Config base routeur

Hostname , Banner, No ip domain-lookup, Enable secret class, Line con 0

Pass cisco, Login, Logging synchronous, Exec-timeout 5, Exit
Line vty 0 4, Pass cisco, Login, Logging sync, Exec-timeout 5, exit

Configuration dinterfaces, vrifier ip, configure PC1 et PC3, test connectivit

Int fa, ip add ADDRESSE MASQUE, no shut, exit
DCE Int s0/0/0 ip add ADDRESSE MASQUE clock rate 64000, no shut, exit
DTE int s 0/01 ip add ADDRESSE MASQUE, no shut, end
LOOPBACK (surement R2) int Loopback0, ip add ADDRESSE MASQUE, no shut, end
VRIFICATION show ip int brief

Config int srie

PPP (surement R1 et R2)R1 conf t, username R2 pass cisco, int serial0/0/0, encapsulation ppp
ppp authentification chap, exit
R2 username R1 pass cisco, int s0/0/ encaps ppp
FRAME RELAY (R1-> R3) (R1)int s0/0/1 (R3) ints0/0/0 encapsulation frame-relay, frame-relay
map ip ADRESSE #DLCI broadcast, une autre fois, frame-relay interface-dlci #DLCI, no keepalive,
end
VRIF show int, show frame-relay pvc, show frame-relay map

Config RIP annoncer reseau directement connect passive interface sans routeur
R1 et R3 routeur rip, version 2, network connect direct, passive int fa0/1, no auto-summary
end
R2 ip route 0.0.0.0 0.0.0.0 Loopback0, jusqua no auto-summary et ajouter redistribute static
VRIF show ip protocols, show ip route

Scurit router loopback desactive service inutile et confirmer securite R2

Conf t, username cisco pass cisco, aaa new-model, aaa authentication login LOCAL_AUTH local,
line vty 0 4, login authentication LOCAL_AUTH, no service pad, no service finger, no service udpsmall-server, no service tcp-small-server, no ip bootp server, no ip http server, no ip finger, no ip
source-route, no ip gratuitouts-arps, no cdp run AUTO secure?
Config ACL allou telnet de R2 vers R1 et R3 seulement, pas de http(80),telnet (23) et FTP (20 et
21)de internet a PC1, appliquer ACL en entre sur
R2 acces-list 102 deny tcp any host ADRESSE LOOPBACK eq #NUMPORT (80 23, 21 20)
R2 int loopback0, ip acces-group 102 in
R1 ou R3 access-list 101 permit tcp host ADDRESSE INT DE R2, access-list 101 deny tcp any any
eq 23
R1 OU R3 line vty 0 4, access-class 101 in, end
TOUS permit ip any any, end
R3 ONLY access-list 103 deny ip 10.0.0.128 0.0.0.127 host 10.0.0.10, int SERIAL 000 et 001, ip
access-group 103 out, exit
VRIF show ip access-lists
CONFIGURE NAT permettre PC3 de pinger PC1 et vrifier
Conf t, access-list 104 permit ip 10.0.0.128 0.0.0.127 any, ip nat inside source list 104 int s0/0/0
overload
Int fa 0/1, ip access-group 104 in, ip nat inside, exit
Int SERIAL 001 et 000 ip nat outsidem exit
VRIF show ip access-lists
CLEANUP erase config reload routeur deconnecte cable remettre cable a bon endroit sur ordi
Les Routeurs Rxx se connecte dans les interfaces FA des routeurs et dans la slot Rxx de
lordinateur
Les connection console se branche dans # routeur et # Cxx dans socket orange