拓扑：R1(192.168.0.1)———–R2(192.168.0.2)

R1(config)#clock timezone GMT 8

R1#clock set 18:00:00 7 May 2010
R1(config)#ntp master
—————-

R2(config)#clock timezone GMT 8

R2(config)#ntp server 192.168.0.1

R2#sh clock
18:02:07.939 GMT Fri May 7 2010

OK
————————
认证选项：

R1(config)#ntp authentication-key 1 md5 ipcpu

R1(config)#ntp authenticate

R1(config)#ntp trusted-key 1

Role-Based CLI Access

Packet Tracer 5.3可以做，较旧的IOS版本做不了。

要使用基于角色的CLI视图,需满足：

1。启用AAA
2。设置enable密码（pass、secret均可）

使用方法

进入管理模式
Router#enable view root
Password:
Router#%PARSER-6-VIEW_SWITCH: successfully set to view ‘root’.

Router#conf  t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#parser view test
!创建新视图test
Router(config-view)#%PARSER-6-VIEW_CREATED: view ‘test’ successfully created.

Router(config-view)#secret 0 ipcpu
Router(config-view)#?
View commands:
  commands  Configure commands for a view //设置可以执行的命令
  default   Set a command to its defaults
  exit      Exit from view configuration mode
  no        Negate a command or set its defaults
  secret    Set a secret for the current view
Router(config-view)#

packet tracer 5.3已经出来了，并已经有Linux版本。
新版本开始支持BGP。
Protocol Improvements
Packet Tracer now models these protocols not included in earlier versions: FTP, SMTP, POP3,PPPoE, VoIP, and BGP. CCNA-related protocols and technologies include improved models of HTTP,DNS, DHCP, TCP, and IP.

General Improvements

* Supports Microsoft Window 7 and stopped support for Microsoft Windows 2000
* Supports current LTS version of Ubuntu and Fedora and stopped support for previous versions
* Improved IPC features
* Customizable HTML Views for IP configuration and Traffic Generator in generic Wired End Device and generic Wireless End Device
* nslookup and ftp commands for end devices
* Email and FTP service for server end device
* Cisco IP Communicator, Email, PPPoE Dialer, and Text Editor desktop utilities
* HWIC-AP-AG-B module for 1841 and 2811 routers
下载地址1：

http://u.115.com/file/f570cd0446
PacketTracer53_setup.exe 2010-10-30重新补档

1.动态NAT（PAT）和静态NAT

企业边缘路由器配置：
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto

三层交换机 1台
二层交换机  若干
路由器      1台
防火墙      1台
三层交换机用来做VLAN间路由，二层交换机纯用来连接，路由器防火墙全部跑静态路由，防火墙上可再连DMZ，

至于NAT在那做，没什么太大关系，防火墙、路由都可以。

把博客升级了，后台乱七八糟的，看样子估计宽屏电脑没问题，就是在1024*768上出问题，

怎么着？老用户就不是用户了？