ProHoster > Blog > Utongi > Solution yeWorldSkills mabasa eNetwork module mukukwanisa kwe "SiSA". Chikamu 1 - Basic Setup

Solution yeWorldSkills mabasa eNetwork module mukukwanisa kwe "SiSA". Chikamu 1 - Basic Setup

Sangano reWorldSkills rine chinangwa chekuwana nevatori vechikamu hunyanzvi hunoshanda huri kudiwa mumusika wemazuva ano wevashandi. Iyo Network uye System Administration kugona ine matatu mamodule: Network, Windows, Linux. Mabasa anoshanduka kubva kushasha kuenda kushasha, mamiriro emakwikwi anoshanduka, asi chimiro chemabasa mazhinji anoramba akafanana.

Iyo Network chitsuwa ichave yekutanga nekuda kwekureruka kwayo maererano neLinux neWindows zvitsuwa.

Mabasa anotevera achakurukurwa muchinyorwa:

  1. Doma zvishandiso ZVESE zvinoenderana netopology
  2. Ipa iyo domain zita wsrvuz19.ru kune ALL madivayiri
  3. Gadzira mushandisi wsrvuz19 pane ZVESE zvishandiso zvine password cisco
    • Iyo password yemushandisi inofanirwa kuchengetwa mukugadziriswa semhedzisiro yebasa rehashi.
    • Mushandisi anofanira kunge aine ropafadzo yepamusoro soro.
  4. Pamidziyo YESE, shandisa iyo AAA modhi.
    • Kutendesa pane iri kure koni kunofanirwa kuitwa uchishandisa dhatabhesi yemuno (kunze kweRTR1 neRTR2 zvishandiso)
    • Mushure mekubudirira kwechokwadi, kana uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchinge uchingedzo.
    • Seta kudiwa kwechokwadi pane yemuno console.
    • Pakusimbiswa kwakabudirira kune koni yemunharaunda, mushandisi anofanira kupinda mune yakasarudzika modhi.
    • PaBR1, pakabudirira chokwadi pane yemuno console, mushandisi anofanirwa kunge ari mumodhi ine huwandu hwakanyanya hwemaropafadzo.
  5. Pamidziyo YESE, isa iyo wr password kuti uise yakasarudzika mode.
    • Iyo password inofanirwa kuchengetwa mukumisikidzwa KWETE semhedzisiro yebasa rehashi.
    • Seta iyo modhi iyo ese mapassword mukugadzirisa anochengetwa mune encrypted fomu.


Iyo network topology pane yemuviri layer inoratidzwa mune inotevera dhayagiramu:

Solution yeWorldSkills mabasa eNetwork module mukukwanisa kwe "SiSA". Chikamu 1 - Basic Setup

1. Doma midziyo YESE zvinoenderana netopology

Kuseta zita remudziyo (zita remugadziri), isa mutemo kubva kune yepasirese gadziriso modhi hostname SW1, kupi panzvimbo SW1 unofanira kunyora zita remidziyo yakapihwa mumabasa.

Iwe unogona kunyange kutarisa marongero nemeso - pachinzvimbo che preset chinja akava SW1:

Switch(config)# hostname SW1
SW1(config)#

Basa guru mushure mekuita chero zvigadziro ndezvokuchengetedza kugadzirisa.

Izvi zvinogona kuitwa kubva pasi rose configuration mode nemurairo do write:

SW1(config)# do write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]

Kana kubva kune ropafadzo mode nemurairo write:

SW1# write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]

2. Ipa iyo domain name wsrvuz19.ru kune ALL madivayiri

Iwe unogona kuseta iyo default domain zita wsrvuz19.ru kubva kune yepasi rose configuration mode nemurairo ip domain-name wsrvuz19.ru.

Cheki inoitwa neiyo do show host summary command kubva kune yepasirese yekumisikidza mode:

SW1(config)# ip domain-name wsrvuz19.ru
SW1(config)# do show hosts summary
Name lookup view: Global
Default domain is wsrvuz19.ru
...

3. Gadzira mushandisi wsrvuz19 pamidziyo YESE ine password cisco

Izvo zvinodikanwa kugadzira mushandisi akadaro kuti ave nehupamhi hwepamusoro hweropafadzo, uye password inochengetwa muchimiro chehashi basa. Mamiriro ose aya anotariswa nechikwata username wsrvuz19 privilege 15 secret cisco.

Π—Π΄Π΅ΡΡŒ:

username wsrvuz19 - Username;
privilege 15 - ropafadzo nhanho (0 - shoma mwero, 15 - yepamusoro nhanho);
secret cisco - kuchengetedza password muchimiro che MD5 hash basa.

show command running-config inokutendera kuti utarise ikozvino zvigadziriso zvigadziriso, kwaunogona kuwana mutsara nemushandisi akawedzerwa uye ita shuwa kuti password yakachengetwa mune encrypted fomu:

SW1(config)# username wsrvuz19 privilege 15 secret cisco
SW1(config)# do show running-config
...
username wsrvuz19 privilege 15 secret 5 $1$EFRK$RNvRqTPt5wbB9sCjlBaf4.
...

4. Pamidziyo YESE, shandisa iyo AAA modhi

Iyo AAA modhi inzira yekusimbisa, mvumo uye accounting yezviitiko. Kuti upedze basa iri, danho rekutanga ndere kugonesa iyo AAA modhi uye kutsanangura kuti chokwadi chichaitwa uchishandisa dhatabhesi renzvimbo:

SW1(config)# aaa new-model
SW1(config)# aaa authentication login default local

a. Kutendesa pane iri kure koni kunofanirwa kuitwa uchishandisa dhatabhesi yemuno (kunze kweRTR1 neRTR2 zvishandiso)
Mabasa anotsanangura marudzi maviri ekunyaradza: emunharaunda uye kure. Iyo kure kure koni inobvumidza iwe kuita kubatanidza kure, semuenzaniso, kuburikidza neSSH kana Telnet protocol.

Kuti upedze basa iri, isa mirairo inotevera:

SW1(config)# line vty 0 4
SW1(config-line)# login authentication default
SW1(config-line)# exit
SW1(config)#

team line vty 0 4 inoenderera mberi nekugadziriswa kweiyo chaiyo terminal mitsara kubva pa0 kusvika ku4.

chikwata login authentication default inobatidza iyo default authentication modhi pane iyo virtual console, uye iyo default mode yakaiswa pabasa rekupedzisira nekuraira. aaa authentication login default local.

Kubuda kure kure console configuration mode kunoitwa uchishandisa murairo exit.

Cheki yakavimbika ichave yekubatanidza bvunzo kuburikidza neTelnet protocol kubva kune imwe mudziyo kuenda kune imwe. Izvo zvinofanirwa kutakurwa mupfungwa kuti basic switching uye ip-addressing pane yakasarudzwa midziyo inofanirwa kugadzirirwa izvi.

SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1>

b. Mushure mekubudirira kwechokwadi, kana uchinge wapinda kubva kure kure koni, mushandisi anofanirwa kupinda mumodhi neiyo yakanyanya ropafadzo nhanho.
Kuti ugadzirise dambudziko iri, unofanirwa kudzoka kumisa mitsara yemagetsi uye kuseta iyo rombo nhanho nemurairo. privilege level 15, apo 15 iri zvakare iyo yakanyanya ropafadzo chikamu uye 0 ndiyo yakaderera ropafadzo chikamu:

SW1(config)# line vty 0 4
SW1(config-line)# privilege level 15
SW1(config-line)# exit
SW1(config)#

Muedzo uchave mhinduro kubva pane yapfuura subparagraph - kure kubatana kuburikidza neTelnet:

SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1#

Mushure mekuvimbiswa, mushandisi anobva apinda mune yakasarudzika modhi, achipfuura asina rombo, izvo zvinoreva kuti basa rakapedzwa nemazvo.

cd. Gadzirisa chinodiwa pane koni yemuno uye pakabudirira chokwadi mushandisi anofanira kupinda mumodhi ine nhanho shoma yeropafadzo.
Chimiro chemirairo mumabasa aya chakafanana nechakambogadziriswa mabasa 4.a uye 4.b. Team line vty 0 4 inotsiviwa ne console 0:

SW1(config)# line console 0
SW1(config-line)# login authentication default
SW1(config-line)# privilege level 0
SW1(config-line)# exit
SW1(config)#

Sezvatotaurwa, iyo shoma ropafadzo mwero inotarwa nenhamba 0. Cheki inogona kuitwa sezvinotevera:

SW1# exit
User Access Verification
Username: wsrvuz19
Password:
SW1>

Mushure mekusimbiswa, mushandisi anopinda isina-yakasarudzika maitiro, sezvakataurwa mumabasa.

e. PaBR1, pachokwadi chakabudirira pane yemuno console, mushandisi anofanirwa kupinda mumodhi neiyo yakanyanya ropafadzo nhanho.
Kumisikidza koni yemunharaunda paBR1 yaizotaridzika seizvi:

BR1(config)# line console 0
BR1(config-line)# login authentication default
BR1(config-line)# privilege level 15
BR1(config-line)# exit
BR1(config)#

Cheki inoitwa nenzira imwechete sezvakaita mundima yapfuura:

BR1# exit
User Access Verification
Username: wsrvuz19
Password:
BR1#

Mushure mekutendeseka, shanduko kune yakasarudzika modhi inoitika.

5. Pazvishandiso ZVOSE, isa password wsr kuti uise ropafadzo mode

Iwo mabasa anoti password yeiyo yakasarudzika modhi inofanirwa kuchengetwa seyakajairwa mumavara akajeka, asi iyo encryption modhi yemapassword ese haakubvumire iwe kuona password mune yakajeka mavara. Kuseta password kuti uise rombo rakanaka, shandisa iwo murairo enable password wsr. Kushandisa keyword password, inosarudza rudzi ruchachengetwa password. Kana iyo password ichifanira kuvharirwa paunenge uchigadzira mushandisi, saka kiyi yaive izwi secret, uye yekuchengetedza mune fomu yakazaruka inoshandiswa password.

Unogona kutarisa marongero kubva pane yazvino gadziriso yekuona:

SW1(config)# enable password wsr
SW1(config)# do show running-config
...
enable password wsr
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...

Zvinogona kuoneka kuti password yemushandisi inochengetwa mune encrypted fomu, uye password yekupinda iyo yakasarudzika mode inochengetwa mumavara akajeka, sezvakataurwa mumabasa.
Kuti mapassword ese achengetwe mune encrypted fomu, unofanirwa kushandisa murairo service password-encryption. Kuona gadziriso yazvino iko zvino kuchaita seizvi:

SW1(config)# do show running-config
...
enable password 7 03134819
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...

Iyo pasiwedhi haichaoneki mune yakajeka.

Source: www.habr.com

Voeg