V
V
Vano01rus2022-04-20 09:49:02
Cisco
Vano01rus, 2022-04-20 09:49:02

Is the setting correct?

ACLs
permit tcp any 192.0.2.0 0.0.0.255 eq 80 (anyone to connect to a specific mesh on port 80)
permit tcp any any established (allow only established TCP sessions from the Internet)
permit icmp any any echo-reply (allow only incoming echoes replies from the Internet)
deny ip any any - Explicitly block all other options for incoming access from the Internet
PPP
username ISP password cisco
int s0/1/0
encapsulation ppp
ppp authentication chap

ppp pap sent-username HQ password cisco (when configuring pap)
eBGP
router BGP 65000
neighbor 209.165.201.2 remote-as 65001
network 192.0.2.0 mask 255.255.255.0
NAT
ip access-list standard NAT
permit 10.0.0.0 0.255.255.255
ip nat pool HQ 209.165.200.241 209.165.200.245 netmask 255.255.255.249
ip nat inside source list NAT pool HQ overload
HQ(config)#int se0/1/0
HQ(config -if)#ip nat outside
HQ(config-if)#int g0/1
HQ(config-if)#ip nat outside
HQ(config-if)#int s0/0/1
HQ(config-if)#ip nat ins
HQ(config-if)#ip nat inside
HQ(config-if)#int s0/0/0
HQ(config-if)#ip nat inside
HQ(config-if)#int g0/0
HQ(config-if )#ip nat inside
Configure vlan native
B1(config-subif)#int g0/0.99
B1(config-subif)#enc
B1(config-subif)#encapsulation dot1q 99 native
B1(config-subif)#ip add 10.1.99.1 255.255.255.0
EIGRP
B1(config)#router eigrp 100
B1(config-router)#no au
B1(config-router)#no auto-summary
B1(config-router) #network 10.0.0.0
B1(config-router)#no network 10.0.0.0
B1(config-router)#network 10.1.10.0
B1(config-router)#network 10.1.10.0
B1(config-router)#pass
B1(config -router)#passive-interface g0/0
B1(config-router)#pass
B1(config-router)#passive-interface g0/0.10
B1(config-router)#passive-interface g0/0.20
B1(config-router) #passive-interface g0/0.30
passive-interface g0/0.99
Configure interface and default gateway for interface vlan99
int vlan 99
ip add 10.1.99.22 255.255.255.0
no shut
ip default-gateway 10.1.99.1
Port-Security
switchport port-security maximum 2
config add(sticky) - switchport port-security mac-address sticky
switchport port-security violation restrict
SSH
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
---DHCP
ip dhcp excluded-address 10.1.20.1 10.1.20.10
ip dhcp excluded-address 10.1.20.1 10.1.20.10
ip dhcp pool VLAN20
network 10.1.20.0 255.255. 255
default-router 10.1.20.1
dns-server 10.0.1.4

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question