Pulogalamu ya ProHoster > Blog > Ulamuliro > Kuthetsa ntchito za WorldSkills mu Network Network mu luso la "SiSA". Gawo 1 - Kukhazikitsa Kwambiri

Kuthetsa ntchito za WorldSkills mu Network Network mu luso la "SiSA". Gawo 1 - Kukhazikitsa Kwambiri

Gulu la WorldSkills likufuna kupeza ndi omwe akutenga nawo mbali makamaka maluso othandiza omwe akufunika pamsika wamakono wantchito. Mphamvu ya Network and System Administration ili ndi ma module atatu: Network, Windows, Linux. Ntchito zimasintha kuchoka ku mpikisano kupita ku mpikisano, mikhalidwe ya mpikisano imasintha, koma mapangidwe a ntchito zambiri amakhalabe ofanana.

Chilumba cha Network chidzakhala choyamba chifukwa cha kuphweka kwake poyerekeza ndi zilumba za Linux ndi Windows.

Ntchito zotsatirazi zidzakambidwa m'nkhaniyi:

  1. Tchulani zida ZONSE molingana ndi topology
  2. Perekani dzina lachidziwitso wsrvuz19.ru pazipangizo ZONSE
  3. Pangani wosuta wsrvuz19 pa ZONSE zipangizo ndi achinsinsi cisco
    • Mawu achinsinsi ogwiritsira ntchito ayenera kusungidwa mu kasinthidwe monga zotsatira za ntchito ya hashi.
    • Wogwiritsa ntchito ayenera kukhala ndi mwayi wapamwamba kwambiri.
  4. Pazida ZONSE, gwiritsani ntchito mtundu wa AAA.
    • Kutsimikizira pa cholumikizira chakutali kuyenera kuchitidwa pogwiritsa ntchito nkhokwe yapafupi (kupatula zida za RTR1 ndi RTR2)
    • Pambuyo potsimikizira bwino, mukamalowa kuchokera ku kontrakitala yakutali, wogwiritsa ntchitoyo ayenera kulowa nthawi yomweyo ndi mwayi waukulu kwambiri.
    • Khazikitsani kufunika kotsimikizira pa kontrakitala yakomweko.
    • Mukatsimikizidwa bwino ndi kontrakitala yakomweko, wogwiritsa ntchito akuyenera kulowa munjira yopanda mwayi.
    • Pa BR1, pakatsimikiziridwa bwino pa kontrakitala yakomweko, wogwiritsa ntchito ayenera kulowa mulingo wamwayi waukulu kwambiri.
  5. Pazida ZONSE, ikani mawu achinsinsi a wr kuti mulowe mwamwayi.
    • Mawu achinsinsi ayenera kusungidwa mu kasinthidwe OSATI chifukwa cha ntchito ya hashi.
    • Khazikitsani njira yomwe mawu achinsinsi onse mu kasinthidwe amasungidwa mu mawonekedwe obisika.


Netiweki topology pagulu lakuthupi ikuwonetsedwa mu chithunzi chotsatirachi:

Kuthetsa ntchito za WorldSkills mu Network Network mu luso la "SiSA". Gawo 1 - Kukhazikitsa Kwambiri

1. Tchulani zida ZONSE molingana ndi topology

Kuti muyike dzina la chipangizo (hostname), lowetsani lamulo kuchokera kumachitidwe osintha padziko lonse lapansi hostname SW1, komwe m'malo mwa SW1 muyenera kulemba dzina la zida zoperekedwa muzochitazo.

Mutha kuyang'ananso mawonekedwe - m'malo mwazokonzeratu Sinthani wakhala SW1:

Switch(config)# hostname SW1
SW1(config)#

Ntchito yayikulu mutatha kupanga zosintha zilizonse ndikusunga kasinthidwe.

Izi zitha kuchitika kuchokera kumayendedwe adziko lonse lapansi ndi lamulo do write:

SW1(config)# do write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]

Kapena kuchokera mumalowedwe mwamwayi ndi lamulo write:

SW1# write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]

2. Perekani dzina ankalamulira wsrvuz19.ru zipangizo ZONSE

Mutha kuyika dzina lachidziwitso wsrvuz19.ru mwachisawawa kuchokera pakusintha kwapadziko lonse lapansi ndi lamulo ip domain-name wsrvuz19.ru.

Chekecho chimachitidwa ndi do show hosts summary command kuchokera kumachitidwe adziko lonse lapansi:

SW1(config)# ip domain-name wsrvuz19.ru
SW1(config)# do show hosts summary
Name lookup view: Global
Default domain is wsrvuz19.ru
...

3. Pangani wosuta wsrvuz19 pa ZONSE zipangizo ndi achinsinsi cisco

Ndikofunikira kulenga wosuta woteroyo kuti akhale ndi mwayi waukulu kwambiri, ndipo mawu achinsinsi amasungidwa ngati mawonekedwe a hashi. Zinthu zonsezi zimaganiziridwa ndi gulu username wsrvuz19 privilege 15 secret cisco.

Zomwe:

username wsrvuz19 - Username;
privilege 15 - mlingo wamwayi (0 - osachepera mlingo, 15 - pazipita mlingo);
secret cisco - kusunga achinsinsi mu mawonekedwe a MD5 hashi ntchito.

kuwonetsa lamulo running-config zimakupatsani mwayi kuti muwone zosintha zomwe zilipo, komwe mungapeze mzere ndi wogwiritsa ntchitoyo ndikuwonetsetsa kuti mawu achinsinsi amasungidwa m'njira yobisika:

SW1(config)# username wsrvuz19 privilege 15 secret cisco
SW1(config)# do show running-config
...
username wsrvuz19 privilege 15 secret 5 $1$EFRK$RNvRqTPt5wbB9sCjlBaf4.
...

4. Pazida ZONSE, gwiritsani ntchito chitsanzo cha AAA

Mtundu wa AAA ndi njira yotsimikizira, kuvomereza ndi kuwerengera zochitika. Kuti mutsirize ntchitoyi, sitepe yoyamba ndikutsegula chitsanzo cha AAA ndikulongosola kuti kutsimikizika kudzachitidwa pogwiritsa ntchito deta yanu:

SW1(config)# aaa new-model
SW1(config)# aaa authentication login default local

a. Kutsimikizira pa cholumikizira chakutali kuyenera kuchitidwa pogwiritsa ntchito nkhokwe yapafupi (kupatula zida za RTR1 ndi RTR2)
Ntchito zimatanthauzira mitundu iwiri ya zotonthoza: zapafupi ndi zakutali. Konsoni yakutali imakupatsani mwayi wogwiritsa ntchito zolumikizira zakutali, mwachitsanzo, kudzera pa SSH kapena ma protocol a Telnet.

Kuti mumalize ntchitoyi, lowetsani malamulo otsatirawa:

SW1(config)# line vty 0 4
SW1(config-line)# login authentication default
SW1(config-line)# exit
SW1(config)#

timu line vty 0 4 imapitilira kusinthidwa kwa mizere yeniyeni yochokera ku 0 mpaka 4.

timu login authentication default imayatsa mawonekedwe otsimikizira okhazikika pa virtual console, ndipo mawonekedwe osasinthika adakhazikitsidwa pa ntchito yomaliza ndi lamulo. aaa authentication login default local.

Kutuluka mumayendedwe akutali konsoli kumachitika pogwiritsa ntchito lamulo exit.

Cheke chodalirika chidzakhala cholumikizira choyesera kudzera pa protocol ya Telnet kuchokera ku chipangizo chimodzi kupita ku china. Ziyenera kukumbukiridwa kuti kusintha koyambira ndi ma ip-address pazida zosankhidwa ziyenera kukhazikitsidwa pa izi.

SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1>

b. Pambuyo potsimikizira bwino, mukamalowa kuchokera pakompyuta yakutali, wogwiritsa ntchito ayenera kulowa nthawi yomweyo ndi mwayi waukulu kwambiri.
Kuti muthane ndi vutoli, muyenera kubwereranso kukakhazikitsa mizere yeniyeni ndikukhazikitsa mwayi ndi lamulo. privilege level 15, pomwe 15 ndiyenso gawo lalikulu lamwayi ndipo 0 ndiye gawo lamwayi wocheperako:

SW1(config)# line vty 0 4
SW1(config-line)# privilege level 15
SW1(config-line)# exit
SW1(config)#

Chiyesocho chidzakhala yankho kuchokera ku ndime yapitayi - kulumikizana kwakutali kudzera pa Telnet:

SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1#

Pambuyo pa kutsimikizika, wogwiritsa ntchito nthawi yomweyo amalowetsa mwayi, ndikudutsa wopanda mwayi, zomwe zikutanthauza kuti ntchitoyo idamalizidwa molondola.

cd. Khazikitsani chosowa pa kontrakitala yakwanuko ndipo mukatsimikizira bwino, wogwiritsa ntchitoyo ayenera kulowa nawo mwayi wocheperako
Mapangidwe a malamulo muzochitazi ndi ofanana ndi ntchito zomwe zathetsedwa kale 4.a ndi 4.b. Gulu line vty 0 4 m'malo mwake console 0:

SW1(config)# line console 0
SW1(config-line)# login authentication default
SW1(config-line)# privilege level 0
SW1(config-line)# exit
SW1(config)#

Monga tanenera kale, mwayi wocheperako umatsimikiziridwa ndi nambala 0. Chekecho chikhoza kuchitika motere:

SW1# exit
User Access Verification
Username: wsrvuz19
Password:
SW1>

Pambuyo pa kutsimikizika, wogwiritsa ntchito amalowa munjira yopanda mwayi, monga momwe zafotokozedwera muzochitazo.

e. Pa BR1, pakatsimikiziridwa bwino pa kontrakitala yakomweko, wogwiritsa ntchito ayenera kulowa mulingo wamwayi waukulu kwambiri.
Kukhazikitsa kontrakitala wakomweko pa BR1 kungawoneke motere:

BR1(config)# line console 0
BR1(config-line)# login authentication default
BR1(config-line)# privilege level 15
BR1(config-line)# exit
BR1(config)#

Cheke ikuchitika chimodzimodzi monga m'ndime yapitayi:

BR1# exit
User Access Verification
Username: wsrvuz19
Password:
BR1#

Pambuyo pa kutsimikizika, kusintha kumachitidwe amwayi kumachitika.

5. Pazida ZONSE, ikani achinsinsi wsr kulowa mwamwayi mode

Ntchitozo zimati mawu achinsinsi amtundu wamwayi ayenera kusungidwa ngati muyezo m'mawu omveka bwino, koma mawonekedwe achinsinsi a mapasiwedi onse sangakulole kuti muwone mawu achinsinsi momveka bwino. Kuti muyike mawu achinsinsi kuti mulowe mwamwayi, gwiritsani ntchito lamulo enable password wsr. Kugwiritsa ntchito mawu osakira password, imatsimikizira mtundu womwe mawu achinsinsi adzasungidwa. Ngati mawu achinsinsi ayenera kubisika popanga wogwiritsa ntchito, ndiye kuti mawuwo anali mawu secret, ndipo posungira mu mawonekedwe otseguka amagwiritsidwa ntchito password.

Mutha kuyang'ana makonda potengera mawonekedwe apano:

SW1(config)# enable password wsr
SW1(config)# do show running-config
...
enable password wsr
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...

Zitha kuwoneka kuti mawu achinsinsi a wogwiritsa ntchito amasungidwa mu mawonekedwe obisika, ndipo mawu achinsinsi kuti alowe munjira yamwayi amasungidwa m'mawu omveka bwino, monga momwe tafotokozera m'ntchitozo.
Kuti mawu achinsinsi onse asungidwe mu mawonekedwe obisika, muyenera kugwiritsa ntchito lamulo service password-encryption. Kuwona masinthidwe apano tsopano kuwoneka motere:

SW1(config)# do show running-config
...
enable password 7 03134819
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...

Mawu achinsinsi sakuwonekanso momveka bwino.

Source: www.habr.com

Kuwonjezera ndemanga