I - Architecture traditionnelle Core, Aggregation, Access
4.2. TP VLAN et PVLAN
Télécharger la fiche TP
Instruction
Télécharger la vidéo
1. Configurer les noms de tous les équipements.
2. Désactiver la recherche DNS sur tous les équipements.
3. Configurer le nom de domaine esgi.cloud sur tous les équipements.
4. Activer le chiffrement des mots de passe sur tous les équipements.
5. Créer un compte admin avec le mot de passe esgi sur tous les équipements.
6. Définir un mot de passe pour la connexion au terminal et le mode d’exécution privilégié.
7. Configurer SSH version 2 sur tous les équipements.
8. Configurer les bannières de login sur tous les équipements.
9. Configurer les VLAN sur les équipements de la couche Access et la couche Aggregation .
| Zone |
VLAN |
Description |
| IEEE |
100 |
ADMIN |
| IEEE |
110 |
CLT-110 |
| IEEE |
120 |
CLT-120 |
| IEEE |
130 |
CLT-130 |
| IEEE |
140 |
CLT-140 |
| CISCO |
200 |
ADMIN |
| CISCO |
210 |
CLT-210 |
| CISCO |
220 |
CLT-220 |
| CISCO |
230 |
CLT-230 |
| CISCO |
240 |
CLT-240 |
10. Désactiver DTP sur tous les équipements de la couche Access et la couche Aggregation .
11. Configurer les interfaces entre la couche Access et la couche Aggregation en mode Trunk et n’autoriser que les VLAN appropriés.
| Zone |
IEEE |
CISCO |
| VLAN autorisé |
100,110,120,130,140 |
200,210,220,230,240 |
12. Configurer les interfaces clientes de la couche Access en mode Access pour y affecter un VLAN.
13. Configurer les interfaces clientes de la couche Access avec les paramètres Port Sécurity suivants :
| Méthode d'apprentissage |
Nombre d'apprentissage |
Politique de violation |
| sticky |
2 |
shutdown |
14. Configurer les IP et les descriptions des interfaces pour tous les équipements (se référer au tableau ci-dessous).
| DC1-CORE2 |
|---|
| Port |
IPv4 |
IPv6 |
Description |
| GigabitEthernet0/0 | 172.16.1.25/30 | 2001:db8:0:5::1/64 | TO-DC1-DST3-G0/0 |
| GigabitEthernet0/1 | 172.16.1.29/30 | 2001:db8:0:6::1/64 | TO-DC1-DST4-G0/0 |
| GigabitEthernet0/2 | 172.16.1.21/30 | 2001:db8:0:7::1/64 | TO-DC1-DST2-G0/1 |
| GigabitEthernet0/3 | 172.16.1.17/30 | 2001:db8:0:8::1/64 | TO-DC1-DST1-G0/1 |
| GigabitEthernet1/0 | 172.16.1.50/30 | 2001:db8:0:10::1/64 | TO-DC1-FW1-P2 |
| GigabitEthernet1/1 | 172.16.1.53/30 | 2001:db8:0:12::1/64 | TO-DC1-FW2-P2 |
| DC1-DST1 |
|---|
| Port |
IPv4 |
IPv6 |
Description |
| GigabitEthernet0/0 | 172.16.1.2/30 | 2001:db8:0:1::2/64 | TO-DC1-CORE1-G0/0 |
| GigabitEthernet0/1 | 172.16.1.18/30 | 2001:db8:0:8::2/64 | TO-DC1-CORE2-G0/3 |
| interface vlan 100 | 192.168.100.2/24 | N/A | VLAN-ADMIN |
| interface vlan 110 | 192.168.110.2/24 | N/A | VLAN-CLT-110 |
| interface vlan 120 | 192.168.120.2/24 | N/A | VLAN-CLT-120 |
| interface vlan 130 | 192.168.130.2/24 | N/A | VLAN-CLT-130 |
| interface vlan 140 | 192.168.140.2/24 | N/A | VLAN-CLT-140 |
| DC1-DST2 |
|---|
| Port |
IPv4 |
IPv6 |
Description |
| GigabitEthernet0/0 | 172.16.1.6/30 | 2001:db8:0:2::2/64 | TO-DC1-CORE1-G0/1 |
| GigabitEthernet0/1 | 172.16.1.22/30 | 2001:db8:0:7::2/64 | TO-DC1-CORE2-G0/2 |
| interface vlan 100 | 192.168.100.3/24 | N/A | VLAN-ADMIN |
| interface vlan 110 | 192.168.110.3/24 | N/A | VLAN-CLT-110 |
| interface vlan 120 | 192.168.120.3/24 | N/A | VLAN-CLT-120 |
| interface vlan 130 | 192.168.130.3/24 | N/A | VLAN-CLT-130 |
| interface vlan 140 | 192.168.140.3/24 | N/A | VLAN-CLT-140 |
| DC1-DST3 |
|---|
| Port |
IPv4 |
IPv6 |
Description |
| GigabitEthernet0/0 | 172.16.1.26/30 | 2001:db8:0:5::2/64 | TO-DC1-CORE2-G0/0 |
| GigabitEthernet0/1 | 172.16.1.10/30 | 2001:db8:0:3::2/64 | TO-DC1-CORE1-G0/2 |
| interface vlan 200 | 192.168.200.2/24 | N/A | VLAN-ADMIN |
| interface vlan 210 | 192.168.210.2/24 | N/A | VLAN-CLT-210 |
| interface vlan 220 | 192.168.220.2/24 | N/A | VLAN-CLT-220 |
| interface vlan 230 | 192.168.230.2/24 | N/A | VLAN-CLT-230 |
| interface vlan 240 | 192.168.240.2/24 | N/A | VLAN-CLT-240 |
| DC1-DST4 |
|---|
| Port |
IPv4 |
IPv6 |
Description |
| GigabitEthernet0/0 | 172.16.1.30/30 | 2001:db8:0:6::2/64 | TO-DC1-CORE2-G0/1 |
| GigabitEthernet0/1 | 172.16.1.14/30 | 2001:db8:0:4::2/64 | TO-DC1-CORE1-G0/3 |
| interface vlan 200 | 192.168.200.3/24 | N/A | VLAN-ADMIN |
| interface vlan 210 | 192.168.210.3/24 | N/A | VLAN-CLT-210 |
| interface vlan 220 | 192.168.220.3/24 | N/A | VLAN-CLT-220 |
| interface vlan 230 | 192.168.230.3/24 | N/A | VLAN-CLT-230 |
| interface vlan 240 | 192.168.240.3/24 | N/A | VLAN-CLT-240 |
| Équipement |
Port |
IPv4 |
IPv6 |
Description |
| DC1-ACCESS1 | VLAN100 | 192.168.100.11/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS2 | VLAN100 | 192.168.100.12/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS3 | VLAN100 | 192.168.100.13/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS4 | VLAN100 | 192.168.100.14/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS5 | VLAN100 | 192.168.200.15/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS6 | VLAN100 | 192.168.200.16/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS7 | VLAN100 | 192.168.200.17/24 | N/A | VLAN-ADMIN |
| DC1-ACCESS8 | VLAN100 | 192.168.200.18/24 | N/A | VLAN-ADMIN |
| RTR-ORANGE |
|---|
| Port | IPv4 | IPv6 | Description |
| GigabitEthernet0/0 | 10.1.1.2/30 | N/A | TO-DC1-FW1-P4 |
| GigabitEthernet0/1 | 10.1.1.6/30 | N/A | TO-DC1-FW2-P4 |
| GigabitEthernet0/3 | 10.1.1.9/30 | N/A | TO-RTR-BOUYGUE-G0/3 |
| RTR-BOUYGUE |
|---|
| GigabitEthernet0/0 | 10.1.1.21/30 | N/A | TO-RTR-SFR |
| GigabitEthernet0/3 | 10.1.1.10/30 | N/A | TO-RTR-ORANGE |
| RTR-SFR |
|---|
| GigabitEthernet0/0 | 10.1.1.25/30 | N/A | TO-RTR-FRE |
| GigabitEthernet0/3 | 10.1.1.22/30 | N/A | TO-RTR-BOUYGUE |
| RTR-FREE |
|---|
| GigabitEthernet0/0 | 10.1.1.30/30 | N/A | TO-DC2-FW1-P4 |
| GigabitEthernet0/1 | 10.1.1.33/30 | N/A | TO-DC2-FW2-P4 |
| GigabitEthernet0/3 | 10.1.1.26/30 | N/A | TO-RTR-SFR |
| DC2-SPINE1 |
|---|
| Port | IPv4 | IPv6 | Description |
| GigabitEthernet0/0 | 172.16.3.1/30 | 2001:db8:0:13::1/64 | TO-DC2-LEAF1-G0/0 |
| GigabitEthernet0/1 | 172.16.3.5/30 | 2001:db8:0:14::1/64 | TO-DC2-LEAF2-G0/0 |
| GigabitEthernet0/2 | 172.16.3.9/30 | 2001:db8:0:15:: 1/64 | TO-DC2-LEAF3-G0/0 |
| GigabitEthernet0/3 | 172.16.3.13/30 | 2001:db8:0:16::1/64 | TO-DC2-LEAF4-G0/0 |
| GigabitEthernet1/0 | 172.16.3.33/30 | 2001:db8:0:17::1/64 | TO-DC2-FW1-P1 |
| GigabitEthernet1/1 | 172.16.3.37/30 | 2001:db8:0:18::1/64 | TO-DC2-FW2-P1 |
| DC2-SPINE2 |
|---|
| GigabitEthernet0/0 | 172.16.3.17/30 | 2001:db8:0:19::1/64 | TO-DC2-LEAF1-G0/1 |
| GigabitEthernet0/1 | 172.16.3.21/30 | 2001:db8:0:20::1/64 | TO-DC2-LEAF2-G0/1 |
| GigabitEthernet0/2 | 172.16.3.25/30 | 2001:db8:0:21::1/64 | TO-DC2-LEAF3-G0/1 |
| GigabitEthernet0/3 | 172.16.3.29/30 | 2001:db8:0:22::1/64 | TO-DC2-LEAF4-G0/1 |
| GigabitEthernet1/0 | 172.16.3.41/30 | 2001:db8:0:23::1/64 | TO-DC2-FW1-P2 |
| GigabitEthernet1/1 | 172.16.3.45/30 | 2001:db8:0:24::1/64 | TO-DC2-FW2-P2 |
| DC2-LEAF1 |
|---|
| GigabitEthernet0/0 | 172.16.3.2/30 | 2001:db8:0:13::2/64 | TO-DC2-SPINE1-G0/0 |
| GigabitEthernet0/1 | 172.16.3.18/30 | 2001:db8:0:19::2/64 | TO-DC2-SPINE2-G0/0 |
| DC2-LEAF2 |
|---|
| GigabitEthernet0/0 | 172.16.3.6/30 | 2001:db8:0:14::2/64 | TO-DC2-SPINE1-G0/1 |
| GigabitEthernet0/1 | 172.16.3.22/30 | 2001:db8:0:20::2/64 | TO-DC2-SPINE2-G0/1 |
| DC2-LEAF3 |
|---|
| GigabitEthernet0/0 | 172.16.3.10/30 | 2001:db8:0:15::2/64 | TO-DC2-SPINE1-G0/2 |
| GigabitEthernet0/1 | 172.16.3.26/30 | 2001:db8:0:21::2/64 | TO-DC2-SPINE2-G0/2 |
| DC2-LEAF4 |
|---|
| GigabitEthernet0/0 | 172.16.3.14/30 | 2001:db8:0:16::2/64 | TO-DC2-SPINE1-G0/3 |
| GigabitEthernet0/1 | 172.16.3.30/30 | 2001:db8:0:22::2/64 | TO-DC2-SPINE2-G0/3 |
Configuration corrigées
Télécharger les configurations Corrigées