Académique Documents
Professionnel Documents
Culture Documents
Device
R1
Interface
Fa0/1
IP Address
192.168.1.1
Subnet Mask
255.255.255.0
Default Gateway
N/A
Switch Port
S1 Fa0/5
S0/0/0 (DCE)
10.1.1.1
255.255.255.252
N/A
N/A
S0/0/0
10.1.1.2
255.255.255.252
N/A
N/A
S0/0/1 (DCE)
10.2.2.2
255.255.255.252
N/A
N/A
Fa0/1
192.168.3.1
255.255.255.0
N/A
S3 Fa0/5
S0/0/1
10.2.2.1
255.255.255.252
N/A
N/A
PC-A
NIC
192.168.1.3
255.255.255.0
192.168.1.1
S1 Fa0/6
PC-C
NIC
192.168.3.3
255.255.255.0
192.168.3.1
S3 Fa0/18
R2
R3
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description LAN Site 1
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/2/0
description Enlace Wan a R2
ip address 10.1.1.1 255.255.255.252
no fair-queue
clock rate 125000
!
interface Serial0/2/1
no ip address
shutdown
!
router eigrp 101
network 10.1.1.0 0.0.0.3
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
!
!
ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 5 0
password 7 13061E01080307252534292026
logging synchronous
login
line aux 0
exec-timeout 5 0
password 7 094F471A1A0A1607131C053938
login
line vty 0 4
exec-timeout 5 0
password 7 0822455D0A1613030B1B0D1739
login
!
scheduler allocate 20000 1000
!
end
R2
service password-encryption55.255.255/network-confg (T
!e
hostname R2
up
!
boot-start-marker
!
interfac
boot-end-markeropening tftp://
!5
security passwords min-length 10out)168.40.1 YES manual up
enable secret 5 $1$Dz73$sk0VuhKo6oNGYPQbq9gS5/- System Configuration
Dialog --no mop enabl
!
no aaa new-modelfnterface F
Wou
!
!u
ip cefo ente
!t
!
ip auth-proxy max-nodata-conns 3s/no]:er.
half-duplex
ip admission max-nodata-conns 3fi.255.25
% Please answer 'yes'
!r
!n
voice-card 0n
no dspfarmld you like
!o
!n
!r
!h
!i
!t
!l
!o
!i
!r
!i
!
!a
!g
![
!s
!o
!
!
!
!
interface FastEthernet0/0#show runerial0/2/1
R3#s
no ip address answer 'yes'
shutdown
Buildin
duplex autoon...o
Would
speed auto enter the
!i
interface FastEthernet0/1 [yes/no]:
no ip addressversion 12.4
shutdown
service
duplex auto answer 'yes
speed auto
!
interface Serial0/2/0ou like to enter the
description R2 Serial 0
network 192.1
!router eigrp 101
!
!
ip ce
network 10.1.1.0 0.0.0.3y max-nodata*Sep 16 12:
network 10.2.2.0 0.0.0.3LOC: Crypto engine: onboa
no auto-summarye
Building c
!f
ip forward-protocol nd marker.
!
!
!
!
!
line con 0
exec-timeout 5 0
password 7 13061E01080307252534292026
logging synchronous
login
line aux 0
exec-timeout 5 0
password 7 121A0C0411040D11323B253B20
login
line vty 0 4
exec-timeout 5 0
password 7 045802150C2E5A5A1009040401
login
!
scheduler allocate 20000 1000
!
end
R3
Use the show ip inspect all command to see the configuration and inspection status
View detailed session information using the show ip inspect sessions detail command
service sequence-numbers
!
hostname R1
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 10 log
security passwords min-length 10
logging buffered 4096 debugging
logging console critical
enable secret 5 $1$Kz15$nkPyCBVzKIq7bGGFB9k4R0
enable password 7 045802150C2E1A19514055
!
aaa new-model
!
!
aaa authentication login local_auth local
!
aaa session-id common
no ip source-route
no ip gratuitous-arps
!
!
ip cef
!
!
no ip bootp server
no ip domain lookup
ip inspect audit-trail
ip inspect udp idle-time 1800
ip inspect dns-timeout 7
ip inspect tcp idle-time 14400
ip inspect name autosec_inspect cuseeme timeout 3600
ip inspect name autosec_inspect ftp timeout 3600
ip inspect name autosec_inspect http timeout 3600
ip inspect name autosec_inspect rcmd timeout 3600
ip inspect name autosec_inspect realaudio timeout 3600
ip inspect name autosec_inspect smtp timeout 3600
ip inspect name autosec_inspect tftp timeout 30
ip inspect name autosec_inspect udp timeout 15
ip inspect name autosec_inspect tcp timeout 3600
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
login block-for 60 attempts 2 within 30
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username admin password 7 030752180500701E1D5D4C
archive
log config
logging enable
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description LAN Site 1
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
no mop enabled
!
interface Serial0/2/0
description Enlace Wan a R2
ip address 10.1.1.1 255.255.255.252
ip access-group autosec_firewall_acl in
ip verify unicast source reachable-via rx allow-default 100
no ip redirects
no ip unreachables
no ip proxy-arp
ip inspect autosec_inspect out
no fair-queue
clock rate 125000
!
interface Serial0/2/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
!
router eigrp 101
network 10.1.1.0 0.0.0.3
network 192.168.1.0
no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
ip access-list extended autosec_firewall_acl
permit udp any any eq bootpc
end
R2
R2#show running-configet started. E2 - OSPF
Building configuration... Access Verification
Current configuration : 1269 bytesS-I
% Password: timeout expired!!
version 12.4 IS-IS level
service timestamps debug datetime msect expired!, one per line. End with CN
service timestamps log datetime mseceout expired!ult, U - per-user stati
service password-encryptionexitYES m
!
hostname R2
S2 con0 i
!n
boot-start-markerP - periodic down
boot-end-markerURN to get star
!d
security passwords min-length 10
User Access Verificationrt is
enable secret 5 $1$Dz73$sk0VuhKo6oNGYPQbq9gS5/:0.0.0.0/3
Password:tted, 2 s
% Bad passwordse
!c
no aaa new-model
!
ip cefS2 con
!i
!n
ip auth-proxy max-nodata-conns 3