Home > Others

Small and medium network system integration

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Small and Medium network system integration

Background Description:

650) this.width=650; "src=" Http://img.my.csdn.net/uploads/201101/2/0_1293972288hRzc.gif "/>


company Environment and requirements:  

1 , the company has 2 departments, Finance Department, marketing department, and manager's office;

2 , in order to ensure that the financial Department of Computer Security, the marketing department is not allowed to access the Finance Department host;

3 , the Ministry of Finance can not access the external network;

4 , the company only applied to two public networks ip address ( 202.100.100.2/29 202.100.100.3/29 ), For enterprise intranet access to use, one of the public network address assigned to the company server use, another public network address to the company employees online use.

5 , the company uses the private network address 172.16.0.0/16 SW1 dhcp server, automatically assigns a to two-door computers ip address.

6 , corporate router r4 and layer three switches SW1 run on rip routing protocol, and SW1 do default route to r4 Span style= "font-family: ' The song Body '; > in r4 on the default route to the extranet;

7 , allow extranet users to access the company www server, but does not allow access to the intranet and FTP server;



Configuration of the R1:
En
Conf t
Host R1
Enable password test
No IP domain-lookup
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
Username R4 Password Test
int s0/0/0
IP Add 202.100.100.1 255.255.255.248
Clock rate 64000
Encapsulation PPP
PPP Authentication CHAP
No sh
Exit
int fa0/0
IP Add 192.168.1.1 255.255.255.252
IP OSPF message-digest-key 1 MD5 123456
No sh
Exit
router OSPF 100
Network 202.100.100.1 0.0.0.0 Area 0
Network 192.168.1.1 0.0.0.0 Area 0
Area 0 Authentication Message-digest


Configuration of the R2:
En
Conf t
Host R2
Enable password test
No IP domain-lookup
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
int fa0/0
IP Add 192.168.1.2 255.255.255.252
IP OSPF message-digest-key 1 MD5 123456
No sh
int FA0/1
IP Add 192.168.1.5 255.255.255.252
IP OSPF message-digest-key 1 MD5 123456
No sh
Exit
router OSPF 100
Network 192.168.1.2 0.0.0.0 Area 0
Network 192.168.1.5 0.0.0.0 Area 0
Area 0 Authentication Message-digest

Configuration of the R3

En
Conf t
Host R3
Enable password test
No IP domain-lookup
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
int fa0/0
IP Add 192.168.1.6 255.255.255.252
IP OSPF message-digest-key 1 MD5 123456
No sh
int FA0/1
IP Add 202.200.200.1 255.255.255.0
IP OSPF message-digest-key 1 MD5 123456
No sh
Exit
router OSPF 100
Network 192.168.1.6 0.0.0.0 Area 0
Network 202.200.200.1 0.0.0.0 Area 0
Area 0 Authentication Message-digest


Configuration of the R4:
En
Conf t
Host R4
Enable password test
No IP domain-lookup
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
Username R1 Pass Test
int s0/0/0
IP Add 202.100.100.2 255.255.255.248
IP Nat Outside
Encapsulation PPP
PPP Authentication CHAP
No sh
int FA0/1
IP Add 172.16.50.1 255.255.255.0
IP nat Inside
No sh
int fa0/0
IP Add 172.16.1.1 255.255.255.252
IP nat Inside
No sh
Exit
IP Route 0.0.0.0 0.0.0.0 202.100.100.1
IP default-network 202.100.100.0
Router RIP
Version 2
No auto-summary
Network 202.100.100.0
Network 172.16.50.0
Network 172.16.1.0
Exit
Access-list 1 Deny 172.16.20.0 0.0.0.255
Access-list 1 Permit any
int s0/0/0
IP Access-group 1 out
Exit
IP nat inside source static TCP 172.16.50.2 80 202.100.100.3 80
IP nat inside source List 1 interface s0/0/0 overload

Configuration of the SW1:
En
Conf t
Host SW1
Enable password test
No IP domain-lookup
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
VLAN 10
Name Manager
Exit
VLAN 20
Name Finance
Exit
VLAN 30
Name Market
Exit
VLAN 40
Name Wireless
Exit
IP Routing
int FA0/22
No Switchport
IP Add 172.16.1.2 255.255.255.252
No sh
int range FA0/1-10
Switchport Mode acc
Switchport Access VLAN 30
Exit
int range fa0/11-12
Sswitchport Mode acc
Switchport Access VLAN 10
Exit
int Port-channel 1
Switchport Trunk Encapsulation dot1q
Switchport mode Trunk
Exit
Port-channel load-balance Src-dst-ip
int range fa0/23-24
Switchport Trunk Encapsulation dot1q
Switchport mode Trunk
Channel-group 1 mode on
Exit
IP Access-list Extended Financein
Permit IP any 172.16.30.0 0.0.0.255 reflect Reflectin
Permit IP any any
Exit
IP Access-list Extended tofinance
Evaluate Reflectin
Deny IP 172.16.30.0 0.0.0.255 172.16.20.0 0.0.0.255
Permit IP any any
Exit
int VLAN 10
IP Add 172.16.10.1 255.255.255.0
No sh
int VLAN 20
IP Add 172.16.20.1 255.255.255.0
IP helper-address 172.16.1.2
IP Access-group Financein in
IP Access-group tofinance out
No sh
int VLAN 30
IP Add 172.16.30.1 255.255.255.0
IP helper-address 172.16.1.2
No sh
int VLAN 40
IP Add 172.16.40.1 255.255.255.0
No sh
Exit
IP dhcp excluded-address 172.16.20.1 172.16.20.10
IP DHCP Pool FINANCE-DHCP
Network 172.16.20.0 255.255.255.0
Default-router 172.16.20.1
Dns-server 202.96.128.143
Lease 2 0 0
Exit
IP dhcp excluded-address 172.16.30.1 172.16.30.10
IP DHCP Pool MARKET-DHCP
Network 172.16.30.0 255.255.255.0
Default-router 172.16.30.1
Dns-server 202.96.128.143
Lease 2 0 0
Exit
Router RIP
Version 2
No auto-summary
Network 172.16.10.0
Network 172.16.20.0
Network 172.16.30.0
Network 172.16.40.0
Network 172.16.1.0
Exit

Configuration SW2:
En
Conf t
Host SW2
Enable password test
Line con 0
Pass Test
Login
Logg syn
No exec
Exit
Line vty 0 4
Pass Test
Login
Logg syn
No exec
Exit
No IP routing
VLAN 20
Name Finance
VLAN 30
Name Market
VLAN 40
Name Wireless
Exit
int range FA0/1-10
Switchport mode access
Switchport Access VLAN 30
int range fa0/11-15
Switchport mode access
Switchport Access VLAN 20
int FA0/16
Switchport mode access
Switchport Access VLAN 40
Exit
int Port-channel 1
Switchport Trunk Encapsulation dot1q
Switchport mode Trunk
Exit
Port-channel load-balance Src-dst-ip
int range fa0/23-24
Switchport Trunk Encapsulation dot1q
Switchport mode Trunk
Channel-group 1 mode on
Exit
int range FA0/1-15
Switchport mode access
Switchport port-security
Switchport port-security Maximum 1
Switchport port-security mac-address Sticky
Switchport port-security violation shutdown
Exit

Now that the configuration is complete and then to the test, the diagram is not on.


This article from "Liu Fengyuan" blog, declined reprint!

Small and medium network system integration

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
hp small and medium business store practice of system and network administration practice of system and network administration third edition accounting system for small business jira and salesforce integration spring and hibernate integration x16 small office phone system

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More