IPS在线模式实验1-VLAN Pair
2012-05-28 12:20
225 查看
1.拓扑图:
2.接口配置:
R1(config)#int f0/0
R1(config-if)#ip add 10.1.1.1 255.255.255.0
R1(config-if)#no sh
R2(config)#int f0/0
R2(config-if)#ip add 10.1.1.2 255.255.255.0
R2(config-if)#no sh
R3#vlan data
R3(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
R3(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
R3(vlan)#exi
APPLY completed.
Exiting....
R3#config t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int f0/0
R3(config-if)#swi mod acc
R3(config-if)#swi acc vlan 10
R3(config-if)#int f0/1
R3(config-if)#swi mod acc
R3(config-if)#swi acc vlan 20
R3(config-if)#int f0/15
R3(config-if)#swi mod trun
R3(config-if)#swi mod trunk
R3(config-if)#
*Mar 1 00:01:57.307: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk
R3(config-if)#
3.IPS配置:
A.确认g0/1接口已经enabled
B.添加VLAN Pair
C.将接口对关联到virtual sensor
4.测试:
A.在R1上连续ping R2
R1#ping 10.1.1.2 repeat 100
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 99 percent (99/100), round-trip min/avg/max = 4/38/512 ms
R1#
B.在IPS上能看到攻击事件
2.接口配置:
R1(config)#int f0/0
R1(config-if)#ip add 10.1.1.1 255.255.255.0
R1(config-if)#no sh
R2(config)#int f0/0
R2(config-if)#ip add 10.1.1.2 255.255.255.0
R2(config-if)#no sh
R3#vlan data
R3(vlan)#vlan 10
VLAN 10 added:
Name: VLAN0010
R3(vlan)#vlan 20
VLAN 20 added:
Name: VLAN0020
R3(vlan)#exi
APPLY completed.
Exiting....
R3#config t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int f0/0
R3(config-if)#swi mod acc
R3(config-if)#swi acc vlan 10
R3(config-if)#int f0/1
R3(config-if)#swi mod acc
R3(config-if)#swi acc vlan 20
R3(config-if)#int f0/15
R3(config-if)#swi mod trun
R3(config-if)#swi mod trunk
R3(config-if)#
*Mar 1 00:01:57.307: %DTP-5-TRUNKPORTON: Port Fa0/15 has become dot1q trunk
R3(config-if)#
3.IPS配置:
A.确认g0/1接口已经enabled
B.添加VLAN Pair
C.将接口对关联到virtual sensor
4.测试:
A.在R1上连续ping R2
R1#ping 10.1.1.2 repeat 100
Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 99 percent (99/100), round-trip min/avg/max = 4/38/512 ms
R1#
B.在IPS上能看到攻击事件
相关文章推荐
- IPS在线模式实验2-Interface Pair
- 计网|实验二 基于端口模式的VLAN实现
- IPS杂合模式实验
- 演示:思科IPS在线模式下Inline Interface Mode的响应行为(区别各个防御行为)
- 走进清华研究生教改 | 创新教学模式,大数据硕士实验及在线课程改革与平台建设
- vlan的几个实验(二)
- [置顶] Elastic fusion 与 Kintinous 在线对比效果(奥比中光相机)——实验(一)
- opennebula使用VLAN模式创建网络接口步骤
- hadoop在linux上的初实验:环境搭建和伪分布模式搭建
- 交换机端口vlan模式
- 华硕 RT-AC68U 路由模式默认 VLAN
- VLAN&VTP实验2:配置VLAN Trunk和VTP域 推荐
- openstack网络模式之vlan分析
- 北大青鸟benet2.0之Vlan实验
- 机器人操作系统(ROS)在线实训平台学习实验指南
- vlan的创建以及trunk模式的设置
- CCNA入门---三台交换机的VLAN实验
- 嵌入式成长轨迹58 【Zigbee项目】【CC2430基础实验】【看门狗模式】
- 交换机应用之端口模式(access、trunk和hybird)、是否标记(tag、untag)、端口缺省vlan(pvid、native id)