CCNA

enable

config terminal

no ip domain-lookup

hostname SW1

service password-encryption

enable secret class

banner motd #

Unauthorized access is strictly prohibited. #

Line con 0

password cisco

login

logging synchronous

line vty 0 15

password cisco

login

exit

enable

config terminal

ip access-list standard BRANCH-OFFICE-POLICY

permit host 192.168.30.3

permit 192.168.40.0 0.0.0.255

deny all

end

config t

interface g0/1

ip access-group BRANCH-OFFICE-POLICY out

end

show access-lists

enable

config terminal

access-list 10 remark Allow R1 LANs Access

access-list 10 permit 192.168.10.0 0.0.0.255

access-list 10 permit 192.168.20.0 0.0.0.255

access-list 1 deny any

interface g0/1

ip access-group 10 out

exit

show access-lists

R1(config)# line vty 0 4

R1(config-line)# login local

R1(config-line)# transport input ssh

R1(config-line)# access-class 21 in

R1(config-line)# exit

R1(config)# access-list 21 permit 192.168.10.0 0.0.0.255

R1(config)# access-list 21 deny any

config terminal

access-list 21 permit 192.168.10.0 0.0.0.255

access-list 21 deny any

exit

line vty 0 4

login local

transport input ssh

access-class 21 in

end

show access-lists

config terminal

ip access-list standard BRANCH-OFFICE-POLICY

30 permit 209.165.200.224 0.0.0.31

40 deny any

end

show access-lists

R1(config)# router rip

R1(config-router)# version 2

R1(config-router)# network 192.168.10.0

R1(config-router)# network 192.168.20.0

R1(config-router)# network 10.1.1.0

ISP(config)# router rip

ISP(config-router)# version 2

ISP(config-router)# network 209.165.200.224

ISP(config-router)# network 10.1.1.0

ISP(config-router)# network 10.2.2.0

ISP(config)# ip route 209.165.200.224 255.255.255.224 209.165.201.18

Gateway(config)# ip route 0.0.0.0 0.0.0.0 209.165.201.17 

ISP(config)# username webuser privilege 15 secret webpass

ISP(config)# ip http server

ISP(config)# ip http authentication local