ccna 4
TRANSCRIPT
~•• 11 •• 11.
CISCO.
Cisco Networking Academy'" _
CCNA Exploration: Accessing the WAN Student Skills BasedAssessment Lab
Frame Relay
172.16.0.8/30 FaO/1
172.16.0.4/30HOLe
b.c \l..\ oopLoO209.165.200.161 /27
. ''l('\I
FaO/1
Topology Diagram
10.0.0.0/25 10.0.0.128/25
10.0.0.10 10.0.0.139
Addressing Table
Device Interface IP Address Subnet Mask Default Gateway
FaO/1 10.0.0.1 255.255.255.128 N/A
R1 SOIO/O 172.16.0.1 255.255.255.252 N/A
SOl0/1 172.16.0.9 255.255.255.252 N/ALoO 209.165.200.161 255.255.255.224 N/A
R2 SOIO/O 172.16.0.2 255.255.255.252 N/A
SOl0/1 172.16.0.5 255.255.255.252 N/A
FaO/1 10.0.0.129 255.255.255.128 N/AR3
SOIOIO 172.16.0.10 255.255.255.252 N/A
All contents are Copyright @ 1992-2007 Cisco Systems, Inc All rights reserved. This document is CISCOPublic Information Page 1 of 4
eeNA ExplorationAccessing the WAN: Skills Based Assessment Student Skills based Assessment Lab
Device Interface IP Address Subnet Mask Default Gateway
80/0/1 172.16.0.6 255.255.255.252 N/A
PC1 NIC 10.0.0.10 255.255.255.128 10.0.0.1
PC3 NIC 10.0.0.139 255.255.255.128 10.0.0.129
Learning ObjectivesTo complete this lab:
• Cable a network according to the topology diagram• Erase the startup configuration and reload a router to the default state
• Perform basic configuration tasks on a router
• Configure and activate interfaces• Configure and activate serial interfaces (PPP with CHAP, HDLC, and Frame Relay)
• Configure RIP on all the routers
• Configure basic router security
• Configure ACLs
• Configure basic NAT
ScenarioThis lab tests you on the skills and knowledge that you learned in Exploration 4. Use cisco for allpasswords in this lab, except for the enable secret password, which is class.
Task 1: Prepare the Network
Step 1: Cable a network that is similar to the one in the topology diagram.
Step 2: Clear any existing configurations on the routers.
Task 2: Perform Basic Device Configurations
Configure the R1, R2, and R3 routers according to the following guidelines:
• Configure the router hostname. f.ls\-n..Q ~C\~ • Disable DN8 lookup. AJe;)I r Dc.Mtl.n-looO""v,f ~ C \4..£5
• Configure an EXEC mode password. l'ifV~;e..J;lf&6')"tr'~<{- • Configure a message-of-the-day banner. ba '" ttl."..... MoM /\ () X )Clt~'t.
. . C-l~ 0 I (J~S.5~oI.. c:iS:CU
~
Configure a password for console connections. "0'1. e.. C01\>O
C f. hi' l .. ,~ I~-. Y\ -
on Igure sync ronous ogglng. 1?J9'~ SYfl.o-. rc>'\.&J~
Configure a password for vty connections. lil\....L V+-) 0 15r t5S~C) c..,:;e..t::JL(}J I '"
Page 2 of 4
CCNA ExplorationAccessing the WAN: Skills Based Assessment Student Skills based Assessment Lab
Task 3: Configure and Activate Serial and Ethernet Addresses
Step 1: Configure interfaces on R1, R2, and R3.
Step 2: Verify IP addressing and interfaces. :5'k~w -.tP w\:~('~CE. Sner'Step 3: Configure the PC1 and PC3 Ethernet interfaces.
Step 4: Test connectivity between the PCs and routers.
Task 4: Configure Serial Interfaces '* }'-P) ", lP
pJ' ?/7 Step 1: Configure and verify PPP encapsulation with CHAP authentication between R1 and R2.The password is "cisco".
--
Step 1: Configure RIP on R1, R2, and R3.
--0-- t\~ f<t ~ - \' vi'Step 2: Configure and verify HDLC encapsulation between R2 and R3. I e ~C.6 f t J ltl. ~
1:>00"
~9~~~~~~P3:configUreFrnmeR~e~la~y_b_e_t_w_e_e_n_R_1_a_n_d~R_3_.~~~~~~~~~~~~~~~~~~~~~__ ~pq ,;;fa
~irask 5: Configure RIP
RIP updates should only be sent on the serial links between the routers. Prevent all other RIPupdates on all networks.
Step 2: Test connectivity with the ping command.
Step 3: Verify the routing table with the appropriate command.
Task 6: Configure Basic Router Security
p9.1 ~Zep 1: Enable a secure Telnet login using a local database on R2.
I~~ Ste 2: Disable unused services and interfaces on R2.5~f:).Gl'"
Step 3: Confirm that R2 is secured. -Task 7: Configure Access Control Lists
Step 1: Allow telnet to R1 and R3 from R2 only.V
Step 2: Do not allow HTTP, Telnet, and FTP traffic from the Internet to PC1.
Step 3: Do not allow PC1 to receive traffic from the 10.0.0.128/25 networks.
Step 4: Verify that PC3 cannot ping PC1, but can ping 10.0.0.1.
-----------------~----------------------Task 8: Configure NAT.
Step 1: Configure NAT to allow PC3 to ping PC1.
Page 3 of 4
GGNA ExplorationAccessing the WAN: Skills Based Assessment
Step 2: Verify that PC3 can reach PC1.
Task 9: Document the Router Configurations
Student Skills based Assessment Lab
Task 10: Clean Up
Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that arenormally connected to other networks, such as the school LAN or to the Internet, reconnect theappropriate cabling and restore the TCP/IP settings.
Page 4 of 4
,
R1>enableR1#configure terminalR1(config)#interface ethernet 0R1(config-if)#ip address 10.1.1.1 255.255.0.0R1(config-if)#no shutdownR1(config-if)#exitR1(config)#interface serial 0R1(config-if)#ip address 192.168.1.1255.255.255.192R1(config-if)#no shutdownR1(config-if)#exitR1(config)#interface serial 1R1(config-if)#ip address 192.168.1.129255.255.255.192R1(config-if)#no shutdownR1(config-if)#exitR1(config)#router ripR1(config-router)#network 10.0.0.0R1(config-router)#network 192.168.1.0R1(config-router)#Version 2
~R2>enableA fi'\'( R2#configure terminal"""F' R2(config)#interface ethernet 0
P -' ,,~£p.e~ ofP(:c~2( config-if)#ip address 10.2.1.1 255.255. O.0~$ve. , p....u.. s01'l0R2(config-if)#no shutdown
t11'l P'SS:\I'l." M~f' R2(config-if)#exitR2(config)#interface serial 0R2(config-if)#ip address 192.168.1.2 255.255.255.192R2(config-if)#no sh utd ownR2(config-if)#exitR2(config)#interface serial 1R2(config-if)#ip address 192.168.1.65 255.255.255.192R2(config-if)#no shutdownR2(con fig -if)#exitR2(config)#router ripR2(config-router)#network 10.0.0.0R2(config-router)#network 192.168.1.0R2(config-router)#Version 2R3>enableR3#configure terminalR3(config)#interface serial 0R3(config-if)#ip address 192.168.1.130255.255.255.192R3(config-if)#no shutdownR3( config-if)#exitR3(config)#interface serial 1R3(config-if)#ip address 192.168.1.66 255.255.255.192R3(config-if)#no shutdownR3(config-if)#exitR3(config)#router ripR3(config-router)#network 10.0.0.0R3(config-router)#network 192.168.1.0R3(config-router)#Version 2