EuroSkills 2008 Võrk: Difference between revisions
From ICO wiki
Jump to navigationJump to search
Line 33: | Line 33: | ||
Network mask: 255.255.255.192 | Network mask: 255.255.255.192 | ||
==ACL Ruuteril== | |||
<pre> | |||
access-list 100 permit udp any any eq bootpc | |||
ip access-list extended VLAN20 | |||
permit ip host 192.168.5.6 192.168.5.64 0.0.0.63 | |||
permit ip host 192.168.5.2 192.168.5.64 0.0.0.63 | |||
permit tcp any 192.168.5.64 0.0.0.63 established | |||
permit icmp any 192.168.5.64 0.0.0.63 echo-reply | |||
ip access-list extended VLAN10 | |||
permit ip any host 192.168.5.6 | |||
permit ip 192.168.5.0 0.0.0.255 host 192.168.5.2 | |||
permit tcp any 192.168.5.0 0.0.0.63 established | |||
permit icmp any 192.168.5.0 0.0.0.63 echo-reply | |||
ip access-list extended VLAN30out | |||
permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 | |||
permit ip host 192.168.5.2 192.168.5.128 0.0.0.63 | |||
permit tcp any 192.168.5.128 0.0.0.63 established | |||
permit icmp any 192.168.5.128 0.0.0.63 echo-reply | |||
ip access-list extended VLAN30in | |||
permit ip 192.168.5.128 0.0.0.63 host 192.168.5.6 | |||
permit ip 192.168.5.128 0.0.0.63 host 192.168.5.2 | |||
permit tcp 192.168.5.128 0.0.0.63 any eq www | |||
permit tcp 192.168.5.128 0.0.0.63 any eq 8080 | |||
permit tcp 192.168.5.128 0.0.0.63 any eq 443 | |||
permit icmp 192.168.5.128 0.0.0.63 any echo | |||
ip access-list extended VLAN40out | |||
permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 | |||
permit ip host 192.168.5.2 192.168.5.192 0.0.0.63 | |||
permit ip host 192.168.5.6 192.168.5.192 0.0.0.63 | |||
permit tcp any 192.168.5.192 0.0.0.63 established | |||
permit icmp any 192.168.5.192 0.0.0.63 echo-reply | |||
ip access-list extended VLAN40in | |||
permit ip 192.168.5.192 0.0.0.63 host 192.168.5.6 | |||
permit ip 192.168.5.192 0.0.0.63 host 192.168.5.2 | |||
permit tcp 192.168.5.192 0.0.0.63 any eq www | |||
permit tcp 192.168.5.192 0.0.0.63 any eq 8080 | |||
permit tcp 192.168.5.192 0.0.0.63 any eq 443 | |||
permit icmp 192.168.5.192 0.0.0.63 any echo | |||
access-list 1 permit 192.168.5.0 0.0.0.255 | |||
</pre> | |||
=Võrgujoonis= | =Võrgujoonis= | ||
[[File:Euroskill.jpg]] | [[File:Euroskill.jpg]] | ||
[[Category:EuroSkills2010]] | [[Category:EuroSkills2010]] |
Revision as of 09:43, 21 June 2010
Võrgu kirjeldus
On olemas neli VLAN-i, iga organisatsiooni üksuse kohta üks(iga kohta tuleks teha eraldi DHCP pool):
VLAN 10 - ICT System managment
Network:192.168.5.0
Default Gateway: 192.168.5.1
Network mask: 255.255.255.192
VLAN 20 - Company Managment
Network:192.168.5.64
Default Gateway: 192.168.5.65
Network mask: 255.255.255.192
VLAN 30 - Trade and Marketing
Network:192.168.5.128
Default Gateway: 192.168.5.129
Network mask: 255.255.255.192
VLAN 40 - Administration
Network:192.168.5.192
Default Gateway: 192.168.5.193
Network mask: 255.255.255.192
ACL Ruuteril
access-list 100 permit udp any any eq bootpc ip access-list extended VLAN20 permit ip host 192.168.5.6 192.168.5.64 0.0.0.63 permit ip host 192.168.5.2 192.168.5.64 0.0.0.63 permit tcp any 192.168.5.64 0.0.0.63 established permit icmp any 192.168.5.64 0.0.0.63 echo-reply ip access-list extended VLAN10 permit ip any host 192.168.5.6 permit ip 192.168.5.0 0.0.0.255 host 192.168.5.2 permit tcp any 192.168.5.0 0.0.0.63 established permit icmp any 192.168.5.0 0.0.0.63 echo-reply ip access-list extended VLAN30out permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 permit ip host 192.168.5.2 192.168.5.128 0.0.0.63 permit tcp any 192.168.5.128 0.0.0.63 established permit icmp any 192.168.5.128 0.0.0.63 echo-reply ip access-list extended VLAN30in permit ip 192.168.5.128 0.0.0.63 host 192.168.5.6 permit ip 192.168.5.128 0.0.0.63 host 192.168.5.2 permit tcp 192.168.5.128 0.0.0.63 any eq www permit tcp 192.168.5.128 0.0.0.63 any eq 8080 permit tcp 192.168.5.128 0.0.0.63 any eq 443 permit icmp 192.168.5.128 0.0.0.63 any echo ip access-list extended VLAN40out permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 permit ip host 192.168.5.2 192.168.5.192 0.0.0.63 permit ip host 192.168.5.6 192.168.5.192 0.0.0.63 permit tcp any 192.168.5.192 0.0.0.63 established permit icmp any 192.168.5.192 0.0.0.63 echo-reply ip access-list extended VLAN40in permit ip 192.168.5.192 0.0.0.63 host 192.168.5.6 permit ip 192.168.5.192 0.0.0.63 host 192.168.5.2 permit tcp 192.168.5.192 0.0.0.63 any eq www permit tcp 192.168.5.192 0.0.0.63 any eq 8080 permit tcp 192.168.5.192 0.0.0.63 any eq 443 permit icmp 192.168.5.192 0.0.0.63 any echo access-list 1 permit 192.168.5.0 0.0.0.255