Friday, June 27, 2008

[Cisco] Cisco config DHCPv6

ipv6 dhcp pool DHCPv6POOL
dns-server 2001:FB0:1000:0:192:168:1:1
domain-name domain.co.th

interface GigabitEthernet0/1
des ## LAN ##
ipv6 address 2001:FB0:1::1/64
ipv6 nd other-config-flag
ipv6 dhcp server DHCPv6POOL

* client must support DHCPv6

at 10:23 AM 1 comments

[Cisco] Config Cisco Multipoint GRE tunnel

Dynamic GRE tunnels (point-to-multipoint)
[R1]--------------[R2]-----------------[R3]

[R1]
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Loopback192
description ## private ip address ##
ip address 192.168.1.1 255.255.255.0
!
interface Tunnel1
ip address 172.16.0.1 255.255.255.0
no ip redirects
ip nhrp authentication CISCO
ip nhrp map multicast dynamic
ip nhrp network-id 99
no ip split-horizon
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 1
!
interface Serial1/0.12 point-to-point
ip address 10.3.12.1 255.255.255.0
frame-relay interface-dlci 102
!
router ospf 1
log-adjacency-changes
network 10.1.1.1 0.0.0.0 area 0
network 10.3.12.1 0.0.0.0 area 0
!
router rip
version 2
redistribute connected metric 2 route-map PRIVATE->RIP
network 172.16.0.0
no auto-summary
!
ip access-list standard PRIVATE_192
permit 192.168.1.0
!
!
route-map PRIVATE->RIP permit 10
match ip address PRIVATE_192

R1#sh ip route rip
10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks
R 10.1.3.0/24 [120/2] via 172.16.0.3, 00:00:20, Tunnel1
R 10.1.2.0/24 [120/2] via 172.16.0.2, 00:00:06, Tunnel1
R 192.168.2.0/24 [120/2] via 172.16.0.2, 00:00:06, Tunnel1
R 192.168.3.0/24 [120/2] via 172.16.0.3, 00:00:20, Tunnel1

R1#sh ip route 192.168.3.1
Routing entry for 192.168.3.0/24
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from 172.16.0.3 on Tunnel1, 00:00:15 ago
Routing Descriptor Blocks:
* 172.16.0.3, from 172.16.0.3, 00:00:15 ago, via Tunnel1
Route metric is 2, traffic share count is 1

R1#ping 192.168.3.1 source 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/29/52 ms

!------------------------------------------------------------------------------------------------------
[R2]
interface Loopback0
ip address 10.1.2.2 255.255.255.0
!
interface Loopback192
description ### private ip address ###
ip address 192.168.2.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.0.2 255.255.255.0
no ip redirects
ip nhrp authentication CISCO
ip nhrp map 172.16.0.1 10.1.1.1
ip nhrp map multicast 10.1.1.1
ip nhrp network-id 99
ip nhrp nhs 172.16.0.1
ip nhrp registration timeout 180
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 1
!
interface Serial1/0.12 point-to-point
ip address 10.3.12.2 255.255.255.0
frame-relay interface-dlci 201
!
interface Serial1/0.23 point-to-point
ip address 10.3.23.2 255.255.255.0
frame-relay interface-dlci 203
!
router ospf 1
log-adjacency-changes
network 10.1.2.2 0.0.0.0 area 0
network 10.3.12.2 0.0.0.0 area 0
network 10.3.23.2 0.0.0.0 area 0
!
router rip
version 2
redistribute connected metric 2 route-map PRIVATE->RIP
network 172.16.0.0
no auto-summary
!
ip access-list standard PRIVATE_192
permit 192.168.2.0
!
route-map PRIVATE->RIP permit 10
match ip address PRIVATE_192

R2# sh ip route rip
10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
R 10.1.3.0/24 [120/3] via 172.16.0.3, 00:00:19, Tunnel0
R 192.168.1.0/24 [120/2] via 172.16.0.1, 00:00:19, Tunnel0
R 192.168.3.0/24 [120/3] via 172.16.0.3, 00:00:19, Tunnel0
!-------------------------------------------------------------------------------------------
[R3]
interface Loopback0
ip address 10.1.3.3 255.255.255.0
!
interface Loopback192
description ### private ip address ###
ip address 192.168.3.1 255.255.255.0
!
interface Tunnel0
ip address 172.16.0.3 255.255.255.0
no ip redirects
ip nhrp authentication CISCO
ip nhrp map 172.16.0.1 10.1.1.1
ip nhrp map multicast 10.1.1.1
ip nhrp network-id 99
ip nhrp nhs 172.16.0.1
ip nhrp registration timeout 180
tunnel source Loopback0
tunnel mode gre multipoint
tunnel key 1
!
interface Serial1/0.23 point-to-point
ip address 10.3.23.3 255.255.255.0
frame-relay interface-dlci 302
!
router ospf 1
log-adjacency-changes
network 10.1.3.3 0.0.0.0 area 0
network 10.3.23.3 0.0.0.0 area 0
!
router rip
version 2
redistribute connected metric 2 route-map PRIVATE->RIP
network 172.16.0.0
no auto-summary
!
ip access-list standard PRIVATE_192
permit 192.168.3.0
!
route-map PRIVATE->RIP permit 10
match ip address PRIVATE_192
!

R3#sh ip route rip
10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
R 10.1.2.0/24 [120/3] via 172.16.0.2, 00:00:00, Tunnel0
R 192.168.1.0/24 [120/2] via 172.16.0.1, 00:00:00, Tunnel0
R 192.168.2.0/24 [120/3] via 172.16.0.2, 00:00:00, Tunnel0
!---------------------------------------------------------------------------------------------

at 10:13 AM 0 comments

[Cisco] Config TACACS+

aaa authentication login TACPLUS group tacacs+ local
aaa authentication login CONSOLE local group tacacs+ none
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec TACPLUS group tacacs+ local none
aaa authorization exec CONSOLE local none
aaa authorization commands 0 TACPLUS group tacacs+ local none
aaa authorization commands 0 CONSOLE local none
aaa authorization commands 1 TACPLUS group tacacs+ local none
aaa authorization commands 1 CONSOLE local none
aaa authorization commands 15 TACPLUS group tacacs+ local none
aaa authorization commands 15 CONSOLE local none
aaa accounting exec TACPLUS start-stop group tacacs+
aaa accounting exec CONSOLE start-stop group tacacs+
aaa accounting commands 0 TACPLUS start-stop group tacacs+
aaa accounting commands 1 TACPLUS start-stop group tacacs+
aaa accounting commands 1 CONSOLE start-stop group tacacs+
aaa accounting commands 15 TACPLUS start-stop group tacacs+
aaa accounting commands 15 CONSOLE start-stop group tacacs+

username admin privilege 15 password 0 admin

ip tacacs source-interface Loopback0
tacacs-server host 192.168.1.1
tacacs-server key CISCO

line con 0
authorization commands 0 CONSOLE
authorization commands 1 CONSOLE
authorization commands 15 CONSOLE
authorization exec CONSOLE
accounting commands 15 CONSOLE
accounting commands 1 CONSOLE
accounting exec CONSOLE
login authentication CONSOLE

line vty 0 4
authorization commands 0 TACPLUS
authorization commands 1 TACPLUS
authorization commands 15 TACPLUS
authorization exec TACPLUS
accounting commands 1 TACPLUS
accounting commands 15 TACPLUS
accounting exec TACPLUS
login authentication TACPLUS
!

at 10:11 AM 0 comments

[3Com] Configuration 3COM router 3030 connect ADSL

system-view
System View: return to User View with Ctrl+Z.
[Router]quit

disp current-configuration
#
#3Com Router Software V2.04
#
sysname Router
#
dialer-rule 1 ip permit
#
dhcp server ip-pool default
network 192.168.1.0 mask 255.255.255.0
gateway-list 192.168.1.1
dns-list 10.0.0.1 10.0.0.2
#
interface Dialer1
link-protocol ppp
ppp pap local-user username@domain password simple mypassword
mtu 1450
ip address ppp-negotiate
dialer user username@domain
dialer-group 1
dialer bundle 1
dialer timer idle 0
nat outbound 2000
#
interface Ethernet1/0
ip address 192.168.1.1 255.255.255.0
#
interface Atm2/0
pvc 0/100
map bridge Virtual-Ethernet1
#
interface Virtual-Ethernet1
pppoe-client dial-bundle-number 1
#
interface NULL0
#
acl number 2000
rule 1 permit source 192.168.1.0 0.0.0.255
#
ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 60
#
user-interface con 0
user-interface vty 0 4
#
return

at 10:05 AM 0 comments

Subscribe to: Posts (Atom)