DT4H - Valgfag - MPLS VPN, ESXi

From Teknologisk videncenter
Jump to: navigation, search

Valgfagsopgave DT4H

Beskrivelse

MPLS VPN Opgave - Tegning.png

Serveropsætning

Config af netværksudstyr

R1 - MPLS Distribution Router

hostname R1
!
ip cef
!
ip vrf office
 rd 100:20
 route-target export 100:20
 route-target import 100:20
!
ip vrf production
 rd 100:10
 route-target export 100:10
 route-target import 100:10
!
interface Loopback0
 ip address 10.0.1.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.2 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls ip
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip vrf forwarding production
 ip address 172.16.1.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
interface FastEthernet0/1.20
 encapsulation dot1Q 20
 ip vrf forwarding office
 ip address 172.17.1.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
router isis
 net 49.0001.0100.0000.1001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf production
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf office
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
!
mpls ldp router-id Loopback0 force
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login


R2 - MPLS Core/BGP Route Reflector

Current configuration : 2660 bytes
!
! Last configuration change at 11:25:52 UTC Thu Sep 2 2010
! NVRAM config last updated at 11:25:55 UTC Thu Sep 2 2010
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$LRU5$0kkpPs9LoTyrNTUHVjU5L1
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.2.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.1 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls label protocol both
 mpls ip
!
interface FastEthernet0/1
 ip address 10.0.0.5 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls label protocol both
 mpls ip
!
interface FastEthernet0/3/0
 switchport access vlan 40
!
interface FastEthernet0/3/1
!
interface FastEthernet0/3/2
!
interface FastEthernet0/3/3
 switchport access vlan 30
!
interface Serial0/2/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Vlan1
 no ip address
!
interface Vlan30
 ip address 10.0.0.9 255.255.255.252
 ip router isis
 mpls label protocol both
 mpls ip
!
interface Vlan40
 ip address 10.0.0.13 255.255.255.252
 ip router isis
 mpls label protocol both
 mpls ip
!
router isis
 net 49.0001.0100.0000.2001.00
 is-type level-2-only
!
router bgp 100
 bgp log-neighbor-changes
 neighbor 10.0.1.1 remote-as 100
 neighbor 10.0.1.1 update-source Loopback0
 neighbor 10.0.3.1 remote-as 100
 neighbor 10.0.3.1 update-source Loopback0
 neighbor 10.0.4.1 remote-as 100
 neighbor 10.0.4.1 update-source Loopback0
 neighbor 10.0.5.1 remote-as 100
 neighbor 10.0.5.1 update-source Loopback0
 !
 address-family ipv4
 neighbor 10.0.1.1 activate
 neighbor 10.0.3.1 activate
 neighbor 10.0.4.1 activate
 neighbor 10.0.5.1 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family vpnv4
 neighbor 10.0.1.1 activate
 neighbor 10.0.1.1 send-community extended
 neighbor 10.0.1.1 route-reflector-client
 neighbor 10.0.3.1 activate
 neighbor 10.0.3.1 send-community extended
 neighbor 10.0.3.1 route-reflector-client
 neighbor 10.0.4.1 activate
 neighbor 10.0.4.1 send-community extended
 neighbor 10.0.4.1 route-reflector-client
 neighbor 10.0.5.1 activate
 neighbor 10.0.5.1 send-community extended
 neighbor 10.0.5.1 route-reflector-client
 exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
scheduler allocate 20000 1000
end

R3 - MPLS Distribution Router

Current configuration : 2263 bytes
!
! Last configuration change at 12:34:09 UTC Thu Sep 2 2010
! NVRAM config last updated at 12:34:09 UTC Thu Sep 2 2010
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$VCOF$SoSJO1g5dUHduhZ3qLQtZ1
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
ip vrf office
 rd 100:20
 route-target export 100:20
 route-target import 100:20
!
ip vrf production
 rd 100:10
 route-target export 100:10
 route-target import 100:10
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.3.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.6 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls ip
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip vrf forwarding production
 ip address 172.16.2.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
interface FastEthernet0/1.20
 encapsulation dot1Q 20
 ip vrf forwarding office
 ip address 172.17.2.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
interface Serial0/1/0
 no ip address
 shutdown
 clock rate 125000
!
interface Serial0/1/1
 no ip address
 shutdown
 clock rate 125000
!
interface Serial0/3/0
 no ip address
 shutdown
 clock rate 2000000
!
router isis
 net 49.0001.0100.0000.3001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf production
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf office
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
scheduler allocate 20000 1000
end

R4 - MPLS Distribution Router/Server Router

Current configuration : 1794 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$tMv4$/qNEMbkDuH90GdXj.V2Kc/
!
memory-size iomem 10
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip vrf server
 rd 100:30
 route-target export 100:30
 route-target export 100:10
 route-target export 100:20
 route-target import 100:30
 route-target import 100:10
 route-target import 100:20
!
ip audit po max-events 100
tag-switching tdp router-id Loopback0 force
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.4.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.10 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 tag-switching ip
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.30
 encapsulation dot1Q 30
 ip vrf forwarding server
 ip address 172.30.1.1 255.255.255.0
 no snmp trap link-status
!
interface Serial0/1
 no ip address
 shutdown
!
router isis
 net 49.0001.0100.0000.4001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf server
 redistribute connected
 redistribute static
 no auto-summary
 no synchronization
 exit-address-family
!
ip classless
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

R5 - MPLS Edge Router/Internet Router (VRF internet)

Current configuration : 2203 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZDel$DkGMj693div2QL9M7xIUk1
!
memory-size iomem 10
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip vrf internet
 rd 100:40
 route-target export 100:40
 route-target export 100:10
 route-target export 100:20
 route-target export 100:30
 route-target import 100:40
 route-target import 100:10
 route-target import 100:20
 route-target import 100:30
!
ip audit po max-events 100
tag-switching tdp router-id Loopback0 force
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.5.1 255.255.255.255
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.14 255.255.255.252
 ip nat inside
 ip router isis
 duplex auto
 speed auto
 tag-switching ip
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 ip vrf forwarding internet
 ip address dhcp
 ip nat outside
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
!
router isis
 net 49.0001.0100.0000.0005.00
 is-type level-2-only
 default-information originate
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf internet
 redistribute connected
 redistribute static
 no auto-summary
 no synchronization
 network 0.0.0.0
 exit-address-family
!
ip nat inside source list 100 interface FastEthernet0/1 vrf internet overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
ip route vrf internet 0.0.0.0 0.0.0.0 192.168.139.1
!
no ip http server
no ip http secure-server
!
access-list 100 permit ip 172.16.0.0 0.0.255.255 any
access-list 100 permit ip 172.17.0.0 0.0.255.255 any
access-list 100 permit ip 172.30.0.0 0.0.255.255 any
access-list 100 permit ip 10.0.0.0 0.0.255.255 any
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

R6

Current configuration : 4861 bytes
!
! Last configuration change at 14:26:19 eu Thu Sep 16 2010 by cisco
! NVRAM config last updated at 14:26:19 eu Thu Sep 16 2010 by cisco
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$OICl$vWjK8PWfk1AGlAU4jrj2x0
!
aaa new-model
!
!
aaa authentication login default local none
aaa authentication login VPN_BRUGER_AUTH local
aaa authorization network default local
aaa authorization network VPN_GRUPPE_AUTH local
!
aaa session-id common
!
resource policy
!
clock timezone eu 1
clock summer-time eu recurring
ip cef
!
!
!
!
ip vrf EasyVPN
 rd 100:50
 route-target export 100:50
 route-target import 100:50
!
ip vrf SiteToSiteVPN
 rd 100:60
 route-target export 100:60
 route-target import 100:60
!
ip vrf office
 rd 100:20
 route-target export 100:20
 route-target import 100:20
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username cisco password 0 cisco
!
!
crypto keyring SiteToSiteKey vrf SiteToSiteVPN
  pre-shared-key address 192.168.139.16 key cisco
!
crypto isakmp policy 1
 encr aes 256
 authentication pre-share
 group 5
 lifetime 3600
!
crypto isakmp policy 2
 encr 3des
 authentication pre-share
 group 2
 lifetime 3600
!
crypto isakmp client configuration group EASYVPN_GRUPPE
 key cisco
 pool VPNPOOL
 acl 100
 netmask 255.255.255.0
crypto isakmp profile ISAKMP_PROFILE_EASYVPN
   match identity group EASYVPN_GRUPPE
   client authentication list VPN_BRUGER_AUTH
   isakmp authorization list VPN_GRUPPE_AUTH
   client configuration address respond
   client configuration group EASYVPN_GRUPPE
   virtual-template 1
!
!
crypto ipsec transform-set mytrans esp-aes 256 esp-sha-hmac
crypto ipsec transform-set EASYVPN_TRANS esp-3des esp-sha-hmac
!
crypto ipsec profile IPSEC_PROFILE_EASYVPN
 set transform-set EASYVPN_TRANS
 set isakmp-profile ISAKMP_PROFILE_EASYVPN
!
crypto ipsec profile IPSecProfile
 set transform-set mytrans
!
!
!
!
!
!
!
!
!
!
!
interface Tunnel1
 ip address 10.0.0.21 255.255.255.252
 ip mtu 1400
 ip router isis
 mpls label protocol both
 mpls ip
 tunnel source Vlan500
 tunnel destination 192.168.139.16
 tunnel vrf SiteToSiteVPN
 tunnel protection ipsec profile IPSecProfile
!
interface Loopback0
 ip address 10.0.6.1 255.255.255.255
 ip router isis
!
interface Loopback1
 ip address 172.17.100.1 255.255.255.255
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.18 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls label protocol both
 mpls ip
!
interface FastEthernet0/1
 ip vrf forwarding EasyVPN
 ip address 192.168.139.14 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/3/0
 switchport access vlan 500
!
interface FastEthernet0/3/1
!
interface FastEthernet0/3/2
!
interface FastEthernet0/3/3
 switchport access vlan 1000
!
interface Serial0/2/0
 no ip address
 shutdown
 clock rate 2000000
!
interface Virtual-Template1 type tunnel
 ip vrf forwarding EasyVPN
 ip unnumbered FastEthernet0/1
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile IPSEC_PROFILE_EASYVPN
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan500
 ip vrf forwarding SiteToSiteVPN
 ip address 192.168.139.15 255.255.255.0
!
interface Vlan1000
 ip address 13.13.13.1 255.255.255.0
!
router isis
 net 49.0001.0100.0000.6001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf office
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf SiteToSiteVPN
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf EasyVPN
 no synchronization
 exit-address-family
!
ip local pool VPNPOOL 172.17.200.1 172.17.200.254
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
ip route vrf EasyVPN 0.0.0.0 0.0.0.0 192.168.139.1
ip route vrf SiteToSiteVPN 0.0.0.0 0.0.0.0 192.168.139.1
!
!
ip http server
no ip http secure-server
!
access-list 100 permit ip 172.17.0.0 0.0.255.255 any
!
!
!
mpls ldp router-id Loopback0 force
!
!
tftp-server flash:phone/7940-7960/P00308000500.bin
tftp-server flash:/phone/7940-7960/P00308000500.bin alias P00308000500.bin
!
control-plane
!
!
!
!
!
!
!
!
!
!
telephony-service
 no auto-reg-ephone
 load 7960-7940 P00308000500
 max-ephones 20
 max-dn 150
 ip source-address 172.17.100.1 port 2000
 max-conferences 4 gain -6
 transfer-system full-consult
 secondary-dialtone 0
 create cnf-files version-stamp 7960 Sep 16 2010 12:25:14
!
!
ephone-dn  11  dual-line
 number 10
 name Cisco Lort
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
!
scheduler allocate 20000 1000
ntp server vrf office 77.233.251.101 prefer
end

SW1 - End-user Access Switch (VRF office/production)

Current configuration : 2601 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$BQq8$0/6FBbzY4eOyLJOHEf4gl1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/13
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/19
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 172.16.1.2 255.255.255.0
!
interface Vlan20
 ip address 172.17.1.2 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end

SW2 - End-user Access Switch (VRF office/production)

Current configuration : 2601 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$C64C$Bm2YkIFSRpTgC/BVV1oXc0
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/13
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/19
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 172.16.2.2 255.255.255.0
!
interface Vlan20
 ip address 172.17.2.2 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end

ServerSW - Server Access Switch (VRF server)

Current configuration : 3274 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ServerSW
!
enable secret 5 $1$B30/$JKJWthWIIR1hyLISuAO490
!
ip subnet-zero
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport mode trunk
 no ip address
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan30
 ip address 172.30.1.200 255.255.255.0
 no ip route-cache
!
ip http server
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end
Retrieved from "http://mars.merhot.dk/w/index.php?title=DT4H_-_Valgfag_-_MPLS_VPN,_ESXi&oldid=14776"