Tag: cisco

Soluzione PT Activity 6.4.1: Packet Tracer Skills Integration Challenge

gennaio 5, 2013 - 12:08 Cisco no comments

Domande e suggerimenti sono graditi.

Task 1: Apply Basic Router Configurations
Step 1: Configure basic commands.
Using the information in the topology diagram and addressing table, configure the basic device configurations on R1, R2, and R3. Hostnames are configured for you.

R1
R1>en
R1#conf t
R1(config)#line con 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#line vty 0 4
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#banner motd "Access to Router R1"
R1(config)#no ip domain-lookup
R1(config)#int s0/0/0
R1(config-if)#description line to cloud-PT
R1(config-if)#exit
R1(config)#int f0/0
R1(config-if)#desc
R1(config-if)#description fastethernet LAN
R1(config-if)#exit
R1(config-if)#

R2
R2>en
R2#conf t
R2(config)#line con 0
R2(config-line)#password cisco
R2(config-line)#login
R2(config-line)#exit
R2(config)#line vty 0 4
R2(config-line)#password cisco
R2(config-line)#login
R2(config-line)#exit
R2(config)#banner motd "Access to Router R2"
R2(config)#no ip domain-lookup
R2(config)#int s0/0/0
R2(config-if)#description line to cloud-PT
R2(config-if)#exit
R2(config)#int s0/1/0
R2(config-if)#description line to ISP
R2(config-if)#exit
R2(config)#int f0/0
R2(config-if)#description line to LAN
R2(config-if)#exit
R2(config)#

R3
R3>en
R3#conf t
R3(config)#line con 0
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#line vty 0 4
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#banner motd "Access to Router R3"
R3(config)#no ip domain-lookup
R3(config)#int s0/0/0
R3(config-if)#description line to cloud-PT
R3(config-if)#exit
R3(config)#int f0/0
R3(config-if)#description line to LAN
R3(config-if)#exit
R3(config)#

Task 2: Configure Dynamic and Default Routing
Step 1. Configure default routing.
R2 needs a default route. Use the exit-interface argument in the default route configuration.

R2(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0

Step 2. Configure dynamic routing.
Configure RIPv2 on R1, R2, and R3 for all available networks. R2 needs to pass its default network configuration to the other routers. Also, be sure to use the passive-interface command on all active interfaces not used for routing.

R1
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 10.1.1.0
R1(config-router)#network 192.168.10.0
R1(config-router)#passive-interface f0/1
R1(config-router)#no auto-summary
R1(config-router)#exit
R1(config)#

R2
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 10.1.1.0
R2(config-router)#network 192.168.20.0
R2(config-router)#default-information originate
R2(config-router)#passive-interface s0/1/0
R2(config-router)#passive-interface f0/1
R2(config-router)#no auto-summary
R2(config-router)#exit
R2(config)#

R3
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#network 10.1.1.0
R3(config-router)#network 192.168.30.0
R3(config-router)#passive-interface f0/1
R3(config-router)#no auto-summary
R3(config-router)#exit
R3(config)#

Task 5: Apply ACL Policies
Step 1. Create and apply security policy number 1.
Implement the following ACL rules using ACL number 101:
Allow hosts on the 192.168.30.0/24 network web access to any destination.
Allow hosts on the 192.168.30.0/24 network ping access to any destination.
Deny any other access originating from the network.

R3
R3(config)#access-list 101 permit tcp 192.168.30.0 0.0.0.255 any eq www
R3(config)#access-list 101 permit icmp 192.168.30.0 0.0.0.255 any
R3(config)#access-list 101 deny ip any any
R3(config)#int fa0/1
R3(config-if)#ip access-group 101 in
R3(config-if)#exit
R3(config)#

Step 2. Create and apply security policy number 2.
Because ISP represents connectivity to the Internet, configure a named ACL called FIREWALL in the following order:
Allow TW-DSL web access to the Intranet server.
Allow TW-Cable web access to the Intranet server.
Allow only inbound ping replies from ISP and any source beyond ISP.
Allow only established TCP sessions from ISP and any source beyond ISP.
Explicitly block all other inbound access from ISP and any source beyond ISP.

R2
R2(config)#ip access-list extended FIREWALL
R2(config-ext-nacl)#permit tcp host 192.168.1.10 host 192.168.20.254 eq www
R2(config-ext-nacl)#permit tcp host 192.168.2.10 host 192.168.20.254 eq www
R2(config-ext-nacl)#permit icmp any any echo-reply
R2(config-ext-nacl)#permit tcp any any established
R2(config-ext-nacl)#deny ip any any
R2(config-ext-nacl)#int s0/1/0
R2(config-if)#ip access-group FIREWALL in
R2(config-if)#exit
R2(config)#

Tag:, , , , , , , , ,

Soluzione PT Activity 4.7.1: Packet Tracer Skills Integration Challenge

gennaio 1, 2013 - 14:06 Cisco no comments

Task 1: Configure Routing
Step 1. Configure a default route to ISP.

R2
Password: cisco
R2>en
Password: class
R2#conf t
R2(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0

Step 2. Configure OSPF routing between R1, R2, and R3.

R2(config)#route ospf 1
R2(config-router)#network 192.168.20.0 255.255.255.252 area 0
R2(config-router)#network 10.1.1.0 0.0.0.3 area 0
R2(config-router)#network 10.2.2.0 0.0.0.3 area 0
R2(config-router)#default-information originate
R2(config-router)#passive-interface f0/1
R2(config-router)#passive-interface s0/1/0

R1
Password: cisco
R1>en
Password: class
R1#conf t
R1(config)#router ospf 1
R1(config-router)#network 192.168.10.0 0.0.0.255 area 0
R1(config-router)#network 10.1.1.0 0.0.0.3 area 0
R1(config-router)#passive-interface f0/1

R3
Password: cisco
R3>en
Password: class
R3#conf t
R3(config)#router ospf 1
R3(config-router)#network 192.168.30.0 0.0.0.255 area 0
R3(config-router)#network 10.1.1.0 0.0.0.3 area 0
R3(config-router)#passive-interface f0/1

Task 2: Configure OSPF Authentication
Step 1. Configure MD5 authentication between R1, R2, and R3.
Configure OSPF MD5 authentication between R1, R2, and R3 using 1 as the key value and a cisco123 as the password.

R1
R1(config-router)#area 0 authentication  message-digest
R1(config-router)#exit
R1(config)#int s0/0/0
R1(config-if)#ip ospf message-digest-key 1 md5 cisco123
R1(config-if)#exit
R1(config)#

R2
R2(config-router)#area 0 authentication message-digest
R2(config-router)#exit
R2(config)#int s0/0/0
R2(config-if)#ip ospf message-digest-key 1 md5 cisco123
R2(config-if)#exit
R2(config)#
R2(config)#int s0/0/1
R1(config-if)#ip ospf message-digest-key 1 md5 cisco123
R1(config-if)#exit
R2(config)#

R3
R3(config-router)#area 0 authentication message-digest
R3(config-router)#exit
R3(config)#int s0/0/1
R3(config-if)#ip ospf message-digest-key 1 md5 cisco123
R3(config-if)#exit
R3(config)#

Task 3: Upgrade the Cisco IOS Image

Step 1. Copy a newer image from the TFTP server to flash on R2.

Look under the Config tab for the TFTP server to determine the name of the newer Cisco IOS image. Then copy the newer image to flash on R2.

Step 2. Configure R2 to boot with the new image.

R2#sh version
Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Mon 15-May-06 14:54 by pt_team

ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

System returned to ROM by power-on
System image file is "flash:c1841-ipbase-mz.123-14.T7.bin"

R2#copy tftp flash
Address or name of remote host []? 192.168.20.254
Source filename []? c1841-ipbasek9-mz.124-12.bin
Destination filename [c1841-ipbasek9-mz.124-12.bin]?

Accessing tftp://192.168.20.254/c1841-ipbasek9-mz.124-12.bin…
Loading c1841-ipbasek9-mz.124-12.bin from 192.168.20.254: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 16599160 bytes]

16599160 bytes copied in 1.288 secs (2883740 bytes/sec)

R2#conf t
R2(config)#boot system flash c1841-ipbasek9-mz.124-12.bin
R2(config)#exit
R2#show flash

System flash directory:
File  Length   Name/status
  1   13832032 c1841-ipbase-mz.123-14.T7.bin
  3   16599160 c1841-ipbasek9-mz.124-12.bin
[30431192 bytes used, 2082856 available, 32514048 total]
32768K bytes of processor board System flash (Read/Write)

R2#copy running-config startup-config
Destination filename [startup-config]?
Building configuration…
[OK]

Tag:, , , , , , , , , , , , ,

Soluzione PT Activity 3.6.1:Packet Tracer Skills Integration Challenge

settembre 14, 2012 - 16:00 Cisco no comments

La soluzione all'esercizio PT Activity 3.6.1:Packet Tracer Skills Integration Challenge (modulo WAN) realizzata da me. Commenti e suggerimenti sono graditi.



Task 1: Configure PPP with CHAP Between Devices
HQ#config t
HQ(config)#username ISP password cisco
HQ(config)#interface s0/0/1
HQ(config-if)#encapsulation ppp
HQ(config-if)#ppp authentication chap
HQ(config-if)#ip address 209.165.201.2 255.255.255.252
HQ(config-if)#no sh
HQ(config-if)#exit

Task 2: Configure Full Mesh Frame Relay
HQ(config)#interface s0/0/0
HQ(config-if)#ip address 10.0.0.1 255.255.255.248
HQ(config-if)#encapsulation frame-relay
HQ(config-if)#frame-relay map ip 10.0.0.2 102 broadcast
HQ(config-if)#frame-relay map ip 10.0.0.3 103 broadcast
HQ(config-if)#frame-relay map ip 10.0.0.4 104 broadcast ietf
HQ(config-if)#frame-relay lmi-type ansi
HQ(config-if)#no sh

WEST#conf t
WEST(config)#interface s0/0/0
WEST(config-if)#ip address 10.0.0.2 255.255.255.248
WEST(config-if)#encapsulation frame-relay
WEST(config-if)#frame-relay map ip 10.0.0.1 201 broadcast
WEST(config-if)#frame-relay map ip 10.0.0.3 203 broadcast
WEST(config-if)#frame-relay map ip 10.0.0.4 204 broadcast ietf
WEST(config-if)#frame-relay lmi-type ansi
WEST(config-if)#no sh

SOUTH#conf t
SOUTH(config)#interface s0/0/0
SOUTH(config-if)#ip address 10.0.0.3 255.255.255.248
SOUTH(config-if)#encapsulation frame-relay
SOUTH(config-if)#frame-relay map ip 10.0.0.1 301 broadcast
SOUTH(config-if)#frame-relay map ip 10.0.0.2 302 broadcast
SOUTH(config-if)#frame-relay map ip 10.0.0.4 304 broadcast ietf
SOUTH(config-if)#frame-relay lmi-type ansi
SOUTH(config-if)#no sh

EAST#conf t
EAST(config)#interface s0/0/0
EAST(config-if)#ip address 10.0.0.4 255.255.255.248
EAST(config-if)#encapsulation frame-relay ietf
EAST(config-if)#frame-relay map ip 10.0.0.1 401 broadcast cisco
EAST(config-if)#frame-relay map ip 10.0.0.2 402 broadcast cisco
EAST(config-if)#frame-relay map ip 10.0.0.3 403 broadcast cisco
EAST(config-if)#frame-relay lmi-type ansi
EAST(config-if)#no sh

Task 3: Configure Static and Default Routing
HQ#conf t
HQ(config)#ip route 10.1.100.0 255.255.255.0 10.0.0.2
HQ(config)#ip route 10.1.10.0 255.255.255.0 10.0.0.3
HQ(config)#ip route 10.1.20.0 255.255.255.0 10.0.0.3
HQ(config)#ip route 10.1.30.0 255.255.255.0 10.0.0.3
HQ(config)#ip route 10.1.99.0 255.255.255.0 10.0.0.3
HQ(config)#ip route 10.1.200.0 255.255.255.0 10.0.0.4
HQ(config)#ip route 0.0.0.0 0.0.0.0 s0/0/1

WEST#conf t
WEST(config)#ip route 10.1.10.0 255.255.255.0 10.0.0.3
WEST(config)#ip route 10.1.20.0 255.255.255.0 10.0.0.3
WEST(config)#ip route 10.1.30.0 255.255.255.0 10.0.0.3
WEST(config)#ip route 10.1.99.0 255.255.255.0 10.0.0.3
WEST(config)#ip route 10.1.200.0 255.255.255.0 10.0.0.4
WEST(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.1

SOUTH#conf t
SOUTH(config)#ip route 10.1.100.0 255.255.255.0 10.0.0.2
SOUTH(config)#ip route 10.1.200.0 255.255.255.0 10.0.0.4
SOUTH(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.1

EAST#conf t
EAST(config)#ip route 10.1.100.0 255.255.255.0 10.0.0.2
EAST(config)#ip route 10.1.10.0 255.255.255.0 10.0.0.3
EAST(config)#ip route 10.1.20.0 255.255.255.0 10.0.0.3
EAST(config)#ip route 10.1.30.0 255.255.255.0 10.0.0.3
EAST(config)#ip route 10.1.99.0 255.255.255.0 10.0.0.3
EAST(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.1

Task 4: Configure and Test Inter-VLAN Routing
SOUTH#conf t
SOUTH(config)#interface fa0/0
SOUTH(config-if)#no sh
SOUTH(config-if)#exit
SOUTH(config)#interface fa0/0.10
SOUTH(config-subif)#encapsulation dot1Q 10
SOUTH(config-subif)#ip address 10.1.10.1 255.255.255.0
SOUTH(config-subif)#exit
SOUTH(config)#interface fa0/0.20
SOUTH(config-subif)#encapsulation dot1Q 20
SOUTH(config-subif)#ip address 10.1.20.1 255.255.255.0
SOUTH(config-subif)#exit
SOUTH(config)#interface fa0/0.30
SOUTH(config-subif)#encapsulation dot1Q 30
SOUTH(config-subif)#ip address 10.1.30.1 255.255.255.0
SOUTH(config-subif)#exit
SOUTH(config)#interface fa0/0.99
SOUTH(config-subif)#encapsulation dot1Q 99 native
SOUTH(config-subif)#ip address 10.1.99.1 255.255.255.0
SOUTH(config-subif)#exit

Task 5: Configure VTP and Trunking on the Switches
S1#conf t
S1(config)#vtp mode server
S1(config)#vtp domain CCNA
S1(config)#vtp password cisco

S2#conf t
S2(config)#vtp mode client
S2(config)#vtp domain CCNA
S2(config)#vtp password cisco

S3#conf t
S3(config)#vtp mode client
S3(config)#vtp domain CCNA
S3(config)#vtp password cisco

S1(config)#interface fa0/1
S1(config-if)#switchport mode trunk
S1(config-if)#switchport native vlan 99
S1(config-if)#exit

S1(config)#interface fa0/2
S1(config-if)#switchport mode trunk
S1(config-if)#switchport native vlan 99
S1(config-if)#exit

S1(config)#interface fa0/3
S1(config-if)#switchport mode trunk
S1(config-if)#switchport native vlan 99
S1(config-if)#exit

S1(config)#interface fa0/4
S1(config-if)#switchport mode trunk
S1(config-if)#switchport native vlan 99
S1(config-if)#exit

S1(config)#interface fa0/5
S1(config-if)#switchport mode trunk
S1(config-if)#switchport native vlan 99
S1(config-if)#exit

S2(config)#interface fa0/1
S2(config-if)#switchport mode trunk
S2(config-if)#switchport native vlan 99
S2(config-if)#exit

S2(config)#interface fa0/2
S2(config-if)#switchport mode trunk
S2(config-if)#switchport native vlan 99
S2(config-if)#exit

S2(config)#interface fa0/3
S2(config-if)#switchport mode trunk
S2(config-if)#switchport native vlan 99
S2(config-if)#exit

S2(config)#interface fa0/4
S2(config-if)#switchport mode trunk
S2(config-if)#switchport native vlan 99
S2(config-if)#exit

S3(config)#interface fa0/1
S3(config-if)#switchport mode trunk
S3(config-if)#switchport native vlan 99
S3(config-if)#exit

S3(config)#interface fa0/2
S3(config-if)#switchport mode trunk
S3(config-if)#switchport native vlan 99
S3(config-if)#exit

S3(config)#interface fa0/3
S3(config-if)#switchport mode trunk
S3(config-if)#switchport native vlan 99
S3(config-if)#exit

S3(config)#interface fa0/4
S3(config-if)#switchport mode trunk
S3(config-if)#switchport native vlan 99
S3(config-if)#exit

Task 6: Configure VLANs on the Switch
S1#conf t
S1(config)#vlan 10
S1(config-vlan)#name Faculty/Staff
S1(config-vlan)#vlan 20
S1(config-vlan)#name Students
S1(config-vlan)#vlan 30
S1(config-vlan)#name Guest(Default)
S1(config-vlan)#vlan 99
S1(config-vlan)#name Management&Native

Task 7: Configure and Verify VLAN 99
S1(config)#interface vlan 99
S1(config-if)#ip address 10.1.99.11 255.255.255.0
S1(config-if)#exit
S1(config)#ip default-gateway 10.1.99.1

S2(config)#interface vlan 99
S2(config-if)#ip address 10.1.99.12 255.255.255.0
S2(config-if)#exit
S2(config)#ip default-gateway 10.1.99.1

S3(config)#interface vlan 99
S3(config-if)#ip address 10.1.99.13 255.255.255.0
S3(config-if)#exit
S3(config)#ip default-gateway 10.1.99.1

Task 8: Configure S1 as Root for All Spanning Trees
S1(config)#spanning-tree vlan 1,10,20,30,99 priority 4096

Task 9: Assign Ports to VLANS
S2(config-if)#interface range f0/6 – 10
S2(config-if-range)#switchport mode access
S2(config-if-range)#switchport access vlan 10

S2(config-if)#interface range f0/11 – 15
S2(config-if-range)#switchport mode access
S2(config-if-range)#switchport access vlan 20

S2(config-if)#interface range f0/16 – 20
S2(config-if-range)#switchport mode access
S2(config-if-range)#switchport access vlan 30
S2(config-if-range)#exit

S2(config)#interface range f0/21 – 24
S2(config-if-range)#sh
S2(config-if-range)#exit

S2(config)#interface range g1/1 – 2
S2(config-if-range)#sh
S2(config-if-range)#exit

Tag:, , , , , , , ,