Vous êtes sur la page 1sur 3

DESPLIEGUE INFO

show running-config
show startup-config
show interface vlan1
show ip interface vlan1
show versin
show interface f0/6
show vlan
show flash
dir flash:
S1# show vlan brief
S1# show run
S1# show interface vlan 99
show mac address-table
S1# clear mac address-table dynamic
Switch01# show port-security interface GigabitEthernet 0/1
show ip http server status.
CONFIGURACION BASICA
Switch> enable
Switch# configure terminal
Switch(config)# hostname S1
S1(config)# service password-encryption
S1(config)# enable secret class
S1(config)# no ip domain-lookup
S1(config)# banner motd #
S1(config)# line con 0
S1(config-line)# password cisco
S1(config-line)# login
S1(config-line)# logging synchronous
S1(config-line)# exit
S1(config)#
S1(config)# line vty 0 15
S1(config-line)# password cisco
S1(config-line)# login
S1(config-line)# no password cisco (remover password)
HABILITAR SSH
S1(config)#ip domain-name capacityacademy.com
S1(config)#crypto key generate rsa 1024
S1(config)#ip ssh time-out 30
S1 (config)#ip ssh authentication-retries 3
S1 (config)#ip ssh version 2
S1 (config)#username admin privilege 15 password cisco
S1(config)#line vty 0 4
S1(config-line)#transport input ssh
S1 (config-line)#login local

S1(config)# ip ssh time-out 75


S1(config)# ip ssh authentication-retries 2
CONFIGURACION VLAN
S1# configure terminal
S1(config)# vlan 99
S1(config-vlan)# exit
S1(config)# interface vlan99
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to
down
S1(config-if)# ip address 192.168.1.2 255.255.255.0
S1(config-if)# no shutdown
S1(config-if)# exit
S1# config t
S1(config)# interface f0/5
S1(config-if)# switchport mode access
S1(config-if)# switchport access vlan 99
S1(config-if)# interface f0/6
S1(config-if)# switchport mode access
S1(config-if)# switchport
ASIGNACION DE PUERTOS VLAN
S1(config)# interface range f0/1-24,g0/1-2
S1(config-if-range)# switchport access vlan 99
S1(config)# ip default-gateway 192.168.1.1
S1(config)# no mac address-table static 0050.56BE.6C89 vlan 99 interface
fastethernet 0/6
SEGURIDAD PUERTO
S1(config-if)#interface fa0/18
S1(config-if)#switchport port-security
S1(config-if)#switchport port-security maximum 1
S1(config-if)#switchport port-security mac-address sticky
S1(config-if)#switchport port-security violation shutdown
S1(config-if)#switchport port-security mac-address sticky 0001.647C.697E
Switch01(config-if)# switchport port-security violation { protect | restrict | shutdown }
Como vis, podemos elegir entre protect, restrict y shutdown:
Protect: slo se permite trfico de las MAC permitidas en la configuracin
descartando el trfico del resto, no se notifica sobre la intrusin.
Restrict: se enva una notificacin SNMP al administrador y el trfico del puerto se
permite nicamente a las MAC especificadas, del resto se descarta.
Shutdown: el puerto se deshabilita.

CONFIGURACION VLAN
S1(config)# vlan 99
S1(config-vlan)# name Management
S1(config-vlan)# exit S1(config)#
S1(config)# interface vlan 99
S1(config-if)# ip address 172.16.99.11 255.255.255.0
S1(config-if)# no shutdown
S1(config-if)# end
S1#