VTP - Trunkmode – Toestaan meerdere vlans over hetzelfde verkeer
Enable
Conf t
Int vulin
Switchport mode trunk
No shutdown
Access
Enable
Conf t
Int vulin
Switchport access vlan *
Switchport mode access
Port Security – Sticky Mac-Adress
enable
conf t
int range fa 0/1-8
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation restrict
exit
write
int range fa 0/3-24, gig 0/1-2
shutdown
exit
Om mac-addressen sticky te krijgen moet je ze met elkaar pingen.
STP – Primary root
Enable
Conf t
Spanning-tree vlan 1 root primary
STP – RSTP (Rapid Tree)
enable
Conf t
Spanning-tree mode rapid-pvst
GRE
Router 1 & 2 let op niet dezelfde adressen bij 2e router
Enable
Conf t
Int tunnel 0
Ip address 10.10.10.1 255.255.255.252
Tunnel source s/0/0/0
Tunnel destination ip router 2
Tunnel mode gre ip
No shutdown
Exit
Exit
En
Conf t
Ip route network ip 255.255.255.0
192.168.2.0 / 192.168.3.0
Beide routers
Pingen van PCa naar PCb in verschillende netwerken moet het nu doen
ACL
access-list 100 deny tcp 192.168.0.0 000.000.000.255 host 10.255.255.254
access-list 100 permit ip any any
int g0/0
ip access-group 100
deny http
access-list 101 deny tcp 10.0.0.0 0.255.255.255 host 172.16.255.254 eq www