network-security.acl.example.ftp.a7982d66.yaml 9.34 KB
Newer Older
1
2
3
4
lab:
  description: |-
    - Topology Description: ACL: Example: FTP: Active Mode, Passive Mode
    - Topology ID: ''a7982d66-91df-42e4-b74d-bd9c6cb77d14''
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
5
    - Lab Password: EgkhdSc5mw
6
7
8
9
10

    ### Links

    Cisco: ACL: Example: FTP: Active Mode, Passive Mode [PG1X WIKI]
    https://pg1x.com/tech:network:cisco:security:network-security:acl:ftp:ftp
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
11
  notes:
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
  timestamp: 1604736726.1771657
  title: network-security.acl.example.ftp.a7982d66
  version: 0.0.4
nodes:
  - id: n0
    label: R1
    node_definition: iosv
    x: -200
    y: 0
    configuration: |-
      version 15.9
      service timestamps debug datetime msec
      service timestamps log datetime msec
      no service password-encryption
      !
      hostname R1
      !
      boot-start-marker
      boot-end-marker
      !
      !
      !
      no aaa new-model
      !
      !
      !
      mmi polling-interval 60
      no mmi auto-configure
      no mmi pvc
      mmi snmp-timeout 180
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      !
      no ip domain lookup
      ip cef
      no ipv6 cef
      !
      multilink bundle-name authenticated
      !
      !
      !
      redundancy
      !
      !
      !
      !
      !
      !
      interface GigabitEthernet0/0
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
69
       ip address 10.1.1.1 255.255.255.0
70
71
72
73
74
       duplex auto
       speed auto
       media-type rj45
      !
      interface GigabitEthernet0/1
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
75
       ip address 10.2.2.1 255.255.255.0
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
       duplex auto
       speed auto
       media-type rj45
      !
      interface GigabitEthernet0/2
       no ip address
       shutdown
       duplex auto
       speed auto
       media-type rj45
      !
      interface GigabitEthernet0/3
       no ip address
       shutdown
       duplex auto
       speed auto
       media-type rj45
      !
      ip forward-protocol nd
      !
      !
      no ip http server
      !
      ipv6 ioam timestamp
      !
      !
      !
      control-plane
      !
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
105
      banner exec ^CC
106
107
108
109
110
111
112
113
      **************************************************************************
      * IOSv is strictly limited to use for evaluation, demonstration and IOS  *
      * education. IOSv is provided as-is and is not supported by Cisco's      *
      * Technical Advisory Center. Any use or disclosure, in whole or in part, *
      * of the IOSv Software or Documentation to any third party for any       *
      * purposes is expressly prohibited except as otherwise authorized by     *
      * Cisco in writing.                                                      *
      **************************************************************************^C
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
114
      banner incoming ^CC
115
116
117
118
119
120
121
122
      **************************************************************************
      * IOSv is strictly limited to use for evaluation, demonstration and IOS  *
      * education. IOSv is provided as-is and is not supported by Cisco's      *
      * Technical Advisory Center. Any use or disclosure, in whole or in part, *
      * of the IOSv Software or Documentation to any third party for any       *
      * purposes is expressly prohibited except as otherwise authorized by     *
      * Cisco in writing.                                                      *
      **************************************************************************^C
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
123
      banner login ^CC
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
      **************************************************************************
      * IOSv is strictly limited to use for evaluation, demonstration and IOS  *
      * education. IOSv is provided as-is and is not supported by Cisco's      *
      * Technical Advisory Center. Any use or disclosure, in whole or in part, *
      * of the IOSv Software or Documentation to any third party for any       *
      * purposes is expressly prohibited except as otherwise authorized by     *
      * Cisco in writing.                                                      *
      **************************************************************************^C
      !
      line con 0
       exec-timeout 0 0
       privilege level 15
       logging synchronous
      line aux 0
      line vty 0 4
       privilege level 15
       no login
       transport input all
      line vty 5 15
       privilege level 15
       no login
       transport input all
      !
      no scheduler allocate
      !
      end
    image_definition: iosv-159-3
    tags: []
    interfaces:
      - id: i0
        label: Loopback0
        type: loopback
      - id: i1
        slot: 0
        label: GigabitEthernet0/0
        type: physical
      - id: i2
        slot: 1
        label: GigabitEthernet0/1
        type: physical
      - id: i3
        slot: 2
        label: GigabitEthernet0/2
        type: physical
      - id: i4
        slot: 3
        label: GigabitEthernet0/3
        type: physical
  - id: n1
    label: ubuntu-0
    node_definition: ubuntu
    x: -400
    y: 0
    configuration: |-
      #cloud-config
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
179
      password: EgkhdSc5mw
180
181
182
183
184
185
186
187
      chpasswd: { expire: False }
      hostname: ubuntu-0
      ssh_pwauth: True
      ssh_authorized_keys:
         - ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBIbn2VyO9Mby6BwkijQmGfH8O2+Uqewn0/oIOXOxMNgCZiztR3v2o5n1l9ET1GuN7iVMe9whoUiNuZMUVEv0INb+A6Yd0M/37tlWlC+qbIjjqL6UzJAqRISdGP1oVmnV2g== wnoguchi@lasthope.pg1x.net
      packages:
         - curl
         - ftp
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
188
         - iperf
189
190
         - iperf3
         - netcat-openbsd
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
191
         - bind9-utils
192
193
194
195
196
197
198
      write_files:
      - path: /etc/netplan/51-cloud-init_static.yaml
        permissions: '0644'
        content: |
           network:
              version: 2
              ethernets:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
199
                 ens2:
200
201
202
                    dhcp4: true
                    dhcp6: true
                    match:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
203
204
                       name: ens2
                 ens3:
205
                    match:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
206
                       name: ens3
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
                    addresses:
                       - 10.1.1.200/24
                    routes:
                       - to: 10.0.0.0/8
                         via: 10.1.1.1
                         metric: 0
                    #gateway4: 198.168.255.1
                    #nameservers:
                    #   addresses:
                    #      - 8.8.8.8
      runcmd:
         - [ sudo, netplan, generate ]
         - [ sudo, netplan, apply ]
    image_definition: ubuntu-20-04
    tags: []
    interfaces:
      - id: i0
        slot: 0
        label: enp0s2
        type: physical
      - id: i1
        slot: 1
        label: enp0s3
        type: physical
  - id: n2
    label: ubuntu-1
    node_definition: ubuntu
    x: 0
    y: 0
    configuration: |-
      #cloud-config
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
238
      password: EgkhdSc5mw
239
240
241
242
243
244
245
246
247
248
249
      chpasswd: { expire: False }
      hostname: ubuntu-1
      ssh_pwauth: True
      ssh_authorized_keys:
         - ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBIbn2VyO9Mby6BwkijQmGfH8O2+Uqewn0/oIOXOxMNgCZiztR3v2o5n1l9ET1GuN7iVMe9whoUiNuZMUVEv0INb+A6Yd0M/37tlWlC+qbIjjqL6UzJAqRISdGP1oVmnV2g== wnoguchi@lasthope.pg1x.net
      packages:
         - apache2
         - php
         - curl
         - vsftpd
         - ftp
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
250
         - iperf
251
252
         - iperf3
         - netcat-openbsd
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
253
         - bind9-utils
254
255
256
257
258
259
260
      write_files:
      - path: /etc/netplan/51-cloud-init_static.yaml
        permissions: '0644'
        content: |
           network:
              version: 2
              ethernets:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
261
                 ens2:
262
263
264
                    dhcp4: true
                    dhcp6: true
                    match:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
265
266
                       name: ens2
                 ens3:
267
                    match:
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
268
                       name: ens3
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
                    addresses:
                       - 10.2.2.201/24
                    routes:
                       - to: 10.0.0.0/8
                         via: 10.2.2.1
                         metric: 0
                    #gateway4: 198.168.255.1
                    #nameservers:
                    #   addresses:
                    #      - 8.8.8.8
      runcmd:
         - [ sudo, netplan, generate ]
         - [ sudo, netplan, apply ]
    image_definition: ubuntu-20-04
    tags: []
    interfaces:
      - id: i0
        slot: 0
        label: enp0s2
        type: physical
      - id: i1
        slot: 1
        label: enp0s3
        type: physical
  - id: n4
    label: unmanaged-switch-0
    node_definition: unmanaged_switch
    x: -200
    y: -100
    configuration: ''
    tags: []
    interfaces:
      - id: i0
        slot: 0
        label: port0
        type: physical
      - id: i1
        slot: 1
        label: port1
        type: physical
      - id: i2
        slot: 2
        label: port2
        type: physical
      - id: i3
        slot: 3
        label: port3
        type: physical
      - id: i4
        slot: 4
        label: port4
        type: physical
      - id: i5
        slot: 5
        label: port5
        type: physical
      - id: i6
        slot: 6
        label: port6
        type: physical
      - id: i7
        slot: 7
        label: port7
        type: physical
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
333
334
335
336
337
338
339
340
341
342
343
344
  - id: n3
    label: ext-conn-0
    node_definition: external_connector
    x: -200
    y: -200
    configuration: bridge0
    tags: []
    interfaces:
      - id: i0
        slot: 0
        label: port
        type: physical
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
links:
  - id: l1
    i1: i1
    n1: n4
    i2: i0
    n2: n1
  - id: l2
    i1: i2
    n1: n4
    i2: i0
    n2: n2
  - id: l3
    i1: i1
    n1: n1
    i2: i1
    n2: n0
  - id: l4
    i1: i2
    n1: n0
    i2: i1
    n2: n2
Wataru Noguchi's avatar
commit.    
Wataru Noguchi committed
366
367
368
369
370
  - id: l0
    i1: i0
    n1: n3
    i2: i0
    n2: n4