Файловый архив студентов. Файловый архив студентов.
1302 вуза, 5133 предмета.
/ Регистрация
FAQ Обратная связь Вопросы и предложения
Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Санкт-Петербургский государственный университет телекоммуникаций им. проф. М.А. Бонч-Бруевича
Предмет:
Безопасность IP телефонии
Файл:
lab6.docx
Скачиваний:
40
Добавлен:
10.04.2023
Размер:
2.05 Mб
Скачать
►Содержание►

Команды sh run каждого устройства

  1. Router0

Router0#show run

Building configuration...

Current configuration : 2066 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router0

!

!

!

!

ip dhcp excluded-address 192.168.10.1

ip dhcp excluded-address 192.168.20.1

!

ip dhcp pool DATA

network 192.168.10.0 255.255.255.0

default-router 192.168.10.1

ip dhcp pool VOICE

network 192.168.20.0 255.255.255.0

default-router 192.168.20.1

option 150 ip 192.168.20.1

!

!

!

no ip cef

no ipv6 cef

!

!

!

!

license udi pid CISCO2811/K9 sn FTX1017480T-

!

!

!

crypto isakmp policy 10

encr aes 256

authentication pre-share

group 5

!

crypto isakmp key vpnpa55 address 10.0.0.2

!

!

!

crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac

!

crypto map VPN-MAP 10 ipsec-isakmp

set peer 10.0.0.2

set transform-set VPN-SET

match address 101

!

!

!

!

!

!

spanning-tree mode pvst

!

!

!

!

!

!

interface FastEthernet0/0

ip address 192.168.0.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.10.1 255.255.255.0

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 192.168.20.1 255.255.255.0

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/3/0

ip address 10.0.0.1 255.0.0.0

clock rate 2000000

crypto map VPN-MAP

!

interface Serial0/3/1

no ip address

clock rate 2000000

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip route 172.16.20.0 255.255.255.0 10.0.0.2

!

ip flow-export version 9

!

!

access-list 101 permit ip 192.168.20.0 0.0.0.255 172.16.20.0 0.0.0.255

!

!

!

!

!

!

dial-peer voice 2000 voip

destination-pattern 2...

session target ipv4:172.16.20.1

!

telephony-service

max-ephones 2

max-dn 2

ip source-address 192.168.20.1 port 2000

auto assign 1 to 2

!

ephone-dn 1

number 1001

!

ephone-dn 2

number 1002

!

ephone 1

device-security-mode none

mac-address 0001.4345.EB69

type 7960

button 1:1

!

ephone 2

device-security-mode none

mac-address 0010.1149.95E3

type 7960

button 1:2

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

End

  1. R1:

Router#show run

Building configuration...

Current configuration : 2036 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

!

!

!

ip dhcp excluded-address 172.16.10.1

ip dhcp excluded-address 172.16.20.1

!

ip dhcp pool DATA

network 172.16.10.0 255.255.255.0

default-router 172.16.10.1

ip dhcp pool VOICE

network 172.16.20.0 255.255.255.0

default-router 172.16.20.1

option 150 ip 172.16.20.1

!

!

!

no ip cef

no ipv6 cef

!

!

!

!

license udi pid CISCO2811/K9 sn FTX1017UHYI-

!

!

!

crypto isakmp policy 10

encr aes 256

authentication pre-share

group 5

!

crypto isakmp key vpnpa55 address 10.0.0.1

!

!

!

crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac

!

crypto map VPN-MAP 10 ipsec-isakmp

set peer 10.0.0.1

set transform-set VPN-SET

match address 101

!

!

!

!

!

!

spanning-tree mode pvst

!

!

!

!

!

!

interface FastEthernet0/0

ip address 172.16.0.1 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 172.16.10.1 255.255.255.0

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 172.16.20.1 255.255.255.0

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/3/0

ip address 10.0.0.2 255.0.0.0

crypto map VPN-MAP

!

interface Serial0/3/1

no ip address

clock rate 2000000

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip route 192.168.20.0 255.255.255.0 10.0.0.1

!

ip flow-export version 9

!

!

access-list 101 permit ip 172.16.20.0 0.0.0.255 192.168.20.0 0.0.0.255

!

!

!

!

!

!

dial-peer voice 1000 voip

destination-pattern 1...

session target ipv4:192.168.20.1

!

telephony-service

max-ephones 2

max-dn 2

ip source-address 172.16.20.1 port 2000

auto assign 1 to 2

!

ephone-dn 1

number 2001

!

ephone-dn 2

number 2002

!

ephone 1

device-security-mode none

mac-address 0001.6325.497B

type 7960

button 1:1

!

ephone 2

device-security-mode none

mac-address 0009.7CB5.0255

type 7960

button 1:2

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

!

!

end

Вывод

В ходе выполнения лабораторной работы была создана с нуля сеть в Packet Tracer, настроена телефония, а передача защищена через IPSec.

Соседние файлы в предмете Безопасность IP телефонии
Помощь Обратная связь Вопросы и предложения Пользовательское соглашение Политика конфиденциальности