Basic configuration of R1:
enable
configure terminal
hostname R1
no ip domain-lookup (Disable DNS lookup)
enable secret class (Configure a priviledged EXEC mode password)
banner motd #shenme shenme shenme# (Configure a message-of-the-day banner)
line con 0
password cisco (Configure a password for the console connections)
login
exit
line vty 0 15
password cisco (Configure a password for all sty connections)
login
exit
int fa0/0 (Configure IP addresses on all routers)
ip address 10.1.1.254 255.255.255.0
no sh
exit
int se0/0/0 (Configure IP addresses on all routers)
ip address 10.1.0.1 255.255.255.252
clock rate 64000 ( Clock rate is 64000 )
no sh
exit
router ospf 1 (Enable OSPF with process ID 1 )
network 10.1.1.0 0.0.0.255 area 0
network 10.1.0.0 0.0.0.3 area 0
exit
Basic configuration of R2:
enable
configure terminal
hostname R2
no ip domain-name
no ip domain-lookup
enable secret class
banner motd #shenme shenme shenme#
line con 0
password cisco
login
exit
line vty 0 15
password cisco
login
exit
int se0/0/0
ip address 10.1.0.2 255.255.255.252
no sh
exit
int se0/0/1
ip address 10.3.0.1 255.255.255.252
clock rate 64000
no sh
exit
router ospf 1
network 10.1.0.0 0.0.0.3 area 0
network 10.3.0.0 0.0.0.3 area 0
exit
Basic configuration of R3:
enable
configure terminal
hostname R3
no ip domain-lookup
enable secret class
banner motd #shenme shenme shenme#
line con 0
password cisco
login
exit
line vty 0 15
password cisco
login
exit
int fa0/0
ip address 10.3.1.254 255.255.255.0
no sh
exit
int se0/0/1
ip address 10.3.0.2 255.255.255.252
no sh
exit
router ospf 1
network 10.3.1.0 0.0.0.255 area 0
network 10.3.0.0 0.0.0.3 area 0
exit
Configure standard named ACLs on the R1 and R3 vty lines, permitting hosts connected directly to their Fast Ethernet subnets to gain Telnet access. Explicitly deny all other connection attempts.
on R1 (in configuration mode):
ip access-list standard VTY-Local
permit 10.1.1.0 0.0.0.255
deny any
exit
line vty 0 15
ip access-class VTY-Local in
exit
on R3 (in configuration mode):
ip access-list standard VTY-Local
permit 10.3.1.0 0.0.0.255
deny any
exit
line vty 0 15
ip access-class VTY-Local in
exit
Configure extended ACL on R2.
in configuration mode:
ip access-list extended block
deny ip 10.1.1.0 0.0.0.255 10.3.1.0 0.0.0.255
deny ip 10.3.1.0 0.0.0.255 10.1.1.0 0.0.0.255
permit ip any any
exit
int se0/0/0
ip access-group block in
exit
int se0/0/1
ip access-group block in
exit
passive-interface serial 0/0/1 ( Do not advertise the 209.165.200.224/27 network )