Cisco CCENT Lab Guide

Covers all topics for the ICND1 exam

Version 1.0
Written by Marc Bouchard
www.subnet192.com

© 2010 Marc Bouchard

Contents
Introduction ............................................................................................................................................ 3 Recommended training material ............................................................................................................. 3 Recommended lab equipment................................................................................................................. 3 How this guide works…............................................................................................................................ 4 Lab 1 – Configuring S1 – Basic switch configurations................................................................................ 5 Enabling connectivity ....................................................................................................................... 5 Enhancing security ........................................................................................................................... 9 Configure Ports and Port Security .................................................................................................. 13 Configure VLANs ............................................................................................................................ 17 Flash and nvram management ....................................................................................................... 20 Miscellaneous commands of interest ............................................................................................. 23 Lab 2 – Configuring R1 – Basic router configurations ............................................................................. 25 Enabling connectivity ..................................................................................................................... 25 Enhancing security ......................................................................................................................... 29 Flash and nvram management ....................................................................................................... 33 Lab 3 – Interconnecting components ..................................................................................................... 35 Configuring S2 and S3 .................................................................................................................... 35 Session Management..................................................................................................................... 37 Network identification ................................................................................................................... 40 Lab 4 – Full topology.............................................................................................................................. 45 Configuring R2 and R3.................................................................................................................... 45 Serial Connectivity ......................................................................................................................... 47 PPP with Authentication ................................................................................................................ 50 Routing: Static Routes .................................................................................................................... 52 Routing: RIP ................................................................................................................................... 60
Cisco CCENT Lab Guide

References & Resources ........................................................................................................................ 65 Software................................................................................................................................................ 65 Special thanks… ..................................................................................................................................... 65

www.subnet192.com

2

Introduction
Studying for the CCENT/CCNA exams is challenging. There are a lot of resources out there, lots of material but there was nothing I could find to meet my objective: provide me with a challenge, and then show a step by step explanation to validate the tasks. This guide is in no way endorsed by Cisco Systems. I created this document out of personal need and to help myself memorize and learn the various commands and configurations. I thought I should share this with others to assist in actually learning hands-on skills with Cisco equipment. Also, note that I didn’t reinvent the wheel here. Most of this is inspired from personal experience in my own lab, from information gathered on the internet, from some of the simulators, etc.

This guide is provided FREE of charge. If you paid for this guide, you got ripped off. I do however accept donations of any amount via Paypal at marc@subnet192.com if you find this guide of use and want to thank me for my efforts. Visit my site at www.subnet192.com for more information and the latest guides!

Recommended training material
The following are what I personally used to pass the certification. I find that going through a CBT before hitting the books helps a lot to make the book easier to understand.   CBT Nuggets ICND1 training by Jeremy Cioara. Cisco Press ICND1 by Wendell Odom.

Recommended lab equipment
Finding the right gear to build a lab is quite a daunting task. There is a multitude of models and versions, as well as modules to customize each device. While you can get by with simulators, (I have tried them all), nothing compares to working with the real deal. My recommendations, for a reasonably priced lab that would get you through the CCENT and CCNA curriculum would be the following. Note that not all of them are used for the CCENT, but will be useful at the CCNA level. 3 Cisco 2950 series switches
Cisco CCENT Lab Guide

3 Cisco 2620XM 128/45 series routers 3 WIC-2T serial interfaces 3 DCE/DTE Smart Serial cables (for the WIC-2T to WIC-2T connections) 1 NM-4A/S serial interface 3 Serial to Smart Serial cables (for the NM-4A/S to WIC-2T connections)

3

www.subnet192.com

but be aware that some commands are not implemented like SSH support. this is not intended to explain any of the concepts.70.2/30 Default Gateway 192.0.168.1.1 192.16.168.16.1.1 192. You can also perform most of the steps using Cisco’s Packet Tracer software if you are part of the Cisco Learning Academy.168.1.1/24 172. you don’t go far if nothing is interconnected.168. substitute the IP address for your own static address. Lab 1 and 2 will focus on standalone device configurations.0.1 . This will provide you with real connectivity to the internet in your lab.1.168.100/24 192. practicing commands as you go. This guide attempts to make you think about what you need to do.1 192. The goal topology is the following. There are fantastic books out there for that job.168.168.0.1.1. which commands are required to complete each step and so on.168. The objective is to make you build your lab.1.147/29 172. based on my recommendations for hardware above. etc. if you have an internet connection available. www.50.1.1.2/30 69.16.5/24 192.1/24 172.1.1/30 172. However.com 4 Cisco CCENT Lab Guide Device ID PC S1 S2 S3 R1 R1 R2 R2 R2 R3 R3 Interface Ethernet adapter Vlan 1 Vlan 1 Vlan 1 FastEthernet 0/0 Serial 0/0 FastEthernet 0/0 Serial 0/0 Serial 0/1 FastEthernet 0/0 Serial 0/0 IP Address 192.7/24 192.168. For R3’s FastEthernet 0/0 interface.6/24 192.How this guide works… First off.1/30 10.1.16.16.subnet192.

 Configure the PC’s Ethernet port to 100mbps/Full Duplex. Save the configuration.subnet192.  Connect the Ethernet cable from the PC to the FastEthernet 0/1 port of the switch. Enable Telnet connectivity on all ports. console (rollover) cable. Set the console password to “cisco”. Verify the running configuration. View currently connected users. Set the host name to “S1”. Preparation  Connect the console (rollover) cable from the PC to the Console port of the switch. Test the Telnet connection from the PC to the switch.com .Lab 1 – Configuring S1 – Basic switch configurations Material required: 1 switch. Tasks              Cisco CCENT Lab Guide Open a terminal emulator session to the switch Erase the current configuration (reset to factory default) then reboot the switch. View the interface list summary. Attempt to perform all the tasks listed above before going through the walkthrough. using password “remote”. Set the privileged mode password to “ciscoexec”. 5 www. Configure all ports to 100mbps/full duplex. Set the IP address and default gateway using the topology reference table. and enable the interface. Ethernet cable Enabling connectivity Objectives This lab will guide you in configuring a switch from a factory default state. 1 PC.

255. Erase the startup configuration file (reset to factory defaults) Switch#write erase Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Switch#reload Proceed with reload? [confirm] OR Switch#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Switch#reload Proceed with reload? [confirm] Set the host name Switch(config)#hostname S1 Set the console password S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#exit Set the privileged mode password S1(config)#enable password ciscoexec Configure the IP address and default gateway.com 6 Cisco CCENT Lab Guide .168.5 255.Walkthrough Connect via the console cable using a terminal emulator (Putty. one per line.255.168. End with CNTL/Z.subnet192.1.0 S1(config-if)#no shutdown S1(config-if)#exit S1(config)#ip default-gateway 192. Hyper-Terminal …) Enter privileged mode Switch>enable Enter configuration mode Switch#configure terminal Enter configuration commands.1.1 www. and enable the interface S1(config)#interface vlan 1 S1(config-if)#ip address 192. Tera-term.

Enable Telnet connectivity S1(config)#line vty 0 15 S1(config-line)#password remote S1(config-line)#login S1(config-line)#transport input telnet S1(config-line)#exit Configure all ports to 100mbps/full duplex.255.1 no service password-encryption ! hostname S1 ! enable password ciscoexec ! interface FastEthernet0/1 speed 100 duplex full ! … ! interface Vlan1 ip address 192.168.24 S1(config-if-range)#speed 100 S1(config-if-range)#duplex full S1(config-if-range)#exit S1(config)#exit Verify the running configuration The following output has been edited for space considerations. S1(config)#interface range fastEthernet 0/1 .168.1 ! line con 0 password 0 cisco line vty 0 4 password 0 remote login transport input telnet line vty 5 15 password 0 remote login transport input telnet ! End Cisco CCENT Lab Guide 7 www.1. S1#show running-config Building configuration.1.com . Current configuration: 2673 bytes ! version 12.255.5 255...0 ! ip default-gateway 192.subnet192.

1.168.168. View currently connected users S1#show users Line 0 con 0 * 1 vty 0 Interface User Host(s) idle idle Mode Idle Location 00:00:30 00:00:00 192.View the interface list summary S1#show ip interface brief Interface IP-Address Vlan1 192..5 FastEthernet0/1 unassigned FastEthernet0/2 unassigned FastEthernet0/3 unassigned FastEthernet0/4 unassigned … OK? YES YES YES YES YES Method manual unset unset unset unset Status up up down down down Protocol up up down down down Test the Telnet connection From your PC connected to switch via an Ethernet cable. open your terminal emulator software and connect to the switch using the Telnet protocol. [OK] www.100 Idle Peer Address User Save the configuration S1#copy running-config startup-config Destination filename [startup-config]? Building configuration.com 8 Cisco CCENT Lab Guide ..subnet192.1.

o Create an account named “admin” with a password of “cisco” o Use domain name “subnet192. Tasks  Set the secured privileged mode password to “ciscosecret”  Set notification banners o Message of the Day: “AUTHORIZED PERSONEL ONLY” o Login: “ACCESS RESTRICTED”  Encrypt all clear text passwords  Enable SSH connectivity with local authentication.com . Note that several tasks here do NOT work in Packet Tracer or on a non-crypto IOS.com” o Configure the terminal port ranges independently (0-4 and 5-15)  Verify the cryptographic key  Save the configuration  Verify your configuration Attempt to perform all the tasks listed above before going through the walkthrough. Cisco CCENT Lab Guide 9 www.subnet192. Leave Telnet enabled for the purpose of the lab.Enhancing security Objectives Your switch has been configured in the previous lab. but could use a bit more security. Complete the following tasks to enhance the security of your switch.

Hyper-Terminal …) Enter privileged mode S1>enable Enter configuration mode S1#configure terminal Enter configuration commands.com 10 Cisco CCENT Lab Guide . End with CNTL/Z. one per line. Set the secured privileged mode password S1(config)#enable secret ciscosecret Set notification banners (Login and Message of the Day) S1(config)#banner login ! ACCESS RESTRICTED ! S1(config)#banner motd ! AUTHORIZED PERSONEL ONLY ! Encrypt all clear text passwords S1(config)#service password-encryption Enable SSH connectivity with local authentication S1(config)#ip domain-name subnet192...subnet192.Walkthrough Connect via the console cable using a terminal emulator (Putty.subnet192.com Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys Choosing a key modulus greater than 512 may take a few minutes. [OK] S1(config)#line vty 0 4 S1(config-line)#login local S1(config-line)#transport input ssh telnet S1(config-line)#line vty 5 15 S1(config-line)#login local S1(config-line)#transport input ssh telnet S1(config-line)#exit S1(config)#exit www.com S1(config)#username admin password cisco S1(config)#crypto key generate rsa The name for the keys will be: S1. Tera-term. How many bits in the modulus [512]: Generating RSA keys .

Verify cryptographic key S1#Show crypto key mypubkey rsa % Key pair was generated at: 21:31:48 Key name: S1.subnet192.subnet192.subnet192.com . [OK] 11 Cisco CCENT Lab Guide www..com Usage: General Purpose Key Key Data: 305C300D 06092A86 4886F70D 01010105 A50E9A4F 37055405 2DB4D613 6C5259CF % Key pair was generated at: 08:32:29 Key name: S1.com.server Usage: Encryption Key Key Data: 307C300D 06092A86 4886F70D 01010105 39F7C421 3D1F86EF 752E5937 EACADEBC EST Mar 6 1993 00034B00 30480241 00F242D9 39F85F01 ACF5AB5B E28DFAB2 D1020301 0001 EST Mar 7 1993 00036B00 30680261 00B1509F 1EDFEA0A F959D757 218F4068 AB020301 0001 Save the configuration S1#copy running-config startup-config Destination filename [startup-config]? Building configuration..

1 service password-encryption ! hostname S1 ! enable secret 5 $1$h81C$6qczYbE/ul7.168.1. enable password 7 094F471A1A0A120A0E0F ! username admin password 7 070C285F4D06 ip subnet-zero ! ip domain-name subnet192.Verify the configuration The following output has been edited for space considerations.subnet192..VH/jV7p.168.5 255.0 no ip route-cache ! ip default-gateway 192.1.com 12 Cisco CCENT Lab Guide . S1#show running-config Building configuration.255.255.1 ip http server banner login ^C ACCESS RESTRICTED ^C banner motd ^C AUTHORIZED PERSONEL ONLY ^C ! line con 0 password 7 02050D480809 line vty 0 4 password 7 105C0C140A0317 login local transport input ssh line vty 5 15 password 7 105C0C140A0317 login local transport input ssh ! end www. Current configuration : 2126 bytes ! version 12.com ip ssh time-out 120 ip ssh authentication-retries 3 ! interface FastEthernet0/1 speed 100 duplex full ! interface FastEthernet0/24 speed 100 duplex full ! interface Vlan1 ip address 192.g..

com .subnet192. to send a packet out so the switch learns the MAC address View the current port security settings on port 12 Plug in a different device in that port to trigger port violation rules View the current port security settings on port 12 post violation Restore connectivity on violated port Verify your configuration o List all ports with Port Security enabled o List all MAC addresses linked to Port Security enabled ports Attempt to perform all the tasks listed above before going through the walkthrough. You can make the switch even more secure by preventing unauthorized devices from connecting. Tasks          Disable unused ports (13 to 24) View the MAC address table View the current port security settings on port 12 Enable Port Security on port 12 o Make the port shutdown in case of violation o Allow a single MAC address only o Let the switch learn the MAC address of the device currently plugged in. the remote access connections are now secured.Configure Ports and Port Security Objectives Your switch has been setup with all the basic settings. 13 Cisco CCENT Lab Guide www. but what about the access ports? Anybody can connect anything to any port at this point. o Plug in any device on port 12 and try to ping something.

0ccc. End with CNTL/Z.24 S1(config-if)#shutdown S1(config-if)#exit S1(config)#exit View the MAC address table S1#show mac-address-table Mac Address Table ------------------------------------------Vlan ---All All All All 1 Mac Address ----------000a.subnet192. Tera-term.4117.0000.2007.0000 0 Enter configuration mode S1#configure terminal Enter configuration commands.cccc 0100.Walkthrough Connect via the console cable using a terminal emulator (Putty.6d2b Type -------STATIC STATIC STATIC STATIC DYNAMIC Ports ----CPU CPU CPU CPU Fa0/1 View the current port security settings on port 12 S1#show port-security interface Port Security Port Status Violation Mode Aging Time Aging Type SecureStatic Address Aging : Maximum MAC Addresses : Total MAC Addresses : Configured MAC Addresses : Sticky MAC Addresses : Last Source Address : Security Violation Count : fastEthernet 0/12 : Disabled : Secure-down : Shutdown : 0 mins : Absolute Disabled 1 0 0 0 0000.dddd 0004. Hyper-Terminal …) Enter privileged mode S1>enable Enter configuration mode S1#configure terminal Enter configuration commands. one per line.0ccc.com 14 Cisco CCENT Lab Guide . End with CNTL/Z. one per line. Disable unused ports (13 to 24) S1(config)#interface range fastEthernet 0/13 .0cdd. www.cccd 0100.5300 0100.

Enable port security on port 12 S1(config)#interface fastEthernet 0/12 S1(config-if)#switchport mode access S1(config-if)#switchport port-security S1(config-if)#switchport port-security maximum 1 S1(config-if)#switchport port-security mac-address sticky S1(config-if)#switchport port-security violation shutdown S1(config-if)#exit S1(config)#exit View the new port security settings on port 12 S1#show port-security interface Port Security : Port Status : Violation Mode : Aging Time : Aging Type : SecureStatic Address Aging : Maximum MAC Addresses : Total MAC Addresses : Configured MAC Addresses : Sticky MAC Addresses : Last Source Address : Security Violation Count : fastEthernet 0/12 Enabled Secure-up Shutdown 0 mins Absolute Disabled 1 1 0 1 0005.com . one per line.5e17.bd11.4a40 0 View the new port security settings on port 12 post violation S1#show port-security interface Port Security : Port Status : Violation Mode : Aging Time : Aging Type : SecureStatic Address Aging : Maximum MAC Addresses : Total MAC Addresses : Configured MAC Addresses : Sticky MAC Addresses : Last Source Address : Security Violation Count : fastEthernet 0/12 Enabled Secure-shutdown Shutdown 0 mins Absolute Disabled 1 1 0 1 000d.c580 1 Enter configuration mode S1#configure terminal Enter configuration commands. Restore connectivity on violated port Cisco CCENT Lab Guide S1(config)#interface fastEthernet 0/12 S1(config-if)#shutdown S1(config-if)#no shutdown S1(config-if)#exit S1(config)#exit 15 www.subnet192. End with CNTL/Z.

com 16 Cisco CCENT Lab Guide .4a40 SecureSticky Fa0/12 ------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 www.Verify your configuration S1#show port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) --------------------------------------------------------------------------Fa0/12 1 1 1 Shutdown --------------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 S1#show port-security address Secure Mac Address Table ------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age (mins) --------------------------------1 0005.subnet192.5e17.

Create new VLANs and assign them ports.subnet192. with a description of “Marketing” o Create VLAN 30. 17 Cisco CCENT Lab Guide www.Configure VLANs Objectives By default. with a description of “Research” Assign ports to VLANs o Assign ports 5-6 to VLAN 10 o Assign ports 7-8 to VLAN 20 o Assign ports 9 to VLAN 30 Review VLAN configuration   Attempt to perform all the tasks listed above before going through the walkthrough. Tasks Create VLANs o Create VLAN 10. with a description of “Sales” o Create VLAN 20. all ports are members of VLAN 1.com .

subnet192. Hyper-Terminal …) or via Telnet.Walkthrough Connect via the console cable using a terminal emulator (Putty. Enter privileged mode S1>enable Enter configuration mode S1#configure terminal Enter configuration commands. Tera-term. one per line.8 S1(config-if-range)#switchport access vlan 20 S1(config)#interface fastEthernet 0/9 S1(config-if)#switchport access vlan 30 S1(config-if)#exit S1(config)#exit www.com 18 Cisco CCENT Lab Guide . End with CNTL/Z.6 S1(config-if-range)#switchport access vlan 10 S1(config)#interface range fastEthernet 0/7 . Create VLANs S1(config)#VLAN 10 S1(config-vlan)#name S1(config-vlan)#VLAN S1(config-vlan)#name S1(config-vlan)#VLAN S1(config-vlan)#name S1(config-vlan)#exit Sales 20 Marketing 30 Research Assign ports to VLANs S1(config)#interface range fastEthernet 0/5 .

Fa0/3.com . Fa0/12. Fa0/24 Fa0/5. Fa0/13. Fa0/22. Fa0/21.Review VLAN configuration S1#show vlan brief VLAN Name ---. Fa0/6 Fa0/7. Fa0/19. Fa0/15.subnet192. Fa0/23. Fa0/11. Fa0/20. Fa0/4. Fa0/14. Fa0/16. Fa0/2. Fa0/8 Fa0/9 10 20 30 1002 1003 1004 1005 Sales Marketing Research fddi-default token-ring-default fddinet-default trnet-default active active active act/unsup act/unsup act/unsup act/unsup 19 Cisco CCENT Lab Guide www. Fa0/10. Fa0/17. Fa0/18.-----------------------1 default Status --------active Ports --------------------------Fa0/1.

Tasks      Backup the configuration to TFTP. From the IOS.com 20 Cisco CCENT Lab Guide . www.Flash and nvram management Objectives Managing and safeguarding the IOS image and configurations.subnet192. View the contents of flash memory. send a new IOS image to a switch using TFTP.  Create a folder on your PC with a new IOS image to upload to the switch. Attempt to perform all the tasks listed above before going through the walkthrough. send a new IOS image to a switch using TFTP. From ROMMON. Preparation  Install TFTPD32 on your PC. Backup the current IOS image to TFTP.

EA13.bin]? !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 3721946 bytes copied in 27. End with CNTL/Z.100 Source filename []? c2950-i6k2l2q4-mz.EA13.100 Destination filename [s1-confg]? View the contents of the flash memory S1#dir flash: Directory of flash:/ 2 3 4 5 7 8 332 333 -rwx -rwx -rwx -rwx -rwx drwx -rwx -rwx 112 330 2126 1100 3721946 4416 112 976 Mar Mar Mar Mar Mar Mar Mar Mar 01 01 01 01 01 01 01 07 1993 1993 1993 1993 1993 1993 1993 1993 01:37:46 01:42:25 00:09:19 00:09:19 01:40:37 01:41:38 01:42:17 02:47:58 +00:00 +00:00 +00:00 +00:00 +00:00 +00:00 +00:00 +00:00 info env_vars config.text c2950-i6k2l2q4-mz.bin]? ######################################################################################### #########################################################[ok] S1#configure terminal Enter configuration commands. send a new IOS image to a switch using TFTP S1#copy tftp flash Address or name of remote host []? 192.bin html info.bin Address or name of remote host []? 192.EA13.bin S1(config)#exit 21 Cisco CCENT Lab Guide www.1.121-22.subnet192. one per line.168.168.100 Destination filename [c2950-i6k2l2q4-mz.121-22.121-22.com .121-22. S1(config)#boot system flash c2950-i6k2l2q4-mz.168.ver vlan.1.Walkthrough Enter privileged mode S1>enable Backup the configuration to TFTP S1#copy startup-config tftp Address or name of remote host []? 192.EA13.988 secs (132984 bytes/sec) From the IOS.text private-config.EA13.EA13.121-22.1.bin Destination filename [c2950-i6k2l2q4-mz.121-22.dat 7741440 bytes total (2142208 bytes free) Backup the current IOS to TFTP S1#copy flash tftp Source filename []? c2950-i6k2l2q4-mz.

255.com 22 Cisco CCENT Lab Guide .1. send a new IOS image to a switch using TFTP To get into ROMMON.EA13.1 ROMMON>TFTP_SERVER=192.subnet192. press CTRL-BREAK during the boot sequence (power up) of the switch.121-22.5 ROMMON>IP_SUBNET_MASK=255.bin ROMMON>tftpdnld www.168.255.168.0 ROMMON>DEFAULT_GATEWAY=192. ROMMON>IP_ADDRESS=192.1.100 ROMMON>TFTP_FILE= c2950-i6k2l2q4-mz.1.From ROMMON.168.

Attempt to perform all the tasks listed above before going through the walkthrough.com .Miscellaneous commands of interest Objectives There are some commands that you can use to improve the device management experience. Tasks       Configure the console logging to not overlap the command prompt Disable the session timeout Create an alias called “save” to save your running configuration to nvram: Prevent DNS lookups Create an entry in the host name table called “TFTPServer” and test connectivity Configure the command history buffer to remember 15 commands.subnet192. Here are some more configuration tasks you can perform. 23 Cisco CCENT Lab Guide www.

1. Hyper-Terminal …) or via Telnet.1.subnet192.Walkthrough Connect via the console cable using a terminal emulator (Putty. Enter configuration mode S1#configure terminal Enter configuration commands. 100-byte ICMP Echos to 192.168. Configure the console logging to not overlap the command prompt S1(config)#line console 0 S1(config-line)#logging synchronous S1(config-line)#exit Disable the session timeout S1(config)#line console 0 S1(config-line)#exec-timeout 0 S1(config-line)#exit Create an alias called “save” to save your running configuration to nvram: S1(config)#alias exec save copy running-config startup-config Prevent DNS lookup S1(config)#no ip domain-lookup Create an entry in the host name table called “TFTPServer” and test connectivity S1(config)#ip host TFTPServer 192.168. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5). End with CNTL/Z. Tera-term. round-trip min/avg/max = 1/1/4 ms Configure the command history buffer to remember 15 commands S1#terminal history size 15 www.100 S1(config)#exit S1#ping TFTPServer Type escape sequence to abort.com 24 Cisco CCENT Lab Guide . Sending 5. one per line.100.

Tasks      Cisco CCENT Lab Guide       Restore the router to factory defaults Set the host name Set the console password Set the privileged mode password Configure the FastEthernet 0/0 interface.Lab 2 – Configuring R1 – Basic router configurations Material required: 1 router.  Connect the crossover Ethernet cable from the PC to the FastEthernet 0/0 port of the router. console (rollover) cable. with minor (but important) differences. 25 www. Preparation  Connect the console (rollover) cable from the PC to the Console port of the router. 1 PC. o Set the IP address and subnet mask o Configure to 100mbps/Full Duplex o Enable the interface Enable Telnet connectivity Verify the running configuration View the interface list summary Test the Telnet connection View currently connected users and which lines are used. crossover Ethernet cable Enabling connectivity Objectives This lab will guide you in configuring a router from a factory default state. The steps in this lab are very similar to the basic switch configuration.com .subnet192. Save the configuration Attempt to perform all the tasks listed above before going through the walkthrough.

255.0 R1(config-if)#no shutdown R1(config-if)#speed 100 R1(config-if)#duplex full R1(config-if)#exit Enable Telnet connectivity R1(config)#line vty 0 4 R1(config-line)#password remote R1(config-line)#login R1(config-line)#transport input telnet R1(config-line)#exit R1(config)#exit www. Hyper-Terminal …) Enter privileged mode Router>enable Enter configuration mode Router#configure terminal Enter configuration commands.Walkthrough Connect via the console cable using a terminal emulator (Putty.168. one per line.255.subnet192. Set the host name Router(config)#hostname R1 Set the console password R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#exit Set the privileged mode password R1(config)#enable password ciscoexec Configure the FastEthernet 0/0 interface R1(config)#interface fastethernet 0/0 R1(config-if)#ip address 192.1 255.com 26 Cisco CCENT Lab Guide . Tera-term.1. End with CNTL/Z.

Current configuration : 834 bytes ! version 12.1.1 255..1 Serial0/0 unassigned Serial0/1 unassigned Cisco CCENT Lab Guide OK? YES YES YES Method manual unset unset Status Protocol up up administratively down down administratively down down Test the Telnet connection From your PC connected to switch via an Ethernet cable.0 speed 100 full-duplex ! interface Serial0/0 no ip address shutdown ! interface Serial0/1 no ip address shutdown ! ip forward-protocol nd ! ip http server no ip http secure-server ! line con 0 password cisco line aux 0 line vty 0 4 password remote login transport input telnet ! end View the interface list summary R1#show ip interface brief Interface IP-Address FastEthernet0/0 192. open your terminal emulator software and connect to the switch using the Telnet protocol.255..com . 27 www.subnet192.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! enable password ciscoexec ! interface FastEthernet0/0 ip address 192.Verify the running configuration The following output has been edited for space considerations.168.168. R1#show running-config Building configuration.1.255.

[OK] www. R1#show users Line 0 con 0 * 66 vty 0 Interface User Host(s) idle idle Mode A Modem - Idle Location 00:03:35 00:00:00 192..View currently connected users and which lines are used.1.100 Idle Peer Address Uses 0 0 1 0 0 0 0 Noise 1 0 0 0 0 0 0 Overruns 0/0 0/0 0/0 0/0 0/0 0/0 0/0 Int - User R1#show line Tty Typ Tx/Rx * 0 CTY 65 AUX 9600/9600 * 66 VTY 67 VTY 68 VTY 69 VTY 70 VTY - Roty AccO AccI - Line(s) not in async mode -or.with no hardware support: 1-64 Save the configuration R1#copy running-config startup-config Destination filename [startup-config]? Building configuration.subnet192.com 28 Cisco CCENT Lab Guide ..168.

o Create an account named “admin” with a password of “cisco” o Use domain name “subnet192. 29 Cisco CCENT Lab Guide www. but could use a bit more security.com . Complete the following tasks to enhance the security of your router.subnet192.com”  Verify the cryptographic key  Save the configuration  Verify your configuration Attempt to perform all the tasks listed above before going through the walkthrough. Disable Telnet.Enhancing security Objectives Your router has been configured in the previous lab. Tasks  Set the secured privileged mode password to “ciscosecret”  Set notification banners o Message of the Day: “AUTHORIZED PERSONEL ONLY” o Login: “ACCESS RESTRICTED”  Encrypt all clear text passwords  Enable SSH connectivity with local authentication.

How many bits in the modulus [512]: Generating RSA keys . Disable Telnet.com R1(config)#username admin password cisco R1(config)#crypto key generate rsa The name for the keys will be: R1. R1(config)#ip domain-name subnet192.Walkthrough Connect via the console cable using a terminal emulator (Putty. Tera-term.. Set the secured privileged mode password R1(config)#enable secret ciscosecret Set notification banners (Login and Message of the Day) R1(config)#banner login ! ACCESS RESTRICTED ! R1(config)#banner motd ! AUTHORIZED PERSONEL ONLY ! Encrypt all clear text passwords R1(config)#service password-encryption Enable SSH connectivity with local authentication. Hyper-Terminal …) Enter privileged mode R1>enable Enter configuration mode R1#configure terminal Enter configuration commands. one per line.. End with CNTL/Z. [OK] R1(config)#line vty 0 4 R1(config-line)#login local R1(config-line)#transport input ssh R1(config-line)#exit R1(config)#exit www.com 30 Cisco CCENT Lab Guide .com Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys Choosing a key modulus greater than 512 may take a few minutes.subnet192.subnet192.

.com .server Usage: Encryption Key Key Data: 307C300D 06092A86 4886F70D 01010105 39F7C421 3D1F86EF 752E5937 EACADEBC EST Mar 6 1993 00034B00 30480241 00F242D9 39F85F01 ACF5AB5B E28DFAB2 D1020301 0001 EST Mar 7 1993 00036B00 30680261 00B1509F 1EDFEA0A F959D757 218F4068 AB020301 0001 Save the configuration R1#copy running-config startup-config Destination filename [startup-config]? Building configuration.subnet192. [OK] 31 Cisco CCENT Lab Guide www.Verify cryptographic key R1#Show crypto key mypubkey rsa % Key pair was generated at: 21:31:48 Key name: R1.subnet192..com Usage: General Purpose Key Key Data: 305C300D 06092A86 4886F70D 01010105 A50E9A4F 37055405 2DB4D613 6C5259CF % Key pair was generated at: 08:32:29 Key name: R1.com.subnet192.

168... R1#show running-config Building configuration.255.com ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ! username admin password 7 0822455D0A16 ! interface FastEthernet0/0 ip address 192.255.com 32 Cisco CCENT Lab Guide .subnet192.4 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! enable password 7 045802150C2E49560C1A ! ip domain name subnet192.1.0 speed 100 full-duplex ! interface Serial0/0 no ip address shutdown ! interface Serial0/1 no ip address shutdown ! ip forward-protocol nd ! ip http server no ip http secure-server ! banner login ^C ACCESS RESTRICTED ^C banner motd ^C AUTHORIZED PERSONEL ONLY ^C ! line con 0 password 7 121A0C041104 line aux 0 line vty 0 4 password 7 1317121F041801 login local transport input ssh ! End www.1 255. Current configuration : 1010 bytes ! version 12.Verify the configuration The following output has been edited for space considerations.

From the IOS. send a new IOS image to a switch using TFTP.com . Attempt to perform all the tasks listed above before going through the walkthrough. Backup the current IOS image to TFTP. 33 Cisco CCENT Lab Guide www. Tasks      Backup the configuration to TFTP.subnet192. Preparation  Install TFTPD32 on your PC (if not done in Lab 1)  Create a folder on your PC with a new IOS image to upload to the router. View the contents of flash memory. send a new IOS image to a switch using TFTP.Flash and nvram management Objectives Managing and safeguarding the IOS image and configurations. From ROMMON.

100 Destination filename [c2600-advipservicesk9-mz. send a new IOS image to a switch using TFTP R1#copy tftp flash Address or name of remote host []? 192.124-23.bin ROMMON>tftpdnld www.124-23.124-23.100 ROMMON>TFTP_FILE= c2600-advipservicesk9-mz.Walkthrough Enter privileged mode R1>enable Backup the configuration to TFTP R1#copy startup-config tftp Address or name of remote host []? 192.124-23.0 ROMMON>DEFAULT_GATEWAY=192.168.124-23.124-23.1. ROMMON>IP_ADDRESS=192.1.bin Destination filename [c2600-advipservicesk9-mz.168.124-23.subnet192.168.bin]? !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 3721946 bytes copied in 27. one per line. R1(config)#boot system flash c2600-advipservicesk9-mz. send a new IOS image to a switch using TFTP To get into ROMMON.255.168.com 34 Cisco CCENT Lab Guide .168.bin 49807356 bytes total (21265100 bytes free) Backup the current IOS to TFTP R1#copy flash tftp Source filename []? c2600-advipservicesk9-mz.bin]? ######################################################################################### #########################################################[ok] R1#configure terminal Enter configuration commands.bin R1(config)#exit From ROMMON.168.255.100 Destination filename [r1-confg]? View the contents of the flash memory R1#dir flash: Directory of flash:/ 1 -rw28542192 <no date> c2600-advipservicesk9-mz.1.1. press CTRL-BREAK during the boot sequence (power up) of the switch.1.bin Address or name of remote host []? 192.988 secs (132984 bytes/sec) From the IOS.100 Source filename []?c2600-advipservicesk9-mz. End with CNTL/Z.1 ROMMON>TFTP_SERVER=192.1 ROMMON>IP_SUBNET_MASK=255.1.

 Connect S2’s FastEthernet port 0/1 to FastEthernet port 0/2 of S1  Connect S3’s FastEthernet port 0/1 to FastEthernet port 0/3 of S1  Connect the PC to FastEthernet port 0/4 of S1.subnet192. This will make connectivity easier for future labs.  Disable SSH on S1 and remove the local user ‘Admin’ account. Attempt to perform all the tasks listed above before going through the walkthrough.com . you can use the script in the walkthrough section to automate the configuration.Lab 3 – Interconnecting components Objectives Let’s build on what we have learned so far and start adding more devices to our lab. Cisco CCENT Lab Guide 35 www. Preparation  Connect R1’s FastEthernet 0/0 interface to FastEthernet port 0/1 of S1. configure the new S2 and S3 switches like you did in Lab 1 – Enabling connectivity. Alternatively. Let’s add 2 more switches and connect the R1 router to our topology. Configuring S2 and S3 Objectives Configure the additional switches to create a functional multi-component environment. Tasks  Using what you have practiced so far.

1.1 enable secret 5 $1$h81C$6qczYbE/ul7. Items in bold vary from device to device.VH/jV7p.Walkthrough Connect via the console cable using a terminal emulator (Putty.168.168.6 255.255. and reload. copy and paste the following script to configure it. S2 and S3 configuration script Start by resetting the switches to the factory default. enable password 7 094F471A1A0A120A0E0F ip domain-name subnet192.255. enable configure terminal hostname S2 service password-encryption alias exec save copy run start ip default-gateway 192.1.0 exit banner login ^C ACCESS RESTRICTED ^C banner motd ^C AUTHORIZED PERSONEL ONLY ^C line con 0 password 7 02050D480809 line vty 0 4 password 7 105C0C140A0317 login transport input telnet line vty 5 15 password 7 105C0C140A0317 transport input telnet end save Disable SSH on S1. Hyper-Terminal …).com interface range fa0/1 – 24 speed 100 duplex full exit interface vlan 1 ip address 192. Tera-term.g. Once restarted. remove the admin account. S1#configure terminal S1(config)#line vty 0 15 S1(config-line)#transport input telnet S1(config-line)#login S1(config-line)#exit S1(config)#no username admin password cisco www.com 36 Cisco CCENT Lab Guide . when back at the Switch> prompt.subnet192.

o Close the session to S2 permanently.168.Session Management Objectives Experiment with remote sessions between devices.168.6) o Display the users connected to S2.168. 37 Cisco CCENT Lab Guide www. o From the S1 prompt. o From S1. open a telnet connection to S3 (192.1. open a telnet connection to S2 (192. o Verify that the session is closed. Tasks  Session management o From S1.com . Attempt to perform all the tasks listed above before going through the walkthrough.6) o Return to the S1 prompt without closing the connection to S2.1.subnet192. close the session to S3.7) o Return to the S1 prompt without closing the connection to S3. o Display the list of opened sessions (notice which one has a *) o Resume the S2 session (192.1.

7 Trying 192.168.5 Idle Peer Address www.6 Trying 192. Hyper-Terminal …). CTRL-SHIFT-6 then X From S1. open a telnet connection to S3 (192.7) S1>telnet 192.168.1.1.6) S1>telnet 192.1.1.168.7 Byte 0 0 Idle Conn Name 0 192.168..168.1.7 Address 192. Tera-term.1. Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED User Access Verification Password: Return to the S1 prompt without closing the connection to S3.168. S2>show users Line * 1 vty 0 Interface User User Host(s) idle Mode Idle Location 00:00:00 192.168.1. Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED User Access Verification Password: Return to the S1 prompt without closing the connection to S2.6 .6 192.168.168.Walkthrough Connect via the console cable using a terminal emulator (Putty.1.1.7 Resume the S2 session (192.1.subnet192.168.1.6) S1>resume 1 or simply S1>1 Display the users connected to S2... CTRL-SHIFT-6 then X Display the list of opened sessions (notice which one has a *) S1>show sessions Conn Host 1 192.1.168.1.168.6 * 2 192.168.1.com 38 Cisco CCENT Lab Guide .7 . open a telnet connection to S2 (192.168.. From S1.6 0 192.

168. S2>exit [Connection to 192.com .7 From the S1 prompt.168.1.1.168. S1>show sessions Conn Host * 2 192.7 Byte 0 Idle Conn Name 3 192.6 closed by foreign host] Verify that the session is closed.subnet192.168.7 Address 192.1. close the session to S3 (192.7) S1>disconnect 2 39 Cisco CCENT Lab Guide www.1.1.168.Close the session to S2 permanently.

R1 should no longer be listed (it might take a few minutes to disappear) . Display a summary list of all the devices known to S1. Use telnet to go to the other devices to complete the missing information.   Attempt to perform all the tasks listed above before going through the walkthrough.com 40 Cisco CCENT Lab Guide Once you have completed the table.subnet192.subnet192. so find out as much as you can from this device! Do this without looking at the running or startup configuration.Network identification Objectives Discover connected devices and document the topology of an unknown environment. o Display a summary list of all the devices known to R1. Display detailed information about each of these devices. this is an unknown network to you.subnet192.com R1. o Display a summary list of all the devices known to S3. www. Using all these steps should allow you to document your network and even draw out your diagram from scratch. from the S1 prompt.com S2. you must use various commands to help you create the diagram with port and IP information: Device ID IP address/mask Platform Capabilities IOS version Incoming port to S1 Outgoing port from device S1. o Display a summary list of all the mac-addresses known to S1. Display a summary list of all the devices known to S1. Remember. Tasks Assume you don’t know the topology of the network and you need to document it. identifying which devices are visible and which interface to use to get to them.com S3.subnet192. configure R1 to not advertise its presence to others.com n/a n/a     Start by getting the information about the device you’re connected to. o Display a summary list of all the devices known to S2.subnet192. You connect to switch S1 thru the console port and from there.

121-22.com/techsupport Copyright (c) 1986-2009 by cisco Systems.cisco. Inc.3 interface(s) 32K bytes of flash-simulated non-volatile configuration memory. line protocol is up Internet address is 192.255. Version 12.1(22)EA13  IOS Version Technical Support: http://www.subnet192. Tera-term.5/24  IP address/mask Broadcast address is 255. Hyper-Terminal …). Base ethernet MAC Address: 00:0A:41:17:53:00 Motherboard assembly number: 73-5781-10 Power supply part number: 34-0965-01 Motherboard serial number: FOC0625077S Power supply serial number: DAB0625576E Model revision number: E0 Motherboard revision number: B0 Model number: WS-C2950-24  Platform System serial number: FHK0626X0H9 Configuration register is 0xF S1>show ip interface Vlan1 is up.com . Processor board ID FHK0626X0H9 Last reset from system-reset Running Standard Image 24 FastEthernet/IEEE 802.EA13.168. data-base: 0x80680000 ROM: Bootstrap program is C2950 boot loader S1 uptime is 1 hour.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Null turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled Cisco CCENT Lab Guide … 41 www. 51 minutes System returned to ROM by power-on System image file is "flash:c2950-i6k2l2q4-mz. Show information about the local device S1>show version Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6K2L2Q4-M).Walkthrough Connect via the console cable using a terminal emulator (Putty.bin" cisco WS-C2950-24 (RC32300) processor (revision E0) with 19912K bytes of memory.1. Compiled Fri 27-Feb-09 22:20 by amvarma Image text-base: 0x80010000.

payload len=27.1. Port ID (outgoing port): FastEthernet0/1 Holdtime : 91 sec Version : Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6K2L2Q4-M).com  Device ID Entry address(es): IP address: 192. Version 12. Capabilities: Switch IGMP Interface: FastEthernet0/2.com/techsupport Copyright (c) 1986-2009 by cisco Systems.7 Platform: cisco WS-C2950G-24-EI.1(22) EA13  IOS Version Technical Support: http://www.com Local Intrfce Fas 0/3 Fas 0/2 Fas 0/1 Holdtme 176 175 144 Capability S I S I R Platform Port ID WS-C2950G-Fas 0/1 WS-C2950G-Fas 0/1 2620 Fas 0/0 Display detailed information about each of these devices. B . Port ID (outgoing port): FastEthernet0/1  I/O Ports Holdtime : 157 sec Version : Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6K2L2Q4-M).7 ------------------------Device ID: S2. Capabilities: Switch IGMP  Platform & capabilities Interface: FastEthernet0/3. Inc. Version 12.com 42 Cisco CCENT Lab Guide .com/techsupport Copyright (c) 1986-2009 by cisco Systems.IGMP.com R1. Compiled Fri 27-Feb-09 22:20 by amvarma advertisement version: 2 Protocol Hello: OUI=0x00000C.subnet192.Source Route Bridge S .subnet192. RELEASE SOFTWARE (fc2) Technical Support: http://www. Inc. I . payload len=27.168.1. from the S1 prompt S1>show cdp neighbors detail ------------------------Device ID: S3. P .6 Platform: cisco WS-C2950G-12-EI.168.Trans Bridge. Compiled Fri 27-Feb-09 22:20 by amvarma advertisement version: 2 Protocol Hello: OUI=0x00000C.subnet192. Protocol ID=0x0112.cisco.Repeater.1. value=00000000FFFFFFFF010221FF00000000000000131A2C2700FF0000 Native VLAN: 1 Duplex: full Management address(es): IP address: 192.1(22)EA13.subnet192.6 www.Display a summary list of all the devices known to S1 S1>show cdp neighbors Capability Codes: R .cisco.com Entry address(es): IP address: 192.com S2. value=00000000FFFFFFFF010221FF00000000000000152B1C9A40FF0000 Native VLAN: 1 Duplex: full Management address(es): IP address: 192.168.Phone Device ID S3.168.subnet192.1.subnet192.Switch.Router. T . H . r .Host. Protocol ID=0x0112.

Phone Device ID Local Intrfce S1.0cdd.2701 DYNAMIC Fa0/3 1 0015.. Port ID (outgoing port): FastEthernet0/0 Holdtime : 39 sec Version : Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-D-M).0ccc.6 Trying 192.cccc STATIC CPU All 0100.Repeater. Compiled Thu 04-Oct-01 19:45 by pwade advertisement version: 2 Duplex: full Management address(es): Display a summary list of all the mac-addresses known to S1 S1>show mac address-table Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ------------------------All 000a. I . Inc..------------------------Device ID: R1.168.subnet192.Host.1 Platform: cisco 2620.1a2c.com Fas 0/1 Holdtme 144 Capability S I Platform Port ID WS-C2950-2Fas 0/2 Cisco CCENT Lab Guide S2>exit 43 www.1.1. B .com Entry address(es): IP address: 192.subnet192.0ccc. r .Trans Bridge.2(5a).Router. RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems.cccd STATIC CPU All 0100.com . Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED User Access Verification Password: S2>show cdp neighbors Capability Codes: R .Source Route Bridge S .2b1c. P .4117.dddd STATIC CPU 1 0005.subnet192.168.5e17.1.4a40 DYNAMIC Fa0/1 1 0013. Version 12.9a41 DYNAMIC Fa0/2 Total Mac Addresses for this criterion: 7 Display a summary list of all the devices known to S2 S1#telnet 192.IGMP.6 .Switch. H .5300 STATIC CPU All 0100. Capabilities: Router Interface: FastEthernet0/1.168. T .

1.com 44 Cisco CCENT Lab Guide .Display a summary list of all the devices known to S3 S1#telnet 192.168.Source Route Bridge S .168.1 Trying 192.. r .subnet192.Host.Trans Bridge. T . Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED User Access Verification Password: R1>show cdp neighbors Capability Codes: R ..subnet192.Trans Bridge.Phone Device ID Local Intrfce S1.com Fas 0/1 S3>exit Holdtme 144 Capability S I Platform Port ID WS-C2950-2Fas 0/3 Display a summary list of all the devices known to R1 S1#telnet 192. B .com Fas 0/0 R1>exit Holdtme 167 Capability S I Platform Port ID WS-C2950-2Fas 0/1 www..7 Trying 192. I . Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED User Access Verification Password: S3>show cdp neighbors Capability Codes: R .1.IGMP.1.IGMP.Source Route Bridge S .Switch.Router.168.subnet192.Repeater Device ID Local Intrfce S1. H .Switch.. I .168.Host. H .Repeater.Router. P .1.1 . r . T . B .7 .

Tasks  Using what you have practiced so far.  Connect your internet link to R3’s FastEthernet interface.com .subnet192. Attempt to perform all the tasks listed above before going through the walkthrough. Alternatively.Lab 4 – Full topology Objectives In this lab we complete the topology and start having fun with routing protocols. configure the new R2 and R3 routers like you did in Lab 2 – Enabling connectivity. 45 Cisco CCENT Lab Guide www.  Connect R2 Serial 0/0 interface (DCE) to Serial 0/1 of R3 (DTE). This will make connectivity easier for future labs. Configuring R2 and R3 Objectives Configure the serial interfaces to simulate WAN connectivity between the routers.  Disable SSH on R1 and remove the local user ‘Admin’ account.  Connect R1 Serial 0/0 interface (DCE) to Serial 0/1 of R2 (DTE). Preparation  Configure R2 and R3 using the steps from Lab 2. you can use the script in the walkthrough section to automate the configuration.  Connect any device in the Ethernet port of R2 and R3 to bring the link up.

R2 and R3 configuration script Start by resetting the routers to the factory default.255.0 no shutdown speed 100 duplex full exit banner login ^C ACCESS RESTRICTED ^C banner motd ^C AUTHORIZED PERSONEL ONLY ^C line con 0 logging synchronous password 7 02050D480809 line vty 0 4 password 7 105C0C140A0317 login transport input telnet line vty 5 15 password 7 105C0C140A0317 transport input telnet end save www. copy and paste the following script to configure it.subnet192. when back at the Router> prompt. Once restarted.255. enable configure terminal hostname R2 service password-encryption alias exec save copy run start enable secret 5 $1$h81C$6qczYbE/ul7. enable password 7 094F471A1A0A120A0E0F ip domain-name subnet192. Hyper-Terminal …).0. and reload.com interface fastethernet 0/0 ip address 10.1 255.Walkthrough Connect via the console cable using a terminal emulator (Putty. Items in bold vary from device to device.com 46 Cisco CCENT Lab Guide .50. Tera-term.VH/jV7p.g.

Configure serial interface 0/1 on R2. Display R2’s neighbors list to validate connectivity with R1 and R3. 47 Cisco CCENT Lab Guide www. Configure serial interface 0/1 on R3. Attempt to perform all the tasks listed above before going through the walkthrough. Verify that serial interface 0/0 on R2 is the DCE Configure serial interface 0/0 on R2 with a clock rate of 9600.subnet192. Verify the WAN protocol used by R2 on serial interface 0/1.com .Serial Connectivity Objectives Configure the serial interfaces to simulate WAN connectivity between the routers. Tasks         Verify that serial interface 0/0 on R1 is the DCE Configure serial interface 0/0 on R1 with a clock rate of 56000.

35. Mask [SCCM]=0x001F.35. one per line.2 255.0. Hyper-Terminal …).255.Walkthrough Connect via the console cable or telnet using a terminal emulator (Putty. Protocol-specific [PSMR]=0x8 Events [SCCE]=0x0000. Status [SCCS]=0x06 Transmit on Demand [TODR]=0x0. Pending [CIPR]=0x00000A00 Mask [CIMR]=0x30200440. driver data structure at 0x84982270 SCC Registers: General [GSMR]=0x2:0x00000030.subnet192.255.1 255. End with CNTL/Z.252 R2(config-if)#no shutdown R2(config-if)# Verify that serial interface 0/0 on R2 is the DCE R2#show controllers serial 0/0 Interface Serial0/0 Hardware is PowerQUICC MPC860 DCE V.16.16. Verify that serial interface 0/0 on R1 is the DCE R1#show controllers serial 0/0 Interface Serial0/0 Hardware is PowerQUICC MPC860 DCE V. R1(config)# R1(config)#interface serial 0/0 R1(config-if)#ip address 172. Tera-term. End with CNTL/Z. Data Sync [DSR]=0x7E7E Interrupt Registers: Config [CICR]=0x00367F80. Data Sync [DSR]=0x7E7E Interrupt Registers: Config [CICR]=0x00367F80. Protocol-specific [PSMR]=0x8 Events [SCCE]=0x0000. R2(config)# R2(config)#interface serial 0/1 R2(config-if)#ip address 172. In-srv [CISR]=0x00000000 Command register [CR]=0x640 … Configure interface S0/0 on R1 with a clock rate of 56000 R1#configure terminal Enter configuration commands. Status [SCCS]=0x06 Transmit on Demand [TODR]=0x0.com 48 Cisco CCENT Lab Guide . Pending [CIPR]=0x00000A00 Mask [CIMR]=0x30200440.255.252 R1(config-if)#no shutdown R1(config-if)#clock rate 56000 R1(config)# Configure interface S0/1 on R2 as the DTE R1#configure terminal Enter configuration commands.0. In-srv [CISR]=0x00000000 Command register [CR]=0x640 … www.255. Mask [SCCM]=0x001F. driver data structure at 0x84982270 SCC Registers: General [GSMR]=0x2:0x00000030. one per line. no clock  DCE or DTE status and clock rate idb at 0x8497AB4C. no clock  DCE or DTE status and clock rate idb at 0x8497AB4C.

H .subnet192.252 R2(config-if)#no shutdown R2(config-if)# Display R2’s neighbors list to validate connectivity with R1 and R3 R2#show cdp neighbors Capability Codes: R .255. 0 throttles 0 input errors. T . line protocol is up Hardware is PowerQUICC Serial Internet address is 172. 8720 bytes. 0 runts. B .com Ser 0/0 R1. loopback not set  WAN encapsulation protocol Keepalive set (10 sec) Last input 00:00:03. one per line. 13 interface resets 0 unknown protocol drops 0 output buffer failures.Source Route Bridge S . 0 packets/sec 5 minute output rate 0 bits/sec.16.252 R2(config-if)#clock rate 9600 R2(config-if)#no shutdown R2(config-if)# Configure interface S0/1 on R3 as the DTE R1#configure terminal Enter configuration commands.1 255.2/30 MTU 1500 bytes. 0 collisions. r . I . 0 ignored.IGMP. 0 frame.2 255. reliability 255/255.Router. 0 abort 137 packets output. 9981 bytes. 0 overrun. 0 underruns 0 output errors. BW 1544 Kbit/sec.Configure interface S0/0 on R2 with a clock rate of 9600 R2(config)#interface serial 0/0 R2(config-if)#ip address 172.Repeater Device ID Local Intrfce R3.255.com Ser 0/1 R2# Holdtme 150 172 Capability R S I R S I Platform 2620XM 2620XM Port ID Ser 0/1 Ser 0/0 Verify the WAN protocol used by R2 on serial interface 0/1 R2#show interfaces serial 0/1 Serial0/1 is up. DLY 20000 usec. 0 output buffers swapped out 28 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up 49 Cisco CCENT Lab Guide www.1.subnet192. output 00:00:09.1. 0 giants. 0 packets/sec 112 packets input. Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec.0. txload 1/255. 0 no buffer Received 92 broadcasts.16.subnet192. output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes).Switch. 0 CRC.255.16.Host. rxload 1/255 Encapsulation HDLC. R2(config)# R2(config)#interface serial 0/1 R2(config-if)#ip address 172.com .255.Trans Bridge. End with CNTL/Z.

PPP with Authentication
Objectives Serial connectivity defaults to HDLC encapsulation on Cisco equipment. We will change it to PPP and use CHAP authentication. Tasks  Enable PPP encapsulation on serial interface 0/0 of R1 o The serial link with R2 will go down.  Display the status of serial interface 0/0.  Enable PPP encapsulation on serial interface 0/1 of R2 o The serial link with R1 will come back up.  Enable CHAP on both serial interfaces of the link between R1 and R2. o Create the security accounts on both routers o Enable CHAP authentication on both routers The link between R1 and R2 is now using PPP and the link between R2 and R3 will be using HDLC. Attempt to perform all the tasks listed above before going through the walkthrough.

www.subnet192.com

50

Cisco CCENT Lab Guide

Walkthrough Enable PPP encapsulation on serial interface 0/0 of R1
R1#configure terminal Enter configuration commands, one per line. R1(config)#interface serial 0/0 R1(config-if)#encapsulation ppp

End with CNTL/Z.

Display the status of serial interface 0/0
R1#show interfaces serial 0/0 Serial0/0 is up, line protocol is down  Link is down Hardware is PowerQUICC Serial Internet address is 172.16.0.1/30 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 252/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set  WAN encapsulation protocol Keepalive set (10 sec) LCP Listen Closed: IPCP, CDPCP Last input 00:00:02, output 00:00:08, output hang never Last clearing of "show interface" counters 00:00:26 Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 4 packets input, 423 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort 9 packets output, 126 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Enable PPP encapsulation on serial interface 0/1 of R2
R2#configure terminal Enter configuration commands, one per line. R2(config)#interface serial 0/1 R2(config-if)#encapsulation ppp

End with CNTL/Z.

Enable CHAP on both serial interfaces of the link between R1 and R2 On R1:
R1(config)#user R2 password subnet192 R1#configure terminal Enter configuration commands, one per line. R1(config)#interface serial 0/0 R1(config)#ppp authentication chap

Cisco CCENT Lab Guide

End with CNTL/Z.

On R2:
R2(config)#user R1 password subnet192 R2#configure terminal Enter configuration commands, one per line. R2(config)#interface serial 0/1 R2(config)#ppp authentication chap

End with CNTL/Z.

51

www.subnet192.com

Routing: Static Routes
Objectives Understanding static routes, default routes and connected routes. Tasks Connectivity between all devices is established but at the moment, the routers don’t know the paths to any other routes other than the connected ones. One way trip…  From R1: o Display the routing table.  Note the connected routes, already known by the router as they are locally connected to its interface. o Create a static route to R2’s 10.50.0.0/24 network, using the IP address of R2’s interface as the next hop. o Test the connectivity to the 10.50.0.1 interface using ping. From S1: o Test the connectivity to the 10.50.0.1 interface using ping.

Round trip!  From R2: o Display the routing table.  Note the connected routes, already known by the router as they are locally connected to its interface. o Create a static route to R1’s 192.168.1.0/24 network, using the IP address of R1’s interface as the next hop. o Test the connectivity to the 192.168.1.1 interface using ping. From S1: o Test the connectivity to the 10.50.0.1 interface using ping.

www.subnet192.com

52

Cisco CCENT Lab Guide

let’s add external connectivity (note that there is NO protection (i. do a traceroute to Switch 3.0.2. 53 Cisco CCENT Lab Guide www. o Test the connectivity to the 69.70.1.50. firewall or other) in this lab.subnet192.50. using the IP address of R2’s interface as the next hop. Attempt to perform all the tasks listed above before going through the walkthrough.com as the destination address.144/29 network.70.2 (DNS) on R3.0/24 network on R1 o R3 needs three routes (use the interface ID instead of the IP address of the next hop).70. Test internet connectivity from R3 using www.16.e. From S1. From R3.)     Create a default route on all routers to reach the internet interface (FastEthernet 0/0 on R3).     Now that the internal network is fully operational.168.Around the world!  From R1: o Create a static route to R3’s 69.16.google.16.168. o R1 needs three routes.0/24 network on R2  R2-R3 WAN link o R2 needs two routes.144/29 network on R3  10.2.16. Proceed at your own risk.  69.  192.0/24 network on R2  R1-R2 WAN link Display the routing tables on each router.147 interface using ping.70.  69. Create all the missing routes to make the lab fully connected (use the WAN interfaces as the next hop).0. Configure name server 4.144/29 network on R3  192. test the connectivity to any of the interfaces on the network. Verify that the default route is now enabled on R3.1.com .0/24 network on R1  10.

16.IS-IS.0/16 is variably subnetted. test the connectivity to the 10.EIGRP external.0..1. the ping reaches the 10.. I .1 interface using ping R1#ping 10.0.0/24 is directly connected.OSPF inter area N1 .50.1 to 10. round-trip min/avg/max = 32/32/36 ms  Ping success! ** This pings from interface 172. it can’t return the response to the ping.16.255. U .subnet192. L2 .0.1 Type escape sequence to abort. S .IS-IS inter area * .0/24 network.168..0.1.255.0 255.50. ia . 100-byte ICMP Echos to 10.candidate default.com 54 Cisco CCENT Lab Guide .0.IS-IS level-1.0.0 172.RIP.16.0. test the connectivity to the 10.2 R1(config)#exit On R1.50. N2 . 2 subnets.0. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5). EX .50.0/24 network… R1(config)#ip route 10. display the routing table R1#show ip route Codes: C . create a static route to R2’s 10.OSPF external type 2.1 uses the static route defined on the previous step. www.static.1 interface but because R2 doesn’t know the path to the 192.1.1. o .2/32 is directly connected.OSPF NSSA external type 2 E1 .0. L1 . timeout is 2 seconds: . Serial0/0  Connected route 192. E . B .0.per-user static route. 2 masks 172.0.OSPF external type 1. M .OSPF NSSA external type 1.1 interface using ping S1>ping 10.EGP i .16.50. Sending 5.IS-IS level-2.0/30 is directly connected.1 so the ping works. O . On S1.0. Serial0/0  Connected route 172.0. IA .168. 100-byte ICMP Echos to 10. Sending 5.IGRP.50.connected.16. R .periodic downloaded static route Gateway of last resort is not set  No default route 172.EIGRP.50.OSPF. E2 .50. The R2 router already knows the route to 172.mobile..1 Type escape sequence to abort.0.16. Success rate is 0 percent (0/5)  Ping failure! ** The ping fails! Well actually.Walkthrough One way trip… On R1.50.50. FastEthernet0/0  Connected route C C C On R1.BGP D .0.ODR P .0.

1 Type escape sequence to abort.0/24 network.50.ODR.RIP. test the connectivity to the 192.com . 100-byte ICMP Echos to 10.0/16 is variably subnetted. B . display the routing table R2#show ip route Codes: C .OSPF external type 1. FastEthernet0/0  Connected route C C C C On R2. su . create a static route to R1’s 192.IS-IS summary. round-trip min/avg/max = 32/32/36 ms  Ping success! ** This pings from interface 172.connected.1/32 is directly connected.0.1.0.0.0.1 interface using ping S1>ping 10.IS-IS inter area.168.50.OSPF.16.1.0. Sending 5. 55 www.1 Type escape sequence to abort.0 255.16. On S1. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).0 is directly connected.168. E2 . Sending 5.per-user static route o . Serial0/1  Connected route 172.0.255. M .1.OSPF external type 2 i .0.0.0/24 is subnetted. The R1 router already knows the route to 172. L2 .16.0/30 is directly connected. 3 subnets.2 so the ping works. Serial0/0  Connected route 172.IS-IS level-2 ia . 100-byte ICMP Echos to 192.2 to 192.static.mobile.16.1.1. * . S .168.168. L1 .BGP D .1 R2(config)#exit On R2.168.EIGRP external. 1 subnets 10. IA . EX .OSPF NSSA external type 2 E1 .0 172.Round trip! On R2.0.255.0/24 network… R2(config)#ip route 192.subnet192. N2 . Serial0/1  Connected route 10.0. R . U .50.0. O .EIGRP. 2 masks 172.1.IS-IS level-1.OSPF NSSA external type 1.50. round-trip min/avg/max = 32/33/36 ms  Ping success! Cisco CCENT Lab Guide ** The ping works! Now that R2 knows the path to the 192.168.16. P .0.periodic downloaded static route Gateway of last resort is not set 172.1 uses the static route defined on the previous step.16.168.OSPF inter area N1 .0/30 is directly connected.1 interface using ping R1#ping 192.1.1. test the connectivity to the 10.candidate default. it is able to return the response to the ping.IS-IS.1.1.16. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).

0 255.255.0 serial 0/1 R3(config)#ip route 10.255.1. timeout is 2 seconds: U.16.70.16.0 serial 0/1 R3(config)#ip route 172.0 255.2 R1(config)#exit Test the connectivity to the 69.255.0.147.2 R3 needs to know about R1’s Ethernet subnet and R2’s Ethernet subnet.0. R2(config)#ip route 69.252 172.248 172.1.255.144 255.16.16.255.1.70. and about the R1-R2 serial WAN link. These are the routes that are missing to make the entire network fully connected.70.255.16. R1(config)#ip route 69.255. create a static route to R3’s 69.255.16.16. R3(config)#ip route 192.0.com 56 Cisco CCENT Lab Guide .16.255.0 255.255.0. R1 needs to know about R2-R3’s serial WAN link (the other two routes are already configured).147 Type escape sequence to abort.70.255.U. 100-byte ICMP Echos to 69.70.16. using the IP address of R2’s interface as the next hop.70. more static routes need to be configured.147 interface using ping R1#ping 69.144/29 network.16.16.248 172. R1(config)#ip route 172. Sending 5.252 serial 0/1 www.U Success rate is 0 percent (0/5)  Ping failure! ** The ping fails! The packet is sent to R2 but R2 has no idea where to forward it to… Create all the missing routes to make the lab fully connected To establish full connectivity.2 R2 needs to know about R3’s Ethernet subnet (the other route is already configured).50.0 255.144 255.subnet192.Around the world! On R1.168.255.

E2 .EIGRP.16. U .OSPF.mobile.EIGRP external. L2 .144 is directly connected.EIGRP.16.OSPF NSSA external type 2 E1 .1  Static route S C C C C S R3#show ip route Codes: C .IS-IS.OSPF external type 1. Serial0/1 10.0. EX . o . 2 subnets 172.144 [1/0] via 172.connected.0.com .0.subnet192.0. M . Serial0/1  Static route 172.0/24 [1/0] via 172. E2 .0/29 is subnetted. R .16.per-user static route. 3 subnets.16. Serial0/1 172.periodic downloaded static route Cisco CCENT Lab Guide Gateway of last resort is not set C S C S S 69.candidate default. IA .ODR P .OSPF. R . FastEthernet0/0 192.OSPF NSSA external type 2 E1 .0.mobile.0/16 is variably subnetted.OSPF.0.16.2  Static route 192.IS-IS level-1.IS-IS.0.0.0/30 is directly connected.70.OSPF external type 2 i .per-user static route o .IS-IS inter area.0.IS-IS summary.OSPF inter area N1 . FastEthernet0/0 172. S . N2 . P .BGP D .IS-IS level-2. S . su . M .IS-IS level-2 ia .0/30 [1/0] via 172.1/32 is directly connected.OSPF inter area N1 . M .16.0 [1/0] via 172.IS-IS level-1.candidate default.IS-IS inter area. EX .connected.0.50.0/29 is subnetted. 1 subnets 10.0 is directly connected.0.EIGRP external.0/24 is directly connected. B . 1 subnets 69.0 is directly connected.70. 2 masks 172. su . B .168. E2 .16. EX .ODR. E . Serial0/1  Static route 192.0/30 is directly connected.0. Serial0/0 172. 1 subnets 69.IGRP.16.0/24 is subnetted. Serial0/0 172. O .static. Serial0/1 10. U .2  Static route 172. O .0 is directly connected.0.periodic downloaded static route Gateway of last resort is not set 69. IA . 3 subnets.0.EIGRP external.16.0/24 is directly connected.0. B .16.1.IS-IS summary. Serial0/1  Static route 57 www. 1 subnets 10.IS-IS inter area * .0/30 is directly connected.1. U .2  Static route 172.1.16.candidate default.RIP.50.0/30 is subnetted.EGP i . R .0.16. L2 .0/16 is variably subnetted.Display the routing tables on each router R1#show ip route Codes: C . * .EIGRP.OSPF NSSA external type 1. I .0.16.16.ODR.OSPF NSSA external type 1.mobile.1.16.periodic downloaded static route Gateway of last resort is not set 69. L1 .0/24 is subnetted.0 is directly connected. FastEthernet0/0 S C S C S C R2#show ip route Codes: C .IS-IS level-1. N2 .0.OSPF external type 1.16.168.0/24 is subnetted.0.0.IS-IS.16.0. 2 masks 172. O . ia . L2 .0. L1 .1.0/29 is subnetted.BGP D .OSPF NSSA external type 2 E1 .OSPF external type 2 i .0.OSPF inter area N1 . 1 subnets 10.connected. L1 .168. N2 .1.static.OSPF NSSA external type 1.0.16.per-user static route o .0.0.static.144 [1/0] via 172. S . 1 subnets 69.1.2  Static route 172. IA .RIP.OSPF external type 2. P .70. Serial0/0 10.16.IS-IS level-2 ia .RIP.OSPF external type 1.0. * .50.2/32 is directly connected.BGP D .

L2 . 2 subnets 172. round-trip min/avg/max = 216/216/216 ms From R3. but all the internal networks are now reachable from any component of the network.1.OSPF external type 2 i .0. E2 . do a traceroute to Switch 3 R3#traceroute 192.0.70.168.0 0.0.IS-IS level-2 ia . EX .0  Default route configured! 69.subnet192. * .0 to network 0.0 is directly connected.0.0. S .0.com 58 Cisco CCENT Lab Guide .50. P .0 is directly connected.0.candidate default.7 104 msec 100 msec * Create a default route on all routers to reach the internet R1(config)#ip route 0.0/30 is subnetted.OSPF inter area N1 .IS-IS. B . 1 subnets 10.1.0.BGP D . Tracing the route to 192.0.ODR. U .0 FastEthernet 0/0 Verify that the default route is now enabled on R3 R3#show ip route Codes: C . 100-byte ICMP Echos to 69.OSPF NSSA external type 2 E1 .0.147 Type escape sequence to abort.OSPF external type 1.0/0 is directly connected.0. Serial0/1 10.168. N2 .16. FastEthernet0/0  Note the * next to the S C S C S S S* www.0/24 is directly connected.16. S1>ping 69.0 serial 0/0 R3(config)#ip route 0.static.7 Type escape sequence to abort.70.0.0/24 is subnetted.mobile.1.16.0.0. FastEthernet0/0 172.per-user static route o .periodic downloaded static route Gateway of last resort is 0.OSPF.144 is directly connected.0/29 is subnetted.0 is directly connected. 1 subnets 69.16.1 100 msec 100 msec 100 msec 3 192.1 84 msec 84 msec 88 msec 2 172. M .1.0.OSPF NSSA external type 1.0.1.168.168. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).0.16.From S1.EIGRP external. test the connectivity to any of the interfaces on the network ** Here we simply test the farthest connection available from S1 on the diagram. Serial0/1 172.RIP.0 serial 0/0 R2(config)#ip route 0.16.0.0.EIGRP. L1 .147.7 1 172. Serial0/1 192.0.70.0.IS-IS level-1.connected. su .0.IS-IS inter area.0. Serial0/1 0.16.0 0.0. O .IS-IS summary.1.0.0 0. R . Sending 5.16.0. IA .

round-trip min/avg/max = 48/50/52 ms ** NOTE: You will not be able to ping or resolve internet addresses from any other device on the network.Configure name server 4.com Type escape sequence to abort.106.subnet192. Remember that everything inside the network is using NON-ROUTABLE addresses.com . 100-byte ICMP Echos to 74.2 (DNS) on R3 R3(config)#ip name-server 4.2.2.google. 59 Cisco CCENT Lab Guide www. Until NAT is implemented on the network.google.125. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5). Sending 5.2 Test internet connectivity from R3 using www. no other device other than R3 can access the internet (it has a public address!).95.com as the destination R3#ping www.2.2.

e.Routing: RIP Objectives Creating all of the static routes was tedious work! Routing protocols allow much simpler management of routes. Test internet connectivity from R3 using www. Now that the internal network is fully operational. Attempt to perform all the tasks listed above before going through the walkthrough. Tasks  Remove all static routes created in the previous section on all routers. Proceed at your own risk.com 60 Cisco CCENT Lab Guide . do a traceroute to Switch 3.  Display the routing table. Attempt to perform all the tasks listed above before going through the walkthrough. ping the S3 switch. test the connectivity to any of the interfaces on the network. www. Verify that other routers are receiving the default route via RIP.  From S1.subnet192.com as the destination address.google.  Disable all debug information.)     Create a default route on R3 for the internet interface and propagate it to other routers via RIP.  From R3. Verify that the default route is now enabled on R3. firewall or other) in this lab. let’s add external connectivity (note that there is NO protection (i.  Enable RIP debug mode to view RIP synchronization messages. Use the running configuration to help you.  Enable RIP on all the routers and advertise all the subnets  Display the routing protocol information  From R3.

0.2 R1(config)#no ip route 69.0 255.255.1.2 Then issue a no command in front of the ip route statement.0 Display the routing protocol information R1#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds.0 0. receive any version Interface Send Recv Triggered RIP Key-chain FastEthernet0/0 1 1 2 Serial0/0 1 1 2 Automatic network summarization is in effect Maximum path: 4 Routing for Networks: 172.0.0.168.248 172.0 192.0. hold down 180.255.16.0 255.2 ip route 69.2 Repeat for the other two routers.2 120 00:00:06 Distance: (default is 120) 61 Cisco CCENT Lab Guide www.1.50.70. End with CNTL/Z.16.0.50.0.248 172.255.16.16.252 172.0.2 ip route 172. flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 1.168.16.16.0.0 255.255.0.0 255.252 172.0.0 R2(config-router)#network 10.com .16.0 R1(config-router)#network 192.0 172.Walkthrough Remove all static routes created in the previous section Start by looking at the running configuration of each router R1#show run | include ip route ip route 0.144 255.0 R3(config)#router rip R3(config-router)#network 172. S1#configure terminal Enter configuration commands.subnet192.16.16.16. R1(config)#no ip route 0.0.0.255. next due in 11 seconds Invalid after 180 seconds.255.255.0.0.50.0 R2(config)#router rip R2(config-router)#network 172.0.16.70.16.0 Serial0/0 ip route 10.2 R1(config)#no ip route 172.255.0.255.0.16.0.0 Routing Information Sources: Gateway Distance Last Update 172.1.0.0 0.0.16.0 172.255.16.0 Serial0/0 R1(config)#no ip route 10. Enable RIP on all the routers and advertise all the subnets R1(config)#router rip R1(config-router)#network 172.255.144 255. one per line.255.0.1.0.

859: RIP: sending v1 update to 255. ia .EGP i .IGRP.mobile. Sending 5.0/24 is directly connected.0.EIGRP external.7. Serial0/0 10. N2 . 2 masks 172. E .1.From R3.OSPF inter area N1 . 00:00:24.0.OSPF external type 2.0 in 1 hops *Mar 25 14:31:07.16. L1 .IS-IS level-2.168.859: RIP: build update entries . o .0.periodic downloaded static route Gateway of last resort is not set C R C R C 172. U .1.16.168.16.OSPF.0.1 in 1 hops *Mar 25 14:31:07.0.suppressing null update Disable all debug information R3#no debug all All possible debugging has been turned off Display the routing table on R1 R1#show ip route Codes: C .255.16.EIGRP.0/16 is variably subnetted. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).2.BGP D .0. R .639: 10. E2 . Serial0/0  RIP route 172. Serial0/0  RIP route 192.1 on Serial0/1 *Mar 25 14:31:07.168.2/32 is directly connected.168.16.connected.candidate default.1.0/8 [120/1] via 172. 3 subnets.ODR P . Serial0/0 172.0/30 [120/1] via 172.static.0 in 1 hops *Mar 25 14:31:07.subnet192. M .7 Type escape sequence to abort.16.16.RIP.OSPF NSSA external type 1.IS-IS level-1.1. 100-byte ICMP Echos to 192. O .0 in 2 hops *Mar 25 14:31:08.per-user static route. ping the S3 switch R3#ping 192.IS-IS.2.2) *Mar 25 14:31:08.OSPF NSSA external type 2 E1 . IA .255. 00:02:38.com 62 Cisco CCENT Lab Guide .0.0. S . FastEthernet0/0 www.255 via Serial0/1 (172.639: 192.1.0/30 is directly connected.0.0.16.1.639: RIP: received v1 update from 172. I . EX .IS-IS inter area * .1.OSPF external type 1. round-trip min/avg/max = 216/216/216 ms Enable RIP debug mode to view RIP synchronization messages R3#debug ip rip RIP protocol debugging is on R3# *Mar 25 14:31:07.16.639: 172. L2 . B .0.639: 172.16.

16.16. 00:00:11. S .IS-IS summary.0.OSPF external type 1.70.0.0/30 [120/1] via 172.0.168.0.16.16.1.168.144 is directly connected.subnet192.EIGRP external.168. but all the internal networks are now reachable from any component of the network.0/24 [120/2] via 172.connected.0/8 [120/1] via 172.16. E2 . Tracing the route to 192.1.16.1. do a traceroute to Switch 3 R3#traceroute 192. Serial0/1  RIP route 192.static. N2 . * . Sending 5.1.IS-IS level-2 ia . Serial0/1 172. R .0.16. 00:00:11.RIP.0 0.OSPF NSSA external type 2 E1 .0 to network 0.1.1.7 1 172.1.1.1 84 msec 84 msec 88 msec 2 172.1 100 msec 100 msec 100 msec 3 192.0/0 is directly connected.periodic downloaded static route Gateway of last resort is 0. Serial0/1  RIP route 0. 1 subnets 69. Serial0/1  RIP route 172.1. 100-byte ICMP Echos to 69. FastEthernet0/0 172.16.1.0.1.1.0/16 is variably subnetted. S1>ping 69.0.0/30 is directly connected.1. round-trip min/avg/max = 216/216/216 ms From R3.16.mobile.16.1.0.1/32 [120/1] via 172.0.IS-IS.0. L1 .147 Type escape sequence to abort.ODR.per-user static route o .0 C R C R R R S* 69. Serial0/1  RIP route 10.0/29 is subnetted.70.16. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).0.EIGRP.OSPF inter area N1 .7 Type escape sequence to abort. B . 00:00:11. O .0.0.0. test the connectivity to any of the interfaces on the network ** Here we simply test the farthest connection available from S1 on the diagram. su .147.candidate default. FastEthernet0/0  Static route 63 Cisco CCENT Lab Guide www.0.16.com . U .0.70. IA .BGP D .From S1.IS-IS level-1.OSPF external type 2 i .0.IS-IS inter area. 3 subnets. EX . L2 .0.0 fastEthernet 0/0 R3(config)#router rip R3(config-router)#default-information originate Verify that the default route is now enabled on R3 R3#show ip route Codes: C .16. 00:00:11. 2 masks 172.7 104 msec 100 msec * Create a default route on R3 for the internet interface and propagate it to other routers via RIP R3(config)#ip route 0.OSPF.168. P .OSPF NSSA external type 1. M .

E .16.2. FastEthernet0/0 0.0.OSPF NSSA external type 1.candidate default.IS-IS level-1. ia . Serial0/0  Note the * next to the R C R C R C R* www.125.0/30 is directly connected. 100-byte ICMP Echos to 74. M .IS-IS.Test internet connectivity from R3 using www.0. N2 .16.google.OSPF external type 2.2. S .2 to network 0.0/30 [120/1] via 172.2/32 is directly connected.16. EX . U .1.BGP D . R .16.IGRP. L1 .RIP.IS-IS inter area * .0/24 is directly connected.0.0.95.EGP i . Verify that other routers are receiving the default route via RIP R1#show ip route Codes: C .google.0.0.OSPF inter area N1 . Remember that everything inside the network is using NON-ROUTABLE addresses.per-user static route. Serial0/0 192.OSPF.static.16. L2 .OSPF NSSA external type 2 E1 .0  Default route configured! 172. no other device other than R3 can access the internet (it has a public address!).0. 00:00:03.106. IA .16. 00:00:03.ODR P .com 64 Cisco CCENT Lab Guide . B . Serial0/0 10.16.0. Until NAT is implemented on the network.connected.OSPF external type 1.subnet192. E2 .0. O .0. 3 subnets.periodic downloaded static route Gateway of last resort is 172. Sending 5.IS-IS level-2.mobile.168. Serial0/0 172. I .2. o .16. 2 masks 172. timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5).com Type escape sequence to abort.0/0 [120/2] via 172.0.EIGRP.EIGRP external.0/16 is variably subnetted. 00:00:03. round-trip min/avg/max = 48/50/52 ms ** NOTE: You will not be able to ping or resolve internet addresses from any other device on the network. Serial0/0 172.0.1.com as the destination R3#ping www.0/8 [120/1] via 172.0.

com www.jspa?ciscoHome=true Cisco Feature Navigator http://tools.com/web/learning/le3/learning_career_certifications_and_learning_paths_home. I can pass this exam easily now! This guy rocks!”  … and then went to Paypal and sent in a donation to marc@subnet192.com 65 . for understanding my passion for technology.jounin.subnet192.com/index.cisco.com/ Software Dynagen/Dynamips Cisco emulator http://dynagen.References & Resources Cisco official certification information http://www.net/ Special thanks… To my wife Luz and my son Ian.sourceforge.certskills.jsp Wendell Odom’s CertSkills http://www. Good luck with the exam! Cisco CCENT Lab Guide Marc Bouchard http://www.cisco.com to thank me for all my hard work.cisco.org/ Tera Term terminal emulator http://en. and to all of you who went through this whole guide and thought… “Wow! What a great guide.com/ITDIT/CFN/jsp/index.html The Cisco Learning Network https://learningnetwork.subnet192.jp/projects/ttssh2/ TFTPD32 TFTP server http://tftpd32.

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.