皮皮学,免费搜题
登录
搜题
【简答题】
阅读以下说明,回答问题1至问题4,将解答填入答题纸对应的解答栏内。 【说明】 某企业总部设立在A地,在B地建有分支机构,分支机构和总部需要在网络上进 行频繁的数据传输,该企业网络采用IPSec VPN虚拟专用网技术实现分支机构和总部 之间安全、快捷、经济的跨区域网络连接。 该企业的网络拓扑结构如图4-1所示。 该企业的网络地址规划及配置如表4-1所示。 【问题1】(7分) 为了完成对RouterA和RouterB的远程连接管理,以RouterA为例,完成初始化路 由器,并配置RouterA的远程管理地址(192.168.1.20),同时开启RouterA的Telnet 功能并设置全局配置模式的访问密码,请补充完成下列配置命令。 RouterA >enable RouterAconfigure terminal RouterA(config)interface f0/0 //进入 F0/0 的 (1) 于模式 RouterA(config-if)ip addr (2) //为 F0/0 接口配置 IP 地址 RouterA(config-if)no shut // (3) FO/O接口,默认所有路由器的接口都为down状态 RouterA(config-iQinter (4) //进入 loopback 0 的接口配置子模式 RouterA(config-if)ip addr (5) // 为 loopback0 接口配置 IP 地址 RouterA(config) (6) //进入虚拟接口 0-4的配置子模式 RouterA(config4ine)pass word abc00 1 //配置vty口令为”abc001“ RouterA(config)enable password abc001 / / 配置全局配置模式的明文密码为“abc001” RouterA(config) enable (7) abc001 //配置全局配置模式的密文密码为“abc001” 【问题2】(5分) VPN是建立在两个局域网出口之间的隧道连接,所以两个VPN设备必须能够满足内网访问互联网的要求,以及需要配置NAT。按照题目要求以RouterA为例,请补充完 成下列配置命令。 RouterA(config) access-list 101 ( 8) ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255 RouterA(config) access-list 101 (9) ip 192.168.1.0 0.0.0.255 any// 定义需要被 NAT 的数据流 RouterA(config)ip nat inside source list 101 interface (10) overload // 定义 NAT 转换关系 RouterA(config)int (11) RouterA(config-if)ip nat inside RouterA(config)int (12) RouterA(config-iQip nat outside //定义 NAT 的内部和外部接 口 【问题3】(4分) 配置IPSec VPN时要注意隧道两端的设备配置参数必须对应匹配,否则VPN配置 将会失败。以RouterB为例配置IPSecVPN,请完成相关配置命令。 RouterB(config) access-list 102 permit ip (13) //定义需要通过 VPN 加密传输的数据流 RouterB(config)crypto isakmp (14) //启用 ISAKMP(IKE) RouterB(config)crypto isakmp policy 10 RouterB(config-isakmp)authentication pre-share RouterB(config-isakmp)encryption des RouterB(config-isakmp)hash md5 RouterB (config-isakmp)group 2 RouterB(config)crypto isakmp identity address RouterB(config)crypto isakmp key abcOOl address (15) //指定共享密钥和对端设备地址 RouterB (config)crypto ipsec transform-set ccie esp-des esp_md5_hmac RouterB (cfg-crypto-trans)model tunnel RouterB(config)crypto map abcOOl 10 ipsec-isakmp RouterB(config)int (16) RouterB(config)-if)crypto map abc001 // 在外部接口上应用加密图 【问题4】 根据题目要求,企业分支机构与总部之间采用 IPSec VPN 技术互连,IPSec(IP Security) 是IETE 为保证在Internet 上传送数据的安全保密性而制定的框架协议,该协议用用在 17 层,用于保证和认证用户IP数据包。 IP S ec VPN 可使用的模式有两种,其中 18 模式的安全性较强, 19 模式的安全性较弱。IPSec主要由AH/ESP和IKE组成,在使用IKE协议时,需要定义IKE协商策略,该策略由 20 进行定义。
拍照语音搜题,微信中搜索"皮皮学"使用
参考答案:
参考解析:
知识点:
皮皮学刷刷变学霸
举一反三
【单选题】All the people don't talk about that accident with him, so he knew_____ nothing.
A.
fortunately.
B.
fortunate.
C.
absolute
D.
absolutely
【简答题】anything but 绝不是;根本不是 nothing but 除 ... 之外;只有 Why did I come today? I wondered . My Christmas 1 contained several people that claimed they wanted nothing, but I knew their feelings would be hurt 2 I d...
【简答题】A.They lived a r life than villagers today. B.They knew fewer people than villagers today. C.They found it difficult to enjoy themselves. D.They had nothing to do in the evenings.
【单选题】Emery's father, who voyaged with other 26 people, knew a lot about painting, but nothing about sailing.
A.
Y
B.
N
C.
NG
【简答题】A.They lived a r life than villagers today. B.They knew fewer people than villagers today. C.They found it difficult to enjoy themselves. D.They had nothing to do in the evenings.
【单选题】All the people don't talk about that accident with him. So he knew nothing _____.
A.
fortunately
B.
fortunate
C.
absolutely
D.
absolute
【简答题】改写下列句子的划线部分,使表达更加正式。 The victim was asked why he had not told the police sooner about the mugging. The older generation has always attempted to pass its wisdom on two young people. Stockman has always...
相关题目: