NMP Lab 4 - HackMD

--- title: NMP Lab 4 --- # Setup ACL, OSPF ## 1. Basic setup 20% ### Given a subnet 192.168.x.0/24; x is your group number. ### R100 IP is 172.168.1.254; R3's IP is 172.168.1.x, WAN: 172.168.1.0/24 ### Web1 is web server; IP: 172.168.1.100 ### PC1 & S1 is in a subnet with 60 hosts; same as PC2 & S2 ### Go into Router5 and open CLI Go into CopyRouter1 and open CLI Router>en Router#conf t Router(config)#int fa0/0 Router(config-if)#ip addr 172.168.1.254 255.255.255.0 Router(config-if)#no sh Go into CopyRouter1(1) and open CLI Router>en Router#conf t Router(config)#int fa0/0 Router(config-if)#ip addr 192.168.4.133 255.255.255.252 Router(config-if)#no sh Router(config-if)#int fa1/0 Router(config-if)#ip addr 192.168.4.65 255.255.255.192 Router(config-if)#no sh Go into CopyRouter1(2) and open CLI Router>en Router#conf t Router(config)#int fa0/0 Router(config-if)#ip addr 192.168.4.129 255.255.255.252 Router(config-if)#no sh Router(config-if)#int fa1/0 Router(config-if)#ip addr 192.168.4.1 255.255.255.192 Router(config-if)#no sh Go into Router1 and open CLI Router>en Router#conf t Router(config)#int fa0/0 Router(config-if)#ip addr 172.168.1.4 255.255.255.0 Router(config-if)#no sh Router(config-if)#int fa1/0 Router(config-if)#ip addr 192.168.4.130 255.255.255.252 Router(config-if)#no sh Router(config-if)#int fa2/0 Router(config-if)#ip addr 192.168.4.134 255.255.255.252 Router(config-if)#no sh Go into Server0 and open Desktop IP Address = 172.168.1.100 Subnet Mask = 255.255.255.0 Default Gateway = 172.168.1.4 Go into PC0 and open Desktop > IP Configuration static IP Address = 192.168.4.5 Subnet Mask = 255.255.255.192 Default Gateway = 192.168.4.1 Go into PC1 and open Desktop > IP Configuration static IP Address = 192.168.4.70 Subnet Mask = 255.255.255.192 Default Gateway = 192.168.4.65 Go into CopyRouter1(2) and open CLI Router(config-if)#exit Router(config)#router rip Router(config-router)#v 2 Router(config-router)#network 192.168.4.0 Go into Router1 and open CLI Router(config-if)#exit Router(config)#router rip Router(config-router)#v 2 Router(config-router)#network 192.168.4.0 Router(config-router)#network 172.168.1.0 Go into CopyRouter1(1) and open CLI Router(config-if)#exit Router(config)#router rip Router(config-router)#v 2 Router(config-router)#network 192.168.4.0 ## 2. OSPF setup 40% ### Setup OSPF in R1, R2, R3, R100 ### S1's subnet is area 1; S2's subnet is area 2; ### All the rest subnets are in area 0 Go into CopyRouter1(2) and open CLI Router(config-router)#exit Router(config)#rout ospf 1 Router(config-router)#network 192.168.4.0 0.0.0.63 area 1 Router(config-router)#network 192.168.4.120 0.0.0.3 area 0 Router(config-router)#do sh run ![](https://i.imgur.com/u4v6D10.png) Go into CopyRouter1(1) and open CLI Router(config-router)#exit Router(config)#rout ospf 1 Router(config-router)#network 192.168.4.64 0.0.0.63 area 2 Router(config-router)#network 192.168.4.132 0.0.0.3 area 0 Router(config-router)#do sh run Go into CopyRouter1(2) and open CLI Router(config-router)#exit Router(config)#access-list 100 deny ip any 192.168.4.64 0.0.0.63 Router(config)#access-list 100 permit tcp any host 172.168.1.100 eq www Router(config)#access-list 100 permit ip any 192.168.4.0 0.0.0.255 Router(config)#int fa1/0 Router(config-if)#ip access-group 100 in Go into CopyRouter1(2) and open CLI Router(config-router)#exit Router(config)#access-list 100 deny ip any 192.168.4.0 0.0.0.63 Router(config)#access-list 100 permit ip any any Go into PC0 and open Desktop > Command Prompt PC>ping 192.168.4.5 PC>ping 192.168.4.132 PC>ping 192.168.4.128 PC>ping 172.468.1.254 Go into PC0 and open Desktop > Web Browser URL = 172.168.1.100 ![](https://i.imgur.com/dhZs6K7.png) ### show RIP routes ### R100 ping R1's subnet ### 3.ACL setup 40% ### Do not allow PC1 & hosts in S1 access PC2 & host in S2 Use ping to show it ### PC1 & hosts in S1 can only access: #### a. 192.168.x.0/24 except PC2 & S2 #### b. web services, such as Web1 ### Use ping and web browser at PC1 to show it. ###### tags: `Network Management Practice` `CSnote`