SCD

Topología

Planificación de Direccionamiento

1. WAN CLARO-ICA : 192.168.100.0 /27

2. LAN LIMA : 192.168.100.32 /27

3. VLAN 10 : 192.168.100.64 /27

4. VLAN 20 : 192.168.100.96 /27

5. VLAN 30 : 192.168.100.128 /27

Configuración de Seguridad Fortificada

SSH

Router

R-MOVISTAR(config)#ip domain-name cisco.com

R-MOVISTAR(config)#crypto key generate rsa

R-MOVISTAR(config)#user USUARIO pass ciscoclass

R-MOVISTAR(config)#service password-encryption

R-MOVISTAR(config)#ip ssh version 2

R-MOVISTAR(config)#ip ssh auth 2

R-MOVISTAR(config)#ip ssh time 60

VTY

R-MOVISTAR(config)#line vty 0 15

R-MOVISTAR(config-line)#login local

R-MOVISTAR(config-line)#transport input ssh

R-MOVISTAR(config-line)#exit

Switch

SW-MOVISTAR(config)#ip domain-name cisco.com

SW-MOVISTAR(config)#crypto key generate rsa

SW-MOVISTAR(config)#user USUARIO pass ciscoclass

SW-MOVISTAR(config)#service password-encryption

SW-MOVISTAR(config)#ip ssh version 2

SW-MOVISTAR(config)#ip ssh auth 2

SW-MOVISTAR(config)#ip ssh time 60

VTY

SW-MOVISTAR(config)#line vty 0 15

SW-MOVISTAR(config-line)#login local

SW-MOVISTAR(config-line)#transport input ssh

SW-MOVISTAR(config-line)#exit

VLAN's

HSRP

//R-ICA(config)

interface f0/0.10

R-ICA(config)#interface f0/0.10

R-ICA(config-if)#standby version 2

R-ICA(config-if)#standby 10 ip 192.168.100.65

R-ICA(config-if)#standby 10 priority 105

R-ICA(config-if)#standby 10 preempt

R-ICA(config-if)#standby 10 track s0/0/0

R-ICA(config-if)#exit

interface f0/0.20

R-ICA(config)#interface f0/0.20

R-ICA(config-if)#standby version 2

R-ICA(config-if)#standby 20 ip 192.168.100.97

R-ICA(config-if)#standby 20 priority 105

R-ICA(config-if)#standby 20 preempt

R-ICA(config-if)#standby 20 track s0/0/0

R-ICA(config-if)#exit

interface f0/0.30

R-ICA(config)#interface f0/0.30

R-ICA(config-if)#standby version 2

R-ICA(config-if)#standby 30 ip 192.168.100.129

R-ICA(config-if)#standby 30 priority 105

R-ICA(config-if)#standby 30 preempt

R-ICA(config-if)#standby 30 track s0/0/0

R-ICA(config-if)#exit

RIPv2

OSPF

//R-ICA

R-ICA(config)#ip route 0.0.0.0 0.0.0.0 198.200.140.17

R-ICA(config)#router ospf 100

R-ICA(config-router)#default-information originate

R-ICA(config-router)#exit

NAT/PAT

//R-LIMA

R-LIMA(config)#ip nat inside source list 25 interface s0/0/0 overload

interface s0/0/0

R-LIMA(config)#interface s0/0/0

R-LIMA(config-if)#ip nat outside

R-LIMA(config-if)#exit

//R-ICA

R-ICA(config)#ip nat inside source list 25 interface s0/0/0 overload

access-list

R-ICA(config)#access-list 25 permit 192.168.100.64 0.0.0.3

R-ICA(config)#access-list 25 permit 192.168.100.96 0.0.0.3

R-ICA(config)#access-list 25 permit 192.168.100.128 0.0.0.3

interfaces

interface s0/0/0

R-ICA(config)#interface s0/0/0

R-ICA(config-if)#ip nat outside

R-ICA(config-if)#exit

interface s0/0/0

R-ICA(config)#interface f0/0.10

R-ICA(config-subif)#ip nat inside

R-ICA(config-subif)#exit

interface s0/0/0

R-ICA(config)#interface f0/0.20

R-ICA(config-subif)#ip nat inside

R-ICA(config-subif)#exit

interface s0/0/0

R-ICA(config)#interface f0/0.30

R-ICA(config-subif)#ip nat inside

R-ICA(config-subif)#exit

DHCP

//ip dhcp excluded-address

//LAN-MOVISTAR

R-MOVISTAR(config)#ip dhcp excluded-address 192.168.100.33

R-MOVISTAR(config)#ip dhcp pool LAN-MOVISTAR

R-MOVISTAR(dhcp-config)#network 192.168.100.32 255.255.255.252

R-MOVISTAR(dhcp-config)#default-router 192.168.100.33

R-MOVISTAR(dhcp-config)#dns-server 8.8.8.8

R-MOVISTAR(dhcp-config)#exit

//LAN-CLARO

R-CLARO(config)#ip dhcp excluded-address 192.168.100.33

R-CLARO(config)#ip dhcp pool LAN-CLARO

R-CLARO(dhcp-config)#network 192.168.100.32 255.255.255.252

R-CLARO(dhcp-config)#default-router 192.168.100.33

R-CLARO(dhcp-config)#dns-server 8.8.8.8

R-CLARO(dhcp-config)#exit

//LAN-ICA

R-ICA(config)#ip dhcp excluded-address 192.168.100.65

R-ICA(config)#ip dhcp excluded-address 192.168.100.97

R-ICA(config)#ip dhcp excluded-address 192.168.100.129

//ip dhcp pool

//LAN-DATOS

R-ICA(config)#ip dhcp pool LAN-DATOS

R-ICA(dhcp-config)#network 192.168.100.64 255.255.255.252

R-ICA(dhcp-config)#default-router 192.168.100.65

R-ICA(dhcp-config)#dns-server 8.8.8.8

R-ICA(dhcp-config)#exit

//LAN-VOZ

R-ICA(config)#ip dhcp pool LAN-VOZ

R-ICA(dhcp-config)#network 192.168.100.96 255.255.255.252

R-ICA(dhcp-config)#default-router 192.168.100.97

R-ICA(dhcp-config)#dns-server 8.8.8.8

R-ICA(dhcp-config)#exit

//LAN-ADMIN

R-ICA(config)#ip dhcp pool LAN-ADMIN

R-ICA(dhcp-config)#network 192.168.100.128 255.255.255.252

R-ICA(dhcp-config)#default-router 192.168.100.129

R-ICA(dhcp-config)#dns-server 8.8.8.8

R-ICA(dhcp-config)#exit