Cyber_Security_Notes/A. 第一阶段/拓扑练习/0805_aaa.md

0805_练习

1. 设置所有PC的IP地址、子网掩码、网关

2. R1设置

   // 基础设置
   <Huawei>u t m
   [Huawei]sysname R1
   
   // 配置端口
   [R1]int g 0/0/0
   [R1-GigabitEthernet0/0/0]ip a 192.168.10.254 24
   [R1]int g 0/0/1
   [R1-GigabitEthernet0/0/1]ip a 192.168.20.254 24
   [R1]int g 0/0/2
   [R1-GigabitEthernet0/0/2]ip a 192.168.30.254 24
   
   // 配置静态路由
   [R1]ip route-static 192.168.40.0 24 192.168.30.253
   
   // 配置aaa认证
   [R1]aaa
   [R1-aaa]local-user admin password cipher 123456
   [R1-aaa]local-user admin service-type telnet
   [R1-aaa]local-user admin privilege level 15
   [R1]user-interface vty 0 4
   [R1-ui-vty0-4]authentication-mode aaa
   [R1-ui-vty0-4]protocol inbound telnet
   [R1]telnet server enable
   <R1>save
   

3. R2设置

   // 基础设置
   <Huawei>u t m
   [Huawei]sysname R2
   
   // 配置端口
   [R2]int g 0/0/0
   [R2-GigabitEthernet0/0/0]ip a 192.168.30.253 24
   [R2]int g 0/0/1
   [R2-GigabitEthernet0/0/1]ip a 192.168.40.254 24
   
   // 配置静态路由
   [R2]ip route-static 192.168.10.0 24 192.168.30.254
   [R2]ip route-static 192.168.20.0 24 192.168.30.254
   
   // 配置aaa认证
   [R2]aaa
   [R2-aaa]local-user admin password cipher 123456
   [R2-aaa]local-user admin service-type telnet
   [R2-aaa]local-user admin privilege level 15
   [R2]user-interface vty 0 4
   [R2-ui-vty0-4]authentication-mode aaa
   [R2-ui-vty0-4]protocol inbound telnet
   [R2]telnet server enable
   <R1>save
   

4. SW4设置

   // 基础配置
   <Huawei>u t m
   [Huawei]sysname SW4
   
   // VLAN及IP
   [SW4]int v 1
   [SW4-Vlanif1]ip a 192.168.40.2 24
   
   // 配置静态路由
   [SW4]ip route-static 192.168.10.0 24 192.168.40.254
   [SW4]ip route-static 192.168.20.0 24 192.168.40.254
   [SW4]ip route-static 192.168.30.0 24 192.168.40.254
   <SW4>save
   

5. 测试

   在SW4中：
   ping 192.168.10.1
   ping 192.168.20.1
   ping 192.168.40.1
   telnet 192.168.30.254	// 远程连接R1
   telnet 192.168.40.254	// 远程连接R2