Tunneling 실습

Notice

Recent Posts

Recent Comments

Link

« 2025/02 »
일	월	화	수	목	금	토
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28

Tags more

Archives

Today

Total

관리 메뉴

kjh00n의 기록저장소

Tunneling 실습 본문

보안 장비 운용

Tunneling 실습

kjh00n 2025. 1. 21. 18:08

풀이

--PC1--
ip 10.10.10.1 255.255.255.0 10.10.10.254

--PC2--
ip 20.20.20.1 255.255.255.0 20.20.20.254

--PC3--
ip 30.30.30.1 255.255.255.0 30.30.30.254

--PC4--
ip 40.40.40.1 255.255.255.0 40.40.40.254

--Server1--
ip 1.1.1.1 255.255.255.0 1.1.1.254

--Server2--
ip 1.1.1.1 255.255.255.0 1.1.1.254

--ESW1--
conf t
vlan 10
name v10
vlan 20
name v20
exit
int fa 3/0
switchport mode access
switchport access vlan 10
int fa 3/1
switchport mode access
switchport access vlan 20
int fa 3/15
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20,1002-1005

--ESW2--
conf t
vlan 30
name v30
vlan 40
name v40
exit
int fa 3/0
switchport mode access
switchport access vlan 30
int fa 3/1
switchport mode access
switchport access vlan 40
int fa 3/15
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,30,40,1002-1005

--R1--
conf t
int fa 0/0
no shu
int fa 0/0.10
encapsulation dot1q 10
ip addr 10.10.10.254 255.255.255.0
int fa 0/0.20
encapsulation dot1q 20
ip addr 20.20.20.254 255.255.255.0
int fa 0/1
ip addr 100.100.12.1 255.255.255.0
no shu
router rip
network 100.100.12.0
version 2
no auto-summary
int tunnel 0
ip addr 192.168.100.1 255.255.255.0
tunnel source 100.100.12.1
tunnel destination 100.100.56.6
tunnel mode gre ip
ip route 30.30.30.0 255.255.255.0 192.168.100.2
ip route 40.40.40.0 255.255.255.0 192.168.100.2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 1 permit 20.20.20.0 0.0.0.255
ip nat inside source list 1 int fa 0/1
int fa 0/1
ip nat outside
int fa 0/0.10
ip nat inside
int fa 0/0.20
ip nat inside

--R2--
conf t
int fa 0/0
ip addr 100.100.12.2 255.255.255.0
no shu
int se 3/0
ip addr 100.100.23.2 255.255.255.0
encapsulation ppp
bandwidth 1024
clockrate 1008000
no shu
int se 3/1
ip addr 100.100.24.2 255.255.255.0
encapsulation ppp
bandwidth 512
clockrate 500000
no shu
router rip
network 100.100.23.0
network 100.100.24.0
network 100.100.12.0
version 2
no auto-summary

--R3--
conf t
int fa 0/0
ip addr 1.1.1.254 255.255.255.0
no shu
int se 3/0
ip addr 100.100.23.3 255.255.255.0
encapsulation ppp
bandwidth 1024
clockrate 1008000
no shu
int se 3/1
ip addr 100.100.35.3 255.255.255.0
encapsulation hdlc
bandwidth 512
clockrate 500000
no shu
router rip
network 100.100.23.0
network 100.100.35.0
version 2
no auto-summary
ip nat inside source static 1.1.1.1 100.100.23.3
int fa 0/0
ip nat inside
int se 3/0
ip nat outside
int se 3/1
ip nat outside
access-list 1 deny host 100.100.12.1
access-list 1 permit any
int fa 0/0
ip access-group 1 out


--R4--
conf t
int fa 0/0
ip addr 1.1.1.254 255.255.255.0
no shu
int se 3/0
ip addr 100.100.45.4 255.255.255.0
encapsulation hdlc
bandwidth 1024
clockrate 1008000
no shu
int se 3/1
ip addr 100.100.24.4 255.255.255.0
encapsulation ppp
bandwidth 512
clockrate 500000
no shu
router rip
network 100.100.45.0
network 100.100.24.0
version 2
no auto-summary
ip nat inside source static 1.1.1.2 100.100.45.4
int fa 0/0
ip nat inside
int se 3/1
ip nat outside
int se 3/0
ip nat outside
access-list 1 deny host 100.100.56.6
int fa 0/0
ip access-group 1 out

--R5--
conf t
int fa 0/0
ip addr 100.100.56.5 255.255.255.0
no shu
int se 3/0
ip addr 100.100.45.5 255.255.255.0
encapsulation hdlc
bandwidth 1024
clockrate 1008000
no shu
int se 3/1
ip addr 100.100.35.5 255.255.255.0
encapsulation hdlc
bandwidth 512
clockrate 500000
no shu
router rip
network 100.100.45.0
network 100.100.35.0
network 100.100.56.0
version 2
no auto-summary

--R6--
conf t
int fa 0/0
no shu
int fa 0/0.30
encapsulation dot1q 30
ip addr 30.30.30.254 255.255.255.0
int fa 0/0.40
encapsulation dot1q 40
ip addr 40.40.40.254 255.255.255.0
int fa 0/1
ip addr 100.100.56.6 255.255.255.0
no shu
router rip
network 100.100.56.0
version 2
no auto-summary
int tunnel 0
ip addr 192.168.100.2 255.255.255.0
tunnel source 100.100.56.6
tunnel destination 100.100.12.1
tunnel mode gre ip
ip route 10.10.10.0 255.255.255.0 192.168.100.1
ip route 20.20.20.0 255.255.255.0 192.168.100.1
access-list 1 permit 30.30.30.0 0.0.0.255
access-list 1 permit 40.40.40.0 0.0.0.255
ip nat inside source list 1 int fa 0/1
int fa 0/1
ip nat outside
int fa 0/0.30
ip nat inside
int fa 0/0.40
ip nat inside

'보안 장비 운용' 카테고리의 다른 글

PBR (Policy Based Routin) (0)	2025.01.22
Tunneling 실습2 (0)	2025.01.22
Tunneling (0)	2025.01.21
SOPHOS 설정 (0)	2025.01.21
통합 위협 관리 시스템(UTM) 구축 (0)	2025.01.20

'보안 장비 운용' Related Articles

kjh00n의 기록저장소

Tunneling 실습 본문

Tunneling 실습

풀이

'보안 장비 운용' 카테고리의 다른 글

티스토리툴바