【汇总】经典案例系列
简介
该综合实验涉及的内容涵盖,OSPF、二层、三层交换技术、PPP的认证、RIP、NAT转换、VPN,ACL,比较综合性,可以尝试自己用GNS3或者PT搭建环境做做,可以加强对这些知识点的认识,下面有详细的配置代码。 MSTP的话GNS3与PT都不支持,ppp pap send这个PT也不错,其余的PT因该都可以支持了,VPN也是可以做的。根据自己习惯来!
二、三层交换机SWA配置
cisco–SWA(config)#vlan 10
cisco–SWA(config)#vlan 20
cisco–SWA(config)#vlan 30
cisco–SWA(config)#vlan 40
cisco–SWA(config)#vlan 50
cisco–SWA(config)#vlan 60
cisco–SWA(config)#spanning-tree
cisco–SWA(config)#spanning-tree mst configuration
cisco–SWA(config-mst)#name ruijie
cisco–SWA(config-mst)#reversion 1
cisco–SWA(config-mst)#instance 10 vlan 10,20,30
cisco–SWA(config-mst)#instance 20 vlan 40,50,60
cisco–SWA(config)#spanning-tree mst 10 priority 4096
cisco–SWA(config)# spanning-tree mst 20 priority 8192
cisco–SWA(config)#interface range fa0/12-13
cisco–SWA(config-if-range)#portgroup 1 on
cisco–SWA(config)#interface agg 1
cisco–SWA(config-if)#switchport mode trunk
cisco–SWA(config)#int vlan 10
cisco–SWA(config-if)#ip add 172.16.1.1 255.255.255.0
cisco–SWA(config)#int vlan 20
cisco–SWA(config-if)#ip add 172.16.2.1 255.255.255.0
cisco–SWA(config)#int vlan 30
cisco–SWA(config-if)#ip add 172.16.3.1 255.255.255.0
cisco–SWA(config)#int vlan 40
cisco–SWA(config-if)#ip add 172.16.4.1 255.255.255.0
cisco–SWA(config)#int vlan 50
cisco–SWA(config-if)#ip add 172.16.5.1 255.255.255.0
cisco–SWA(config)#int vlan 60
cisco–SWA(config-if)#ip add 172.16.6.1 255.255.255.0
cisco–SWA(config)#int vlan 10
cisco–SWA(config-if)#vrrp 10 ip 172.16.1.254
cisco–SWA(config-if)#vrrp 10 pri 120
cisco–SWA(config)#int vlan 20
cisco–SWA(config-if)#vrrp 20 ip 172.16.2.254
cisco–SWA(config-if)#vrrp 20 pri 120
cisco–SWA(config)#int vlan 30
cisco–SWA(config-if)#vrrp 30 ip 172.16.3.254
cisco–SWA(config-if)#vrrp 30 pri 120
cisco–SWA(config)#int vlan 40
cisco–SWA(config-if)#vrrp 40 ip 172.16.4.254
cisco–SWA(config)#int vlan 50
cisco–SWA(config-if)#vrrp 50 ip 172.16.5.254
cisco–SWA(config)#int vlan 60
cisco–SWA(config-if)#vrrp 60 ip 172.16.6.254
cisco–SWA(config)#int fa0/1
cisco–SWA(config-if)#no switchport
cisco–SWA(config-if)#ip add 10.1.1.14 255.255.255.252
cisco–SWA(config-if)#no shutdown
cisco–SWA(config)#int range fa0/2-3
cisco–SWA(config-if-range)#switchport mode trunk
cisco–SWA(config)#router ospf 10
cisco–SWA(config-router)#router-id 4.4.4.4
cisco–SWA(config-router)#network 172.16.1.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 172.16.2.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 172.16.3.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 172.16.4.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 172.16.5.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 172.16.6.0 0.0.0.255 area 0
cisco–SWA(config-router)#network 10.1.1.12 0.0.0.3 area 0
三、三层交换机cisco–SWB配置
cisco–SWBconfig)#
cisco–SWB(config)#vlan 10
cisco–SWB(config)#vlan 20
cisco–SWB(config)#vlan 30
cisco–SWB(config)#vlan 40
cisco–SWB(config)#vlan 50
cisco–SWB(config)#vlan 60
cisco–SWB(config)#spanning-tree
cisco–SWB(config)#spanning-tree mst configuration
cisco–SWB(config-mst)#name ruijie
cisco–SWB(config-mst)#reversion 1
cisco–SWB(config-mst)#instance 10 vlan 10,20,30
cisco–SWB(config-mst)#instance 20 vlan 40,50,60
cisco–SWB(config)#spanning-tree mst 20 priority 4096
cisco–SWB(config)# spanning-tree mst 10 priority 8192
cisco–SWB(config)#interface range fa0/12-13
cisco–SWB(config-if-range)#portgroup 1 on
cisco–SWB(config)#interface agg 1
cisco–SWB(config-if)#switchport mode trunk
cisco–SWB(config)#int vlan 10
cisco–SWB(config-if)#ip add 172.16.1.2 255.255.255.0
cisco–SWB(config)#int vlan 20
cisco–SWB(config-if)#ip add 172.16.2.2 255.255.255.0
cisco–SWB(config)#int vlan 30
cisco–SWB(config-if)#ip add 172.16.3.2 255.255.255.0
cisco–SWB(config)#int vlan 40
cisco–SWB(config-if)#ip add 172.16.4.2 255.255.255.0
cisco–SWB(config)#int vlan 50
cisco–SWB(config-if)#ip add 172.16.5.2 255.255.255.0
cisco–SWB(config)#int vlan 60
cisco–SWB(config-if)#ip add 172.16.6.2 255.255.255.0
cisco–SWB(config)#int vlan 10
cisco–SWB(config-if)#vrrp 10 ip 172.16.1.254
cisco–SWB(config)#int vlan 20
cisco–SWB(config-if)#vrrp 20 pri 120
cisco–SWB(config)#int vlan 30
cisco–SWB(config-if)#vrrp 30 ip 172.16.3.254
cisco–SWB(config)#int vlan 40
cisco–SWB(config-if)#vrrp 40 ip 172.16.4.254
cisco–SWB(config-if)#vrrp 40 prio 120
cisco–SWB(config)#int vlan 50
cisco–SWB(config-if)#vrrp 50 ip 172.16.5.254
cisco–SWB(config-if)#vrrp 50 prio 120
cisco–SWB(config)#int vlan 60
cisco–SWB(config-if)#vrrp 60 ip 172.16.6.254
cisco–SWB(config-if)#vrrp 60 prio 120
cisco–SWB(config)#int fa0/1
cisco–SWB(config-if)#no switchport
cisco–SWB(config-if)#ip add 10.1.1.18 255.255.255.252
cisco–SWB(config-if)#no shutdown
cisco–SWB(config)#int range fa0/2-3
cisco–SWB(config-if-range)#switchport mode trunk
cisco–SWB(config)#router ospf 10
cisco–SWB(config-router)#router-id 5.5.5.5
cisco–SWB(config-router)#network 172.16.1.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 172.16.2.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 172.16.3.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 172.16.4.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 172.16.5.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 172.16.6.0 0.0.0.255 area 0
cisco–SWB(config-router)#network 10.1.1.16 0.0.0.3 area 0
四、二层交换机cisco–SWC配置
cisco–SWCconfig)#
cisco–SWC(config)#vlan 10
cisco–SWC(config)#vlan 20
cisco–SWC(config)#vlan 30
cisco–SWC(config)#vlan 40
cisco–SWC(config)#vlan 50
cisco–SWC(config)#vlan 60
cisco–SWC(config)#spanning-tree
cisco–SWC(config)#spanning-tree mst configuration
cisco–SWC(config-mst)#name ruijie
cisco–SWC(config-mst)#reversion 1
cisco–SWC(config-mst)#instance 10 vlan 10,20,30
cisco–SWC(config-mst)#instance 20 vlan 40,50,60
cisco–SWC(config)#inter range fa0/1-2
cisco–SWC(config-if-range)#sw mo tr
五、二层交换机cisco–SWD配置
cisco–SWDconfig)#
cisco–SWD(config)#
cisco–SWD(config)#vlan 10
cisco–SWD(config)#vlan 20
cisco–SWD(config)#vlan 30
cisco–SWD(config)#vlan 40
cisco–SWD(config)#vlan 50
cisco–SWD(config)#vlan 60
cisco–SWD(config)#spanning-tree
cisco–SWD(config)#spanning-tree mst configuration
cisco–SWD(config-mst)#name ruijie
cisco–SWD(config-mst)#reversion 1
cisco–SWD(config-mst)#instance 10 vlan 10,20,30
cisco–SWD(config-mst)#instance 20 vlan 40,50,60
cisco–SWD(config)#inter range fa0/1-2
cisco–SWD(config-if-range)#sw mo tr
六、路由器cisco–R1配置
cisco–R1(config)#int s1/2
cisco–R1(config-if)#ip add 10.1.1.1 255.255.255.252
cisco–R1(config-if)#no sh
cisco–R1(config-if)#int fa0/0
cisco–R1(config-if)#ip add 210.1.1.28 255.255.255.240
cisco–R1(config-if)#no sh
cisco–R1(config-if)#router rip
cisco–R1(config-router)#network 10.0.0.0
cisco–R1(config-router)#version 2
cisco–R1(config-router)#no auto-summary
cisco–R1(config-router)#default-information orig
cisco–R1(config)#ip router 0.0.0.0 0.0.0.0 210.1.1.29
七、路由器cisco–R2配置
cisco–R2(config)#int s1/2
cisco–R2(config-if)#ip add 10.1.1.2 255.255.255.252
cisco–R2(config-if)#no sh
cisco–R2(config)#int fa0/0
cisco–R2(config-if)#ip add 10.1.1.5 255.255.255.252
cisco–R2(config)#int fa0/1
cisco–R2(config-if)#ip add 10.1.1.9 255.255.255.252
cisco–R2(config)#router rip
cisco–R2(config-router)#network 10.0.0.0
cisco–R2(config-router)#version 2
cisco–R2(config-router)#no auto-summary
cisco–R2(config-router)#redis ospf 10 met 2
cisco–R2(config)#router ospf 10
cisco–R2(config-router)#router-id 1.1.1.1
cisco–R2(config-router)#network 10.1.1.4 0.0.0.3 ar 0
cisco–R2(config-router)#network 10.1.1.8 0.0.0.3 area 0
cisco–R2(config-router)#redis rip subnets metric 50
八、路由器cisco–R3配置
cisco–R3(config)#int fa0/0
cisco–R3(config-if)#ip add 10.1.1.6 255.255.255.252
cisco–R3(config)#int fa0/1
cisco–R3(config-if)#ip add 10.1.1.13 255.255.255.252
cisco–R3(config)#int s1/2
cisco–R3(config-if)#ip add 10.1.1.21 255.255.255.252
cisco–R3(config)#router ospf 10
cisco–R3(config-router)#router-id 2.2.2.2
cisco–R3(config-router)#network 10.1.1.4 0.0.0.3 ar 0
cisco–R3(config-router)#network 10.1.1.12 0.0.0.3 area 0
cisco–R3(config-router)#network 10.1.1.20 0.0.0.3 area 0
九、路由器cisco–R4配置
cisco–R4(config)#
cisco–R4(config)#int fa0/0
cisco–R4(config-if)#ip add 10.1.1.10 255.255.255.252
cisco–R4(config)#int fa0/1
cisco–R4(config-if)#ip add 10.1.1.17 255.255.255.252
cisco–R4(config)#int s1/2
cisco–R4(config-if)#ip add 10.1.1.22 255.255.255.252
cisco–R4(config)#router ospf 10
cisco–R4(config-router)#router-id 2.2.2.2
cisco–R4(config-router)#network 10.1.1.8 0.0.0.3 ar 0
cisco–R4(config-router)#network 10.1.1.16 0.0.0.3 area 0
cisco–R4(config-router)#network 10.1.1.20 0.0.0.3 area 0
十、PPP配置
cisco–R1(config)#username cisco–R2 passwd 123
cisco–R1(config)#int s1/2
cisco–R1(config)#enc ppp
cisco–R1(config-if)#ppp auth chap
cisco–R2(config)#username cisco–R1 passwd 123
cisco–R2(config)#int s1/2
cisco–R2(config)#enc ppp
cisco–R3(config)#username cisco–R4 passwd 123
cisco–R3(config)#int s1/2
cisco–R3(config-if)#enc ppp
cisco–R3(config-if)#ppp auth pap
cisco–R4(config)#int s1/2
cisco–R4(config-if)#ppp pap sent-username cisco–R4 password 123
十二、NAT配置
cisco–R1(config)#int fa0/0
cisco–R1(config-if)#ip nat outside
cisco–R1(config)#int s1/2
cisco–R1(config-if)#ip nat inside
cisco–R1(config)#ip nat pool pool1 210.1.1.17 210.1.1.18 netmask 255.255.255.240
cisco–R1(config)#ip nat pool pool2 210.1.1.19 210.1.1.20 netmask 255.255.255.240
cisco–R1(config)#ip nat pool pool3 210.1.1.21 210.1.1.22 netmask 255.255.255.240
cisco–R1(config)#ip nat pool pool4 210.1.1.23 210.1.1.25 netmask 255.255.255.240
cisco–R1(config)#ip nat pool pool5 210.1.1.27 210.1.1.27 netmask 255.255.255.240
cisco–R1(config)#access-list 10 permit 172.16.1.0 0.0.0.255
cisco–R1(config)#access-list 11 permit 172.16.2.0 0.0.0.255
cisco–R1(config)#access-list 12 permit 172.16.3.0 0.0.0.255
cisco–R1(config)#access-list 13 permit 172.16.4.0 0.0.0.255
cisco–R1(config)#access-list 13 permit 172.16.5.0 0.0.0.255
cisco–R1(config)#access-list 140 deny ip 172.16.6.0 0.0.0.255 172.17.5.0 0.0.0.255
cisco–R1(config)#access-list 140 permit ip any any
cisco–R1(config)#ip nat inside source list 10 pool pool1
cisco–R1(config)#ip nat inside source list 11 pool pool2
cisco–R1(config)#ip nat inside source list 12 pool pool3
cisco–R1(config)#ip nat inside source list 13 pool pool4
cisco–R1(config)#ip nat inside source list 14 pool pool5
cisco–R1(config)#ip nat inside static tcp 172.16.1.10 80 210.1.1.26 80
cisco–R1(config)#ip nat inside static tcp 172.16.1.11 20 210.1.1.26 20
cisco–R1(config)#ip nat inside static tcp 172.16.1.11 21 210.1.1.26 21
cisco–R1(config)#ip nat inside static tcp 172.16.1.12 1433 210.1.1.26 1433
十三、VPN配置
cisco–R1(config)#access-list 110 permit ip 172.16.6.0 0.0.0.255 172.17.5.0 0.0.0.255
cisco–R1(config)#crypto isakmp policy 110
cisco–R1(isakmp-policy)#authentication pre-share
cisco–R1(isakmp-policy)#hash md5
cisco–R1(config)#crypto isakmp key 0 ccieh3c.taobao.com address 210.1.1.29
cisco–R1(config)#crypto ipsec transform-set vpn1 ah-md5-hmac esp-des esp-md5-hmac
cisco–R1(config)#crypto map map1 10 ipsec-isakmp
cisco–R1(config-map)# peer 210.1.1.29
cisco–R1(config-map)#set transform-set vpn1
cisco–R1(config-map)#match address 110
cisco–R1(config)#interface f0/0
cisco–R1(config-if)#crypto map map1
cisco–R1#sh crypto isakmp sa
cisco–R1#sh crypto ipsec sa
cisco–R2(config)#access-list 110 permit ip 172.16.5.0 0.0.0.255 172.17.6.0 0.0.0.255
cisco–R2(config)#crypto isakmp policy 110
cisco–R2(isakmp-policy)#authentication pre-share
cisco–R2(isakmp-policy)#hash md5
cisco–R2(config)#crypto isakmp key 0 ccieh3c.taobao.com address 210.1.1.28
cisco–R2(config)#crypto ipsec transform-set vpn1 ah-md5-hmac esp-des esp-md5-hmac
cisco–R2(config)#crypto map map1 10 ipsec-isakmp
cisco–R2(config-map)# peer 210.1.1.28
cisco–R2(config-map)#set transform-set vpn1
cisco–R2(config-map)#match address 110
cisco–R2(config)#interface f0/0
cisco–R2(config-if)#crypto map map1
cisco–R2#sh crypto isakmp sa
cisco–R2#sh crypto ipsec sa
下载文档
关于博客资源下载说明
(1)第一种是书籍PDF与视频类,全部放在博客分享,觉得对大家学习有帮助的博主会收集好、然后以博主的经验整理分类后排序好分享出来。
(2)第二种是技术性文章与视频,全部放在公众号(网络之路博客)/B站(网络之路Blog)发布,以博主原创为主,主要分享系列为主,由浅入深的带大家了解工作中常用到的一些网络技术,当然也会分享一些比较经典的案例。
(3)分享资源有涉及到您的利益以及版权问题,请联系博主,24小时候内删除。
学习视频系列(总有您想要的)
Book与实验手册(从初级到高级)
数通系列(路由交换 无线、防火墙VPN等)
实战系列(最贴近企业需求的案例)
想第一时间收到最新更新内容吗,点击获取~~~
(广告)博主自主原创最新实战课程
(广告)远程技术支持(设备调试),有搞不定的找我,价格实惠,为您解决实际工作上的问题
