Académique Documents
Professionnel Documents
Culture Documents
PT 2015 (100%)
March 21, 2015 by admin 2 Comments
CCNA 5 Blog
Do not close Packet Tracer when you are done. It will close automatically.
3.
Click the Submit Assessment button in the browser window to submit your
work.
Introduction
In this practice skills assessment, you will configure the XYZ Corporation
network with single-area OSPFv2. In addition, you will configure
router-on-a-stick routing between VLANs. You will also implement NAT,
DHCP and access lists.
All IOS device configurations should be completed from a direct terminal
connection to the device console.
Some values that are required to complete the configurations have not
been
given to you. In those cases, create the values that you need to
complete the requirements. These values may include certain IP
addresses, passwords, interface descriptions, banner text, and other
values.
For the sake of time, many repetitive but important
configuration tasks have been omitted from this activity. Many of these
tasks, especially those related to device security, are essential
Configuration of DHCP
HQ:
Configuration of ACLs
Site 2:
Site1-SW1:
Configuration of VLANs
Configuration of trunking
Site1-SW2:
Configuration of VLANs
Configuration of trunking
Internal PC hosts:
Addressing Tables
Note: You are provided with the networks that interfaces should be configured
on. Unless you are told to do differently in the detailed instructions
below, you are free to choose the host addresses to assign.
Addressing Table:
Device
Interface
Network
Comments
S0/0/0
192.168.10.104/30
Gi0/0.45
192.168.45.0/24
Gi0/0.47
192.168.47.0/24
Gi0/0.101
192.168.101.0/24
S0/0/0
192.168.10.104/30
S0/0/1
192.168.10.112/30
S0/1/0
198.51.100.0/28
Gi0/0
192.168.18.40/29
S0/0/0
192.168.10.124/30
S0/0/1
192.168.10.112/30
Site1-SW1
VLAN 101
192.168.101.0/24
Site1-SW2
VLAN 101
192.168.101.0/24
Site 1
HQ
Site 2
Device
Address
192.168.18.46/29
Admin Host
203.0.113.18
Internet Host
203.0.113.128
Web Server
209.165.201.235
East Host
192.168.200.10/24
Central Host
192.168.201.10/24
West Host
192.168.202.10/24
VLAN Table:
VLAN
Number
VLAN Name
VLAN Network
45
finance
192.168.45.0/24
Site1-SW1:Fa0/10
Site1-SW2: Fa0/3
47
sales
192.168.47.0/24
Site1-SW1:Fa0/15
Site1-SW2: Fa0/21
101
netadmin
192.168.101.0/24
SVI
Device:Port
Instruction
All configurations must be performed through a direct terminal connection to the
device consoles.
Step 1: Determine the Addresses to Assign
Determine the IP addresses that you will use for the required interfaces on the
three routers and two switches. Use the information in the Addressing
Table and follow the guidelines below:
Assign the first IP addresses in the networks that are provided in the Addressing Table
to the LAN interfaces.
Assign the first address in the HQ subnet to the interface that is connected to
the Internet.
Assign any valid host address in the networks that are provided in the
Addressing Table to the serial interfaces.
Protect privileged EXEC mode from unauthorized access with the MD5
encrypted password.
Prevent device status messages from interrupting command line entries at the
device console.
Prevent all passwords from being viewed in clear text in the device
configuration file.
Describe
the operational Site 1 serial interface. The Site 1 Ethernet
interfaces will be configured at the end of this assessment.
Use the correct inverse masks for all network statements. Do not use quad zero
masks (0.0.0.0).
Step 6: Customize single-area OSPFv2
Customize single-area OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of the serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
Site 1: 1.1.1.1
HQ: 2.2.2.2
Site 2: 3.3.3.3
c. Configure the OSPF cost of the link between Site 1 and HQ to 7500.
d.Prevent routing updates from being sent out of any of the LAN
interfaces that are routed with OSPFv2. Do not use the default keyword
in the commands you use to do this.
Use VLAN45 and VLAN47 as the pool names. Note that the pool names must
match the names given here exactly, all capital letters and exact spelling.
Addresses .1 to .20 should be reserved for static assignment from each pool.
The
first address in each network will be assigned to the router interface
attached to the networks as shown in the addressing table.
Use a DNS server address of 192.168.18.100. This server has not yet been
networks.
Step 9: Configure NAT
Configure NAT to translate internal private addresses into public addresses for the
Internet. The requirements are:
a. Configure static NAT to the Corporate Web Server.
Use a pool name of INTERNET. Note that the pool name must match this name
exactly, in spelling and capitalization.
Hosts on each of the internal LANs shown in the topology and on all of the
branch networks should be permitted to use the NAT addresses to access
the Internet.
Your source list should consist of three entries, one each for the LANs and one
for the branch networks.
Create a named standard ACL using the name MANAGE. Be sure that you use
this name exactly as it appears in these instructions (case and spelling).
Allow only the Admin Host to access the vty lines of HQ.
b. Allow outside access to the Corporate Web Server while controlling other
traffic from the outside. Create the ACL as directed below:
First, allow Admin Host full access to all network hosts and devices.
Then, allow outside hosts to access the Corporate Web Server over HTTP only.
Allow traffic that is in response to data requests from the internal and Branch
Network hosts to enter the network.
Add a statement so that counts of all denied traffic will be shown in the show
access-lists command output.
Your ACL should be placed in the most efficient location possible to conserve network
bandwidth and device processing resources.
Step 11: Configure Router-on-a-Stick Inter-VLAN Routing.
Configure Site 1 to provide routing between the VLANs configured on the switches. As
follows:
Use the first addresses in the VLAN networks for the interfaces.
Topology Type A
Step 1
Copy script from Notepad that you did first step and past to Config
Step 2
HQ
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname HQ
!
!
ip cef
no ipv6 cef
!
!
license udi pid CISCO1941/K9 sn FTX1524Y7OR
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
ip address 192.168.18.41 255.255.255.248
no sh
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
no sh
ip ospf cost 7500
!
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no sh
clock rate 128000
!
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
no sh
ip access-group 101 in
ip nat outside
!
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
passive-interface GigabitEthernet0/0
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
!
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 192.168.200.0 255.255.252.0 Serial0/0/1
!
ip flow-export version 9
!
!
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
Site1
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname Site-1
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
ip flow-export version 9
!
banner motd ^C
Any banner text.^C
!
line con 0
password 7 0822404F1A0A
logging synchronous
login
!
line aux 0
!
line vty 0 4
password 7 0822404F1A0A
login
!
!
end
Site2
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Site-2
!
!
ip cef
no ipv6 cef
!
!
!
ip classless
ip route 192.168.200.0 255.255.252.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
password class
login
!
!
end
Site1-SW1
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Site1-SW1
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport mode access
shutdown
!
interface FastEthernet0/2
switchport mode access
shutdown
!
interface FastEthernet0/3
switchport mode access
shutdown
!
interface FastEthernet0/4
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport mode access
shutdown
!
interface FastEthernet0/6
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport access vlan 45
switchport mode access
no sh
!
interface FastEthernet0/11
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport access vlan 47
switchport mode access
no sh
!
interface FastEthernet0/16
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport mode access
shutdown
!
interface FastEthernet0/19
switchport mode access
shutdown
!
interface FastEthernet0/20
!
vl 45
na finance
vl 47
na sales
vl 101
na netadmin
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
Site1-SW2
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Site1-SW2
!
!
!
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
switchport mode access
shutdown
!
interface FastEthernet0/2
switchport mode access
shutdown
!
interface FastEthernet0/3
switchport access vlan 45
switchport mode access
no sh
!
interface FastEthernet0/4
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport mode access
shutdown
!
interface FastEthernet0/6
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport mode access
shutdown
!
interface FastEthernet0/11
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport mode access
shutdown
!
interface FastEthernet0/19
switchport mode access
shutdown
!
interface FastEthernet0/20
switchport mode access
shutdown
!
interface FastEthernet0/21
switchport access vlan 47
switchport mode access
no sh
!
interface FastEthernet0/22
switchport mode access
shutdown
!
interface FastEthernet0/23
switchport mode access
shutdown
!
interface FastEthernet0/24
switchport mode access
shutdown
!
interface GigabitEthernet0/1
switchport mode trunk
no sh
!
interface GigabitEthernet0/2
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan101
ip address 192.168.101.15 255.255.255.0
!
ip default-gateway 192.168.101.1
!
!
vl 45
na finance
vl 47
na sales
vl 101
na netadmin
!
!
line con 0
!
line vty 0 4
pas class
login
line vty 5 15
pas class
login
!
!
end
Step 3
Enable DHCP client on
Manage-1a
Accts-2f
Sec-2c
Clerk-1c
Topology Type B
Step 1
Copy script from Notepad that you did first step and past to Config
Step 2
Central
!
hostname Central
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX1524Y7OR
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
ip address 192.168.18.41 255.255.255.248
no sh
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
no sh
ip ospf cost 7500
!
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no sh
clock rate 128000
!
interface Serial0/1/0
Police
default-router 192.168.47.1
dns-server 192.168.18.100
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX15245QA9
!
no ip domain-lookup
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no sh
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.45
description any_text
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
!
interface GigabitEthernet0/0.47
description any_text
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
!
interface GigabitEthernet0/0.101
description any_text
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
description any_text
bandwidth 128
ip address 192.168.10.105 255.255.255.252
ip ospf cost 7500
clock rate 128000
no sh
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
passive-interface GigabitEthernet0/0.45
passive-interface GigabitEthernet0/0.47
passive-interface GigabitEthernet0/0.101
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
ip flow-export version 9
!
banner motd ^C
Any banner text.^C
!
line con 0
password 7 0822404F1A0A
logging synchronous
login
!
line aux 0
!
line vty 0 4
password 7 0822404F1A0A
login
!
end
Fire
shutdown
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 192.168.10.126 255.255.255.252
no sh
!
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
no sh
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
redistribute static
network 192.168.10.112 0.0.0.3 area 0
!
ip classless
ip route 192.168.200.0 255.255.252.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
password class
login
!
end
Police-SW1
shutdown
!
interface FastEthernet0/6
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport access vlan 45
switchport mode access
no sh
!
interface FastEthernet0/11
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport mode access
shutdown
!
interface FastEthernet0/14
interface FastEthernet0/23
switchport mode access
shutdown
!
interface FastEthernet0/24
switchport mode access
shutdown
!
interface GigabitEthernet0/1
switchport mode trunk
no sh
!
interface GigabitEthernet0/2
switchport mode trunk
no sh
!
interface Vlan1
no ip address
shutdown
!
interface Vlan101
ip address 192.168.101.10 255.255.255.0
!
ip default-gateway 192.168.101.1
!
vl 45
na HR
vl 47
na records
vl 101
na comm
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
end
Police-SW2
!
interface FastEthernet0/6
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport mode access
shutdown
!
interface FastEthernet0/11
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport mode access
shutdown
!
interface FastEthernet0/19
switchport mode access
shutdown
!
interface FastEthernet0/20
switchport mode access
shutdown
!
interface FastEthernet0/21
switchport access vlan 47
switchport mode access
no sh
!
interface FastEthernet0/22
switchport mode access
shutdown
!
interface FastEthernet0/23
switchport mode access
shutdown
!
interface FastEthernet0/24
switchport mode access
shutdown
!
interface GigabitEthernet0/1
switchport mode trunk
no sh
!
interface GigabitEthernet0/2
shutdown
!
interface Vlan1
no ip address
shutdown
!
interface Vlan101
ip address 192.168.101.15 255.255.255.0
!
ip default-gateway 192.168.101.1
!
vl 45
na HR
vl 47
na records
vl 101
na comm
!
line con 0
!
line vty 0 4
pas class
login
line vty 5 15
pas class
login
!
end
Step 3
Enable DHCP PC client on
Police 1
Police 2
Fire 1
Fire 2