EuroSkills 2008 Võrk
From ICO wiki
Võrgu kirjeldus
On olemas neli VLAN-i, iga organisatsiooni üksuse kohta üks(iga kohta tuleks teha eraldi DHCP pool):
VLAN 10 - ICT System management
Network:192.168.5.0
Default Gateway: 192.168.5.1
Network mask: 255.255.255.192
VLAN 20 - Company Management
Network:192.168.5.64
Default Gateway: 192.168.5.65
Network mask: 255.255.255.192
VLAN 30 - Trade and Marketing
Network:192.168.5.128
Default Gateway: 192.168.5.129
Network mask: 255.255.255.192
VLAN 40 - Administration
Network:192.168.5.192
Default Gateway: 192.168.5.193
Network mask: 255.255.255.192
ACL Ruuteril
access-list 100 permit udp any any eq bootpc ip access-list extended VLAN20 permit ip host 192.168.5.6 192.168.5.64 0.0.0.63 permit ip host 192.168.5.2 192.168.5.64 0.0.0.63 permit tcp any 192.168.5.64 0.0.0.63 established permit icmp any 192.168.5.64 0.0.0.63 echo-reply ip access-list extended VLAN10 permit ip any host 192.168.5.6 permit ip 192.168.5.0 0.0.0.255 host 192.168.5.2 permit tcp any 192.168.5.0 0.0.0.63 established permit icmp any 192.168.5.0 0.0.0.63 echo-reply ip access-list extended VLAN30out permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 permit ip host 192.168.5.2 192.168.5.128 0.0.0.63 permit tcp any 192.168.5.128 0.0.0.63 established permit icmp any 192.168.5.128 0.0.0.63 echo-reply ip access-list extended VLAN30in permit ip 192.168.5.128 0.0.0.63 host 192.168.5.6 permit ip 192.168.5.128 0.0.0.63 host 192.168.5.2 permit tcp 192.168.5.128 0.0.0.63 any eq www permit tcp 192.168.5.128 0.0.0.63 any eq 8080 permit tcp 192.168.5.128 0.0.0.63 any eq 443 permit icmp 192.168.5.128 0.0.0.63 any echo ip access-list extended VLAN40out permit ip host 192.168.5.6 192.168.5.128 0.0.0.63 permit ip host 192.168.5.2 192.168.5.192 0.0.0.63 permit ip host 192.168.5.6 192.168.5.192 0.0.0.63 permit tcp any 192.168.5.192 0.0.0.63 established permit icmp any 192.168.5.192 0.0.0.63 echo-reply ip access-list extended VLAN40in permit ip 192.168.5.192 0.0.0.63 host 192.168.5.6 permit ip 192.168.5.192 0.0.0.63 host 192.168.5.2 permit tcp 192.168.5.192 0.0.0.63 any eq www permit tcp 192.168.5.192 0.0.0.63 any eq 8080 permit tcp 192.168.5.192 0.0.0.63 any eq 443 permit icmp 192.168.5.192 0.0.0.63 any echo access-list 1 permit 192.168.5.0 0.0.0.255