ip address 22.22.0.2 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/3/0
ip address 192.168.0.1 255.255.255.0
ip access-group 110 out
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 1
network 10.10.0.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
network 192.168.0.0 0.0.0.255 area 0
network 22.22.0.0 0.0.0.255 area 0
network 172.10.5.0 0.0.0.255 area 0
!
ip
classless
!
!
access-list 102 permit gre host 10.10.0.1 host 10.10.1.2
access-list 110 permit udp host 22.22.1.2 host 192.168.0.2 eq domain
access-list 110 permit udp host 22.22.1.5 host 192.168.0.2 eq domain
access-list 110 permit udp host 22.22.1.6 host 192.168.0.2 eq domain
access-list 110 permit tcp host 22.22.1.2 host 192.168.0.2 eq www
access-list 110 permit tcp host 22.22.1.4 host 192.168.0.2 eq www
access-list 110 permit tcp host 22.22.1.5 host 192.168.0.2 eq www
access-list 110 permit tcp host 22.22.1.6 host 192.168.0.2 eq www
access-list 110 deny udp any any
access-list 110 deny tcp any any
access-list 110 permit ip any any
!
!Маршрутизатор 2 филиала
!
crypto isakmp policy 1
encr 3des
authentication pre-share
lifetime 28800
!
crypto isakmp key 12345 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set KURS esp-3des esp-sha-hmac
!
crypto map CISCO1 10 ipsec-isakmp
set peer 10.10.0.1
set pfs group5
set transform-set KURS
match address 102
!
interface Tunnel1
ip address 172.10.5.2 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 10.10.0.1
!
!
interface Tunnel2
ip address 172.10.4.1 255.255.255.0
tunnel source FastEthernet0/1
tunnel destination 10.10.3.2
!
!
interface Tunnel3
ip address 172.10.3.1 255.255.255.0
tunnel source Ethernet0/3/0
tunnel
destination 10.10.7.2
!
!
interface FastEthernet0/0
ip address 10.10.1.2 255.255.255.0
duplex auto
speed auto
crypto map CISCO1
!
interface FastEthernet0/1
ip address 10.10.2.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/0/0
ip address 22.22.2.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/1/0
ip address 192.168.1.1 255.255.255.0
ip access-group 110 out
duplex auto
speed auto
!
interface Ethernet0/2/0
no ip address
duplex auto
speed auto
shutdown
!
interface Ethernet0/3/0
ip address 10.10.6.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
router eigrp 1
network 10.10.1.0 0.0.0.255
network 10.10.2.0 0.0.0.255
network 10.10.6.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 0
network 22.22.2.0 0.0.0.255 area 0
network 172.10.4.0 0.0.0.255 area 0
network 172.10.5.0 0.0.0.255 area 0
network 172.10.3.0 0.0.0.255 area 0
!
ip classless
!
!
access-list
102 permit gre host 10.10.1.2 host 10.10.0.1
access-list 110 permit udp host 22.22.2.4 host 192.168.1.2 eq domain
access-list 110 permit udp host 22.22.2.6 host 192.168.1.2 eq domain
access-list 110 permit tcp host 22.22.2.2 host 192.168.1.2 eq www
access-list 110 permit tcp host 22.22.2.3 host 192.168.1.2 eq www
access-list 110 permit tcp host 22.22.2.4 host 192.168.1.2 eq www
access-list 110 permit tcp host 22.22.2.5 host 192.168.1.2 eq www
access-list 110 permit tcp host 22.22.2.6 host 192.168.1.2 eq www
access-list 110 deny udp any any
access-list 110 deny tcp any any
access-list 110 permit ip any any
!Маршрутизатор3 филиала:
!
interface Tunnel1
ip address 172.10.4.2 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 10.10.2.1
!
!
interface FastEthernet0/0
ip address 10.10.3.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.10.4.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/1/0
ip address 22.22.3.1 255.255.255.0
duplex auto
speed auto
!
interface Ethernet0/3/0
ip address 192.168.2.1 255.255.255.0
Уважаемый посетитель!
Чтобы распечатать файл, скачайте его (в формате Word).
Ссылка на скачивание - внизу страницы.