Configurações iniciais sw e router.

[FelipeFerreiraCardoso]

Professor, muito obrigado pelas suas aulas, estão me ajudando demais nos meus estudos.

Professor, com base na topologia abaixo, preciso de uma ajuda do senhor. Fiz as configurações básicas, seguindo as etapas que o senhor disponibilizou no git, tudo certo.

Antes de setar as vlans, piguei cada desktop em sua rede, funcionou normalmente.

Após eu setar as vlans, e configurar as portas trunks entre sw3 e sw1 e sw3 e sw2, e configurar as vlans no sw1 e sw2, e cada porta que acessa a vlan, consegui pingar os dispositivos da mesma vlan e rede. Até aqui tudo normal.

Primeiro problema: não conseguir acessar os sw1 e sw2 via ssh, porem o R1 acesso via ssh o sw3, e o sw3 acessa o R1 via ssh; Fiz ping entre sw3 e R1 e funcionou.

Dos desktops não consigo acessar nem sw1 e nem sw2 via ssh.

Também não consigo comunicar as vlans após configurar o route on stick.

Me ajude por favor.

[FelipeFerreiraCardoso]

enable

clock set 09:45:00 23 Feb 2024

configure terminal

hostname sw-l2-2960-3

service password-encryption

service timestamps log datetime msec

no ip domain-lookup

banner motd #AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso#

enable secret francisco@pti

username francisco secret francisco@pti username felipe password francisco@pti username admin privilege 15 secret francisco@pti

line console 0 login local password francisco@pti logging synchronou exec-timeout 5 30 end

write

---

enable

configure terminal line vty 0 4 login local password francisco@pti logging synchronous exec-timeout 5 30 transport input all end copy running-config startup-config

---

enable

configure terminal ip default-gateway 172.16.100.254 vlan 99 interface vlan 99 description Interface de Gerenciamento do Switch SW-L2-2960-3 ip address 172.16.100.252 255.255.255.0 no shutdown end copy running-config startup-config

---

configure terminal ip domain-name francisco.pti

crypto key generate rsa general-keys modulus 1024

ip ssh version 2

ip ssh time-out 60

ip ssh authentication-retries 2

line vty 0 4

transport input ssh

end

copy running-config startup-config

---

configure terminal

Interface GigabitEthernet 0/1 description Porta de Trunk com o sw-l2-2960-3 speed 1000 duplex full no mdix auto exit do write

Interface GigabitEthernet 1/1 description Porta de Trunk com o sw-l2-2960-2 speed 1000 duplex full no mdix auto exit do write

Interface GigabitEthernet 0/2 description Porta de Trunk com o sw-l2-2960-2 speed 1000 duplex full no mdix auto exit do write

Interface GigabitEthernet 0/2 description Porta de Trunk com o sw-l2-2960-3 speed 1000 duplex full no mdix auto exit do write

-----------------------------------------------------------------IGNORA POR ENQUANTO---------------------------- configure terminal

interface range FastEthernet 0/1 - 8 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown switchport port-security violation protect switchport port-security aging time 5 exit do write

interface range FastEthernet 0/9 - 16 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown switchport port-security violation protect switchport port-security aging time 5 exit do write

interface range FastEthernet 0/17 - 23 switchport mode access switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown switchport port-security violation protect switchport port-security aging time 5 exit do write

---

configure terminal spanning-tree mode rapid-pvst end

---

vlan 99 ip address 172.16.100.252 255.255.255.0 no shutdown

vlan 10 name DESENVOLVIMENTO exit

vlan 20 name SUPORTECLIENTE exit

vlan 30 name ADMINISTRACAO exit

interface range g0/1 - 2, g1/1 - 2 switchport access vlan 99 shutdown exit

int vlan1 shutdown

interface range gigabitEthernet 0/1 switchport mode trunk switchport nonegotiate switchport trunk native vlan 99 exit

interface range gigabitEthernet 0/1 switchport access vlan 99 shutdown

switchport mode trunk switchport nonegotiate switchport trunk native vlan 99 exit

interface range gigabitEthernet 0/1 switchport access vlan 99 shutdown

switchport mode trunk switchport nonegotiate switchport trunk native vlan 99 exit

interface range gigabitEthernet 0/1 switchport access vlan 99 shutdown

switchport mode trunk switchport nonegotiate switchport trunk native vlan 99 exit

interface range FastEthernet 0/1 - 8 description Interface de Acesso dos Desktops da VLAN 10 switchport mode access switchport access vlan 10 switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation restrict exit do write

interface range FastEthernet 0/9 - 16 description Interface de Acesso dos Desktops da VLAN 20 switchport mode access switchport access vlan 20 switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation restrict exit do write

interface range FastEthernet 0/17 - 23 description Interface de Acesso dos Desktops da VLAN 30 switchport mode access switchport access vlan 30 switchport nonegotiate switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation restrict exit do write

[FelipeFerreiraCardoso]

Vou deixar o packter tracer aqui da topologia atualizado.

[Uploading TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.pkt…]()

[FelipeFerreiraCardoso]

Boa noite Robson, eu conseguir resolver a questão da configuração da VLAN a nivel de sw. Agora não estou conseguindo é resolver o problema de configuração das subinterfaces para que as vlans 10,20,30 possam se comunicar. O que devo fazer?

Meu rt-1941:

rt-1941-1#show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

• • candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

Gateway of last resort is not set

 172.16.0.0/16 is variably subnetted, 8 subnets, 2 masks

C 172.16.10.0/24 is directly connected, GigabitEthernet0/0.10 L 172.16.10.254/32 is directly connected, GigabitEthernet0/0.10 C 172.16.20.0/24 is directly connected, GigabitEthernet0/0.20 L 172.16.20.254/32 is directly connected, GigabitEthernet0/0.20 C 172.16.30.0/24 is directly connected, GigabitEthernet0/0.30 L 172.16.30.254/32 is directly connected, GigabitEthernet0/0.30 C 172.16.100.0/24 is directly connected, GigabitEthernet0/0 L 172.16.100.254/32 is directly connected, GigabitEthernet0/0

rt-1941-1#

---

rt-1941-1#show ru rt-1941-1#show running-config Building configuration...

Current configuration : 2050 bytes ! version 15.1 service timestamps log datetime msec service timestamps debug datetime msec service password-encryption security passwords min-length 8 ! hostname rt-1941-1 ! ! ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! username admin privilege 15 secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! license udi pid CISCO1941/K9 sn FTX152442R7- ! ! ! ! ! ! ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! ! spanning-tree mode pvst ! ! ! ! ! ! interface GigabitEthernet0/0 description Interface fisica do Gateway da LAN ip address 172.16.100.254 255.255.255.0 duplex full speed 100 ! interface GigabitEthernet0/0.10 description subinterface da VLAN 10 DESENVOLVIMENTO encapsulation dot1Q 10 ip address 172.16.10.254 255.255.255.0 ! interface GigabitEthernet0/0.20 description subinterface da VLAN 20 SUPORTECLIENTE encapsulation dot1Q 20 ip address 172.16.20.254 255.255.255.0 ! interface GigabitEthernet0/0.30 description subinterface da VLAN 30 ADMINISTRACAO encapsulation dot1Q 30 ip address 172.16.30.254 255.255.255.0 ! interface GigabitEthernet0/0.99 description subinterface da VLAN 99 GERENCIAREDE encapsulation dot1Q 99 native no ip address ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Vlan1 no ip address shutdown ! ip classless ! ip flow-export version 9 ! ! ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe^C ! ! ! ! line con 0 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local ! line aux 0 exec-timeout 5 30 speed 115200 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local flowcontrol hardware ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh ! ! ! end

rt-1941-1#

---

sw-l2-2960-3#show running-config Building configuration...

Current configuration : 3539 bytes ! version 15.0 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname sw-l2-2960-3 ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! interface FastEthernet0/1 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/2 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/3 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/4 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/5 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/6 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/7 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/8 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/9 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/10 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/11 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/12 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/13 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/14 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/15 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/16 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/17 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/18 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/19 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/20 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/21 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/22 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/23 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/24 switchport access vlan 99 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 100 no mdix auto ! interface GigabitEthernet0/1 description Porta de Trunk com o sw-l2-2960-1 switchport access vlan 99 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto ! interface GigabitEthernet0/2 description Porta de Trunk com o sw-l2-2960-2 switchport access vlan 99 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto ! interface Vlan1 no ip address shutdown ! interface Vlan99 description Interface de Gerenciamento do Switch SW-L2-2960-3 ip address 172.16.100.252 255.255.255.0 ! ip default-gateway 172.16.100.254 ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C ! ! ! line con 0 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local exec-timeout 5 30 ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh line vty 5 15 login ! ! ! ! end

sw-l2-2960-3#

---

TOPOLOGIA DA REDE

[FelipeFerreiraCardoso]

Boa tarde, Robson. Conseguir fazer com as vlans diferente se comuniquem.

Agora eu não consigo acessar os sw, router via ssh pelo desktop de vlans diferentes. O que preciso fazer?

do R1 eu consigo acessar remotamente o sw, porem n consigo pingar nos sw.

Dos SW eu consigo acessa remotamente via shh cada um.

rt-1941-1#ssh -l admin 172.16.100.250

% Connection timed out; remote host not responding rt-1941-1#

---

sw-l2-2960-1>enable Password: sw-l2-2960-1#ssh -l admin 172.16.100.250

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-1>enable Password: sw-l2-2960-1#ssh -l admin 172.16.100.252

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-3>enable Password: sw-l2-2960-3#ssh -l admin 172.16.100.254

% Connection timed out; remote host not responding sw-l2-2960-3#

[FelipeFerreiraCardoso]

rt-1941-1#conf t Enter configuration commands, one per line. End with CNTL/Z. rt-1941-1(config)#int rt-1941-1(config)#interface gi rt-1941-1(config)#interface gigabitEthernet 0/0.99 rt-1941-1(config-subif)#en rt-1941-1(config-subif)#encapsulation do rt-1941-1(config-subif)#encapsulation dot1Q 99 rt-1941-1(config-subif)#ip rt-1941-1(config-subif)#ip a rt-1941-1(config-subif)#ip ad rt-1941-1(config-subif)#ip address 172.16.100.253 255.255.255.0 % 172.16.100.0 overlaps with GigabitEthernet0/0

por que da esse erro?

[FelipeFerreiraCardoso]

rt-1941-1#show ip int rt-1941-1#show ip interface bri rt-1941-1#show ip interface brief Interface IP-Address OK? Method Status Protocol GigabitEthernet0/0 172.16.100.254 YES NVRAM up up GigabitEthernet0/0.10 172.16.15.254 YES NVRAM up up GigabitEthernet0/0.20 172.16.16.254 YES NVRAM up up GigabitEthernet0/0.30 172.16.17.254 YES NVRAM up up GigabitEthernet0/0.99 172.16.99.254 YES manual up up GigabitEthernet0/1 unassigned YES NVRAM administratively down down Vlan1 unassigned YES NVRAM administratively down down Vlan99 unassigned YES NVRAM down down rt-1941-1#

Mudei a o ip da vlan para outra rede e deu certo.

[FelipeFerreiraCardoso]

C:>ssh -l admin 172.16.100.254

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe

[vaamonde]

Olá conforme comentei no YouTUBE, manda o último PT seu para eu analisar.

[FelipeFerreiraCardoso]

TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.zip

[FelipeFerreiraCardoso]

Boa noite, acessei meu lab novamente e agora não estou mais conseguindo acessar o sw via ssh, apenas o roteador.

rt-1941-1#ssh -l admin 172.16.100.250

% Connection timed out; remote host not responding rt-1941-1#

[FelipeFerreiraCardoso]

Vaamonde? Vai poder me ajudar?

[vaamonde]

Olá, comecei a análise do seu cenário, infelizmente o mesmo possui uma grande quatidade de erros de conceito nas configurações, segue alguns:

Análise de erros:

01_ Subinterface virtual não se configura Endereco IPv4

interface GigabitEthernet0/0 description Interface fisica do Gateway da LAN ip address 172.16.100.254 255.255.255.0 duplex full speed 100

02_ Subinterface VLAN 99 de SVI com Endereço IPv4 diferente

interface GigabitEthernet0/0.99 description subinterface da VLAN 99 GERENCIAREDE encapsulation dot1Q 99 native ip address 172.16.99.254 255.255.255.0

03_ SVI nos Switch na VLAN-99 com Subrede diferente

interface Vlan99 description Interface de Gerenciamento do Switch SW-L2-2960-3 ip address 172.16.100.252 255.255.255.0

04_ Todos os Desktops estão apontando o Gateway para os Endereços IPv4 Errados

05_ Sempre que se trabalha com VLAN - Cada VLAN tem que está em uma Subrede diferente

apontando para o seu Gateway da sua Subrede

06_ Portas Trunks não é recomendo setar VLAN na Interface

interface GigabitEthernet0/2 description Porta de Trunk com o sw-l2-2960-2 switchport access vlan 99 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto

Esse foram alguns erros de conceito no seu cenário, vou refazer o mesmo e te mando em breve.

[FelipeFerreiraCardoso]

Sobre a SVI de gerencia de rede, quando eu tentava colocar um ip da mesma rede, dava Overlps, deve ser por que coloquei IP na porta do roteador.

Sobre o ip da subinterface, foi por que eu evolui o cenário para usar o router on a stick, porém não excluir o IP da interface que antes era o gateway.

Sobre o trunk, foi por que eu coloquei para que todo o tráfego não marcado, fosse pela VLAN 99, já que desativei a VLAN 1 default.

[vaamonde]

Segue corrigido o cenário. TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.zip

[FelipeFerreiraCardoso]

Acho que você mandou o mesmo arquivo.

[FelipeFerreiraCardoso]

Mas com as suas explicações, consegui resolver o problema. Muito obrigado.

[FelipeFerreiraCardoso]

ACESSO SSH VIA DESKTOP-01

sw-l2-2960-1 Ajustado as configurações que estava erradas. C:>ssh -l admin 172.16.100.250

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-1>enable Password: Password: Password: sw-l2-2960-1#show sw-l2-2960-1#show ru sw-l2-2960-1#show running-config Building configuration...

Current configuration : 9251 bytes ! version 15.0 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname sw-l2-2960-1 ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! interface FastEthernet0/1 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 000C.8524.94BB duplex full speed 100 no mdix auto ! interface FastEthernet0/2 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/3 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/4 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/5 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/6 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/7 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/8 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/9 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 000A.F38B.ACD4 duplex full speed 100 no mdix auto ! interface FastEthernet0/10 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/11 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/12 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/13 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/14 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/15 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/16 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/17 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 0000.0C9E.4594 duplex full speed 100 no mdix auto ! interface FastEthernet0/18 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/19 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/20 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/21 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/22 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/23 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/24 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface GigabitEthernet0/1 description Porta de Trunk com o sw-l2-2960-3 switchport trunk native vlan 99 switchport mode trunk duplex full speed 1000 no mdix auto ! interface GigabitEthernet0/2 description Porta de Trunk com o sw-l2-2960-3 switchport access vlan 99 duplex full speed 1000 no mdix auto ! interface Vlan1 no ip address shutdown ! interface Vlan99 description Interface de Gerenciamento do Switch SW-L2-2960-1 ip address 172.16.100.250 255.255.255.0 ! ip default-gateway 172.16.100.253 ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C ! ! ! line con 0 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local exec-timeout 5 30 ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh line vty 5 15 login ! ! ! ! end

sw-l2-2960-1#

---

---

sw-l2-2960-2 Ajustado as configurações que estava erradas.

sw-l2-2960-1#ssh -l admin 172.16.100.251

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-2>enable Password: sw-l2-2960-2#show ru sw-l2-2960-2#show running-config Building configuration...

Current configuration : 9184 bytes ! version 15.0 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname sw-l2-2960-2 ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! interface FastEthernet0/1 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 0060.2F12.9979 duplex full speed 100 no mdix auto ! interface FastEthernet0/2 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/3 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/4 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/5 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/6 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/7 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/8 description Interface de Acesso dos Desktops da VLAN 10 switchport access vlan 10 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/9 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 00E0.A35A.49A9 duplex full speed 100 no mdix auto ! interface FastEthernet0/10 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/11 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/12 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/13 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/14 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/15 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/16 description Interface de Acesso dos Desktops da VLAN 20 switchport access vlan 20 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/17 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict switchport port-security mac-address sticky 0001.641B.4228 duplex full speed 100 no mdix auto ! interface FastEthernet0/18 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/19 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/20 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/21 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/22 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/23 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface FastEthernet0/24 description Interface de Acesso dos Desktops da VLAN 30 switchport access vlan 30 switchport mode access switchport nonegotiate switchport port-security switchport port-security mac-address sticky switchport port-security violation restrict duplex full speed 100 no mdix auto ! interface GigabitEthernet0/1 description Porta de Trunk com o sw-l2-2960-3 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto ! interface GigabitEthernet0/2 switchport access vlan 99 duplex full speed 1000 no mdix auto ! interface Vlan1 no ip address shutdown ! interface Vlan99 description write ip address 172.16.100.251 255.255.255.0 ! ip default-gateway 172.16.100.253 ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C ! ! ! line con 0 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local exec-timeout 5 30 ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh line vty 5 15 login ! ! ! ! end

sw-l2-2960-2#

---

---

sw-l2-2960-3 Ajustado as configurações que estava erradas.

sw-l2-2960-2#ssh -l admin 172.16.100.252

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-3>enable Password: sw-l2-2960-3#show ru sw-l2-2960-3#show running-config Building configuration...

Current configuration : 4865 bytes ! version 15.0 service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname sw-l2-2960-3 ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! interface FastEthernet0/1 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/2 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/3 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/4 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/5 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/6 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/7 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/8 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/9 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/10 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/11 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/12 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/13 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/14 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/15 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/16 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/17 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/18 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/19 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/20 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/21 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/22 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/23 switchport access vlan 99 switchport trunk native vlan 99 duplex full speed 100 no mdix auto shutdown ! interface FastEthernet0/24 switchport access vlan 99 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 100 no mdix auto ! interface GigabitEthernet0/1 description Porta de Trunk com o sw-l2-2960-1 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto ! interface GigabitEthernet0/2 description Porta de Trunk com o sw-l2-2960-2 switchport trunk native vlan 99 switchport mode trunk switchport nonegotiate duplex full speed 1000 no mdix auto ! interface Vlan1 no ip address shutdown ! interface Vlan99 description Interface de Gerenciamento do Switch SW-L2-2960-3 ip address 172.16.100.252 255.255.255.0 ! ip default-gateway 172.16.100.253 ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C ! ! ! line con 0 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local exec-timeout 5 30 ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh line vty 5 15 login ! ! ! ! end

sw-l2-2960-3#

---

---

rt-1941-1 Ajustado as configurações que estava erradas. sw-l2-2960-3#ssh -l admin 172.16.100.253

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe

rt-1941-1#show ru rt-1941-1#show running-config Building configuration...

Current configuration : 2087 bytes ! version 15.1 service timestamps log datetime msec service timestamps debug datetime msec service password-encryption security passwords min-length 8 ! hostname rt-1941-1 ! ! ! enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! ! ! ! ! ip cef no ipv6 cef ! ! ! username admin privilege 15 secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 username felipe password 7 08275E4F071A0C0411042C143E22 username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0 ! ! license udi pid CISCO1941/K9 sn FTX152442R7- ! ! ! ! ! ! ! ! ! ip ssh version 2 ip ssh authentication-retries 2 ip ssh time-out 60 no ip domain-lookup ip domain-name francisco.pti ! ! spanning-tree mode pvst ! ! ! ! ! ! interface GigabitEthernet0/0 no ip address duplex full speed 100 ! interface GigabitEthernet0/0.10 description subinterface da VLAN 10 DESENVOLVIMENTO encapsulation dot1Q 10 ip address 172.16.15.254 255.255.255.0 ! interface GigabitEthernet0/0.20 description subinterface da VLAN 20 SUPORTECLIENTE encapsulation dot1Q 20 ip address 172.16.16.254 255.255.255.0 ! interface GigabitEthernet0/0.30 description subinterface da VLAN 30 ADMINISTRACAO encapsulation dot1Q 30 ip address 172.16.17.254 255.255.255.0 ! interface GigabitEthernet0/0.99 description subinterface da VLAN 99 GERENCIAREDE encapsulation dot1Q 99 native ip address 172.16.100.253 255.255.255.0 ! interface GigabitEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan99 mac-address 0060.7021.3501 no ip address ! ip classless ! ip flow-export version 9 ! ! ! banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe^C ! ! ! ! line con 0 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local ! line aux 0 exec-timeout 5 30 speed 115200 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local flowcontrol hardware ! line vty 0 4 exec-timeout 5 30 password 7 08275E4F071A0C0411042C143E22 logging synchronous login local transport input ssh transport output none ! ! ! end

rt-1941-1#

---

---

Desktops Ajustado as configurações que estava erradas.