Sunteți pe pagina 1din 3

hay un detalle cuando escribes esta linea R1(conf)#crypto key generate rsa : 1024 debe ser sin el 1024

ni los dos puntos que ella all te pide el valor le dejas por defecto el 512 o le pones 1024

ROUTER WAN Comandos para configurar listas de control de acceso y hacer endurecimiento perimetral ROUTER-WAN(config)#ip access-list extended politicasexterna ROUTER-WAN(config-ext-nacl)# permit tcp host 200.30.75.11 host 172.16.1.4 eq www ROUTER-WAN(config-ext-nacl)# permit udp host 200.30.75.11 host 172.16.1.3 eq domain ROUTER-WAN(config-ext-nacl)#exit ROUTER-WAN(config)#

Comandos para asignar las acl a una interfaz ROUTER-WAN(config)# interface serial0/0 ROUTER-WAN (config-if)#ip access-group politicasexterna in ROUTER-WAN (config-if)#exit

'------------------------------------------------------------ROUTER LAN Comandos para configurar listas de control de acceso y hacer endurecimiento perimetral ROUTER-LAN(config)#ip access-list extended politicaslocal ROUTER-LAN(config-ext-nacl)#deny ip host 10.0.1.2 172.16.1.0 0.0.0.255 ROUTER-LAN(config-ext-nacl)#permit tcp any host 172.16.1.3 eq domain ROUTER-LAN(config-ext-nacl)#permit udp any host 172.16.1.3 eq domain

ROUTER-LAN(config-ext-nacl)# permit tcp any host 172.16.1.4 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.11 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.12 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)# permit tcp host 10.0.1.13 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)# permit tcp host 10.0.1.14 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.15 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.16 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.17 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.18 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.19 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.20 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.21 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.22 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.23 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.24 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.25 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.26 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.27 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.28 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.29 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.30 host 200.30.75.2 eq www ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.31 host 200.30.75.3 eq ftp ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.31 host 200.30.75.3 eq 20 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.32 host 200.30.75.3 eq ftp ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.32 host 200.30.75.3 eq 20 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.33 host 200.30.75.3 eq ftp

ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.33 host 200.30.75.3 eq 20 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.34 host 200.30.75.3 eq ftp ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.34 host 200.30.75.3 eq 20 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.35 host 200.30.75.3 eq ftp ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.35 host 200.30.75.3 eq 20 ROUTER-LAN(config-ext-nacl)# permit tcp host 10.0.1.31 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.32 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)# permit tcp host 10.0.1.33 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.34 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.35 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.36 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.37 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)# permit tcp host 10.0.1.38 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.39 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#permit tcp host 10.0.1.40 host 10.0.1.2 eq 3306 ROUTER-LAN(config-ext-nacl)#exit ROUTER-LAN(config)#

Comandos para asignar las acl a una interfaz ROUTER- LAN (config)# interface fastEthernet0/1 ROUTER- LAN (config-if)#ip access-group politicaslocal in ROUTER- LAN (config-if)#exit