Professional Documents
Culture Documents
2009/12/2
Outline
y Cisco Packet Tracer
y Cisco Packet Tracer
y Cisco Packet Tracer
y Cisco Packet Tracer
y
y
y IP
y SSH
y Vlan
y DHCP IPv4
y Access-list IPv4
2
2009/12/2
y Packet Tracer
pc
pc
rs232 router router
2009/12/2
2009/12/2
2009/12/2
2009/12/2
2009/12/2
2009/12/2
2009/12/2
10
2009/12/2
11
2009/12/2
12
2009/12/2
13
2009/12/2
y
y Router
y 2811
y FastEthernet, 1 RS232 Port
y
y Multilayer Switch
y 3560-24PS
y 24 FastEthernet Ports, 2 GigabitEthernet Ports, 1 RS232 Port
y PC
y 1 FastEthernet Port, 1 RS232 Port,
y Laptop
y 1 FastEthernet Port, 1 RS232 Port ,
14
2009/12/2
-IP
y ssh/telnet/terminal
y Router>en ()
y Router#config t ()
y Router(config)#int fa 0/0 ()
y Router(config-if)#ip address 10.0.0.1 255.255.255.0 ()
y Router(config-if)#no shut
y Router(config-if)#exit
y Router(config)#do sh run (do
or )
y Router#sh run ()
15
2009/12/2
y Cisco
y enable , en
y (running-config)
y configure terminal, config t
y
y interface Ethernet (e) 0/1 (10 Mbps)
y interface FastEthernet (fa) 0/1 (100 Mbps)
y interface GigibitEthernet (gi) 0/1 (1000 Mbps)
16
2009/12/2
y
y en, hostname Your Name
y Router(config)# hostname Router1
y Router1(config)#
y
y ?
y Tab
y do
17
2009/12/2
y
Router#show running-config
Building configuration...
y
Router#copy running-config startup-config
Destination filename [startup-config]? [press
enter]
Building configuration...
[OK]
18
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration
files!
Continue? [confirm][enter]
[OK]
Erase of nvram: complete
2009/12/2
y Router# show interface ()
y Router# show ip interface (layer 3)
y do
y Router(config)# do sh int fa 0/1
y Router(config)# do show interface fa 0/1
y ()
19
2009/12/2
y Router(config)# int fa 0/0
y Router(config-if)# ip address 192.168.1.1 255.255.255.0
y Router(config-if)# no shutdown
y Router(config-if)# exit
y Router(config)#do sh int fa 0/0 ()
20
2009/12/2
y
y enable password Your Password ()
y enable secret Your Password ()
y Router(config)#enable secret 123456
y Router(config)#enable password 1234567
y Password
y Router(config)#service password-encryption
y Router(config)#do sh run ()
y Router(config)#no service password-encryption ()
21
y C3560G-24PS
y cisco
y cisco
2009/12/2
SSH / telnet
y Router(config)#ip domain-name niu.edu.tw
y Router(config)#crypto key generate rsa general-keys
modulus 1024
y The name for the keys will be: Router.niu.edu.tw
y % The key modulus size is 1024 bits
y % Generating 1024 bit RSA keys, keys will be non-
exportable...[OK]
y Router(config)#ip ssh authentication-retries 2
y Router(config)#line vty 0 15
y Router(config-line)#password r9743003
y Router(config-line)#transport input all
22
y Router(config-line)#no login ()
2009/12/2
?
y ID
y
y
y ID
y TCP/IP
y
y
y
y
y ID
23
2009/12/2
6
24
192.168.1.0
60
2009/12/2
25
2009/12/2
Fa0/0 192.168.1.1/30
Fa0/1 192.168.1.9/29
Fa0/1 192.168.1.15/29
4
26
192.168.1.0
Fa0/0 192.168.1.2/30
Fa0/1 192.168.1.65/26
Fa0/1 192.168.1.127/26
60
2009/12/2
IPv4 DHCP
y Route(config)#ip dhcp pool Admin
y Route(dhcp-config)#network 192.168.2.0
27
255.255.255.0
y Route(dhcp-config)#default-router 192.168.2.1
y Route(dhcp-config)#dns-server 192.168.2.1
(IPinterface)
y Route(dhcp-config)#exit
y Route(config)#ip dhcp excluded-address 192.168.2.1
192.168.2.10 ((rangeip))
y Route(config)#do sh run (DHCP)
y Route(config)#do sh ip dhcp binding (bi) (
DHCP pool )
2009/12/2
VLAN
y VLAN
y Route(config)# vlan 2 (vlan )
y Route(config)# name xxxx ()
y VLAN
y Route(config)# no vlan 2
y VLAN
y Route(config)# do sh vlan
28
2009/12/2
VLAN
y vlan
y Route(config)#int fa 0/1
y Route(config-if)# switchport mode access
y Route(config-if)# switchport access vlan 3
y vlan
y Route(config)#int fa 0/1
y Route(config-if)# switchport mode trunk
29
2009/12/2
access-list
y
y <1-99> IP standard access list
y <1300-1999> IP standard access list (expanded range)
y
y Router(config)#access-list 10 deny 172.16.10.0 0.0.0.255
y Router(config)#access-list 10 deny 172.16.10.0 0.0.3.255
y (172.16.16.0 ~ 172.16.19.0)
y int fa 0/1
2009/12/2
access-list
y
y <100-199> IP extended access list
y <2000-2699> IP extended access list (expanded range)
y 172.16.30.2tcp
2009/12/2
IPv6 Forwarding
y IPv6 ()
y Router(config)# ipv6 unicast-routing
y
y Router(config-if)# int fa 0/1
y ipv6
y Router(config-if)#ipv6 enable
y Router(config-if)# ipv6 address 2001:db8:3c4d:1::/64
eui-64
32
2009/12/2
IPv6 DHCP
y Router(config)# ipv6 dhcp pool test
y Router(config-dhcp)#domain-name niu.edu.tw
y Router(config-dhcp)#prefix-delegation pool test
33
2009/12/2