Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 12 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
12
Dung lượng
61,55 KB
Nội dung
spanning-tree mode pvst spanning-tree extend system-id vlan access-map Vnpr1 10 action forward vlan access-map VnproMap1 10 action forward match ip address VnproAllow1 vlan access-map VnproMap1 20 action drop match ip address VnproBlock1 vlan access-map VnproMap1 30 action forward match ip address VnproDefault1 vlan access-map VnproMap2 10 action forward match ip address VnproAllow2 vlan access-map VnproMap2 20 action drop match ip address VnproBlock2 vlan access-map VnproMap2 30 action forward match ip address VnproDefault2 vlan filter VnproMap1 vlan-list 10 vlan filter VnproMap2 vlan-list 20 interface FastEthernet0/1 no switchport ip address 10.200.0.1 255.255.255.0 interface FastEthernet0/2 no ip address interface FastEthernet0/3 no ip address interface FastEthernet0/4 no ip address interface FastEthernet0/5 switchport access vlan 10 no ip address interface FastEthernet0/6 switchport access vlan 10 no ip address interface FastEthernet0/7 switchport access vlan 10 no ip address interface FastEthernet0/8 switchport access vlan 10 no ip address interface FastEthernet0/9 switchport access vlan 20 no ip address interface FastEthernet0/10 switchport access vlan 20 no ip address interface FastEthernet0/11 switchport access vlan 20 no ip address interface FastEthernet0/12 switchport access vlan 20 no ip address interface GigabitEthernet0/1 no ip address interface GigabitEthernet0/2 no ip address interface Vlan1 ip address 192.168.1.1 255.255.255.0 interface Vlan10 ip address 192.168.10.1 255.255.255.0 interface Vlan20 ip address 192.168.20.1 255.255.255.0 router rip network 10.0.0.0 network 192.168.1.0 network 192.168.10.0 network 192.168.20.0 ip classless ip http server ip access-list extended VnproAllow1 permit tcp host 192.168.10.3 host 192.168.10.254 eq telnet ip access-list extended VnproAllow2 permit tcp host 192.168.20.3 host 10.200.0.2 eq telnet ip access-list extended VnproBlock1 permit tcp 192.168.10.0 0.0.0.15 host 192.168.10.254 eq telnet ip access-list extended VnproBlock2 permit tcp 192.168.20.0 0.0.0.15 host 10.200.0.2 eq telnet ip access-list extended VnproDefault1 permit tcp any any ip access-list extended VnproDefault2 permit tcp any any permit ip any any line con 0 line vty 0 4 password cisco login line vty 5 15 login end Vnpro#show vlan VLAN Name Status Ports 1 default active Fa0/2, Fa0/3, Fa0/4, Gi0/1 Gi0/2 10 Admin active Fa0/5, Fa0/6, Fa0/7, Fa0/8 20 User active Fa0/9, Fa0/10, Fa0/11, Fa0/12 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 1 enet 100001 1500 - - - - - 0 0 10 enet 100010 1500 - - - - - 0 0 20 enet 100020 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - - 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 Remote SPAN VLANs Primary Secondary Type Ports Vnpro#show vlan access-map Vlan access-map "VnproMap1" 10 Match clauses: ip address: VnproAllow1 Action: forward Vlan access-map "VnproMap1" 20 Match clauses: ip address: VnproBlock1 Action: drop Vlan access-map "VnproMap1" 30 Match clauses: ip address: VnproDefault1 Action: forward Vlan access-map "VnproMap2" 10 Match clauses: ip address: VnproAllow2 Action: forward Vlan access-map "VnproMap2" 20 Match clauses: ip address: VnproBlock2 Action: drop Vlan access-map "VnproMap2" 30 Match clauses: ip address: VnproDefault2 Action: forward Vnpro#show ip access-list Extended IP access list VnproAllow1 permit tcp host 192.168.10.3 host 192.168.10.254 eq telnet Extended IP access list VnproAllow2 permit tcp host 192.168.20.3 host 10.200.0.2 eq telnet Extended IP access list VnproBlock1 permit tcp 192.168.10.0 0.0.0.15 host 192.168.10.254 eq telnet Extended IP access list VnproBlock2 permit tcp 192.168.20.0 0.0.0.15 host 10.200.0.2 eq telnet Extended IP access list VnproDefault1 permit tcp any any Extended IP access list VnproDefault2 permit tcp any any permit ip any any Vnpro#show vlan filter VLAN Map VnproMap1 is filtering VLANs: 10 VLAN Map VnproMap2 is filtering VLANs: 20 Vnpro#show ip route Gateway of last resort is not set C 192.168.10.0/24 is directly connected, Vlan10 R 172.168.0.0/16 [120/1] via 10.200.0.2, 00:00:21, FastEthernet0/1 C 192.168.20.0/24 is directly connected, Vlan20 10.0.0.0/24 is subnetted, 1 subnets C 10.200.0.0 is directly connected, FastEthernet0/1 Vnpro#ping 10.200.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.200.0.2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms Vnpro#ping 172.168.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.168.0.1, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms Vnpro# Cấu hình tham khảo của Remote Router Remote#show running-config Building configuration Current configuration : 690 bytes version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption hostname Remote enable secret 5 $1$wDfm$5zcN0Px2wrN0be6jV74m60 enable password cisco memory-size iomem 10 ip subnet-zero call rsvp-sync interface Loopback0 ip address 172.168.0.1 255.255.255.0 interface Ethernet0/0 ip address 10.200.0.2 255.255.255.0 half-duplex interface Serial0/0 no ip address shutdown no fair-queue router rip network 10.0.0.0 network 172.168.0.0