Configurações iniciais sw e router.

[FelipeFerreiraCardoso]

Professor, muito obrigado pelas suas aulas, estão me ajudando demais nos meus estudos.

Professor, com base na topologia abaixo, preciso de uma ajuda do senhor.
Fiz as configurações básicas, seguindo as etapas que o senhor disponibilizou no git, tudo certo.

Antes de setar as vlans, piguei cada desktop em sua rede, funcionou normalmente.

Após eu setar as vlans, e configurar as portas trunks entre sw3 e sw1 e sw3 e sw2, e configurar as vlans no sw1 e sw2, e cada porta que acessa a vlan, consegui pingar os dispositivos da mesma vlan e rede. Até aqui tudo normal.

Primeiro problema: não conseguir acessar os sw1 e sw2 via ssh, porem o R1 acesso via ssh o sw3, e o sw3 acessa o R1 via ssh;
Fiz ping entre sw3 e R1 e funcionou.

Dos desktops não consigo acessar nem sw1 e nem sw2 via ssh.

Também não consigo comunicar as vlans após configurar o route on stick.

Me ajude por favor.

[FelipeFerreiraCardoso]

enable

clock set 09:45:00 23 Feb 2024

configure terminal

hostname sw-l2-2960-3

service password-encryption

service timestamps log datetime msec

no ip domain-lookup

banner motd #AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso#

enable secret francisco@pti

username francisco secret francisco@pti
username felipe password francisco@pti
username admin privilege 15 secret francisco@pti

line console 0
login local
password francisco@pti
logging synchronou
exec-timeout 5 30
end

write

---

enable

configure terminal
line vty 0 4
login local
password francisco@pti
logging synchronous
exec-timeout 5 30
transport input all
end
copy running-config startup-config

---

enable

configure terminal
ip default-gateway 172.16.100.254
vlan 99
interface vlan 99
description Interface de Gerenciamento do Switch SW-L2-2960-3
ip address 172.16.100.252 255.255.255.0
no shutdown
end
copy running-config startup-config

---

configure terminal
ip domain-name francisco.pti

crypto key generate rsa general-keys modulus 1024

ip ssh version 2

ip ssh time-out 60

ip ssh authentication-retries 2

line vty 0 4

transport input ssh

end

copy running-config startup-config

---

configure terminal

Interface GigabitEthernet 0/1
description Porta de Trunk com o sw-l2-2960-3
speed 1000
duplex full
no mdix auto
exit
do write

Interface GigabitEthernet 1/1
description Porta de Trunk com o sw-l2-2960-2
speed 1000
duplex full
no mdix auto
exit
do write

Interface GigabitEthernet 0/2
description Porta de Trunk com o sw-l2-2960-2
speed 1000
duplex full
no mdix auto
exit
do write

Interface GigabitEthernet 0/2
description Porta de Trunk com o sw-l2-2960-3
speed 1000
duplex full
no mdix auto
exit
do write

-----------------------------------------------------------------IGNORA POR ENQUANTO----------------------------
configure terminal

interface range FastEthernet 0/1 - 8
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation shutdown
switchport port-security violation protect
switchport port-security aging time 5
exit
do write

interface range FastEthernet 0/9 - 16
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation shutdown
switchport port-security violation protect
switchport port-security aging time 5
exit
do write

interface range FastEthernet 0/17 - 23
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation shutdown
switchport port-security violation protect
switchport port-security aging time 5
exit
do write

---

configure terminal
spanning-tree mode rapid-pvst
end

---

vlan 99
ip address 172.16.100.252 255.255.255.0
no shutdown

vlan 10
name DESENVOLVIMENTO
exit

vlan 20
name SUPORTECLIENTE
exit

vlan 30
name ADMINISTRACAO
exit

interface range g0/1 - 2, g1/1 - 2
switchport access vlan 99
shutdown
exit

int vlan1
shutdown

interface range gigabitEthernet 0/1
switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 99
exit

interface range gigabitEthernet 0/1
switchport access vlan 99
shutdown

switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 99
exit

interface range gigabitEthernet 0/1
switchport access vlan 99
shutdown

switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 99
exit

interface range gigabitEthernet 0/1
switchport access vlan 99
shutdown

switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 99
exit

interface range FastEthernet 0/1 - 8
description Interface de Acesso dos Desktops da VLAN 10
switchport mode access
switchport access vlan 10
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation restrict
exit
do write

interface range FastEthernet 0/9 - 16
description Interface de Acesso dos Desktops da VLAN 20
switchport mode access
switchport access vlan 20
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation restrict
exit
do write

interface range FastEthernet 0/17 - 23
description Interface de Acesso dos Desktops da VLAN 30
switchport mode access
switchport access vlan 30
switchport nonegotiate
switchport port-security
switchport port-security maximum 1
switchport port-security mac-address sticky
switchport port-security violation restrict
exit
do write

[FelipeFerreiraCardoso]

Vou deixar o packter tracer aqui da topologia atualizado.

Uploading TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.pkt…

[FelipeFerreiraCardoso]

Boa noite Robson, eu conseguir resolver a questão da configuração da VLAN a nivel de sw.
Agora não estou conseguindo é resolver o problema de configuração das subinterfaces para que as vlans 10,20,30 possam se comunicar. O que devo fazer?

Meu rt-1941:

rt-1941-1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

 172.16.0.0/16 is variably subnetted, 8 subnets, 2 masks

C 172.16.10.0/24 is directly connected, GigabitEthernet0/0.10
L 172.16.10.254/32 is directly connected, GigabitEthernet0/0.10
C 172.16.20.0/24 is directly connected, GigabitEthernet0/0.20
L 172.16.20.254/32 is directly connected, GigabitEthernet0/0.20
C 172.16.30.0/24 is directly connected, GigabitEthernet0/0.30
L 172.16.30.254/32 is directly connected, GigabitEthernet0/0.30
C 172.16.100.0/24 is directly connected, GigabitEthernet0/0
L 172.16.100.254/32 is directly connected, GigabitEthernet0/0

rt-1941-1#

---

rt-1941-1#show ru
rt-1941-1#show running-config
Building configuration...

Current configuration : 2050 bytes
!
version 15.1
service timestamps log datetime msec
service timestamps debug datetime msec
service password-encryption
security passwords min-length 8
!
hostname rt-1941-1
!
!
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
username admin privilege 15 secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
license udi pid CISCO1941/K9 sn FTX152442R7-
!
!
!
!
!
!
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
description Interface fisica do Gateway da LAN
ip address 172.16.100.254 255.255.255.0
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description subinterface da VLAN 10 DESENVOLVIMENTO
encapsulation dot1Q 10
ip address 172.16.10.254 255.255.255.0
!
interface GigabitEthernet0/0.20
description subinterface da VLAN 20 SUPORTECLIENTE
encapsulation dot1Q 20
ip address 172.16.20.254 255.255.255.0
!
interface GigabitEthernet0/0.30
description subinterface da VLAN 30 ADMINISTRACAO
encapsulation dot1Q 30
ip address 172.16.30.254 255.255.255.0
!
interface GigabitEthernet0/0.99
description subinterface da VLAN 99 GERENCIAREDE
encapsulation dot1Q 99 native
no ip address
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip classless
!
ip flow-export version 9
!
!
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe^C
!
!
!
!
line con 0
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
!
line aux 0
exec-timeout 5 30
speed 115200
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
flowcontrol hardware
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
!
!
!
end

rt-1941-1#

---

sw-l2-2960-3#show running-config
Building configuration...

Current configuration : 3539 bytes
!
version 15.0
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname sw-l2-2960-3
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/2
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/3
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/4
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/5
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/6
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/7
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/8
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/9
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/10
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/11
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/12
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/13
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/14
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/15
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/16
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/17
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/18
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/19
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/20
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/21
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/22
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/23
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/24
switchport access vlan 99
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 100
no mdix auto
!
interface GigabitEthernet0/1
description Porta de Trunk com o sw-l2-2960-1
switchport access vlan 99
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto
!
interface GigabitEthernet0/2
description Porta de Trunk com o sw-l2-2960-2
switchport access vlan 99
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
description Interface de Gerenciamento do Switch SW-L2-2960-3
ip address 172.16.100.252 255.255.255.0
!
ip default-gateway 172.16.100.254
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C
!
!
!
line con 0
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
exec-timeout 5 30
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
!
!
!
end

sw-l2-2960-3#

---

TOPOLOGIA DA REDE

[FelipeFerreiraCardoso]

Boa tarde, Robson. Conseguir fazer com as vlans diferente se comuniquem.

Agora eu não consigo acessar os sw, router via ssh pelo desktop de vlans diferentes. O que preciso fazer?

do R1 eu consigo acessar remotamente o sw, porem n consigo pingar nos sw.

Dos SW eu consigo acessa remotamente via shh cada um.

rt-1941-1#ssh -l admin 172.16.100.250

% Connection timed out; remote host not responding
rt-1941-1#

---

sw-l2-2960-1>enable
Password:
sw-l2-2960-1#ssh -l admin 172.16.100.250

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-1>enable
Password:
sw-l2-2960-1#ssh -l admin 172.16.100.252

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-3>enable
Password:
sw-l2-2960-3#ssh -l admin 172.16.100.254

% Connection timed out; remote host not responding
sw-l2-2960-3#

[FelipeFerreiraCardoso]

rt-1941-1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
rt-1941-1(config)#int
rt-1941-1(config)#interface gi
rt-1941-1(config)#interface gigabitEthernet 0/0.99
rt-1941-1(config-subif)#en
rt-1941-1(config-subif)#encapsulation do
rt-1941-1(config-subif)#encapsulation dot1Q 99
rt-1941-1(config-subif)#ip
rt-1941-1(config-subif)#ip a
rt-1941-1(config-subif)#ip ad
rt-1941-1(config-subif)#ip address 172.16.100.253 255.255.255.0
% 172.16.100.0 overlaps with GigabitEthernet0/0

por que da esse erro?

[FelipeFerreiraCardoso]

rt-1941-1#show ip int
rt-1941-1#show ip interface bri
rt-1941-1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 172.16.100.254 YES NVRAM up up
GigabitEthernet0/0.10 172.16.15.254 YES NVRAM up up
GigabitEthernet0/0.20 172.16.16.254 YES NVRAM up up
GigabitEthernet0/0.30 172.16.17.254 YES NVRAM up up
GigabitEthernet0/0.99 172.16.99.254 YES manual up up
GigabitEthernet0/1 unassigned YES NVRAM administratively down down
Vlan1 unassigned YES NVRAM administratively down down
Vlan99 unassigned YES NVRAM down down
rt-1941-1#

Mudei a o ip da vlan para outra rede e deu certo.

[FelipeFerreiraCardoso]

C:>ssh -l admin 172.16.100.254

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe

[vaamonde]

Olá conforme comentei no YouTUBE, manda o último PT seu para eu analisar.

[FelipeFerreiraCardoso]

TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.zip

[FelipeFerreiraCardoso]

Boa noite, acessei meu lab novamente e agora não estou mais conseguindo acessar o sw via ssh, apenas o roteador.

rt-1941-1#ssh -l admin 172.16.100.250

% Connection timed out; remote host not responding
rt-1941-1#

[FelipeFerreiraCardoso]

Vaamonde? Vai poder me ajudar?

[vaamonde]

Olá, comecei a análise do seu cenário, infelizmente o mesmo possui uma grande quatidade de erros de conceito nas configurações, segue alguns:

Análise de erros:

#01_ Subinterface virtual não se configura Endereco IPv4
interface GigabitEthernet0/0
description Interface fisica do Gateway da LAN
ip address 172.16.100.254 255.255.255.0
duplex full
speed 100

#02_ Subinterface VLAN 99 de SVI com Endereço IPv4 diferente
interface GigabitEthernet0/0.99
description subinterface da VLAN 99 GERENCIAREDE
encapsulation dot1Q 99 native
ip address 172.16.99.254 255.255.255.0

#03_ SVI nos Switch na VLAN-99 com Subrede diferente
interface Vlan99
description Interface de Gerenciamento do Switch SW-L2-2960-3
ip address 172.16.100.252 255.255.255.0

#04_ Todos os Desktops estão apontando o Gateway para os Endereços IPv4 Errados

#05_ Sempre que se trabalha com VLAN - Cada VLAN tem que está em uma Subrede diferente
apontando para o seu Gateway da sua Subrede

#06_ Portas Trunks não é recomendo setar VLAN na Interface
interface GigabitEthernet0/2
description Porta de Trunk com o sw-l2-2960-2
switchport access vlan 99
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto

Esse foram alguns erros de conceito no seu cenário, vou refazer o mesmo e te mando em breve.

[FelipeFerreiraCardoso]

Sobre a SVI de gerencia de rede, quando eu tentava colocar um ip da mesma rede, dava Overlps, deve ser por que coloquei IP na porta do roteador.

Sobre o ip da subinterface, foi por que eu evolui o cenário para usar o router on a stick, porém não excluir o IP da interface que antes era o gateway.

Sobre o trunk, foi por que eu coloquei para que todo o tráfego não marcado, fosse pela VLAN 99, já que desativei a VLAN 1 default.

[vaamonde]

Segue corrigido o cenário.
TP1-Ativ2-ProjetoDeBloco-FcoFelipeFerreiraCardoso.zip

[FelipeFerreiraCardoso]

Acho que você mandou o mesmo arquivo.

[FelipeFerreiraCardoso]

Mas com as suas explicações, consegui resolver o problema. Muito obrigado.

[FelipeFerreiraCardoso]

ACESSO SSH VIA DESKTOP-01

sw-l2-2960-1 Ajustado as configurações que estava erradas.
C:>ssh -l admin 172.16.100.250

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-1>enable
Password:
Password:
Password:
sw-l2-2960-1#show
sw-l2-2960-1#show ru
sw-l2-2960-1#show running-config
Building configuration...

Current configuration : 9251 bytes
!
version 15.0
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname sw-l2-2960-1
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 000C.8524.94BB
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/2
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/3
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/4
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/5
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/6
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/7
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/8
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/9
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 000A.F38B.ACD4
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/10
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/11
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/12
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/13
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/14
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/15
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/16
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/17
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 0000.0C9E.4594
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/18
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/19
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/20
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/21
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/22
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/23
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/24
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface GigabitEthernet0/1
description Porta de Trunk com o sw-l2-2960-3
switchport trunk native vlan 99
switchport mode trunk
duplex full
speed 1000
no mdix auto
!
interface GigabitEthernet0/2
description Porta de Trunk com o sw-l2-2960-3
switchport access vlan 99
duplex full
speed 1000
no mdix auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
description Interface de Gerenciamento do Switch SW-L2-2960-1
ip address 172.16.100.250 255.255.255.0
!
ip default-gateway 172.16.100.253
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C
!
!
!
line con 0
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
exec-timeout 5 30
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
!
!
!
end

sw-l2-2960-1#

---

---

sw-l2-2960-2 Ajustado as configurações que estava erradas.

sw-l2-2960-1#ssh -l admin 172.16.100.251

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-2>enable
Password:
sw-l2-2960-2#show ru
sw-l2-2960-2#show running-config
Building configuration...

Current configuration : 9184 bytes
!
version 15.0
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname sw-l2-2960-2
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 0060.2F12.9979
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/2
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/3
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/4
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/5
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/6
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/7
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/8
description Interface de Acesso dos Desktops da VLAN 10
switchport access vlan 10
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/9
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 00E0.A35A.49A9
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/10
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/11
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/12
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/13
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/14
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/15
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/16
description Interface de Acesso dos Desktops da VLAN 20
switchport access vlan 20
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/17
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 0001.641B.4228
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/18
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/19
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/20
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/21
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/22
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/23
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface FastEthernet0/24
description Interface de Acesso dos Desktops da VLAN 30
switchport access vlan 30
switchport mode access
switchport nonegotiate
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
duplex full
speed 100
no mdix auto
!
interface GigabitEthernet0/1
description Porta de Trunk com o sw-l2-2960-3
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto
!
interface GigabitEthernet0/2
switchport access vlan 99
duplex full
speed 1000
no mdix auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
description write
ip address 172.16.100.251 255.255.255.0
!
ip default-gateway 172.16.100.253
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C
!
!
!
line con 0
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
exec-timeout 5 30
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
!
!
!
end

sw-l2-2960-2#

---

---

sw-l2-2960-3 Ajustado as configurações que estava erradas.

sw-l2-2960-2#ssh -l admin 172.16.100.252

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso

sw-l2-2960-3>enable
Password:
sw-l2-2960-3#show ru
sw-l2-2960-3#show running-config
Building configuration...

Current configuration : 4865 bytes
!
version 15.0
service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname sw-l2-2960-3
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
username admin secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe privilege 1 password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/2
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/3
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/4
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/5
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/6
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/7
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/8
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/9
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/10
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/11
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/12
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/13
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/14
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/15
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/16
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/17
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/18
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/19
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/20
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/21
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/22
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/23
switchport access vlan 99
switchport trunk native vlan 99
duplex full
speed 100
no mdix auto
shutdown
!
interface FastEthernet0/24
switchport access vlan 99
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 100
no mdix auto
!
interface GigabitEthernet0/1
description Porta de Trunk com o sw-l2-2960-1
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto
!
interface GigabitEthernet0/2
description Porta de Trunk com o sw-l2-2960-2
switchport trunk native vlan 99
switchport mode trunk
switchport nonegotiate
duplex full
speed 1000
no mdix auto
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
description Interface de Gerenciamento do Switch SW-L2-2960-3
ip address 172.16.100.252 255.255.255.0
!
ip default-gateway 172.16.100.253
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe Ferreira Cardoso^C
!
!
!
line con 0
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
exec-timeout 5 30
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
line vty 5 15
login
!
!
!
!
end

sw-l2-2960-3#

---

---

rt-1941-1 Ajustado as configurações que estava erradas.
sw-l2-2960-3#ssh -l admin 172.16.100.253

Password:

AVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe

rt-1941-1#show ru
rt-1941-1#show running-config
Building configuration...

Current configuration : 2087 bytes
!
version 15.1
service timestamps log datetime msec
service timestamps debug datetime msec
service password-encryption
security passwords min-length 8
!
hostname rt-1941-1
!
!
!
enable secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
username admin privilege 15 secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
username felipe password 7 08275E4F071A0C0411042C143E22
username francisco secret 5 $1$mERr$PTQx6fksY.2PtiB46waX/0
!
!
license udi pid CISCO1941/K9 sn FTX152442R7-
!
!
!
!
!
!
!
!
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
no ip domain-lookup
ip domain-name francisco.pti
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
duplex full
speed 100
!
interface GigabitEthernet0/0.10
description subinterface da VLAN 10 DESENVOLVIMENTO
encapsulation dot1Q 10
ip address 172.16.15.254 255.255.255.0
!
interface GigabitEthernet0/0.20
description subinterface da VLAN 20 SUPORTECLIENTE
encapsulation dot1Q 20
ip address 172.16.16.254 255.255.255.0
!
interface GigabitEthernet0/0.30
description subinterface da VLAN 30 ADMINISTRACAO
encapsulation dot1Q 30
ip address 172.16.17.254 255.255.255.0
!
interface GigabitEthernet0/0.99
description subinterface da VLAN 99 GERENCIAREDE
encapsulation dot1Q 99 native
ip address 172.16.100.253 255.255.255.0
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
mac-address 0060.7021.3501
no ip address
!
ip classless
!
ip flow-export version 9
!
!
!
banner motd ^CAVISO: acesso autorizado somente a funcionarios da empresa Francisco Felipe^C
!
!
!
!
line con 0
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
!
line aux 0
exec-timeout 5 30
speed 115200
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
flowcontrol hardware
!
line vty 0 4
exec-timeout 5 30
password 7 08275E4F071A0C0411042C143E22
logging synchronous
login local
transport input ssh
transport output none
!
!
!
end

rt-1941-1#

---

---

Desktops Ajustado as configurações que estava erradas.