P. 1
8.6.1

8.6.1

|Views: 13|Likes:
Published by Gustavo Muñoz Suro

More info:

Published by: Gustavo Muñoz Suro on Aug 17, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less

07/30/2014

pdf

text

original

Task 1: Configure Frame Relay in a Hub-and-Spoke Topology

Step 1. Configure the Frame Relay core. Use the addressing tables and the following requirements. HQ is the hub router. B1, B2, and B3 are the spokes. - HQ uses a point-to-point subinterface for each of the Branch routers. - B3 must be manually configured to use IETF encapsulation. - The LMI type must be manually configured as q933a for HQ, B1, and B2. B3 uses ANSI. HQ(config)#int s0/0/0 HQ(config-if)#encapsulation fram HQ(config-if)#frame-relay lmi-type q933a HQ(config-if)#int s0/0/0.43 point-to-point description -=to B3 =ip address 10.255.255.9 255.255.255.252 frame-relay interface-dlci 43 HQ(config)#int s0/0/0.42 poi descr -= to B2=ip add 10.255.255.5 255.255.255.252 frame-relay interface-dlci 42 HQ(config)#int s0/0/0.41 po descr -= to B1 =ip add 10.255.255.1 255.255.255.252 fra in 41 Router(config)#host B3 B3(config)#int s0/0/0 B3(config-if)#desc -= to HQ =B3(config-if)#no sh B3(config-if)#encapsulation frame-relay ietf B3(config-if)#frame-relay lmi-type ansi B3(config-if)#ip add 10.255.255.10 255.255.255.252 B2(config-if)#frame-relay interface-dlci 43 Router(config)#host B2 B2(config)#int s0/0/0 B3(config-if)#desc -= to HQ =B2(config-if)#no sh B2(config-if)#enc frame-relay B2(config-if)#frame lmi-type q933a B2(config-if)#ip add 10.255.255.6 255.255.255.252 B2(config-if)#frame-relay interface-dlci 42 Router(config)#hostn B1 B1(config)#int s0/0/0 B1(config-if)#enc frame-relay

round-trip min/avg/max = 8/22/40 ms HQ# Task 2: Configure PPP with CHAP and PAP Authentication Step 1.B1(config-if)#no sh B1(config-if)#descr -= to HQ =B1(config-if)#frame-relay lmi-type ansi B1(config-if)#ip add 10.10. Configure the WAN link from HQ to ISP using PPP encapsulation and CHAP authentication.255.10 Type escape sequence to abort.0.255. Sending 5.255.255.255.255. 100-byte ICMP Echos to 10. Sending 5. 100-byte ICMP Echos to 10.6.6 Type escape sequence to abort.0 Step 3.255. changed state to up HQ(config-if)#ip add 10. Sending 5.255.255.255. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).255. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).1. . HQ#ping 10.255.2 Type escape sequence to abort.2. round-trip min/avg/max = 30/35/40 ms HQ#ping 10.255.255. Configure the LAN interface on HQ.255. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).1 255.252 B2(config-if)#frame-relay interface-dlci 41 Step 2.255. Verify that HQ can ping each of the Branch routers.255. round-trip min/avg/max = 20/36/40 ms HQ#ping 10.2 255. HQ(config)#int fa0/0 HQ(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0.255. 100-byte ICMP Echos to 10.

Sending 5.2. Sending 5.253 255.201.165.165.254 Type escape sequence to abort. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5). HQ is the DCE side of the link. round-trip min/avg/max = 11/15/20 ms HQ#ping 10. The PAP password is ciscopap.255.255.165.252 HQ(config-if)#no sh HQ(config)#username ISP password ciscochap HQ#ping 209.2 Type escape sequence to abort. You need to connect a cable to the correct interfaces.The CHAP password is ciscochap. HQ(config)#int s0/0/1 HQ(config-if)#descr -= to NewB =HQ(config-if)#clock rate 64000 HQ(config-if)#encap ppp HQ(config-if)#ppp authentication pap HQ(config-if)#ip add 10.201. Configure the WAN link from HQ to NewB using PPP encapsulation and PAP authentication.1 255.255.255. 100-byte ICMP Echos to 209. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).165.2. timeout is 2 . round-trip min/avg/max = 20/20/20 ms HQ# Step 2.201. Verify that HQ can ping ISP and NewB. Sending 5.255.255. HQ#ping 209.252 HQ(config-if)#no sh HQ(config-if)#ppp pap sent-username HQ password ciscopap HQ(config)#username NewB password ciscopap Step 3.254.255.255.201. 100-byte ICMP Echos to 209. 100-byte ICMP Echos to 10.201.165.255.255. HQ(config)#int Serial0/1/0 HQ(config-if)#en HQ(config-if)#encapsulation ppp HQ(config-if)#ip add 209.2 Type escape sequence to abort. You choose the clock rate.

0.41 HQ(config-subif)#ip nat in HQ(config-subif)#int s 0/0/0.245 with a /29 mask.255 HQ(config)#ip nat pool XYZCORP 209.200.xyzcorp.165. The pool.255.165.255.2 is registered with the public DNS system at IP address 209. XYZ Corporation owns the 209.240/29 address space.165.245 netm 255.246.255.43 HQ(config-subif)#ip nat in ! for all 10.0.165.com website at 10.0.200.248 HQ(config)#ip nat inside source list XYZCORP pool XYZCORP ! for web site -> static nat HQ(config)#ip nat inside source static 10.246 Step 2.0. Verify that NAT translated the ping with the show ip nat translations command.0/8 -> dynamic NAT HQ(config)#ip access-list st XYZCORP HQ(config-std-nacl)#permit 10.255.1. Verify NAT is operating by using extended ping.0 0.0. ping the serial 0/0/0 interface on ISP using the HQ LAN interface as the source address.0.200.241 through .200. This ping should succeed.200. XYZCORP. HQ(config)#int s0/1/0 HQ(config-if)#ip nat out HQ(config-if)#int fa 0/0 HQ(config-if)#ip nat in HQ(config-if)#int s0/0/1 HQ(config-if)#ip nat in HQ(config-if)#int s 0/0/0. round-trip min/avg/max = 9/16/20 ms Task 3: Configure Static and Dynamic NAT on HQ Step 1. From HQ. Configure NAT.165. uses addresses .0/8 address space to be translated.42 HQ(config-subif)#ip nat in HQ(config-subif)#int s 0/0/0. ! before ping only static NAT is showed HQ#sh ip nat translations Pro Inside global Inside local Outside .0.2 209. Use the following requirements: Allow all addresses for the 10.1.0.241 209. The www.seconds: !!!!! Success rate is 100 percent (5/5).

1 !!!!! Success rate is 100 percent (5/5).2 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: fa0/0 % Invalid source Source address or interface: fastethernet 0/0 % Invalid source Source address or interface: fastethernet0/0 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose.1.200.2:61 icmp 209.0.165.165. timeout is 2 seconds: Packet sent with a source address of 10.local Outside global --.2:62 209.201.200.165. Strict.165.0.1:62 201. round-trip min/avg/max = 11/18/20 ms HQ# HQ#sh ip nat translations Pro Inside global Inside local local Outside global icmp 209.165.. Record.1:61 201.165.209.201.241:6110.241:6210. 209.2:61 209.0. --OK? Method YES manual --- HQ# ! extended PING with source interface of LAN interface (could be IP from int fa0/0 also) HQ#ping Protocol [ip]: Target IP address: 209. Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort.201. .0.1. 100-byte ICMP Echos to 209. Timestamp.201.2.1 up up .1.2 HQ# HQ#sh ip int br Interface IP-Address Status Protocol FastEthernet0/0 10.1. Sending 5.1.165.2:62 Outside 209.165.0..246 10.200.165.

165.165.200.2:63 icmp 209.0.cisco.0.241:6410.0 s0/0/1 Step 2.2:65 --- 209.0.0.0.2:63 209.255. Use the next-hop IP address as an argument.0 10. Configure HQ with a default route to ISP and a static route to the NewB LAN.0.200.0. Configure the Branch routers with a default route to HQ.134: bytes=32 time=62ms TTL=126 .165. Verify connectivity beyond ISP. Use the exit interface as an argument.com web server.134: bytes=32 time=80ms TTL=125 NewB-PC3> NetAdmin-PC> ping www.cisco.0 10.255. NewB-PC3> ping www.0.134 with 32 bytes of data: Reply from 209. 209.2 HQ# 209.165.2:65 --.255.202.0 255.0.icmp 209.0.0.0.2:64 icmp 209.200.241:6310.134: bytes=32 time=70ms TTL=125 Reply from 209.241:6510.com Pinging 209. ! Default route to ISP via interface Serial0/1/0 HQ(config)#ip route 0.0.165.202.202.165.1.165.246 10.165.202.202.255.1:63 201.200.0 0.0 10.201.0.165.1 Step 3.5 B1(config)#ip route 0.165.4.0.9 B2(config)#ip route 0.255.255. --- Task 4: Configure Static and Default Routing Step 1.134: bytes=32 time=80ms TTL=125 Reply from 209. All three NewB PCs and the NetAdmin PC should be able to ping the www. B3(config)#ip route 0.165.0.5.165.0.2:64 209.0 0.1.201.0 s0/1/0 ! Static route to NewB LAN HQ(config)#ip route 10. Reply from 209.1:64 201. 209.202.1:65 201.202.0 0.0.0 0.255.134 with 32 bytes of data: Request timed out.com Pinging 209.1.255.209.165.0.134: bytes=32 time=72ms TTL=126 Reply from 209.165.1.165.201.165.0.165.cisco.

10.255. Gateway of last resort is 10.0 Repeat for Branch Routers B2 and B1 with network 10.255.0.0/8 is variably subnetted.20 B3(config-subif)#encapsulation dot1Q 20 B3(config-subif)#ip add 10.134: bytes=32 time=80ms TTL=126 Reply from 209.0/24 and 10. Using the addressing table for Branch routers.255. Each Branch router should now have six directly connected networks and one static default route.1 255.88.0. Verify routing tables.255.10.0 B3(config-subif)#int fa0/0.0/24 Step 2.1 255.134: bytes=32 time=69ms TTL=126 NetAdmin-PC> Task 5: Configure Inter-VLAN Routing Step 1.3. Configure each Branch router for inter-VLAN routing.x..1 255. changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.0 B3(config-subif)#int fa0/0.9 to network 0.0 B3(config-subif)#int fa0/0.3. 6 subnets.202.10.99.255.255. B3#sh ip route .x.2.10 B3(config-subif)#enca dot1q 10 B3(config-subif)#ip add 10.255.Reply from 209.0/24 is directly connected.3.255.255.255.0.10 .30 B3(config-subif)#encapsulation dot1Q 30 B3(config-subif)#ip add 10.1.88 B3(config-subif)#encapsulation dot1Q 88 B3(config-subif)#ip add 10.0 %LINK-5-CHANGED: Interface FastEthernet0/0.20. changed state to up B3(config)#int fa 0/0.0 10.255.165.3. VLAN 99 is the native VLAN.. FastEthernet0/0.165.3. B3(config)#int fa0/0 B3(config-if)#no sh B3(config)#int fa 0/0.30. 2 masks C 10.10.1 255.255.3.1 255.202.0. configure and activate the LAN interface for inter-VLAN routing.99 B3(config-subif)#encapsulation dot1Q 99 native B3(config-subif)#ip add 10.

and B3 with EIGRP.0.0/16 [90/2172416] via 10.0.0.8/30 is directly connected.0/24 is directly connected..0.0. even though you correctly configured the manual summary.0. Note: Packet Tracer does not accurately simulate the benefit of EIGRP summary routes.0 255.0.3.9 Task 6: Configure and Optimize EIGRP Routing Step 1.0.255.0. FastEthernet0/0 10.3. Verify routing tables and connectivity.255.0.0.0.0/8 is variably subnetted.1. HQ and the Branch routers should now have complete routing tables.0/16 address space to HQ. FastEthernet0/0.255.30.20 10. Use AS 100.0. Gateway of last resort is 0.0 B3(config-router)# no auto-summary ! Manual summarization B3(config-router)#int s0/0/0 B3(config-if)#ip summary-address eigrp 100 10.9 (Serial0/0/0) is up: new adjacency Step 2.99. FastEthernet0/0. 4 masks 10.0.0 C D 10. Serial0/0/0 0.0/24 is directly connected.3.0 to network 0.255.0 HQ(config-router)# no auto-summary Configure EIGRP for Branch Routers B3(config)#router eigrp 100 B3(config-router)#passive-interface fa0/0 B3(config-router)#network 10.C C C C C S* B3# 10.255. FastEthernet0/0.88 10.3. 10 subnets. B1.2. HQ#sh ip route .20.0/24 is directly connected. HQ(config)#router eigrp 100 HQ(config-router)#passive-interface s0/1/0 HQ(config-router)#passive-interface fa0/0 HQ(config-router)#network 10.88.255. B2. Configure HQ.0.255..0/0 [1/0] via 10. Disable EIGRP updates on appropriate interfaces.0.3.255.0 %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 10.255. FastEthernet0/0. 00:00:04.0/24 is directly connected.0.99 10.1.X.30 10.0/24 is directly connected. Routing tables will still show all subnets. Manually summarize EIGRP routes so that each Branch router only advertises the 10. .

0.5. Serial0/0/0 D 10.255.255. Serial0/0/1 209. Serial0/0/0 S* 0.255.8/30 [90/2681856] via 10.5. Serial0/1/0 S* 0.255.88. FastEthernet0/0. FastEthernet0/0.0/24 is directly connected.255.2.0.5. Serial0/0/1 C 10.201. 00:47:46.0/16 [90/2684416] via 10.0 10.99.255.0/24 is directly connected.6. Serial0/0/0 D 10. Serial0/0/0 D 10.165.5.43 S 10.255.0.255.255. 00:04:36.0/0 [1/0] via 10.5.255.20 C 10.0/8 is variably subnetted. 00:04:36.255.255.0.0.255. 00:04:36.8/30 is directly connected.0/24 [90/2172416] via 10.1.255.255.255.0/24 [90/2681856] via 10.255.0/0 is directly connected. Null0 C 10. 00:04:36.165.255.30 C 10. Serial0/0/0 C 10.0.0/30 is directly connected.0/16 is a summary.255.5.201.255.4/30 is directly connected.255.5 to network 0.0.2.255.255.4. 14 subnets. 00:00:04.0.255. Serial0/0/1 C 10. FastEthernet0/0.5. Serial0/0/0.0.5.2.255.0/24 is directly connected.255. Serial0/0/0 D 10. FastEthernet0/0.254/32 is directly connected.255.0.0/24 is directly connected. Serial0/0/0 D 10. 00:04:36.41 D 10. Serial0/0/0.0.0.255.255.5.. 00:00:27.255.0/16 [90/2172416] via 10.0/24 is directly connected.0/30 is directly connected.0/24 is variably subnetted. 00:00:04.10 C 10.165. 2 masks C 209.252/30 [90/2681856] via 10.3.41 C 10.30.0/16 [90/2172416] via 10.4/30 is directly connected. Serial0/0/0.5 B2# . Serial0/0/0.255.99 D 10.3.88 C 10.2.2.0/24 is directly connected. FastEthernet0/0.Serial0/0/0. 2 subnets.255. 3 masks D 10.255.255. Serial0/0/0.2/32 is directly connected.43 C 10.20. 00:04:36.42 C 10.0/30 [90/2681856] via 10.255.255.0.1. Serial0/0/0 D 10. Gateway of last resort is 10.42 D 10.252/30 is directly connected. Serial0/1/0 C 209..4.0.255.0/16 [90/2684416] via 10.255. Serial0/1/0 HQ# Routing table for Branch Routers B2#sh ip route .201.255.2.10.255.2.10.

1: bytes=32 time=36ms TTL=254 Control-C NetAdmin-PC> ping 10.3. BX-S1 is the VTP server.3.3.3. Configure Branch switches with VTP.1 with 32 bytes of data: Reply from 10.20.3. Step 1.30.3.3. The password is xyzvtp.3.88.1 Pinging 10.1 with 32 bytes of data: Reply from 10.1 with 32 bytes of data: Reply from 10.1 Pinging 10.99.10.3.3. On Switches with VTP Server Switch(config)#hostname B3-S1 B3-S1(config)#vtp mode server Device mode already VTP SERVER.1: bytes=32 time=29ms TTL=254 Control-C NetAdmin-PC> ping 10.10.99. NetAdmin-PC> ping 10.1 with 32 bytes of data: Reply from 10. and VLANs The following requirements apply to all three Branches.3. BX-S2 and BX-S3 are VTP clients.1 Pinging 10.1 Pinging 10.30.3.10.1: bytes=32 time=60ms TTL=254 Control-C NetAdmin-PC> ping 10.1: bytes=32 time=70ms TTL=254 Control-C Task 7: Configure VTP.99. Then use the scripts for those switches on the other two sets of switches.1: bytes=32 time=70ms TTL=254 Control-C NetAdmin-PC> ping 10.20. Trunking.20.3.1 Pinging 10.88. the VLAN Interface.88.The NetAdmin PC should now be able to ping each VLAN subinterface on each Branch router.3. B3-S1(config)#vtp domain XYZCORP Changing VTP domain name from NULL to XYZCORP . The domain name is XYZCORP. Configure one set of three switches.3.1 with 32 bytes of data: Reply from 10.30.

BX-S2. and BX-S3.3. BX-S2.99. Create and name the VLANs listed in the VLAN Configuration and Port Mappings table on BX-S1 only. changed state to up Step 4. B3-S3(config)#vtp domain XYZCORP Changing VTP domain name from NULL to XYZCORP B3-S3(config)#vtp passw xyzvtp Setting device VLAN database password to xyzvtp Step 2. Configure the appropriate interfaces in trunking mode and assign VLAN 99 as the native VLAN.21 255.255.99. Configure trunking on BX-S1. VTP advertises the new VLANs to BX-S2 and BX-S3. Create VLANs on Switch with VTP Server B3-S1(config)#vlan 10 B3-S1(config-vlan)#name Admin B3-S1(config-vlan)#vlan 20 .1 Create Vlan interface 99 on ALL Switches and set Mgmt IP B3-S1(config)#int vlan 99 B3-S1(config-if)#ip add 10.B3-S1(config)#vtp password xyzvtp Setting device VLAN database password to xyzvtp On Switches with VTP Client Switch(config)#host B3-S3 B3-S3(config)#vtp mode cli Setting device to VTP CLIENT mode. changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99. Configure on ALL switches (same port numbering) B3-S1(config)#int range fastEthernet 0/1 . Set default-gateway for Switches B3-S1(config)#ip default-gateway 10.fastEthernet 0/5 B3-S1(config-if-range)#switchport mode trunk B3-S1(config-if-range)#switchport native vlan 99 Step 3. and BX-S3.3.0 B3-S1(config-if)#no sh %LINK-5-CHANGED: Interface Vlan99.255. Create the VLANs on BX-S1. Configure the VLAN interface and default gateway on BX-S1.

99. Fa0/8 Fa0/9. Use the appropriate commands to verify that S2 and S3 now have the VLANs you created on S1. Fa0/12 Fa0/13. Fa0/24 Gig1/1. B3-S2#sh vtp passw VTP Password: xyzvtp B3-S2#sh vtp status VTP Version : 2 Configuration Revision : 10 Maximum VLANs supported locally : 255 Number of existing VLANs : 10 VTP Operating Mode : Client VTP Domain Name : XYZCORP VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x9A 0xEC 0x96 0xF8 0xB9 0x97 0x1B 0x4C Configuration last modified by 10. Fa0/16 Fa0/17.3. Fa0/20 Fa0/21. Verify that VLANs have been sent to BX-S2 and BX-S3.21 at 3-1-93 00:47:25 B3-S2# B3-S2#sh vlan VLAN Name Status Ports ---. Fa0/18. Fa0/19. A quick way to force the sending of VTP advertisements is to change one of the client switches to transparent mode and then back to client mode. Fa0/10. Fa0/6.-----------------------------1 default active Fa0/5.B3-S1(config-vlan)#name B3-S1(config-vlan)#vlan B3-S1(config-vlan)#name B3-S1(config-vlan)#vlan B3-S1(config-vlan)#name B3-S1(config-vlan)#vlan B3-S1(config-vlan)#name Sales 30 Production 88 Wireless 99 Mgmt&Native Step 5. It may take a few minutes for Packet Tracer to simulate the VTP advertisements. Gig1/2 10 Admin active 20 Sales active . Fa0/15. Fa0/22. Fa0/23. Fa0/7.--------. Fa0/14. Fa0/11.-------------------------------.

20.30.30.20.1q trunking 99 Fa0/3 on 802.1q trunking 99 Fa0/4 on 802.99.3. Average = 87ms NetAdmin-PC> .23: bytes=32 time=60ms TTL=253 Ping statistics for 10.3. Received = 2.99.1q trunking 99 Port Vlans allowed on trunk Fa0/1 1-1005 Fa0/2 1-1005 Fa0/3 1-1005 Fa0/4 1-1005 Port Vlans allowed and active in management domain Fa0/1 1.10.3. Approximate round trip times in milli-seconds: Minimum = 60ms.10.30.23: bytes=32 time=114ms TTL=253 Reply from 10. Lost = 2 (50% loss).20.3.99 Fa0/3 1.30.30 Production 88 Wireless 99 Mgmt&Native 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default B3-S2# active active active act/unsup act/unsup act/unsup act/unsup B3-S2#sh interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.88.88.3.99 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 none Fa0/2 none Fa0/3 1.99.23 with 32 bytes of data: Request timed out.99 Fa0/4 1.10.99. Reply from 10.88.1q trunking 99 Fa0/2 on 802.20.99.23: Packets: Sent = 4.10.30.88.88.99 Fa0/2 1. Maximum = 114ms.20. Request timed out.23 Pinging 10.99 Fa0/4 none B3-S2# Verify connectivity NetAdmin-PC>ping 10.10.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->