|
Topshiriq Guruh: 031-20 Bajardi: Xudoynazarov Ma’rufjon Tekshirdi
|
| bet | 1/8 | | Sana | 23.12.2023 | | Hajmi | 1,5 Mb. | | #127510 |
Bog'liq Tarmoq xavfsizligi amaliy-1
O’ZBEKISTON RESPUBLIKASI RAQAMLI TEXNOLOGIYALAR VAZIRLIGI
MUHAMMAD AL-XORAZMIY NOMIDAGI TOSHKENT AXBOROT TEXNALOGIYALARI UNIVERSITETI
Tarmoq xavfsizligi
fanidan bajargan
Topshiriq
Guruh: 031-20
Bajardi: Xudoynazarov Ma’rufjon
Tekshirdi: Axmedova N
TOSHKENT – 2023
Topshiriqlar
Tarmoq qurilmasini asosiy ko‘rsatkichlarini sozlash
Console porti orqali kommutatorning asosiy ko‘rsatkichlarini sozlang
kompyuter uchun IP- manzilni o‘rnating.
Telnet protokoli yordamida masofadan kirishni sozlang
Kompyuterning terminal bolimiga kramz va switchning sozlamalari kelib chadi va koplab amallar bajarishimiz mumkin.
Switch uchun parol qoyamz
switch uchun ip manzil beramz
Biz switch sozlamalarini qlib oldik telnet pratacoliga parol qoyib oldik.
Switch sozlamalariga endi bamalol qoshimcha consol kabelsiz kirishimiz mumkin.
Buni tekshirib koramz.
telnet cabelini Routerga uleymiz
ip kiritish orqali kiramz va parol kiritamz
Switch sozlamalrini endi bemalol ornatishimiz mumkin.
Korib chqishimiz mumkin.
Endi switchni bemalol consol cabelisiz sozlashimiz mumkin.
2.Kommutatorda port xavfsizligi (port security) ni sozlash
Topshiriq
1-rasmda keltirilgan tarmoq topologiyasini Cisco Packet Tracer dasturida tuzish talab qilinadi;
Har bir kompyuter uchun IP manzilni sozlang va MAC manzillarni 1-rasmda ko`rsatilgandek aniqlang;
Kommutatorning har bir portlariga xavfsizlik ko`rsatkichlarini sozlang;
1.1-jadvalga yuqorida keltirilgan topshiriqlarni kiriting.
Port securityni sozlash uchun tuzip ip berib chiqishimiz kerak.
IP: manzillar berildi.
Switchning CLI consoliga kirib switchni ishga twuramz.
show mac add comandasini kiritamz.
Olingan mac adreslarni jadvalga kiritib chqamz.
1.1-jadval
Qurilma
|
IP-manzil
|
МАС-manzil
|
Interfeys
|
Port rejimlari
|
Laptop0
|
192.168.1.1
|
00D0.D320.2D02
|
Fa0
|
n/a
|
Laptop1
|
192.168.1.2
|
00D0.5861.89EE
|
Fa0
|
n/a
|
Laptop2
|
192.168.1.3
|
00D0.D348.85E5
|
Fa0
|
n/a
|
Laptop3
|
192.168.1.4
|
0001.C955.6211
|
Fa0
|
n/a
|
Laptop4
|
192.168.1.5
|
0060.5C5D.C459
|
Fa0
|
n/a
|
Laptop5
|
192.168.1.6
|
00D0.FF4D.616A
|
Fa0
|
n/a
|
SW1
|
N/A
|
|
Fa0/1
|
sticky
|
SW1
|
N/A
|
N/A
|
Fa0/2
|
mac-address
00D0.5819.04E3
|
SW1
|
N/A
|
N/A
|
Fa0/3
|
violation protect
|
SW1
|
N/A
|
N/A
|
Fa0/5-24
|
Shutdown
|
SW2
|
N/A
|
N/A
|
Fa0/1
|
restrict
|
SW2
|
N/A
|
N/A
|
Fa0/2
|
restrict
|
SW2
|
N/A
|
N/A
|
Fa0/3
|
Protect
|
SW2
|
N/A
|
N/A
|
Fa0/4
|
maximum 4
|
|
|
|
|
|
|
|
|
|
|
3.REZERVLASH PROTOKOLLARI(STP, RSTP) VA AGREGATSIYALASH PROTOKOLLARI(LACP, PagP) NI SOZLASH
RSTP protokollari orqali vazifa (spanning-tree mode papid-pvst protocol)
LACP, PAgP protokollari orqali tarmoq topologiyasini Cisco Packet Tracer da sozlang.
Kompyuter 1 da EtherChannel sozlash:
Kompyuter 1 (config)# interface range f0/3-2
Kompyuter1 (config-if-range)# shutdown
Kompyuter 1 (config-if-range)# channel-group 1 mode active Creating a port-channel interface Port-channel 1
Kompyuter 2 da EtherChannel sozlash:
Kompyuter 2(config)# interface range f0/3-2
Kompyuter 2(config-if-range)# channel-group 1 mode passive Creating a port-channel interface Port-channel 1
Kompyuter 1 ga jismoniy interfeyslarni ulash:
Kompyuter 1 (config)# interface range f0/3-3 sw1(config-if-range)# no shutdown
Kompyuter 1 da EtherChannel sozlash:
Kompyuter 1 (config)# interface range f0/3-2
Kompyuter 1(config-if-range)# shutdown
Kompyuter 1 (config-if-range)# channel-group 2 mode desirable Creating a port-channel interface Port-channel 2
Kompyuter 2 da EtherChannel sozlash:
Kompyuter 2(config)# interface range f0/3-1
Kompyuter 2(config-if-range)# channel-group 2 mode auto Creating a port-channel interface Port-channel 2
Kompyuter 1ga jismoniy interfeyslarni ulash:
Kompyuter 1 (config)# interface range f03-2
Kompyuter 1 (config-if-range)# no shut
|
| |
