6. 【Cisco】IPアドレス作成 ルータ (奇数) の設定3
FORSE 6
ここの部分
手順13
IPアドレスを設定して、結線をします
手順14 検証します
RT-10#conf t
RT-10(config)#interface gigabitEthernet 8
RT-10(config-if)#ip address 172.16.10.1 255.255.255.252
RT-10(config-if)#no shutdown
RT-10(config-if)#end
RT-10#
RT-10#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Async3 unassigned YES unset down down
BRI0 unassigned YES unset administratively down down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
FastEthernet0 unassigned YES manual down down
GigabitEthernet0 unassigned YES unset down down
GigabitEthernet1 unassigned YES unset down down
GigabitEthernet2 unassigned YES unset down down
GigabitEthernet3 unassigned YES unset down down
GigabitEthernet4 unassigned YES unset down down
GigabitEthernet5 unassigned YES unset down down
GigabitEthernet6 unassigned YES unset down down
GigabitEthernet7 unassigned YES unset up up
GigabitEthernet8 172.16.10.1 YES manual down down
Vlan1 unassigned YES unset down down
Vlan10 192.168.10.1 YES manual up up
RT-10#
RT-10#show interfaces vlan10 | include Internet
Internet address is 192.168.10.1/24
RT-10#
RT-10#show interfaces gigabitEthernet8 | include Internet
Internet address is 172.16.10.1/30
RT-10#
7. 【Cisco】スタティックルート作成 ルータ (奇数) の設定4
FORSE 7
手順15
スタティックルートを設定します
手順16
スタティックルートを検証します
RT-10#conf t
Enter configuration commands, one per line. End with CNTL/Z.
RT-10(config)#ip route 192.168.11.0 255.255.255.0 172.16.10.2
RT-10(config)#end
RT-10#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop overrideGateway of last resort is not
set 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.10.0/30 is directly connected, GigabitEthernet8
L 172.16.10.1/32 is directly connected, GigabitEthernet8
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, Vlan10
L 192.168.10.1/32 is directly connected, Vlan10
S 192.168.11.0/24 [1/0] via 172.16.10.2
9. 【Cisco】IPアドレス作成 ルータ (偶数) の設定3
FORSE 9
ここの部分
手順13
IPアドレスを設定して、結線をします
手順14 検証します
RT-20#conf t
RT-20(config)#interface gigabitEthernet 8
RT-20(config-if)#ip address 172.16.10.2 255.255.255.252
RT-20(config-if)#no shutdown
RT-20(config-if)#end
RT-20#
RT-20#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Async3 unassigned YES unset down down
BRI0 unassigned YES unset administratively down down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
FastEthernet0 unassigned YES manual down down
GigabitEthernet0 unassigned YES unset down down
GigabitEthernet1 unassigned YES unset down down
GigabitEthernet2 unassigned YES unset down down
GigabitEthernet3 unassigned YES unset down down
GigabitEthernet4 unassigned YES unset down down
GigabitEthernet5 unassigned YES unset down down
GigabitEthernet6 unassigned YES unset down down
GigabitEthernet7 unassigned YES unset up up
GigabitEthernet8 172.16.10.2 YES manual down down
Vlan1 unassigned YES unset down down
Vlan10 192.168.11.2 YES manual up up
RT-20#
RT-20#show interfaces vlan10 | include Internet
Internet address is 192.168.11.2/24
RT-20#
RT-20#show interfaces gigabitEthernet8 | include Internet
Internet address is 172.16.10.2/30
RT-10#
10. 【Cisco】スタティックルート作成 ルータ (偶数) の設定4
FORSE 10
手順15
スタティックルートを設定します
手順16
スタティックルートを検証します
RT-20#conf t
Enter configuration commands, one per line. End with CNTL/Z.
RT-20(config)#ip route 192.168.10.0 255.255.255.0 172.16.10.1
RT-20(config)#end
RT-20#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop overrideGateway of last resort is not
set 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.10.0/30 is directly connected, GigabitEthernet8
L 172.16.10.2/32 is directly connected, GigabitEthernet8
192.168.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.11.0/24 is directly connected, Vlan10
L 192.168.11.2/32 is directly connected, Vlan10
S 192.168.10.0/24 [1/0] via 172.16.10.1
21. 【Cisco】 パスワードが間違っていた場合
21
FORSE
RT-10#show crypto session
Crypto session current status
Interface: GigabitEthernet8
Session status: DOWN ←←←
Peer: 172.16.10.2 port 500
IPSEC FLOW: permit ip 192.168.10.0/255.255.255.0
192.168.11.0/255.255.255.0
Active SAs: 0, origin: crypto map
RT-10#show crypto isa
RT-10#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
IPv6 Crypto ISAKMP SA
22. 【Cisco】 つながらない?
22
FORSE
#show crypto session
の結果が正常
・「#show crypto ipsec sa」の結果がおかしい
・「%crypto-4-recvd_pkt_not_ipsec: rec‘d packet not an ipsec packet.
(ip) vrf/dest_addr=」のようなエラーが対向PCに出ている
→フェーズ2でのミス
acl間違い?
・Session statusがDOWNになっている
→フェーズ1でのミス
パスワード間違い?
RT-10#show crypto session
Crypto session current status
Interface: GigabitEthernet8
Session status: DOWN ←←←
Peer: 172.16.10.2 port 500
IPSEC FLOW: permit ip 192.168.10.0/255.255.255.0
192.168.11.0/255.255.255.0
Active SAs: 0, origin: crypto map
YES
NO