Vous êtes sur la page 1sur 11

ESwitching Basic Switching/Wireless PT Practice SBA

A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any Exam windows during the exam. 2. Do not close Packet Tracer when you are done. It will close automatically. 3. Click the Submit Assessment button to submit your work.

Introduction
In this practice Packet Tracer Skills Exam, you will: configure VLANs using VTP configure inter-VLAN routing modify STP configure port security add a wireless LAN

Addressing Table
Device Interface Fa0/0.10 Fa0/0.20 Router1 Fa0/0.43 Fa0/0.67 Internet WRS Wireless SW DS1 SW AC2 SW AC3 PC1 PC2 PC3 PC4 VLAN 43 VLAN 43 VLAN 43 NIC NIC NIC NIC 172.16.100.1 172.16.43.11 172.16.43.12 172.16.43.13 172.16.10.10 172.16.20.10 172.16.10.11 DHCP assigned 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 n/a 172.16.43.1 172.16.43.1 172.16.43.1 172.16.10.1 172.16.20.1 172.16.10.1 172.16.100.1 172.16.43.1 172.16.67.1 172.16.67.10 255.255.255.0 255.255.255.0 255.255.255.0 n/a n/a 172.16.67.1 Address 172.16.10.1 172.16.20.1 Subnet Mask 255.255.255.0 255.255.255.0 Default Gateway n/a n/a

Note: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

Step 1: Connect the Devices.


Use the appropriate cable type to make the following connections: SW AC2 FastEthernet 0/1 to PC1 FastEthernet SW AC2 FastEthernet 0/11 to PC2 FastEthernet SW AC2 FastEthernet 0/19 to SW AC3 FastEthernet 0/19 SW AC2 FastEthernet 0/20 to SW AC3 FastEthernet 0/20 SW AC3 FastEthernet 0/18 to WRS Internet

Step 2: Configure the Device Basics.


a. Configure the following on SW AC2. The switch name is SW_AC2.

Switch>enable Switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname SW AC2 SW AC2(config)#

The privileged EXEC mode uses the following encrypted password: class

SW AC2(config)#enable password class

Enable Telnet and console line login using the following password: cisco

SW AC2(config)#line vty 0 SW AC2(config-line)#password cisco SW AC2(config-line)#exit

SW AC2(config)#line console 0 SW AC2(config-line)#login % Login disabled on line 0, until password is set

SW AC2(config-line)#password cisco SW AC2(config-line)#exit Configure the banner message-of-the-day as Authorized access only!

SW AC2(config)#banner motd # Enter TEXT message. End with the character # . Authorized access only!# SW AC2(config)#

b.

To configure the switches for remote management access, create and enable interface VLAN 43 on all three switches.

SW DS1(config)#interface vlan 43 SW DS1(config-if)#ip address 172.16.43.11 255.255.255.0 SW DS1(config-if)#no shutdown SW DS1(config-if)#exit SW DS1(config)#ip default-gateway 172.16.43.1

SW AC2(config)#interface vlan 43 SW AC2(config-if)#ip address 172.16.43.12 255.255.255.0 SW AC2(config-if)#no shutdown SW AC2(config-if)#exit SW AC2(config)#ip default-gateway 172.16.43.1

SW AC3(config)#interface vlan 43 SW AC3(config-if)#ip address 172.16.43.13 255.255.255.0 SW AC3(config-if)#no shutdown SW AC3(config-if)#exit SW AC3(config)#ip default-gateway 172.16.43.1 SW AC3(config)#

Step 3: Configure Trunking.


Note: Packet Tracer now supports the use of the range argument for the interface command. For interfaces FastEthernet 0/19 through FastEthernet 0/24 on all three switches: Configure static trunking. Assign VLAN 43 as the native VLAN. SW DS1(config)#interface range fastEthernet 0/19-24 SW DS1(config-if-range)#switchport mode trunk SW DS1(config-if-range)#switchport trunk native vlan 43 SW DS1(config-if-range)#no shutdown SW DS1(config-if-range)#end SW AC2(config)#interface range fastEthernet 0/19-24 SW AC2(config-if-range)#switchport mode trunk SW AC2(config-if-range)#switchport trunk native vlan 43 SW AC2(config-if-range)#no shutdown

SW AC2(config-if-range)#end SW AC3(config)#interface range fastEthernet 0/19-24 SW AC3(config-if-range)#switchport mode trunk SW AC3(config-if-range)#switchport trunk native vlan 43 SW AC3(config-if-range)#no shutdown SW AC3(config-if-range)#end

Step 4: Configure VTP and VLANs.


a. Step 1: Configure SW DS1 as VTP server and the following VTP parameters: SW DS1 is the VTP server. VTP domain name: CCNA VTP password: cisco

SW DS1(config)#vtp mode server Setting device to VTP SERVER mode. SW DS1(config)#vtp domain CCNA Changing VTP domain name from NULL to CCNA SW DS1(config)#vtp password cisco Setting device VLAN database password to cisco

b.

Create and name the following VLANs on SW DS1. VLAN 10: Student VLAN 20: Faculty VLAN 43: Management VLAN 67: Wireless

SW DS1(config)#vlan 10 SW DS1(config-vlan)#name Student SW DS1(config-vlan)#vlan 20 SW DS1(config-vlan)#name Faculty SW DS1(config-vlan)#vlan 43 SW DS1(config-vlan)#name Management SW DS1(config-vlan)#vlan 67 SW DS1(config-vlan)#name Wireless SW DS1(config-vlan)#end

c.

Step 2: Configure SW AC2 and SW AC3 as VTP clients to participate in the CCNA VTP domain.

SW AC2(config)#vtp mode client Setting device to VTP CLIENT mode. SW AC2(config)#vtp domain CCNA Domain name already set to CCNA. SW AC2(config)#vtp password cisco

Setting device VLAN database password to cisco SW AC2(config)#end

SW AC3(config)#vtp mode client Setting device to VTP CLIENT mode. SW AC3(config)#vtp domain CCNA Domain name already set to CCNA. SW AC3(config)#vtp password cisco Setting device VLAN database password to cisco SW AC3(config)#end

d.

Step3: Verify that VTP is operational.

SW AC2#show vtp status SW AC3#show vtp status or SW AC2#show vlan brief SW AC3#show vlan brief

Step 5: Configure Interfaces for VLAN Access


VLAN port assignments on each switch are as follows: Device SW AC2, SW AC3 SW AC2, SW AC3 SW AC3 a. Ports Fa0/1 - 0/10 Fa0/11 - 0/17 Fa0/18 Assignment 10 20 67

Step 1: Configure access ports on access layer switches. Configure the appropriate interfaces on SW AC2 and SW AC3 for static access. Assign VLANs according to the port assignments table.

SW AC2(config)#interface range fastEthernet 0/1-17 SW AC2(config-if-range)#switchport mode trunk SW AC2(config-if-range)#no shutdown SW AC2(config-if-range)#exit

SW AC2(config)#interface range fastEthernet 0/1-10 SW AC2(config-if-range)#switchport access vlan 10 SW AC2(config-if-range)#no shutdown SW AC2(config-if-range)#exit

SW AC2(config)#interface range fastEthernet 0/11-17 SW AC2(config-if-range)#switchport access vlan 20 SW AC2(config-if-range)#no shutdown SW AC2(config-if-range)#exit --------------------------------------------------- -

SW AC3(config)#interface range fastEthernet 0/1-18 SW AC3(config-if-range)#switchport mode trunk SW AC3(config-if-range)#no shutdown SW AC3(config-if-range)#exit

SW AC3(config)#interface range fastEthernet 0/1-10 SW AC3(config-if-range)#switchport access vlan 10 SW AC3(config-if-range)#no shutdown SW AC3(config-if-range)#exit

SW AC3(config)#interface range fastEthernet 0/11-17 SW AC3(config-if-range)#switchport access vlan 20 SW AC3(config-if-range)#no shutdown SW AC3(config-if-range)#exit

SW AC3(config)#interface fastEthernet 0/18 SW AC3(config-if-range)#switchport access vlan 67 SW AC3(config-if-range)#no shutdown SW AC3(config-if-range)#exit

b.

Step 2: Verify trunking and VLAN assignments.

SW AC2#show interface switchport SW AC3#show interface switchport

SW AC2#show interface trunk SW AC3#show interface trunk

SW AC2#show vlan brief SW AC3#show vlan brief

Step 6: Configure Spanning Tree.


a. Modify STP root bridge elections. Using a priority of 4096, set SW DS1 as the root bridge for all VLANs.

SW DS1(config)#spanning-tree vlan 1 priority 4096 SW DS1(config)#spanning-tree vlan 10 priority 4096 SW DS1(config)#spanning-tree vlan 20 priority 4096 SW DS1(config)#spanning-tree vlan 43 priority 4096 SW DS1(config)#spanning-tree vlan 67 priority 4096

Using a priority of 8192, set SW AC2 as the backup root bridge for all VLANs.

SW AC2(config)#spanning-tree vlan 1 priority 8192 SW AC2(config)#spanning-tree vlan 10 priority 8192 SW AC2(config)#spanning-tree vlan 20 priority 8192 SW AC2(config)#spanning-tree vlan 43 priority 8192 SW AC2(config)#spanning-tree vlan 67 priority 8192

b.

Verify the spanning tree election.

SW AC2#show spanning-tree vlan 43

Step 7: Configure Inter -VLAN Routing.


Use the information in the Addressing Table to configure Router1 for inter-VLAN routing. Verify inter-VLAN routing. Router1(config)#interface fastEthernet 0/0 Router1(config-if)#no shutdown Router1(config-if)#exit Router1(config-if)#interface fastEthernet 0/0.10 Router1(config-subif)#encapsulation dot1Q 10 Router1(config-subif)#ip address 172.16.10.1 255.255.255.0 Router1(config-subif)#exit Router1(config)#interface fastEthernet 0/0.20 Router1(config-subif)#encapsulation dot1Q 20 Router1(config-subif)#ip address 172.16.20.1 255.255.255.0 Router1(config-subif)#exit Router1(config)#interface fastEthernet 0/0.43 Router1(config-subif)#encapsulation dot1Q 43 Router1(config-subif)#ip address 172.16.43.1 255.255.255.0 Router1(config-subif)#exit Router1(config)#interface fastEthernet 0/0.67 Router1(config-subif)#encapsulation dot1Q 67 Router1(config-subif)#ip address 172.16.67.1 255.255.255.0 Router1(config-subif)#end

Step 8: Configure Port Security.


Note: Best practice requires port security on all access ports. However, for this practice exercise you will only configure one port with security. a. Configure SW AC3 with port security on FastEthernet 0/2. No more than 2 MAC addresses are allowed on the FastEthernet 0/2 port for SW AC3. Once learned, MAC addresses should be automatically added to the running configuration. If this policy is violated, the port should be automatically disabled.

SW AC3(config)#interface fastEthernet 0/2 SW AC3(config-if)#switchport port-security

SW AC3(config-if)#switchport port-security maximum 2 SW AC3(config-if)#switchport port-security mac-address sticky SW AC3(config-if)#switchport port-security violation shutdown SW AC3(config-if)#exit

b.

Verify that port security is implemented.

SW AC3#show port-security address

Step 9: Configure the Wireless LAN.


Refer to the Addressing Table to configure the wireless LAN. a. Configure WRS. Use static addressing on the Internet interface. Set the router IP and subnet mask. Configure the router to allow wireless hosts to use DHCP. The first host address is the 10th host address in the Wireless LAN subnet. The maximum number of hosts is 25.

b.

Configure wireless security. Set the SSID to WRS_LAN.

Enable WEP security and use 12345ABCDE as key1.

c.

Enable remote management with the password cisco123.

d.

Configure PC4 to access the wireless network that is provided by WRS. PC4 uses DHCP to obtain addressing information. Note: It will not be possible for devices to ping PC4 since PC4 is behind the WRS NAT firewall.

Step 10: Verify Connectivity.


Although these are not scored, the following connectivity tests should be successful.

SW SW SW PC1 PC2 PC4

DS1 can ping Router1. AC2 can ping Router1. AC3 can ping Router1. can ping PC2. can ping PC3. can ping PC1.

version 1.0 Created in Packet Tracer 5.2.1 and Marvel 1.0.1 All contents are Copyright 1992 - 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.