Scribd Logo
Importer

Bienvenue sur Scribd !

  • EWAN Student SBA

    Transféré par

    Selvir Kamberovic
    48 vues4 pages
    EWAN_Student_SBA

    Titre original

    EWAN_Student_SBA

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOC, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    EWAN_Student_SBA

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    48 vues4 pages

    EWAN Student SBA

    Transféré par

    Selvir Kamberovic
    EWAN_Student_SBA

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 4

    CCNA Exploration: Accessing the WAN Instructor Skills Based

    Assessment Lab
    Topology Diagram

    Addressing Table
    Device
    R1

    R2
    R3

    Interface

    IP Address

    Subnet Mask

    Default Gateway

    Fa0/1

    172.16.0.1

    255.255.255.128

    N/A

    S0/0/0

    192.168.0.1

    255.255.255.252

    N/A

    S0/0/1

    192.168.0.9

    255.255.255.252

    N/A

    Lo0

    209.165.200.161

    255.255.255.224

    N/A

    S0/0/0

    192.168.0.2

    255.255.255.252

    N/A

    S0/0/1

    192.168.0.5

    255.255.255.252

    N/A

    Fa0/1
    S0/0/0

    172.16.0.129
    192.168.0.6

    255.255.255.128
    255.255.255.252

    N/A
    N/A

    All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 1 of 4

    CCNA Exploration
    Accessing the WAN: Skills Based Assessment

    Device

    Instructor Skills Based Assessment Answer Key

    Interface

    IP Address

    Subnet Mask

    Default Gateway

    S0/0/1

    192.168.0.10

    255.255.255.252

    N/A

    PC1

    NIC

    172.16.0.10

    255.255.255.128

    172.16.0.1

    PC3

    NIC

    172.16.0.139

    255.255.255.128

    172.16.0.129

    Learning Objectives
    To complete this lab:

    Cable a network according to the topology diagram

    Erase the startup configuration and reload a router to the default state

    Perform basic configuration tasks on a router

    Configure and activate interfaces

    Configure and activate serial interfaces (PPP with CHAP, HDLC, and Frame Relay)

    Configure a DHCP server

    Configure RIP on all the routers using MD5 authentication

    Configure basic router security

    Configure ACLs

    Configure basic NAT

    Scenario
    This lab tests you on the skills and knowledge that you learned in Exploration 4. Use cisco for all
    passwords in this lab, except for the enable secret password, which is class.

    Task 1: Prepare the Network


    Step 1: Cable the network according to the topology diagram.
    Step 2: Clear any existing configurations on the routers.

    Task 2: Perform Basic Device Configurations


    Configure the R1, R2, and R3 routers according to the following guidelines:

    Configure the router hostname.

    Disable DNS lookup.

    Configure an EXEC mode password.

    Configure a message-of-the-day banner.

    Configure a password for console connections.

    Configure synchronous logging.

    Configure a password for vty connections.

    All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 2 of 4

    CCNA Exploration
    Accessing the WAN: Skills Based Assessment

    Instructor Skills Based Assessment Answer Key

    Task 3: Configure and Activate Serial and Ethernet Addresses


    Step 1: Configure interfaces on R1, R2, and R3.
    Step 2: Verify IP addressing and interfaces.
    Step 3: Test connectivity between the routers.

    Task 4: Configure Serial Interfaces


    Step 1: Configure and verify PPP encapsulation with CHAP authentication between R1 and R2.
    The password is cisco.
    Step 2: Configure and verify HDLC encapsulation between R2 and R3.
    Step 3: Configure Frame Relay between R1 and R3 using static maps.

    Task 5: Configure RIP


    Step 1: Configure RIP on R1, R2, and R3.

    RIP updates should only be sent on the serial links between the routers. Prevent all other RIP
    updates on all networks. Secure RIP by configuring a key chain called RIP_KEY using MD5
    authentication. The password is cisco.
    Step 2: Test connectivity with the ping command.
    Step 3: Verify the routing table with the appropriate command.

    Task 6: Configure Basic Router Security


    Step 1: Enable a secure Telnet login using a local database. Create a local account for user CCNA
    and a password of cisco123. The password should be encrypted as a type 5 password. All other
    passwords should be encrypted as Type 7. Set the minimum password length to 7 characters.
    The line console and VTY lines should also be configured to maximum amount of time for
    inactivity of 4 minutes.
    Step 2: On router R2 only, disable unused global services including pad, finger, TCP and UDP
    small servers, HTTP and BOOTP servers, ip source route and gratuitous ARPs. Also disable the
    unused FastEthernet interfaces. On all interfaces, disable ip redirects, ip unreachables, ip proxy
    arp, and ip directed broadcasts.
    Step 3: Confirm that R2 is secured.

    Task 7: Configure router R1 and R3 to provide DHCP services to their respective LAN
    hosts.

    All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 3 of 4

    CCNA Exploration
    Accessing the WAN: Skills Based Assessment

    Instructor Skills Based Assessment Answer Key

    Step 1: Configure a DHCP pool called LAN-POOL with the appropriate default gateway. Also
    exclude the first 9 IP addresses from the LAN pools. Once complete, verify that the PC1 and PC3
    are allocated the first available IP addresses.

    Task 8: Configure Access Control Lists


    Step 1: Only allow R2 to telnet to R1 and R3.
    Step 2: Prevent all HTTP, Telnet, and FTP traffic from the Internet to PC1.
    Step 3: Prevent PC1 from receiving traffic from the 172.16.0.128 /25 network.
    Step 4: Verify that PC3 cannot ping PC1, but can ping 172.16.0.1.

    Task 9: Configure NAT.


    Step 1: Configure NAT to allow PC3 to ping PC1.
    Step 2: Verify that PC3 can reach PC1.

    Task 10: Document the Router Configurations

    Task 11: Clean Up


    Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that are
    normally connected to other networks, such as the school LAN or to the Internet, reconnect the
    appropriate cabling and restore the TCP/IP settings.

    All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 4 of 4

    Vous aimerez peut-être aussi