Packet Tracer Topo02

# Packet Tracer Topo02 :::info [TOC] ::: ## 零、特別條件 1.需要可以用網管電腦TELNET到拓譜內任1設備 ※為了避免攻擊請將S1、S2管理IP分別綁定如下: S1=VLAN66 管理IP:192.168.66.241/30 S2=VLAN 77 管理IP:192.168.77.241/29 2.所有設備預設閘道均為個網段最後一個可用IP 3.所有設備均需設VTY 0 1 Password :cisco 4.所有設備特權密碼(不加密)均設PASSWORD ## 一、各HTTP主機、DNS主機、網管電腦及設網路設備port口完成IP設定 :::info ![01](https://hackmd.io/_uploads/HyQjOzrLkx.png) ::: ### 主機設定 ![01-1](https://hackmd.io/_uploads/HksQYMHLJg.png) ![01-2](https://hackmd.io/_uploads/rJX4tzH8yl.png) ![01-3](https://hackmd.io/_uploads/S1BEYfS81e.png) ![01-4](https://hackmd.io/_uploads/HkPVtzSL1x.png) ![01-5](https://hackmd.io/_uploads/By_EKzBLJe.png) ![01-6](https://hackmd.io/_uploads/r154tGHIJl.png) ### DHCP Server > DHCPServer(config)#interface s0/1/1 > DHCPServer(config-if)#ip address 192.168.0.1 255.255.255.252 > DHCPServer(config-if)#no sh ### R2 > R2(config)#interface s0/1/1 > R2(config-if)#ip address 192.168.0.2 255.255.255.252 > R2(config-if)#no sh > R2(config)#interface s0/1/0 > R2(config-if)#ip address 192.168.0.6 255.255.255.252 > R2(config-if)#no sh ### R3 > R3(config)#interface s0/1/0 > R3(config-if)#ip address 192.168.0.5 255.255.255.252 > R3(config-if)#no sh ## 二、路由 1.R3設預設路由至R2； > R3(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.6 2.DHCPServer(Route)設預設路由至R2； > DHCPServer(config)#ip route 0.0.0.0 0.0.0.0 192.168.0.2 3.R2對各區域設靜態路由 > R2(config)#ip route 192.168.12.0 255.255.255.0 192.168.0.5 > R2(config)#ip route 192.168.13.0 255.255.255.0 192.168.0.5 > R2(config)#ip route 192.168.14.0 255.255.255.0 192.168.0.5 > R2(config)#ip route 192.168.66.240 255.255.255.252 192.168.0.5 ## 三、VLAN 1.設定各區VLAN 2.依拓譜圖中說明將Port位綁至各VLAN ### S1 > S1(config)#vlan 12 > S1(config-vlan)#name Class > S1(config-vlan)#interface range fa0/6-10 > S1(config-if-range)#switchport mode access > S1(config-if-range)#switchport access vlan 12 > S1(config)#vlan 13 > S1(config-vlan)#name A-Office > S1(config-vlan)#interface range fa0/11-15 > S1(config-if-range)#switchport mode access > S1(config-if-range)#switchport access vlan 13 > S1(config)#vlan 14 > S1(config-vlan)#name P-Office > S1(config-vlan)#interface range fa0/16-20 > S1(config-if-range)#switchport mode access > S1(config-if-range)#switchport access vlan 14 > S1(config)#vlan 66 > S1(config)#interface vlan 66 > S1(config-if)#ip address 192.168.66.241 255.255.255.252 > S1(config-if)#no sh > S1(config)#interface fa0/1 > S1(config-if)#switchport mode trunk > S1(config-if)#no sh > S1(config)#ip default-gateway 192.168.66.242 ### S2 > S2(config)#vlan 15 > S2(config-vlan)#name O-Office > S2(config-vlan)#interface range fa0/6-10 > S2(config-if-range)#switchport mode access > S2(config-if-range)#switchport access vlan 15 > S2(config)#vlan 77 > S2(config)#interface vlan 77 > S2(config-if)#ip address 192.168.77.241 255.255.255.248 > S2(config-if)#interface range fa0/21-22 > S2(config-if-range)#switchport mode access > S2(config-if-range)#switchport access vlan 77 > S2(config)#interface fa0/1 > S2(config-if)#switchport mode trunk > S2(config-if)#no sh > S2(config)#ip default-gateway 192.168.77.246 ### R3 > R3(config)#interface fa0/0.12 > R3(config-subif)#encapsulation dot1Q 12 > R3(config-subif)#ip address 192.168.12.254 255.255.255.0 > R3(config-subif)#ip helper-address 192.168.0.1 > R3(config)#interface fa0/0.13 > R3(config-subif)#encapsulation dot1Q 13 > R3(config-subif)#ip address 192.168.13.254 255.255.255.0 > R3(config-subif)#ip helper-address 192.168.0.1 > R3(config)#interface fa0/0.14 > R3(config-subif)#encapsulation dot1Q 14 > R3(config-subif)#ip address 192.168.14.254 255.255.255.0 > R3(config-subif)#ip helper-address 192.168.0.1 > R3(config)#interface fa0/0.66 > R3(config-subif)#encapsulation dot1Q 66 > R3(config-subif)#ip address 192.168.66.242 255.255.255.252 > R3(config-subif)#ip helper-address 192.168.0.1 > R3(config)#interface fa0/0 > R3(config-if)#no sh ### R2 > R2(config)#interface fa0/0.15 > R2(config-subif)#encapsulation dot1Q 15 > R2(config-subif)#ip address 192.168.15.254 255.255.255.0 > R2(config-subif)#ip helper-address 192.168.0.1 > R2(config)#interface fa0/0.77 > R2(config-subif)#encapsulation dot1Q 77 > R2(config-subif)#ip address 192.168.77.246 255.255.255.248 > R2(config-subif)#ip helper-address 192.168.0.1 > R2(config)#interface fa0/0 > R2(config-if)#no sh ## 四、各設備完成VTY及特權密碼設定 1.VTY設定 0-1，密碼cisco 2.各設備設特權密碼cisco(不加密) :::success 共有DHCPserver,R2,R3,S1,S2等五個設備需要設定 ::: > DHCPServer(config)#enable password cisco > DHCPServer(config)#line vty 0 1 > DHCPServer(config-line)#password cisco > DHCPServer(config-line)#login ## 五、設定DHCPServer 設定各區DHCP IP 閘道子遮 DNS伺服器等位置，並派送至各PC > DHCPServer(config)#ip dhcp pool 192.168.12.0/24 > DHCPServer(dhcp-config)#network 192.168.12.0 255.255.255.0 > DHCPServer(dhcp-config)#default-router 192.168.12.254 > DHCPServer(dhcp-config)#dns-server 192.168.77.242 > DHCPServer(config)#ip dhcp pool 192.168.13.0/24 > DHCPServer(dhcp-config)#network 192.168.13.0 255.255.255.0 > DHCPServer(dhcp-config)#default-router 192.168.13.254 > DHCPServer(dhcp-config)#dns-server 192.168.77.242 > DHCPServer(config)#ip dhcp pool 192.168.14.0/24 > DHCPServer(dhcp-config)#network 192.168.14.0 255.255.255.0 > DHCPServer(dhcp-config)#default-router 192.168.14.254 > DHCPServer(dhcp-config)#dns-server 192.168.77.242 > DHCPServer(config)#ip dhcp pool 192.168.15.0/24 > DHCPServer(dhcp-config)#network 192.168.15.0 255.255.255.0 > DHCPServer(dhcp-config)#default-router 192.168.15.254 > DHCPServer(dhcp-config)#dns-server 192.168.77.242 ## 六、設定DNS伺服器完成後始各PC均能用網址上網 ## 七、網管電腦可以TELNET到拓譜內所有設備