You are on page 1of 4

CCNA4 Skill Lab - Nov 09

CONFIGURATION (Step by Step)

Step 1
Configure basic router settings

Router>enable
Router#config t
Router(config)#hostname R0
R0(config)# no ip domain-lookup
R0(config)#enable secret cisco
R0(config)# banner motd &
********************************
!!! AUTHORIZED ACCESS ONLY !!!
********************************
&
R0(config-line)#line con 0
R0(config-line)#logging synchronous
R0(config-line)#password cisco
R0(config-line)#login
R0(config-line)#line vty 0 4
R0(config-line)#logging synchronous
R0(config-line)#password cisco
R0(config-line)#login
R0(config-line)#exit
R0(config)#service password-encryption
R0(config)#int fa0/0
R0(config-if)#ip address 200.1.1.1 255.255.255.0
R0(config-if)#no shut
R0(config-if)#int s0/0/1
R0(config-if)#ip address 192.168.1.1 255.255.255.252
R0(config-if)#clock rate 64000
R0(config-if)#no shut
R0(config-if)#exit
R0(config)#username R2 password cisco
R0(config)#int s0/0/0
R0(config-if)#ip address 192.168.1.5 255.255.255.252
R0(config-if)#clock rate 64000
R0(config-if)#encapsulation ppp
R0(config-if)#ppp authentication chap
R0(config-if)#no shut
R0(config)#router rip
R0(config-router)#version 2
R0(config-router)#passive-interface Fa0/0
R0(config-router)#network 200.1.1.0
R0(config-router)#network 192.168.1.0
R0(config-router)#network 192.168.1.4
R0(config-router)#no auto-summary
===========================

Router>enable
Router#config t
Router(config)#hostname R2
R2(config)# no ip domain-lookup
R2(config)#enable secret cisco
R2(config)# banner motd &
********************************
!!!AUTHORIZED ACCESS ONLY!!!
********************************
&
R2(config-line)#line con 0
R2(config-line)#logging synchronous
R2(config-line)#password cisco
R2(config-line)#login
R2(config-line)#line vty 0 4
R2(config-line)#logging synchronous
R2(config-line)#password cisco
R2(config-line)#login
R2(config-line)#exit
R2(config)#service password-encryption
R2(config)#int fa0/0
R2(config-if)#ip address 1.0.0.129 255.255.255.128
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#username R0 password cisco
R2(config)#int s0/0/0
R2(config-if)#ip address 192.168.1.6 255.255.255.252
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap
R2(config-if)#no shut
R2(config-if)#int s0/0/1
R2(config-if)#ip address 192.168.1.10 255.255.255.252
R2(config-if)#encapsulation frame-relay
R2(config-if)#no frame-relay inverse-arp
R2(config-if)#frame-relay map ip 192.168.1.9 401 broadcast
R2(config-if)#no shut
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 1.0.0.128
R2(config-router)#network 192.168.1.4
R2(config-router)#network 192.168.1.8
R2(config-router)#passive-interface Fa0/0
R2(config-router)#no auto-summary
R2(config-router)#exit
===========================

Router>enable
Router#config t
Router(config)#hostname R1
R1(config)# no ip domain-lookup
R1(config)#enable secret cisco
R1(config)# banner motd &
********************************
!!!AUTHORIZED ACCESS ONLY!!!
********************************
&
R1(config-line)#line con 0
R1(config-line)#logging synchronous
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#line vty 0 4
R1(config-line)#logging synchronous
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#service password-encryption
R1(config)#int fa0/0
R1(config-if)#ip address 1.0.0.2 255.255.255.128
R1(config-if)#no shut
R1(config-if)#int s0/0/1
R1(config-if)#ip address 192.168.1.2 255.255.255.252
R1(config-if)#no shut
R1(config-if)#int s0/0/0
R1(config-if)#ip address 192.168.1.9 255.255.255.252
R1(config-if)#encapsulation frame-relay
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#frame-relay map ip 192.168.1.10 104 broadcast
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 1.0.0.0
R1(config-router)#network 192.168.1.0
R1(config-router)#network 192.168.1.8
R1(config-router)#passive-interface Fa0/0
R1(config-router)#no auto-summary
R1(config-router)#exit
===============

R0(config)#ip route 0.0.0.0 0.0.0.0 fa0/0


R0(config)#router rip
R0(config-router)#version 2
R0(config-router)#default-information originate

##############################################################

Step 2

Configure Access Control Lists (ACL)

R2(config)#access-list 101 deny icmp host 1.0.0.130 host 1.0.0.1 echo


R2(config)#access-list 101 permit icmp any any echo-reply
R2(config)#access-list 101 permit ip any any
R2(config)#int fa0/0
R2(config-if)#ip access-group 101 in
R0(config)#access-list 102 deny tcp any host 1.0.0.1 eq 20
R0(config)#access-list 102 deny tcp any host 1.0.0.1 eq 21
R0(config)#access-list 102 deny tcp any host 1.0.0.1 eq 23
R0(config)#access-list 102 deny tcp any host 1.0.0.1 eq 80
R0(config)#access-list 102 permit ip any any
R0(config)#int fa0/0
R0(config-if)#ip access-group 102 in

###########################################################

Step 3

Implement NAT with overload

R2(config)#access-list 1 permit 1.0.0.128 0.0.0.127


R2(config)#ip nat inside source list 1 interface serial 0/0/1 overload
R2(config)#int fa0/0
R2(config-if)#ip nat inside
R2(config-if)#int s0/0/1
R2(config-if)#ip nat outside
R2(config-if)#int s0/0/0
R2(config-if)#ip nat outside