Experimental topology and requirements

Configure the required IP Address

To configure Telnet, All devices in the campus network are required to support remote management
To configure Trunk, Links between switches are Trunk Pattern
To configure Vlan,SW2 And SW3 Create a related VLAN, relation 4 platform PC To the corresponding VLAN Interface
To configure MLS, adopt SW1 Realization VLAN Routing between
To configure DHCP, send SW1 For each VLAN Internal host allocation address
To configure STP, send SW1 Be all VLAN The root bridge of , It is required to manually modify the priority to 4096
To configure OSPF, The enterprise network is a process 1
Configure the default route and NAT,R1 Configure static default routes on ,SW1 adopt OSPF Learn the default route
To configure NAT, stay R1 On the configuration EasyIP
To configure PPP,R1 And R2 The encapsulation agreement between is PPP, Use CHAP authentication
To configure OSPF, The operator network is a process 2
To configure DNS, adopt www.ayanami.com visit HTTP The server , adopt www.izuminoa.com visit FTP The server
To configure ACL, stay R1 On the configuration ACL, Refuse VLAN 20 Traffic access to HTTP The server

To configure

Directly give the configuration of each device , Do not list them step by step as required .

SW1：

 sysname SW1
#
undo info-center enable
#
vlan batch 10 12 20 30 40 50
#
stp instance 0 priority 4096
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif10
 ip address 192.168.10.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif12
 ip address 192.168.12.1 255.255.255.0
#
interface Vlanif20
 ip address 192.168.20.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif30
 ip address 192.168.30.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif40
 ip address 192.168.40.254 255.255.255.0
 dhcp select interface
 dhcp server dns-list 3.0.0.1
#
interface Vlanif50
 ip address 192.168.50.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/2
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 12

#
ospf 1 router-id 1.1.1.1
 area 0.0.0.0
  network 192.168.0.0 0.0.255.255
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

SW2：

 sysname SW2
#
undo info-center enable
#
vlan batch 10 20 30 40 50
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif50
 ip address 192.168.50.2 255.255.255.0
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 10
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 20
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

SW3：

 sysname SW3
#
undo info-center enable
#
vlan batch 10 20 30 40 50
#
dhcp enable
#
aaa
 local-user admin password simple ayanami
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Vlanif50
 ip address 192.168.50.3 255.255.255.0
#
interface Ethernet0/0/1
 port link-type trunk
 port trunk allow-pass vlan 2 to 4094
#
interface Ethernet0/0/2
 port link-type access
 port default vlan 30
#
interface Ethernet0/0/3
 port link-type access
 port default vlan 40
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

R1：

 sysname R1
#
 board add 0/4 2SA 
#
acl number 2000  
 rule 1 permit 
#
acl number 3000  
 rule 1 deny tcp source 192.168.20.0 0.0.0.255 destination 4.0.0.1 0 destination
-port eq www 
#
aaa 
 local-user admin password cipher %$%$~sn^$)7\*0J*n6'!{LM0gq58%$%$
 local-user admin privilege level 15
 local-user admin service-type telnet
#
interface Serial4/0/0
 link-protocol ppp
 ppp authentication-mode chap 
 ppp chap user pppadmin
 ppp chap password simple pppayanami
 ip address 12.0.0.1 255.255.255.0 
 nat outbound 2000
#
interface Serial4/0/1
 link-protocol ppp
#
interface GigabitEthernet0/0/0
 ip address 192.168.12.2 255.255.255.0 
 traffic-filter inbound acl 3000
#
ospf 1 router-id 2.2.2.2 
 default-route-advertise
 area 0.0.0.0 
  network 192.168.12.0 0.0.0.255 
#
ip route-static 0.0.0.0 0.0.0.0 Serial4/0/0
#
user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all
#

R2：

 sysname R2
#
 board add 0/4 2SA 
#
 undo info-center enable
#
aaa 
 local-user pppadmin password cipher %$%$+%\~//=&`X*P,<,=|fFQgx:;%$%$
 local-user pppadmin service-type ppp
#
interface Serial4/0/0
 link-protocol ppp
 ppp authentication-mode chap 
 ip address 12.0.0.2 255.255.255.0 
#
interface GigabitEthernet0/0/0
 ip address 23.0.0.2 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 24.0.0.2 255.255.255.0 
#
ospf 2 router-id 2.2.2.2 
 area 0.0.0.0 
  network 12.0.0.0 0.0.0.255 
  network 23.0.0.0 0.0.0.255 
  network 24.0.0.0 0.0.0.255 
#

R3：

 sysname R3
#
 undo info-center enable
#
interface GigabitEthernet0/0/0
 ip address 23.0.0.3 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 34.0.0.3 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 3.0.0.254 255.255.255.0 
#
ospf 2 router-id 3.3.3.3 
 area 0.0.0.0 
  network 3.0.0.0 0.0.0.255 
  network 23.0.0.0 0.0.0.255 
  network 34.0.0.0 0.0.0.255 
#

R4：

 sysname R4
#
 undo info-center enable
#
interface GigabitEthernet0/0/0
 ip address 24.0.0.4 255.255.255.0 
#
interface GigabitEthernet0/0/1
 ip address 34.0.0.4 255.255.255.0 
#
interface GigabitEthernet0/0/2
 ip address 4.0.0.254 255.255.255.0 
#
ospf 2 router-id 4.4.4.4 
 area 0.0.0.0 
  network 4.0.0.0 0.0.0.255 
  network 24.0.0.0 0.0.0.255 
  network 34.0.0.0 0.0.0.255