You are on page 1of 21

CCNA- LAP MANUAL -PART I ROUTING Instructor Mahmoud Initial router configuration Steps to be followed .

1. A fresh (new ) router can be connected and configured in different ways ,

  • 1.1 using consol ( rollover cable).

  • 1.2 Using auxiliary port( for DSL remote users )

2. In our lap we will choose to connected it using switch .

1

Fastethernet
Fastethernet

Lap Assignment

1. Change the router name from the default

  • 2. Make enable password and secret password.

  • 3. Secure the telnet and console port by giving appropriate password.

  • 4. Make banner for login notification .

  • 5. Change the line of sight (clear text ) password to MD 7.

  • 6. Save the configuration

2

  • 7. Try to ping from the host to the router .

  • 8. Try to telnet from the host to the router .

7. Try to ping from the host to the router . 8. Try to telnet from

3

Wan Configuration

Wan Configuration On Atbara router : Atbara(config)# interface serial 0/0 Atbara(config-if)# ip address 172.16.0.1 255.255.0.0 Atbara(config-if)#no

On Atbara router :

Atbara(config)# interface serial 0/0

Atbara(config-if)# ip address

172.16.0.1 255.255.0.0

Atbara(config-if)#no shut down Atbara(config-if)#encpsulation Hdlc Atbara(config-if)#clock rate 64000 Atbara(config-if)#exit

4

Atbara(config)# interface<type><no> Atbara(config-if)#ip address 192.168.1.1 255.255.255.0 Atbara(config-if)#no shutdown Atbara(config-if)#end

On Khartum Router khartum(config)# interface serial 1 khartum(config-if)# ip address 172.16.0.2 255.255.0.0 khartum(config-if)#no shut down khartum(config-if)#clock rate 64000 khartum(config-if)#encapsulation hdlc khartum(config-if)#interface serial 0 khartum(config-if)#ip address 172.17.0.1 255.255.0.0 khartum(config-if)# no shut down khartum(config-if)#encapsulation hdlc khartum(config-if)# clock rate 64000 khartum(config-if)# ^z khartum(config)#interface <type><no>

5

khartum(config-if)# ip address 10.0.0.1 255.0.0.0 khartum(config-f)# no shutdown khartum(config-if)#end on Portsudan Router PORTSUDAN(config)# interface serial 1 PORTSUDAN(config-if)# ip address 172.17.0.2 255.255.0.0 PORTSUDAN(config-if)#no shutdown PORTSUDAN(config-if)#encapsulation hdlc PORTSUDAN(config-if)#^Z PORTSUDAN(config)#interface <type> <no> PORTSUDAN(config-if)# no shutdown PORTSUDAN(config-if)# ip address 192.168.2.1 255.255.255.0 PORTSUDAN(config-if )#end

Static Routing
Static Routing

6

STATIC ROUTE

STATIC ROUTE Configure the basic configuration as per our pervious Lap . ON ATBARA ROUTER ATBARA(config)#

Configure the basic configuration as per our pervious Lap .

ON ATBARA ROUTER ATBARA(config)# ip route 10.0.0.0 255.0.0.0 172.16.0.2 ATBARA(config)#ip route 192.168.2.0 255.255.0.0 172.16.0.2 ATBARA(config)#ip route 172.17.0.0 255.255.0.0 172.16.0.2 ON KHARTUM ROUTER

7

KHARTUM(config)#ip route 192.168.1.0 255.255.255.0 172.16.0.1 KHARTUM(config)#ip route 192.168.2.0 255.255.255.0 172.17.0.2

ON PORTSUDAN ROUTER PORTSUDAN(config)#ip route 10.0.0.0 255.0.0.0 s1 PORTSUDAN(config)#ip route 192.168.1.0 255.255.255 s1 PORTSUDAN(config)#ip route 172.16.0.0 255.255.0.0 s1

KHARTUM(config)#ip route 192.168.1.0 255.255.255.0 172.16.0.1 KHARTUM(config)#ip route 192.168.2.0 255.255.255.0 172.17.0.2 ON PORTSUDAN ROUTER PORTSUDAN(config)#ip route 10.0.0.0

8

DEFAULT ROUTE

DEFAULT ROUTE IN INTERNAL ROUTER INTERNALROUTER(config)#ip routing INTERNALROUTER(config)#ip route 0.0.0.0 0.0.0.0 s1 9

IN INTERNAL ROUTER INTERNALROUTER(config)#ip routing INTERNALROUTER(config)#ip route 0.0.0.0 0.0.0.0 s1

9

Where s1 is our exit interface Verification Show ip route Ping any global ip address Example : ping 4.2.2.2

Where s1 is our exit interface Verification Show ip route Ping any global ip address Example

10

RIP

RIP NOTE: the basic configuration should be made before donning this Lap. ON ATBARA ROUTER ATBARA(config)#

NOTE: the basic configuration should be made before donning this Lap.

ON ATBARA ROUTER ATBARA(config)# router rip ATBARA(config)#network 192.168.1.0

11

ATBARA(config)#network 172.16.0.0 ATBARA(config)#^z

ON

KHARTUM ROUTER

KHARTUM(config)#router rip KHARTUM(config)#network 10.0.0.0 KHARTUM(config)#network 172.16.0.0.0 KHARTUM(config)#network 172.17.0.0 KHARTUM(config)#^z ON PORTSUDAN ROUTER

PORTSUDAN(config)#router rip PORTSUDAN(config)#network 192.168.2.0 PORTSUDAN(config)#network 172.17.0.0 PORTSUDAN(config)#^z Verify connectivity ; Show ip route Show ip protocol Ping

ATBARA(config)#network 172.16.0.0 ATBARA(config)#^z ON KHARTUM ROUTER KHARTUM(config)#router rip KHARTUM(config)#network 10.0.0.0 KHARTUM(config)#network 172.16.0.0.0 KHARTUM(config)#network 172.17.0.0 KHARTUM(config)#^z ON

12

EIGRP

EIGRP NOTE: the basic configuration should made before donning this Lap. ON ATBARA ROUTER ATBARA(config)#router eigrp

NOTE: the basic configuration should made before donning this Lap.

ON ATBARA ROUTER ATBARA(config)#router eigrp 10 ATBARA(config)#network 192.168.1.0 ATBARA(config)#network 172.16.0.0 ATBARA(config)#^z

13

ON KHARTUM ROUTER

KHARTUM(config)#router eigrp 10 KHARTUM(config)#network 10.0.0.0 KHARTUM(config)#network 172.16.0.0 KHARTUM(config)#network 172.17.0.0 KHARTUM(config)#^z ON PORTSUDAN ROUTER

PORTSUDAN(config)# router eigrp 10 PORTSUDAN(config)#network 192.168.2.0 PORTSUDAN(config)#network 172.17.0.0 PORTSUDAN(config)#^z Verify connectivity Show ip route Show ip protocol Show ip eigrp neighbor Show ip eigrp neighbor details Show ip eigrp topology Ping

14
14

OSPF

OSPF NOTE: the basic configuration should be made before donning this Lap. ON ATBARA ROUTER ATBARA(config)#

NOTE: the basic configuration should be made before donning this Lap.

ON ATBARA ROUTER ATBARA(config)# router ospf 5 ATBARA(config)#network 192.168.1.0 0.0.0.255 area 0 ATBARA(config)#network 172.16.0.0 0.0. 255.255 area 0 ATBARA(config)#^z

15

ON KHARTUM ROUTER

KHARTUM(config)router ospf 3 KHARTUM(config)network 10.0.0.0 0.255.255.255 area 0 KHARTUM(config) network 172.16.0.0 0.0.255.255 area 0 KHARTUM(config)network 172.17.0.0 0.0.255.255 area 0 KHARTUM(config)^z ON PORTSUDAN ROUTER

PORTSUDAN(config)# router ospf 3 PORTSUDAN(config)#network 192.168.2.0 0.0.0.255 area 0 PORTSUDAN(config)#network 172.17.0.0 0.0.255.255 area 0 PORTSUDAN(config)#^z Verify connectivity Show ip route Show ip ospf neighbor Show ip ospf database Ping

ON KHARTUM ROUTER KHARTUM(config)router ospf 3 KHARTUM(config)network 10.0.0.0 0.255.255.255 area 0 KHARTUM(config) network 172.16.0.0 0.0.255.255 area

16

ACCESS LIST

STANDARD ACCESS CONTROL LIST

ACCESS LIST STANDARD ACCESS CONTROL LIST NOTE: the basic configuration should be made before donning this

NOTE: the basic configuration should be made before donning this Lap. And also any routing protocol of your choice should configured.

SENARIO Configuration of an acess list on Khartum router such that lan 192.168.1.10 should not communicate
SENARIO
Configuration of an acess list on Khartum router
such that lan 192.168.1.10 should not communicate
with 10.0.0.0 network
17

ON KHARTUM ROUTER

KHARTUM(config)#access-list 1 deny 192.168.1.10 0.0.0.0 KHARTUM(config)#acess-lsit 1 permit any KHARTUM(config)#interface fa 0/0 KHARTUM(config-if)#ip access-group 1 out KHARTUM(config-if)#^z Verification Try to ping from ATBARArouter to KHARTUM router Show ip acess-list Show ip interface <type><no>

ON KHARTUM ROUTER KHARTUM(config)#access-list 1 deny 192.168.1.10 0.0.0.0 KHARTUM(config)#acess-lsit 1 permit any KHARTUM(config)#interface fa 0/0 KHARTUM(config-if)#ip

18

EXTENDED ACESS CONTROL LIST

EXTENDED ACESS CONTROL LIST NOTE: the basic configuration should be made before donning this Lap. And

NOTE: the basic configuration should be made before donning this Lap. And also any routing protocol of your choice should be configured.

SENARIO Deny khartum router from accessing HTTP server in Lan of PORTSUDAN and also deny any
SENARIO
Deny khartum router from accessing HTTP server in Lan of PORTSUDAN
and also deny any ping attempt made from Khartum to ATBARA

19

ON KHARTUM ROUTER

KHARTUM(config)#access-list 101 deny tcp 10.0.0.0 0.255.255.255 192.168.2.10 0.0.0.0 eq www KHARTUM(config)#access-list 101 deny icmp 10.0.0.0 0.255.255.255 192.168.1.0 0 0.0.0.255 echo KHARTUM(config)#access-list 101 permit ip any any KHARTUM(config)#interface <type> <no> KHARTUM(config-if)#ip access-group 101 in

KHARTUM(config-if)#^z Verification Try to access a web server in

portsudan

and ping to Atbara network

ON KHARTUM ROUTER KHARTUM(config)#access-list 101 deny tcp 10.0.0.0 0.255.255.255 192.168.2.10 0.0.0.0 eq www KHARTUM(config)#access-list 101 deny

20

IOS BACKUP

In order to copy your running-config or your flash in to your local machine you must have the following things present in your machine .

1 . A TFTP server must be installed and must be running state in your

local machine or remote

machine

2 there must a clear connectivity between the router and the tftp server, this can be done by pinging both sides.

3. You can download tftpd32 which is free source . To copy your configuration file to your machine Router# copy startup-config TFTP <enter> Address or name of the remote host[]? <a.b.c.d> // where a.b.c.d is your ip address Router# copy flash TFTP <enter> Source file name []? Address or name of the remote machine []?

IOS BACKUP In order to copy your running-config or your flash in to your local machine

21