Professional Documents
Culture Documents
router>enable
router#configureterminal
router(config)#hostnameR1
R1(config)#bannermotd"Nounauthorizedaccessallowed!"
R1(config)#servicepasswordencryption
R1(config)#securitypasswordsminlength10
R1(config)#enablesecretclass12345
R1(config)#usernameadminsecretdanscourses
R1(config)#ipsshversion2
R1(config)#ipdomainnamedanscourses.com
R1(config)#cryptokeygeneratersa
modulus[512]1024
R1(config)#interfaceGigabitEthernet0/0
R1(configif)#ipaddress192.168.4.65255.255.255.192
R1(configif)#ipv6addressFE80::1linklocal
R1(configif)#ipv6address2001:DB8:CCCC:1::1/6
R1(configif)#noshutdown
R1(configif)#interfaceGigabitEthernet0/1
R1(configif)#ipaddress192.168.4.193255.255.255.240
R1(configif)#ipv6addressFE80::1linklocal
R1(configif)#ipv6address2001:DB8:CCCC:2::1/64
R1(configif)#noshutdown
R1(configif)#exit
R1(config)#linecon0
R1(configline)#exectimeout50
R1(configline)#loginlocal
R1(configline)#linevty04
R1(configline)#exectimeout50
R1(configline)#loginlocal
R1(configline)#transportinputssh
R1(configline)#exit
R1(configline)#copyrunstart
S1
switch>enable
switch#configureterminal
switch(config)#hostnameS1
S1(config)#bannermotd"Nounauthorizedaccessallowed!"
S1(config)#servicepasswordencryption
S1(config)#enablesecretclass12345
S1(config)#usernameadminsecretdanscourses
S1(config)#ipsshversion2
S1(config)#ipdomainnamedanscourses.com
S1(config)#cryptokeygeneratersa
modulus[512]1024
S1(config)#interfacevlan1
S1(configif)#ipaddress192.168.4.126255.255.255.192
S1(configif)#noshut
S1(configif)#exit
S1(config)#ipdefaultgateway192.168.4.65
S1(config)#linecon0
S1(configline)#exectimeout50
S1(configline)#loginlocal
S1(configline)#linevty04
S1(configline)#exectimeout50
S1(configline)#loginlocal
S1(configline)#transportinputssh>
S1(configline)#linevty515
S1(configline)#exectimeout50
S1(configline)#loginlocal
S1(configline)#transportinputssh
S1(configline)#exit
S1(configline)#copyrunstart
S2
switch>enable
switch#configureterminal
switch(config)#hostnameS2
S2(config)#bannermotd"Nounauthorizedaccessallowed!"
S2(config)#servicepasswordencryption
S2(config)#enablesecretclass12345
S2(config)#usernameadminsecretdanscourses
S2(config)#ipsshversion2
S2(config)#ipdomainnamedanscourses.com
S2(config)#cryptokeygeneratersa
modulus[512]1024
S2(config)#interfacevlan1
S2(configif)#ipaddress192.168.4.206255.255.255.240
S2(configif)#noshut
S2(configif)#exit
S2(config)#ipdefaultgateway192.168.4.193
S2(config)#linecon0
S2(configline)#exectimeout50
S2(configline)#loginlocal
S2(configline)#linevty04
S2(configline)#exectimeout50
S2(configline)#loginlocal
S2(configline)#transportinputssh>
S2(configline)#linevty515
S2(configline)#exectimeout50
S2(configline)#loginlocal
S2(configline)#transportinputssh
S2(configline)#exit
S2(configline)#copyrunstart
Configuration of IOS device interfaces including IPv4 and IPv6 addressing when
appropriate
Requirements by device:
Administration Switch:
IPv6 addressing
Device
Town Hall
Administration
Switch
Interface
IPv4
Subnet
Address Mask
IPv4
Default
IPv6
IPv6 Address
Gateway
Default
Gateway
G0/0
N/A
2001:DB8:ACAD:A::1/64 N/A
G0/1
N/A
2001:DB8:ACAD:B::1/64 N/A
Vlan 1
N/A
2001:DB8:ACAD:A::FF
2001:DB8:ACAD:A::15
IT Host
NIC
2001:DB8:ACAD:B::FF
TFTP Server
NIC
2001:DB8:ACAD:B::15
N/A
Step 1:
Design an IPv4 addressing scheme and complete the Addressing Table based on
the following requirements. Use the table above to help you organize your work.
a. Subnet the 192.168.1.0/24 network to provide 30 host addresses per subnet
while wasting the fewest addresses.
b. Assign the fourth subnet to the IT Department LAN.
c. Assign the last network host address (the highest) in this subnet to the G0/0
interface on Town Hall.
d. Starting with the fifth subnet, subnet the network again so that the new subnets
will provide 14 host addresses per subnet while wasting the fewest addresses.
e. Assign the second of these new 14-host subnets to the Administration LAN.
f. Assign the last network host address (the highest) in the Administration LAN
subnet to the G0/1 interface of the Town Hall router.
g. Assign the second to the last address (the second highest) in this subnet to the
VLAN 1 interface of the Administration Switch.
h. Configure addresses on the hosts using any of the remaining addresses in their
respective subnets.
Secure all of the ways to access the router using methods covered in the course
and labs.
Newly-entered passwords must have a minimum length of 10 characters.
Prevent all passwords from being viewed in clear text in device configuration files.
Configure the router to only accept in-band management connections over the
protocol that is more secure than Telnet, as was done in the labs. Use the value
1024 for encryption key strength.
Configure user authentication for in-band management connections.
b. Configure the two Gigabit Ethernet interfaces using the IPv4 addressing values
you calculated and the IPv6 values provided in the addressing table.
Reconfigure the link local addresses as was practiced in the labs. The IPv6 linklocal Interface ID should match the IPv6 unicast Interface ID as is practiced in the
labs.
Document the interfaces in the configuration file.
Answer
Router>
Router>enable
Router#configure terminal
Router(config)#interface g0/0
Router(config-if)#ip address 192.168.1.126 255.255.255.224
Router(config-if)#description IT Department LAN
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface g0/1
Router(config-if)#ip address 192.168.1.158 255.255.255.240
Router(config-if)#description Administration LAN
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#ipv6 unicast-routing
Router(config)#interface g0/0
Router(config-if)#ipv6 address 2001:db8:acad:A::1/64
Router(config-if)#ipv6 address FE80::1 link-local
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface g0/1
Router(config-if)#ipv6 address 2001:db8:acad:B::1/64
Router(config-if)#ipv6 address FE80::1 link-local
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#
Router(config)#hostname Middle
Middle(config)#Enable secret class12345
Middle(config)#line console 0
Middle(config-line)#password cisconet2014
Middle(config-line)#login
Middle(config-line)#exit
Middle(config)#line vty 0 15
Middle(config-line)#password cisconet2014
Middle(config-line)#login
Middle(config-line)#exit
Middle(config)#line aux 0
Middle(config-line)#password cisconet2014
Middle(config-line)#login
Middle(config-line)#exit
Middle(config)#
Middle(config)#Banner motd Authorized Access Only
Middle(config)#security password min-length 10
Middle(config)#service password-encryption
Middle(config)#ip domain-name ccna4u.org
Middle(config)#username cisco secret cisconet2014
Middle(config)#crypto key generate rsa
The name for the keys will be: Middle.cisco.local
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable[OK]
Middle(config)#line vty 0 15
Middle(config-line)#login local
Middle(config-line)#transport input ssh
Middle(config-line)#exit
Middle(config)#
Reception Host
default gateway FE80::1
default gateway 192.168.1.126
IP address 192.168.1.97/27
IPv6 address 2001:DB8:ACAD:A::FF/64
Operator Host
default gateway FE80::1
default gateway 192.168.1.126
IP address 192.168.1.98/27
IPv6 address 2001:DB8:ACAD:A::15/64
IT Host
SERVER TFTP
default gateway FE80::1
default gateway 192.168.1.158
IP address 192.168.1.146/28
IPv6 address 2001:DB8:ACAD:B::15/64