encontr. Este diagrama representa el
nuevo diseo de la red y las subredes. Muestra los routers, concentradores y switches, los
circuitos y las estaciones de trabajo y los servidores planificados para cada lugar. El servidor
en el lugar llamado 'Center' es un servidor de archivos al cual tienen acceso slo las
estaciones de trabajo de la subred local.
Todos los routers de la red se administran desde una estacin de trabajo en Center.
Al volver al trabajo el lunes, el tcnico presenta el nuevo diagrama al jefe de infraestructura
de redes, a cargo del proyecto. Luego de conversarlo, se determina que es necesario
desarrollar nueva documentacin sobre el proyecto.
El jefe de redes, el instructor en nuestro caso, debe aprobar la documentacin en cada fase
del proceso. Utilice la siguiente informacin para poner en marcha la red.
mbito de direcciones de red 192.168.0.0
Cantidad requerida de subredes 5
Protocolo de enrutamiento RIOP
Fase 2: Asignacin de direcciones de IP
Ahora que existe un plan bsico, el jefe de redes asigna al tcnico la tarea de desarrollar un
prototipo de la nueva red. Utilice el mbito de direcciones de red asignado, junto con los
requisitos relativos a las subredes, para dividir la red. A partir del esquema de direcciones de
IP, asigne direcciones de IP a las interfaces correspondientes en todos los routers y
computadoras de la red. Use como gua el diagrama que aparece a continuacin. Obtenga la
aprobacin de esta fase por parte del instructor, antes de proceder con la Fase 3.
Aprobacin del instructor ___________________Fecha __________________
192.168.1.2
5
255.255.255.224
192.168.1.3
192.168.1.1
192.168.1.2
192.168.1.1
fa 0/0
S 0/1/0
DTE
192.168.1.98
S 0/0/0
DCE
192.168.1.97
192.168.1.1
S 0/0/0
DCE
192.168.1.129
S 0/1/0
DTE
192.168.1.130
fa 0/0
192.168.1.33
192.168.1.34
192.168.1.35
192.168.1.33
fa 0/0
192.168.1.65
192.168.1.66
192.168.1.67
192.168.1.65
Boaz
Center
Eva
Contrasea de la
consola
Contrasea secreta
Contrasea VTY
Direccin de IP I/F
Serial 0/0
Direccin de IP I/F
Serial 0/1
*Velocidad de
sincronizacin I/F
Serial 0/0
*Velocidad de
sincronizacin I/F
Serial 0/1
Direccin de IP I/F Fa
0/0
Direccin deIP I/F Fa
0/1
Activar interfaces
Agregar protocolo de
enrutamiento
Agregar
afirmacionesxx de red
Descripcin I/F Serial
0/0
Descripcin I/F Serial
0/1
x
x
x
x
X
X
X
X
x
X
X
X
X
X
X
Las estaciones de trabajo en las subredes Eva y Boaz no deben tener acceso a
ningn dispositivo fuera de su subred, salvo para interconectarse con el servidor de
archivos 1.
Cada router debe poder hacer SSH en los dems routers y tener acceso a cualquier
dispositivo en la red.
El jefe de redes solicita al tcnico que escriba un corto resumen del propsito de cada
ACL, las interfaces en las que se utilizarn y la direccin del trfico. Luego haga una
lista de los comandos exactos que se utilizarn para crear y activar las ACL en las
interfaces de los routers.
Antes de configurar las ACL en los routers, revise cada una de las siguientes
condiciones de prueba y asegrese de que las ACL funcionan segn lo esperado:
Center
center#show ip route
Codes: C - connected, S static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX EIGRP external, O - OSPF,
IA - OSPF inter area
N1 - OSPF NSSA
external type 1, N2 - OSPF
NSSA external type 2
E1 - OSPF external
type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS
level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U
- per-user static route, o ODR
P - periodic
downloaded static route
Eva
show ip route
Codes: C - connected, S static, I - IGRP, R - RIP, M mobile, B - BGP
D - EIGRP, EX EIGRP external, O - OSPF,
IA - OSPF inter area
N1 - OSPF NSSA
external type 1, N2 - OSPF
NSSA external type 2
E1 - OSPF external
type 1, E2 - OSPF external
type 2, E - EGP
i - IS-IS, L1 - IS-IS
level-1, L2 - IS-IS level-2, ia
- IS-IS inter area
* - candidate default, U
- per-user static route, o ODR
P - periodic
downloaded static route
192.168.1.0/27 is
subnetted, 5 subnets
R
192.168.1.0 [120/1]
via 192.168.1.98, 00:00:24,
Serial0/0/0
C
192.168.1.32 is
directly connected,
FastEthernet0/0
R
192.168.1.64 [120/2]
via 192.168.1.98, 00:00:24,
Serial0/0/0
C
192.168.1.96 is
192.168.1.0/27 is
subnetted, 5 subnets
C
192.168.1.0 is
directly connected,
FastEthernet0/0
R
192.168.1.32 [120/1]
via 192.168.1.97, 00:00:27,
Serial0/1/0
R
192.168.1.64 [120/1]
via 192.168.1.130,
00:00:09, Serial0/0/0
C
192.168.1.96 is
192.168.1.0/27 is
subnetted, 5 subnets
R
192.168.1.0 [120/1]
via 192.168.1.129,
00:00:19, Serial0/1/0
R
192.168.1.32 [120/2]
via 192.168.1.129,
00:00:19, Serial0/1/0
C
192.168.1.64 is
directly connected,
FastEthernet0/0
R
192.168.1.96 [120/1]
directly connected,
Serial0/0/0
R
192.168.1.128
[120/1] via 192.168.1.98,
00:00:24, Serial0/0/0
sho
Boaz#show ip protocol
w
Routing Protocol is "rip"
ippro Sending updates every 30
tocol seconds, next due in 4
seconds
Invalid after 180 seconds,
hold down 180, flushed
after 240
Outgoing update filter list
for all interfaces is not set
Incoming update filter list
for all interfaces is not set
Redistributing: rip
Default version control:
send version 1, receive any
version
Interface
Send
Recv Triggered RIP Keychain
FastEthernet0/0
1 2
1
Serial0/0/0
1 21
Automatic network
summarization is in effect
Maximum path: 4
Routing for Networks:
192.168.1.0
Passive Interface(s):
Routing Information
Sources:
Gateway
Distance
Last Update
192.168.1.98
120
00:00:20
Distance: (default is 120)
sho
w ip
interf
ace
brief
Boaz#show ip interface
brief
Interface
IPAddress
OK? Method
Status
Protocol
directly connected,
Serial0/1/0
C
192.168.1.128 is
directly connected,
Serial0/0/0
center#show ip protocol
Routing Protocol is "rip"
Sending updates every 30
seconds, next due in 5
seconds
Invalid after 180 seconds,
hold down 180, flushed
after 240
Outgoing update filter list
for all interfaces is not set
Incoming update filter list
for all interfaces is not set
Redistributing: rip
Default version control:
send version 1, receive any
version
Interface
Send
Recv Triggered RIP Keychain
FastEthernet0/0
1 2
1
Serial0/0/0
1 21
Serial0/1/0
1 21
Automatic network
summarization is in effect
Maximum path: 4
Routing for Networks:
192.168.1.0
Passive Interface(s):
Routing Information
Sources:
Gateway
Distance
Last Update
192.168.1.97
120
00:00:21
192.168.1.130
120
00:00:03
Distance: (default is 120)
center#show ip interface
brief
Interface
IPAddress
OK? Method
Status
Protocol
via 192.168.1.129,
00:00:19, Serial0/1/0
C
192.168.1.128 is
directly connected,
Serial0/1/0
Eva#show ip protocol
Routing Protocol is "rip"
Sending updates every 30
seconds, next due in 15
seconds
Invalid after 180 seconds,
hold down 180, flushed
after 240
Outgoing update filter list
for all interfaces is not set
Incoming update filter list
for all interfaces is not set
Redistributing: rip
Default version control:
send version 1, receive any
version
Interface
Send
Recv Triggered RIP Keychain
FastEthernet0/0
1 2
1
Serial0/1/0
1 21
Automatic network
summarization is in effect
Maximum path: 4
Routing for Networks:
192.168.1.0
Passive Interface(s):
Routing Information
Sources:
Gateway
Distance
Last Update
192.168.1.129
120
00:00:01
Distance: (default is 120)
FastEthernet0/0
192.168.1.33 YES
manual up
up
FastEthernet0/1
unassigned
YES unset
administratively down down
Serial0/0/0
192.168.1.97
manual up
YES
up
Serial0/1/0
unassigned
YES unset
administratively down down
sho
w
versi
on
FastEthernet0/0
192.168.1.1 YES manual
up
up
FastEthernet0/1
unassigned
YES unset
administratively down down
Serial0/0/0
192.168.1.129 YES
manual up
Serial0/1/0
192.168.1.98
manual up
FastEthernet0/0
192.168.1.65 YES
manual up
up
FastEthernet0/1
unassigned
YES unset
administratively down down
Serial0/0/0
unassigned
YES unset
administratively down down
up
Serial0/1/0
192.168.1.130 YES
manual up
YES
up
up
Vlan1
unassigned
YES unset
administratively down down
Vlan1
unassigned
YES unset
administratively down down
Boaz#show version
Cisco IOS Software, 1841
Software (C1841ADVIPSERVICESK9-M),
Version 12.4(15)T1,
RELEASE SOFTWARE
(fc2)
Technical Support:
http://www.cisco.com/techs
upport
Copyright (c) 1986-2007 by
Cisco Systems, Inc.
Compiled Wed 18-Jul-07
04:52 by pt_team
Vlan1
unassigned
YES unset
administratively down down
center#show version
Cisco IOS Software, 1841
Software (C1841ADVIPSERVICESK9-M),
Version 12.4(15)T1,
RELEASE SOFTWARE
(fc2)
Technical Support:
http://www.cisco.com/techs
upport
Copyright (c) 1986-2007 by
Cisco Systems, Inc.
Compiled Wed 18-Jul-07
04:52 by pt_team
Eva#show version
Cisco IOS Software, 1841
Software (C1841ADVIPSERVICESK9-M),
Version 12.4(15)T1,
RELEASE SOFTWARE
(fc2)
Technical Support:
http://www.cisco.com/techs
upport
Copyright (c) 1986-2007 by
Cisco Systems, Inc.
Compiled Wed 18-Jul-07
04:52 by pt_team
sho
w
host
s
sho
w
start
upconfi
g
serial(sync/async) network
interface(s)
191K bytes of NVRAM.
63488K bytes of ATA
CompactFlash
(Read/Write)
serial(sync/async) network
interface(s)
191K bytes of NVRAM.
63488K bytes of ATA
CompactFlash
(Read/Write)
serial(sync/async) network
interface(s)
191K bytes of NVRAM.
63488K bytes of ATA
CompactFlash (Read/Write)
Configuration register is
0x2102
Boaz#show hosts
Default Domain is not set
Name/address lookup uses
domain service
Name servers are
255.255.255.255
Configuration register is
0x2102
center#show hosts
Default Domain is not set
Name/address lookup uses
domain service
Name servers are
255.255.255.255
Host
Port
Flags
Age Type
Address(es)
Boaz#show startup-config
Using 1032 bytes
!
version 12.4
no service timestamps log
datetime msec
no service timestamps
debug datetime msec
no service passwordencryption
!
hostname Boaz
!
!
!
enable secret 5
$1$mERr$hx5rVt7rPNoS4
wqbXKX7m0
enable password cisco
!
!
Host
Port
Flags
Age Type
Address(es)
center#show startup-config
Using 928 bytes
!
version 12.4
no service timestamps log
datetime msec
no service timestamps
debug datetime msec
no service passwordencryption
!
hostname center
!
!
!
enable secret 5
$1$mERr$hx5rVt7rPNoS4
wqbXKX7m0
enable password cisco
!
!
Host
Port
Flags
Age Type
Address(es)
Eva#show startup-config
Using 1012 bytes
!
version 12.4
no service timestamps log
datetime msec
no service timestamps
debug datetime msec
no service passwordencryption
!
hostname Eva
!
!
!
enable secret 5
$1$mERr$hx5rVt7rPNoS4
wqbXKX7m0
enable password cisco
!
!
Configuration register is
0x2102
Eva# show hosts
Default Domain is not set
Name/address lookup uses
domain service
Name servers are
255.255.255.255
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
description "bienvenido a
la interfaz 0/0"
ip address 192.168.1.33
255.255.255.224
ip access-group 1 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
description "bienvenido a
la interfaz s0/0/0"
ip address 192.168.1.97
255.255.255.224
clock rate 64000
!
interface Serial0/1/0
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
router rip
network 192.168.1.0
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
description "bienvenido a
la interface fa0/0
ip address 192.168.1.1
255.255.255.224
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
description bienvenido a la
interfaz s0/0/0
ip address 192.168.1.129
255.255.255.224
clock rate 64000
!
interface Serial0/1/0
description bienvenido a la
interfaz s0/1/0
ip address 192.168.1.98
255.255.255.224
!
interface Vlan1
no ip address
shutdown
!
router rip
network 192.168.1.0
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
description bienvenido a la
interfaz fa0/0
ip address 192.168.1.65
255.255.255.224
ip access-group 1 out
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
no ip address
shutdown
!
interface Serial0/1/0
description bienvenido a la
interfaz s0/1/0
ip address 192.168.1.130
255.255.255.224
!
interface Vlan1
no ip address
shutdown
!
router rip
network 192.168.1.0
!
ip classless
ip classless
!
!
access-list 1 permit host
192.168.1.2
access-list 1 deny
192.168.1.0 0.0.0.31
access-list 1 deny
192.168.1.64 0.0.0.31
access-list 1 permit any
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0
password cisco
login
line vty 1 4
login
!
!
!
end
!
ip classless
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0
password cisco
login
line vty 1 4
login
!
!
!
end
!
!
access-list 1 permit host
192.168.1.2
access-list 1 deny
192.168.1.0 0.0.0.31
access-list 1 deny
192.168.1.32 0.0.0.31
access-list 1 permit any
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0
password cisco
login
line vty 1 4
login
!
!
!
end
Documentacin de la seguridad
show ip interface
Boaz
Boaz#show ip
interface
FastEthernet0/0
is up, line protocol
is up (connected)
Internet address
is
192.168.1.33/27
Broadcast
address is
255.255.255.255
Address
determined by
Center
Eva
Eva#show ip
center#show ip
interface
interface
FastEthernet0/0 is
FastEthernet0/0
up, line protocol is
is up, line protocol up (connected)
is up (connected)
Internet address
Internet address is
is 192.168.1.1/27 192.168.1.65/27
Broadcast
Broadcast
address is
address is
255.255.255.255
255.255.255.255
Address
Address
determined by
determined by
setup command
MTU is 1500
bytes
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is 1
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
switching is
disabled
Router
Discovery is
disabled
setup command
MTU is 1500
bytes
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is not set
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
switching is
disabled
Router
Discovery is
disabled
setup command
MTU is 1500
bytes
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is 1
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
switching is
disabled
Router
Discovery is
disabled
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
BGP Policy
Mapping is
disabled
Input features:
MCI Check
WCCP Redirect
outbound is
disabled
WCCP Redirect
inbound is
disabled
WCCP Redirect
exclude is
disabled
FastEthernet0/1
is administratively
down, line
protocol is down
(disabled)
Internet protocol
processing
disabled
Serial0/0/0 is up,
line protocol is up
(connected)
Internet address
is
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
BGP Policy
Mapping is
disabled
Input features:
MCI Check
WCCP Redirect
outbound is
disabled
WCCP Redirect
inbound is
disabled
WCCP Redirect
exclude is
disabled
FastEthernet0/1
is administratively
down, line
protocol is down
(disabled)
Internet protocol
processing
disabled
Serial0/0/0 is up,
line protocol is up
(connected)
Internet address
is
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
BGP Policy
Mapping is
disabled
Input features:
MCI Check
WCCP Redirect
outbound is
disabled
WCCP Redirect
inbound is
disabled
WCCP Redirect
exclude is
disabled
FastEthernet0/1 is
administratively
down, line
protocol is down
(disabled)
Internet protocol
processing
disabled
Serial0/0/0 is
administratively
down, line
protocol is down
(disabled)
192.168.1.97/27
Broadcast
address is
255.255.255.255
Address
determined by
setup command
MTU is 1500
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is not set
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
192.168.1.129/27
Broadcast
address is
255.255.255.255
Address
determined by
setup command
MTU is 1500
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is not set
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
Internet protocol
processing
disabled
Serial0/1/0 is up,
line protocol is up
(connected)
Internet address
is
192.168.1.130/27
Broadcast
address is
255.255.255.255
Address
determined by
setup command
MTU is 1500
Helper address
is not set
Directed
broadcast
forwarding is
disabled
Outgoing access
list is not set
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
switching is
disabled
Router
Discovery is
disabled
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
WCCP Redirect
outbound is
disabled
WCCP Redirect
exclude is
disabled
BGP Policy
Mapping is
disabled
Serial0/1/0 is
administratively
down, line
protocol is down
(disabled)
Internet protocol
processing
disabled
Vlan1 is
administratively
down, line
protocol is down
Internet protocol
switching is
disabled
Router
Discovery is
disabled
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
WCCP Redirect
outbound is
disabled
WCCP Redirect
exclude is
disabled
BGP Policy
Mapping is
disabled
Serial0/1/0 is up,
line protocol is up
(connected)
Internet address
is
192.168.1.98/27
Broadcast
address is
255.255.255.255
Address
determined by
setup command
MTU is 1500
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
switching is
disabled
Router
Discovery is
disabled
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
WCCP Redirect
outbound is
disabled
WCCP Redirect
exclude is
disabled
BGP Policy
Mapping is
disabled
Vlan1 is
administratively
down, line
protocol is down
Internet protocol
processing
disabled
Helper address
processing
is not set
disabled
Directed
broadcast
forwarding is
disabled
Outgoing access
list is not set
Inbound access
list is not set
Proxy ARP is
enabled
Security level is
default
Split horizon is
enabled
ICMP redirects
are always sent
ICMP
unreachables are
always sent
ICMP mask
replies are never
sent
IP fast switching
is disabled
IP fast switching
on the same
interface is
disabled
IP Flow
switching is
disabled
IP Fast switching
turbo vector
IP multicast fast
switching is
disabled
IP multicast
distributed fast
switching is
disabled
Router
Discovery is
disabled
IP output packet
accounting is
disabled
IP access
violation
accounting is
disabled
TCP/IP header
compression is
disabled
RTP/IP header
compression is
disabled
Probe proxy
name replies are
disabled
Policy routing is
disabled
Network address
translation is
disabled
WCCP Redirect
outbound is
disabled
WCCP Redirect
exclude is
disabled
BGP Policy
Mapping is
disabled
Vlan1 is
administratively
down, line
protocol is down
Internet protocol
processing
disabled
show
ipaccesslists
Boaz# show ip
access-lists
Standard IP
access list 1
permit host
192.168.1.2 (1
match(es))
deny
192.168.1.0
0.0.0.31 (1
match(es))
deny
192.168.1.64
0.0.0.31 (3
Eva#show ip
access-lists
Standard IP
access list 1
permit host
192.168.1.2 (1
match(es))
deny
192.168.1.0
0.0.0.31 (1
match(es))
deny
192.168.1.32
0.0.0.31
match(es))
permit any
permit any (1
match(es))
_ showip interface
_ show version
_ show hosts
_ show startup-config
_ show ipaccess-list
Dispositivo
Servidor 1
PC2
PC3
PC4
PC5
PC6
Ip
192.168.1.2
192.168.1.3
192.168.1.34
192.168.1.35
192.168.1.66
192.168.1.67
Mascara
255.255.255.224
255.255.255.224
255.255.255.224
255.255.255.224
255.255.255.224
255.255.255.224
Gateway
192.168.1.1
192.168.1.1
192.168.1.33
192.168.1.33
192.168.1.65
192.168.1.65
Dispositivo
Boaz
Center
Eva
Fa0/0
192.168.1.33
192.168.1.1
192.168.1.65
S0/0/0
192.168.1.97
192.168.1.129
N/A
S0/1/0
N/A
192.168.1.98
192.168.1.130
Dispositivo/descripcion Fa0/0
Bienvenido
a la interfaz
Boaz
fa0/0
Bienvenido
a la interfaz
Center
fa0/0
Bienvenido
a la interfaz
Eva
fa0/0
Boaz
Center
Eva
S0/0/0
Bienvenido
a la interfaz
S0/0/0
Bienvenido
a la interfaz
S0/0/0
Bienvenido
a la interfaz
S0/0/0
DCE
S0/0/0
S0/0/0
N/A
S0/1/0
Bienvenido
a la interfaz
S0/1/0
Bienvenido
a la interfaz
S0/1/0
Bienvenido
a la interfaz
S0/1/0
Lista de acceso
Boaz(config) # Access-list 1 permit host
192.168.1.2
Boaz(config) # Access-list 1 deny 192.168.1.0
0.0.0.31
Boaz(config) # Access-list 1 deny
192.168.1.64 0.0.0.31
Boaz(config) # Access-list 1 permit any
Boaz(config) # int fa0/0
Boaz(config-if) # ip access-group 1 out
eva(config) # Access-list 1 permit host
192.168.1.2
eva(config) # Access-list 1 deny 192.168.1.0
0.0.0.31
eva(config) # Access-list 1 deny 192.168.1.32
0.0.0.31
DTE
N/A
S0/1/0
S0/1/0
Contrasea
cisco
cisco
cisco
Contasea
Secreta
cisco
cisco
cisco
Co
Vty
cis
cis
cis
RED
192.168.1.0/27
192.168.1.32/27
192.168.1.64/27
192.168.1.96/27
192.168.1.128/27
192.168.1.160/27
192.168.1.192/27
192.168.1.224/27
RANGO
HOSTS
192.168.1.1 -192.168.1.30
192.168.1.33
-192.168.1.62
192.168.1.65
-192.168.1.94
192.168.1.97
-192.168.1.126
192.168.1.129
-192.168.1.158
192.168.1.161
-192.168.1.190
192.168.1.193
-192.168.1.222
192.168.1.225
-192.168.1.254
BROADCAST
192.168.1.31
192.168.1.63
192.168.1.95
192.168.1.127
192.168.1.159
192.168.1.191
192.168.1.223
192.168.1.255
(2008, 06). lista de control. 1992-2014 Cisco Systems Inc. Todos los Derechos Reservados..
Recuperado 01, 2015, de
http://www.cisco.com/cisco/web/support/LA/7/75/75923_confaccesslists.pdf