See the solution below in Explanation:
Solution:
router bgp 10
bgp router-id 10.1.1.111
no bgp defa ipv4-unicast
nei 209.165.200.226 remote-as 20
nei 209.165.202.130 remote-as 30
address-family ipv4
neigh 209.165.200.226 activate
neigh 209.165.202.130 activate
network 10.1.1.10 mask 255.255.255.255
network 209.165.201.10 mask 255.255.255.255
network 209.165.201.20 mask 255.255.255.255
wr
Sw10
config t
no int po2
int et0/0
channel-group 2 mode active
no shut
spanning-tree vlan 10a pri 0
Copy run start
Verification:
OR
R2
R3
R30
show ip access-list
ip access-list extended 120
5 permit eigrp any any
R20
ip access-list extended 100
permit tcp 192.168.25.0 0.0.0.255 any eq 23
class-map match-any TELNET
match access-group 100
policy-map CoPP
class TELNET
police 10000 conform-action transmit exceed-action drop
control-plane
service-policy input CoPP
R22
int tun0
vrf forwarding FINANCE
ip add 10.10.10.2 255.255.255.0
tunn source e0/0
tunnel dest 209.165.200.230
ip route vrf FINANCE 10.10.111.0 255.255.255.0 tunn0
int et0/1
ip address 10.22.22.1 255.255.255.252
Verification:-
int tunn0
ip add 10.11.22.2 255.255.255.0
tunn so e0/0
tunn dest 209.165.200.230
vrf forward FINANCE
ip add 10.22.22.1 255.255.255.252
username NetworkAdmin privilege 15 password CiscoENCOR
line vty 0 4
login local
transport input telnet rlogin
exec-timepit 20
ip access-list extended 151
permit tcp 192.168.211.0 0.0.0.255 any eq 22
class-map match-any SSH
class SSH
police 8000 conform-action transmit exceed-action drop
