Mokhatlo oa WorldSkills o reretsoe ho fumana ke bankakarolo litsebo tse hlokahalang haholo 'marakeng oa basebetsi. Bokhoni ba Tsamaiso ea Marang-rang le Tsamaiso bo na le li-module tse tharo: Network, Windows, Linux. Mesebetsi e fetoha ho tloha ho 'mampoli ho ea ho bo-'mampoli, maemo a tlhōlisano a fetoha, empa sebopeho sa mesebetsi bakeng sa boholo ba sona se ntse se tšoana.
Sehlekehleke sa Network e tla ba sa pele ka lebaka la bonolo ba eona ho lihlekehleke tsa Linux le Windows.
Mesebetsi e latelang e tla hlahlojoa sehloohong sena:
- Bolela lisebelisoa TSOHLE ho latela topology
- Fana ka domain name wsrvuz19.ru bakeng sa lisebelisoa TSOHLE
- Theha mosebelisi wsrvuz19 lisebelisoa TSOHLE tse nang le password ea cisco
- Lekunutu la mosebelisi le tlameha ho bolokoa tlhophisong e le sephetho sa ts'ebetso ea hash.
- Mosebelisi o tlameha ho ba le boemo bo phahameng ka ho fetesisa.
- Bakeng sa lisebelisoa TSOHLE, sebelisa mohlala oa AAA.
- Netefatso ho khomphutha e hole e tlameha ho etsoa ho sebelisoa database ea lehae (ntle le lisebelisoa tsa RTR1 le RTR2)
- Kamora ho netefatsoa ka katleho, ha o kena ho tsoa komporong e hole, mosebelisi o lokela ho kenya hang-hang mode ka boemo bo phahameng ba tokelo.
- Beha tlhoko ea netefatso ho khomphutha ea lehae.
- Ha netefatso e atlehile ho khomphutha ea lehae, mosebelisi o lokela ho kenya mokhoa o sa fumaneheng haholo.
- Ho BR1, ha netefatso e atlehile ho khomphutha ea lehae, mosebelisi o lokela ho kenya mokhoa o nang le tokelo e phahameng haholo.
- Ho lisebelisoa TSOHLE, seta password ea wr ho kenya mokhoa o khethehileng.
- Phasewete e tlameha ho bolokoa ho tlhophiso HASE ka lebaka la ts'ebetso ea hash.
- Beha mokhoa oo li-password tsohle tse ho tlhophiso li bolokiloeng ka mokhoa o patiloeng.
Topology ea marang-rang karolong ea 'mele e hlahisoa ka setšoantšo se latelang:
1. Bolela lisebelisoa TSOHLE ho latela topology
Ho seta lebitso la sesebelisoa (lebitso la moamoheli), kenya taelo ho tsoa mokhoeng oa tlhophiso ea lefats'e hostname SW1, kae sebakeng sa SW1 o tlameha ho ngola mabitso a thepa e fanoeng mesebetsing.
U ka ba ua sheba tlhophiso ka pono - ho fapana le ho seta esale pele switjha fetoha SW1:
Switch(config)# hostname SW1
SW1(config)#
Mosebetsi o ka sehloohong ka mor'a ho etsa litlhophiso leha e le life ke ho boloka tlhophiso.
Sena se ka etsoa ho tsoa mokhoeng oa tlhophiso ea lefats'e ka taelo do write:
SW1(config)# do write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]
Kapa ho tsoa ho maemo a khethehileng ka taelo write:
SW1# write
Building configuration...
Compressed configuration from 2142 bytes to 1161 bytes[OK]
2. Fana ka domain name wsrvuz19.ru bakeng sa lisebelisoa TSOHLE
O ka seta lebitso la domain wsrvuz19.ru ka ho sa feleng ho tsoa ho mokhoa oa tlhophiso oa lefats'e ka taelo. ip domain-name wsrvuz19.ru.
Cheke e etsoa ke do show host summary command ho tsoa mokhoeng oa tlhophiso ea lefats'e:
SW1(config)# ip domain-name wsrvuz19.ru
SW1(config)# do show hosts summary
Name lookup view: Global
Default domain is wsrvuz19.ru
...
3. Etsa mosebedisi wsrvuz19 ho lisebelisoa TSOHLE tse nang le password ea cisco
Hoa hlokahala ho theha mosebelisi ea joalo e le hore a be le maemo a phahameng a litokelo, mme phasewete e bolokiloe ka mokhoa oa ts'ebetso ea hash. Maemo ana kaofela a eloa hloko ke sehlopha username wsrvuz19 privilege 15 secret cisco.
Mona:
username wsrvuz19 - Username;
privilege 15 - boemo ba tokelo (0 - bonyane boemo, 15 - boemo bo phahameng);
secret cisco - ho boloka phasewete ka mokhoa oa ts'ebetso ea MD5 hash.
bontsha taelo running-config e o lumella ho lekola litlhophiso tsa hajoale, moo o ka fumanang mohala le mosebelisi ea ekelitsoeng mme o etsa bonnete ba hore phasewete e bolokiloe ka mokhoa o patiloeng:
SW1(config)# username wsrvuz19 privilege 15 secret cisco
SW1(config)# do show running-config
...
username wsrvuz19 privilege 15 secret 5 $1$EFRK$RNvRqTPt5wbB9sCjlBaf4.
...
4. Bakeng sa lisebelisoa TSOHLE, kenya tšebetsong mohlala oa AAA
Mohlala oa AAA ke mokhoa oa ho netefatsa, tumello le tlaleho ea liketsahalo. Ho phethela mosebetsi ona, mohato oa pele ke ho nolofalletsa mohlala oa AAA le ho hlakisa hore netefatso e tla etsoa ho sebelisoa database ea lehae:
SW1(config)# aaa new-model
SW1(config)# aaa authentication login default local
a. Netefatso ho khomphutha e hole e tlameha ho etsoa ho sebelisoa database ea lehae (ntle le lisebelisoa tsa RTR1 le RTR2)
Mesebetsi e hlalosa mefuta e 'meli ea li-consoles: tsa lehae le tse hole. Khokahano e hole e u lumella ho kenya tšebetsong likhokahano tse hole, mohlala, ka liprothokholo tsa SSH kapa Telnet.
Ho phethela mosebetsi ona, kenya litaelo tse latelang:
SW1(config)# line vty 0 4
SW1(config-line)# login authentication default
SW1(config-line)# exit
SW1(config)#
sehlopha line vty 0 4 e tsoela pele ho hlophisoa ha li-terminal line ho tloha ho 0 ho ea ho 4.
sehlopha login authentication default e bulela mokhoa oa ho netefatsa oa kamehla ho "virtual console", 'me mokhoa oa kamehla o ne o behiloe mosebetsing oa ho qetela ka taelo. aaa authentication login default local.
Ho tsoa ho mode ea tlhophiso ea remote console ho etsoa ka taelo exit.
Cheke e tšepahalang e tla ba khokahano ea liteko ka protocol ea Telnet ho tloha sesebelisoa se seng ho ea ho se seng. E lokela ho hopoloa hore ho fetoha ha motheo le ip-addressing ho thepa e khethiloeng e tlameha ho lokisoa bakeng sa sena.
SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1>
b. Kamora ho netefatsoa ka katleho, ha o kena ho tsoa komporong e hole, mosebelisi o lokela ho kenya hang-hang mode ka boemo bo phahameng ba tokelo.
Ho rarolla bothata bona, o hloka ho khutlela morao ho theha li-terminal line le ho beha boemo ba tokelo ka taelo. privilege level 15, moo 15 hape e leng boemo bo phahameng ba litokelo 'me 0 e le boemo ba bonyane ba tokelo:
SW1(config)# line vty 0 4
SW1(config-line)# privilege level 15
SW1(config-line)# exit
SW1(config)#
Teko e tla ba tharollo ho tsoa serapeng se fetileng - khokahano e hole ka Telnet:
SW3#telnet 2001:100::10
User Access Verification
Username: wsrvuz19
Password:
SW1#
Kamora ho netefatsoa, mosebelisi hang-hang o kena molemong oa tokelo, a feta motho ea se nang tokelo, ho bolelang hore mosebetsi o phethiloe ka nepo.
cd. Beha tlhokahalo ho khomphutha ea lehae mme kamora netefatso e atlehileng, mosebelisi o lokela ho kenya mokhoa o fokolang oa tokelo
Sebopeho sa litaelo mesebetsing ena se tšoana le mesebetsi e rarollotsoeng pele 4.a le 4.b. Sehlopha line vty 0 4 e nkeloa sebaka ke console 0:
SW1(config)# line console 0
SW1(config-line)# login authentication default
SW1(config-line)# privilege level 0
SW1(config-line)# exit
SW1(config)#
Joalokaha ho se ho boletsoe, bonyane boemo ba tokelo bo khethoa ke nomoro ea 0. Cheke e ka etsoa ka tsela e latelang:
SW1# exit
User Access Verification
Username: wsrvuz19
Password:
SW1>
Ka mor'a ho netefatsa, mosebedisi o kena ka mokhoa o se nang tokelo, joalokaha ho boletsoe mesebetsing.
e. Ho BR1, ha netefatso e atlehile ho khomphutha ea lehae, mosebelisi o lokela ho kenya mokhoa o nang le tokelo e phahameng haholo.
Ho theha khokahanyo ea lehae ho BR1 ho ka shebahala tjena:
BR1(config)# line console 0
BR1(config-line)# login authentication default
BR1(config-line)# privilege level 15
BR1(config-line)# exit
BR1(config)#
Cheke e etsoa ka tsela e ts'oanang le serapeng se fetileng:
BR1# exit
User Access Verification
Username: wsrvuz19
Password:
BR1#
Ka mor'a ho netefatsa, ho fetela ho mokhoa o khethehileng ho etsahala.
5. Ho lisebelisoa TSOHLE, seta password wsr ho kenya mokhoa o khethehileng
Mesebetsi e re password bakeng sa mokhoa o khethehileng e lokela ho bolokoa e le mokhoa o hlakileng oa mongolo, empa mokhoa oa ho kenyelletsa li-passwords tsohle o ke ke oa u lumella ho bona phasewete ka mongolo o hlakileng. Ho seta phasewete ho kenya mokhoa o khethehileng, sebelisa taelo enable password wsr. Ho sebelisa keyword password, e khetha mofuta oo password e tla bolokoa ka eona. Haeba phasewete e tlameha ho ngolisoa ha u theha mosebelisi, joale lebitso la sehlooho e ne e le lentsoe secret, le bakeng sa polokelo ka foromo e bulehileng e sebelisoa password.
U ka sheba litlhophiso ho latela pono ea hajoale ea tlhophiso:
SW1(config)# enable password wsr
SW1(config)# do show running-config
...
enable password wsr
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...
Ho ka bonoa hore phasewete ea mosebelisi e bolokiloe ka mokhoa o patiloeng, mme phasewete ea ho kenya mokhoa o khethehileng e bolokiloe ka mongolo o hlakileng, joalo ka ha ho boletsoe mesebetsing.
E le hore li-password tsohle li bolokoe ka mokhoa o patiloeng, u lokela ho sebelisa taelo service password-encryption. Ho sheba tlhophiso ea hajoale hona joale ho tla shebahala tjena:
SW1(config)# do show running-config
...
enable password 7 03134819
!
username wsrvuz19 privilege 15 secret 5 $1$5I66$TB48YmLoCk9be4jSAH85O0
...
Lekunutu ha le sa bonahala ka ho hlaka.
Source: www.habr.com