BOSON Classroom Labs for CCNA

Student Lab Guide

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

TABLE OF CONTENTS INTRODUCTION LAB 1 - BASIC ROUTER CONFIGURATION LAB 2 - ADVANCED ROUTER CONFIGURATION LAB 3 - CDP LAB 4 - TELNET LAB 5 - TFTP LAB 6 - RIP LAB 7 - IGRP LAB 8 - EIGRP LAB 9 - OSPF LAB 10 - CATALYST 1900 SWITCH CONFIGURATION LAB 11 - VLANs and TRUNKING (Catalyst 1900 Switches) LAB 12 - CATALYST 2950 SWITCH CONFIGURATION LAB 13 - VLANs and TRUNKING (Catalyst 2950 Switches) LAB 14 - IP ACCESS LISTS LAB 15 - NAT/PAT LAB 16 - PPP & CHAP LAB 17 - ISDN BRI-BRI using Legacy DDR LAB 18 - ISDN BRI-BRI using Dialer Profiles LAB 19 - ISDN PRI using Dialer Profiles LAB 20 - FRAME RELAY Appendix A: IPX LAB Appendix B: ANSWERS TO QUESTIONS Appendix C: LAB CONFIGURATIONS (coming soon)

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

INTRODUCTION Boson NetSim: Overview The CCNA labs contained in this lab guide are based on the Boson NetSim. This PCbased product simulates a wide variety of Cisco routers as well as the Catalyst 1900, 2950, and 5000 switches. The NetSim supports multiple routing protocols, including RIP, IGRP, EIGRP, and single-area OSPF. It supports different LAN/WAN protocols, including PPP/CHAP, ISDN, and Frame Relay. The exercises in this lab guide only require the NetSim – they do not require access to any external router or switch hardware. It should be noted that the NetSim supports many, but not all of the IOS commands available on a real router or switch. All the commands referenced in this lab guide are supported through the Simulator. Getting Started To invoke the NetSim, double-click on the Boson NetSim icon on your PC screen.

If there is not an icon on the PC screen, you can start the NetSim by pressing Start -> Boson NetSim -> Boson NetSim. You will be presented with a screen that has buttons at the top representing each router, switch, or PC that you will be configuring. Press one of the buttons to configure a device. Some of the devices are hidden (Switch 3, Switch 4, PC1, and PC2) and can be accessed by pressing the More Devices button. There is also a button that can be pressed to show the network topology that the labs are based on. Lab Topology The Lab Topology is shown in the diagram on the next page (it can also be viewed by selecting the Topology button at the top of the NetSim screen). You will have:

4 x Cisco 2500 routers o each router has one Ethernet and two serial interfaces o one of the 2500’s, router1, has an ISDN BRI interface 1 x Cisco 2600 router (identified as router2) o has one Ethernet interface o has both an ISDN BRI and a PRI interface 2 x Catalyst 1912 switches o each switch has twelve 10baseT and two Fast Ethernet ports

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

• •

2 X Catalyst 2950 switches o each switch has twelve 10/100 Ethernet ports 2 x PC’s

The LAN/WAN interfaces and subnet numbers are indicated on the diagram. Specific interface IP addresses are included in a table on page 6.

LAB TOPOLOGY

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

IP Addresses The IP addresses and subnet masks used in all the labs are shown in the table below. DEVICE router1 INTERFACE E0 S0 S1 BRI0 FA0/0 BRI0/0 S0/0 (ISDN PRI) S0 S1 E0 E0 S0 S0 IP ADDRESS 160.10.1.1 175.10.1.1 215.10.1.1 200.10.1.1 160.10.1.2 200.10.1.2 201.10.1.2 175.10.1.2 180.10.1.1 197.10.1.1 195.10.1.1 180.10.1.2 215.10.1.2 195.10.1.99 195.10.1.100 197.10.1.99 197.10.1.100 195.10.1.2 197.10.1.2 MASK 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0

router2

router3 router4 router5 switch1 switch2 switch3 switch4 pc1 pc2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Lab Scenarios There are 20 labs contained in this Lab Guide. They include: • Lab 1 - Basic Router Configuration • Lab 2 - Advanced Router Configuration • Lab 3 - CDP • Lab 4 - Telnet • Lab 5 - TFTP • Lab 6 - RIP • Lab 7 - IGRP • Lab 8 - EIGRP • Lab 9 - OSPF • Lab 10 – Catalyst 1900 Switch Configuration • Lab 11 - VLANs & Trunking (Catalyst 1900) • Lab 12 - Catalyst 2950 Switch Configuration • Lab 13 - VLANs and Trunking (Catalyst 2950) • Lab 14 - IP Access Lists • Lab 15 - NAT/PAT • Lab 16 - PPP & CHAP • Lab 17 - ISDN BRI-BRI using Legacy DDR • Lab 18 - ISDN BRI-BRI using Dialer Profiles • Lab 19 - ISDN PRI using Dialer Profiles • Lab 20 - Frame Relay There is also an optional IPX lab contained in Appendix A of this lab guide. These labs build upon each other so the best approach is to follow the labs sequentially. You will also be asked questions at various points during the lab. Answers to these questions are contained in Appendix B at the back of this lab guide. Appendix C also contains the completed configurations for selected labs. Saving/Restoring Configuration Files You can save your work and exit at any point. First, make sure you have selected the appropriate router/switch/PC button at the top of the NetSim screen. The next step is to press File -> Save Device Config from the top of the screen. You will then be prompted for a file name. Each individual device configuration must be saved separately. At a minimum, you should plan to save all configurations each time you power off your PC. To restore a configuration file, make sure you have pressed the appropriate router/switch/PC button. The next step is to press File -> Load Device Config (Overwrite) at the top of the screen and to select the correct saved configuration file. The configuration will then be loaded. Note: this process can take 15-20 seconds to complete and you will see configuration commands flash across the screen. Be patient!

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 1 – BASIC ROUTER CONFIGURATION 1. In this lab, you will get practice with basic configuration and show commands on the Cisco router. 2. Select Router1 from the tool bar. Press enter to get to the user prompt
Router>

3. The greater-than symbol ( >) in the prompt indicates you are in user mode. Type ? to see a list of commands that can be entered in user mode.
Router> ?

4. Type enable to get into privileged mode. The pound sign (#) indicates you are now in privileged mode.
Router> enable Router#

5. Type ? to see a list of commands that can be entered in privileged mode. Notice that there are more commands available in privileged mode than are available in user mode. Configure and reload are two such commands that can only be issued in privileged mode.
Router# ?

6. Exit privileged mode by typing disable.
Router# disable Router>

7. Re-enter privileged mode and type configure terminal to get into configuration mode
Router> enable Router# configure terminal Router(config)#

8. Configure a hostname of ‘router1’ (without the quote marks). Notice how the prompt changes.
Router(config)# hostname router1 router1(config)#

9. In global configuration mode on router1, type enable ?. This will show valid parameters that can be entered with the enable command. Configure an enable password of ‘ccnalab’ that will not be encrypted when viewing the

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

router configuration file and an enable password of ’cisco’ that will be encrypted. a. Question: when both encrypted and unencrypted enable passwords are configured, which one is used?
router1(config)# enable ? router1(config)# enable password ccnalab router1(config)# enable secret cisco

10. Configure an IP address for the Ethernet0 interface on router1 (refer to the table on page 6 for all IP addresses and masks). Activate the interface – it is currently in ‘shutdown’ mode. You should see a message that the interface has now come up. Practice using the tab key – type int and then the tab key (no spaces). You should see the word interface spelled out.
router1(config)# int<tab> router1(config)# interface ethernet0 router1(config-if)# ip address 160.10.1.1 255.255.255.0 router1(config-if)# no shutdown

11. Configure an IP address for router1’s Serial0 interface (refer to the table for IP addresses and masks) and activate the interface. Practice using abbreviated commands for both interface serial0 and no shutdown.
router1(config-if)# int s0 router1(config-if)# ip address 175.10.1.1 255.255.255.0 router1(config-if)# no shut

12. Exit configuration mode by keying ctrl-z . This will bring you back to the privileged mode prompt. You could also accomplish the same thing by keying exit twice. The exit command moves you back one level (from interface-configuration mode - global configuration mode - privileged mode prompt).
router1(config-if)# ctrl-z router1#

13. Type logout to exit the command line interface
router1# logout

14. Press the enter key to get back into the user mode prompt and then type enable to get into privileged mode. You will be prompted for the enable secret password ‘cisco’ which you previously configured.
router1> enable password: cisco router1#

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

15. Display a summary of all interfaces by typing:
router1# show ip interface brief

16. Display detailed information on each interface by typing:
router1# show interfaces

17. Display the active configuration in DRAM by typing:
router1# show running-config

18. Display the saved configuration in NVRAM by typing show startup-config. a. Question: does anything exist in NVRAM? If not, why not?
router1# show startup-config

19. Save the running (active) configuration to NVRAM by typing:
router1# copy running-config startup-config

20. Now display the contents of NVRAM again. This time, you should see the active configuration saved in NVRAM.
router1# show startup-config

21. Issue the show version command and answer these questions: a. Question: What IOS release is running on router1? b. Question: What are the contents of the configuration register?
router1# show version

22. Issue the command to show which Layer 3 protocols are currently running on the router. a. Question: which protocols are currently running on the router?
router1# show protocols

23. Select router2 from the toolbar on top. Press enter and get into user mode. From there go into privileged mode.
Router> enable Router# configure terminal Router(config)#

24. Configure a hostname of ‘router2’ and configure an enable secret password of ‘cisco’ for router2.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Router(config)# hostname router2 router2(config)# enable secret cisco

25. Configure an IP address for Fast Ethernet 0/0 on router2 and activate the interface (see the diagram above for IP addresses and masks). Router2 is 2600 modular router and must be configured using slot/port notation.
router2(config)# interface Fa 0/0 router2(config-if)# ip address 160.10.1.2 255.255.255.0 router2(config-if)# no shut

26. Display the summary status of all interfaces. Remember to get out of configuration mode first before issuing any show commands. a. Question: what status should interface Fa 0/0 show if it is fully activated? b. Question: what status would Fa 0/0 show if it was in ‘shutdown’ mode?
router2(config-if)# ctrl-z router2# show ip interface brief

27. Try to ping router1’s Ethernet address (160.10.1.1) from router2. a. Question: Were you successful? If not, what commands should you use for troubleshooting?
router2# ping 160.10.1.1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 2 – ADVANCED ROUTER CONFIGURATION 1. In this lab you will practice using some advanced configuration and show commands on the Cisco router. Please remember your lab 1 commands needed to switch between Router modes (i.e. exit, end, disable) 2. On router1, configure a console password of ‘boson’. The console user must enter this password before gaining access to the user mode prompt.
router1(config)# line console 0 router1(config-line)# login router1(config-line)# password boson

3. Configure a banner that says” Welcome to Router1 - Authorized Users Only”.
router1(config)# banner motd # Welcome to Router1 - Authorized Users Only #

4. Test the banner and console password by logging out of the router and logging back in. Get into enable mode after successfully logging into the console.
router1# enter password: router1> password: router1# logout boson enable cisco

5. Configure a password of ‘cisco’ on router2 that will enable remote users to Telnet into it:
router2(config)# line vty 0 4 router2(config-line)# login router2(config-line)# password cisco

6. On router1, associate a name of ‘router2’ with the remote IP address 160.10.1.2. This will allow you to ping router2’s name rather than having to remember its IP address.
router1(config)# ip host router2 160.10.1.2

7. Verify that the name is in router1’s host table with the show hosts command.
router1# show hosts

8. Ping ‘router2’ and verify that the pings succeed.
router1# ping router2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

9. Display the contents of flash memory on router2. a. Question: what is the name of the IOS image in flash and how large is it?
router2# show flash

10. Display the history table on router1. This shows the last 10 commands that were entered on the router. You can recall commands by entering CTRL-P or by hitting the up arrow key.
router1# show history router1# ctrl-p (to see previously entered commands)

11. On router1, do a show interfaces on Serial 0. Note on the third line of the output that the bandwidth is assumed to be 1544kb. This is because the router assumes all serial links are T1’s unless you configure otherwise. Configure router1’s S0 link to have a bandwidth of 64kb and then reenter the show interfaces command.
router1# show interfaces serial 0 router1# configure terminal router1(config)# interface serial 0 router1(config-if)# bandwidth 64 router1(config-if)# clock rate 64000 router1(config-if)# ctrl-z router1# show interfaces serial 0

12. On router1, add a description to interface Serial 0 that says “Serial Link to Router3”. This description will appear whenever you issue a show interfaces command for Serial 0.
router1(config)# interface serial 0 router1(config-if)# description Serial Link to Router3 router1(config-if)# exit router1(config)# exit router1# show interfaces serial 0

13. Configure router3 and router4:
• • • • • • • •

configure hostnames configure an enable secret password of ‘cisco’ assign IP addresses and subnet masks to serial & Ethernet interfaces (see table on page 6) Remember to set the clock rate on the Router 3 Serial 1 interface. activate serial and Ethernet interfaces verify router3 can ping router1 verify router3 can ping router4 save the configurations to NVRAM

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 3 - CDP 1. In this lab, you will practice using Cisco Discovery Protocol (CDP) commands to view information about directly connected neighbors. 2. On router1, display summary information for router1’s CDP neighbors. You should see one-line entries for both router2 and router3.
router1# sh cdp neighbors

3. On router1, display detailed information about CDP neighbors. You can do this with either the show cdp neighbors detail or show cdp entry * commands.
router1# show cdp neighbors detail router1# show cdp entry *

4. On router1, display the interfaces where CDP is active. a. Question: what is the CDP advertisement interval? b. Question: what is the holdtime interval and what does it signify?
router1# show cdp interface

5. On router1, change the CDP advertisement interval to 50 sec. and the holdtime interval to 170 sec. Issue the show cdp interface command to verify the new timers are set correctly.
router1(config)# cdp timer 50 router1(config)# cdp holdtime 170 router1(config)# exit router1# sh cdp interface

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 4 – TELNET 1. In this lab, you will practice Telnet’ing from one router to another. You will suspend Telnet sessions using the ctrl-shift-6 X sequence and display active Telnet sessions using the show sessions and show users commands. 2. From router1, Telnet to router2 (160.10.1.2). Once into router2, issue the show users command. This command shows which remote users are Telnet’ed into this local router. You should see router1’s IP address (160.10.1.1) as the user Telnet’ed into router2.
router1# telnet 160.10.1.2 router2> router2# show users

3. Suspend your Telnet session to router2 by pressing CTRL-SHIFT-6 and X. You should return to router1 without breaking the active Telnet session. Issue the show sessions command on router1. This command shows what active, but suspended, sessions you have to other routers.
router2# ctrl-shift-6 x router1# router1# show sessions

4. Now Telnet from router1 to router3. Suspend the session and return to router1. Issue the show sessions command. You should now see two suspended sessions: one to router2 (160.10.1.2) and one to router3 (175.10.1.2).
router1# telnet 175.10.1.2 router3> router3> ctrl-shift-6 x router1# router1# show sessions

5. Disconnect the two suspended sessions on router1. The number used in the disconnect command comes from the left-most column in the show sessions output. Issue show sessions to see if the suspended Telnet sessions have disappeared.
router1# disconnect 2 router1# disconnect 1 router1# show sessions

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 5 - TFTP 1. In this lab, you are going to configure PC1 as a TFTP-Server. You will then backup and restore router4’s configuration to the TFTP-Server. 2. Under the NetSim, select PC1 from the Other Devices drop-down menu. Configure PC1 to have an IP address of 195.10.1.2 with a mask of 255.255.255.0 and a defaultgateway of 195.10.1.1. Use the winipcfg utility on the PC to do this. The PC is automatically enabled to be a TFTP server.
c:> winipcfg

3. On router4, make sure you can ping PC1:
router4# ping 195.10.1.2

4. On router4, copy your running-configuration to the tftp-server. You will be prompted for the address of the tftp-server (195.10.1.2). You will also be prompted for a file name (any name you choose).
router4# copy running-config tftp

5. On the tftp-server (PC1), issue the show tftp-configs command to see if router4’s configuration was successfully backed up (this is not a standard PC command, but one developed for use with the NetSim).
c:> show tftp-configs

6. You will now restore the configuration you saved on the TFTP server to NVRAM on router4. Make sure router4’s NVRAM is currently empty by issuing the show startupconfig command. If it is not empty, use the erase startup-config command to clear it. Restore the configuration from the tftp-server to NVRAM on router4 with the following copy command (enter the PC’s IP address and previously-saved file name when prompted):
router4# copy tftp startup-config

7. Issue the show startup-config command. You should now see the restored configuration file in NVRAM. a. Question: was it necessary to clear out router4’s NVRAM in order to copy a file into it? Why?

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 6 - RIP 1. In this lab, you will be configuring RIP. On router1, router2, router3, and router4, configure RIP V1 on all serial and Ethernet interfaces (except for the ISDN and frame relay interfaces). a. Question: On router1, why doesn’t the network statement under RIP specify 160.10.1.0 rather than 160.10.0.0?
router1(config)# router rip router1(config-router)# network 160.10.0.0 router1(config-router)# network 175.10.0.0 router2(config)# router rip router2(config-router)# network 160.10.0.0 router3(config)# router rip router3(config-router)# network 175.10.0.0 router3(config-router)# network 180.10.0.0 router3(config-router)# network 197.10.1.0 router4(config)# router rip router4(config-router)# network 180.10.0.0 router4(config-router)# network 195.10.1.0

2. On router1, issue the show ip protocols command. This commands shows information about all dynamic routing protocols that are running on the router. Based on the output of this command: a. Question: how frequently does RIP advertise routing updates? b. Question: what is the holddown timer interval for RIP?
router1# show ip protocols

3. On router4, issue the show ip route command. You should see two directly connected routes (180.10.1.0 and 195.10.1.0) and three remote routes (160.10.0.0, 197.10.1.0 and 175.10.0.0). a. What is the administrative distance for RIP?
router4# show ip route

4. On router4, ping both router1 and router2. The pings should succeed if RIP is configured on all routers.
router4# ping 175.10.1.1 router4# ping 160.10.1.2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

5. On router4, clear and recreate the IP routing table with the clear ip route * command. This command is sometimes necessary when trying to troubleshoot unusual routing problems.
router4# clear ip route *

6. On router1, enter the debug ip rip command. This will show the periodic (every 30 seconds) RIP updates being transmitted and received on each interface.
router1# debug ip rip

7. After you examine a few debug updates, turn debugging off with the command undebug all
router1# undebug all

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 7 – IGRP 1. In this lab, you will configure the IGRP routing protocol. Begin by turning off RIP on router1, router2, router3, and router4. You can verify RIP is turned off by using the command show ip protocols.
routerx(config)# no router rip routerx# show ip protocols

2. Turn on IGRP on router1, router2, router3, and router4. Use AS# 200.
router1(config)# router igrp 200 router1(config-router)# network 160.10.0.0 router1(config-router)# network 175.10.0.0 router2(config)# router igrp 200 router2(config-router)# network 160.10.0.0 router3(config)# router igrp 200 router3(config-router)# network 175.10.0.0 router3(config-router)# network 180.10.0.0 router3(config-router)# network 197.10.1.0 router4(config)# router igrp 200 router4(config-router)# network 180.10.0.0 router4(config-router)# network 195.10.1.0

3. Display the dynamic routing protocols that are running on router4. a. Question: how frequently does IGRP send out routing updates? b. Question: what is the holddown interval for IGRP? c. Question: what is the default hop count for IGRP?
router4# show ip protocols

4. Display the IP routing table on router4. a. Question: what is the administrative distance for IGRP?
router4# show ip route

5. From router4, ping router1 and router2. These pings should succeed if IGRP is configured on all the routers.
router4# ping 175.10.1.1 router4# ping 160.10.1.2

6. On router1, issue the debug ip igrp events and debug ip igrp transactions commands. Both commands can be used to show periodic (every 90 seconds) IGRP routing updates being sent and received by the router. a. Question: what is the difference between the two debug ip igrp commands?

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

router1# debug ip igrp events router1# debug ip igrp transactions

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 8 – EIGRP 1. In this lab, you will configure the EIGRP routing protocol. Begin by turning off IGRP on router1, router2, router3, and router4.
routerx(config)# no router igrp 200

2. Configure EIGRP on router1, router2, router3, and router4. Use Autonomous System number 100 and configure EIGRP to send and receive updates on all interfaces, excluding the ISDN and Frame Relay interfaces.
router1(config)# router eigrp 100 router1(config-router)# network 160.10.0.0 router1(config-router)# network 175.10.0.0 router2(config)# router eigrp 100 router2(config-router)# network 160.10.0.0 router3(config)# router eigrp 100 router3(config-router)# network 175.10.0.0 router3(config-router)# network 180.10.0.0 router3(config-router)# network 197.10.1.0 router4(config)# router eigrp 100 router4(config-router)# network 180.10.0.0 router4(config-router)# network 195.10.1.0

3. Display the dynamic routing protocols that are running on router4. a. Question: what is the maximum router hop count with EIGRP?
router4# show ip protocols

4. On router1, display its EIGRP neighbors.
router1# show ip eigrp neighbors

5. On router1, display the statistics for EIGRP packet types sent and received.
router1# show ip eigrp traffic

6. On router1, display the EIGRP topology database. a. Question: what does the EIGRP topology database contain?
router1# show ip eigrp topology

7. Display the IP routing table on router4. a. Question: what is the administrative distance for EIGRP?
router4# show ip route

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

8. From router4, ping router1 and router2. These pings should succeed if EIGRP is configured on all the routers.
router4# ping 175.10.1.1 router4# ping 160.10.1.2

9. On router1, enter the debug ip eigrp command to view EIGRP routing activity. (This command is coming soon)
router1# debug ip eigrp

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 9 - OSPF 1. In this lab, you will configure the OSPF routing protocol. Begin by turning off EIGRP on router1, router2, router3, and router4. .
routerx(config)# no router eigrp 100

2. Configure OSPF on router1, router2, router3, and router4. Use Process ID 1 and configure OSPF to send and receive updates on all interfaces excluding the ISDN and Frame Relay interfaces.
router1(config)# router ospf 1 router1(config-router)# network 160.10.1.0 0.0.0.255 area 0 router1(config-router)# network 175.10.1.0 0.0.0.255 area 0 router2(config)# router ospf 1 router2(config-router)# network 160.10.1.0 0.0.0.255 area 0 router3(config)# router ospf 1 router3(config-router)# network 175.10.1.0 0.0.0.255 area 0 router3(config-router)# network 180.10.1.0 0.0.0.255 area 0 router3(config-router)# network 197.10.1.0 0.0.0.255 area 0 router4(config)# router ospf 1 router4(config-router)# network 180.10.1.0 0.0.0.255 area 0 router4(config-router)# network 195.10.1.0 0.0.0.255 area 0

3. Display the dynamic routing protocols that are running on router4. a. Question: How frequently does OSPF send routing updates?
router4# sh ip protocols

4. On router1, display its OSPF neighbors.
router1# sh ip ospf neighbor

5. On router1, display the interfaces running OSPF. a. Question: what is the OSPF cost for a 10Mbps Ethernet interface?
router1# sh ip ospf interface

6. Display the IP routing table on router4. a. Question: what is the administrative distance for OSPF?
router4# show ip route

7. From router4, ping router1 and router2. These pings should succeed if OSPF is configured on all routers.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

router4# ping 175.10.1.1 router4# ping 160.10.1.2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 10 – CATALYST 1900 SWITCH CONFIGURATION 1. In this lab, you will configure basic IOS commands on the Catalyst 1900 switch. 2. From the NetSim tool bar, select Switch1 (Catalyst 1900). Press enter to get into the user prompt mode. Enter enable to get into privileged mode. Type ? to see a list of privileged mode commands. Enter disable to go back to user mode.
enter > enable # ? # disable >

3. On switch1, go into privileged mode and then into global configuration mode. Assign Switch1 a host name of 1900sw1. Use exit or ctrl-z to get out of configuration mode.
> enable # configure terminal (config)# hostname 1900sw1 1900sw1(config)# exit 1900sw1#

4. On switch1, type show running-config to see the active configuration. a. Question: Do you need to issue copy running-config startup-config on the Catalyst 1900 to save the running configuration? If not, why not?
1900sw1# show running-config

5. On switch1, erase the current configuration with the following command:
1900sw1# delete nvram

6. On switch1, get into privileged mode and then into global configuration. Reassign the switch a hostname of 1900sw1 and an enable password of ‘cisco’. Assign the switch an IP address of 195.10.1.99 with a subnet mask of 255.255.255.0. Assign the switch a default gateway of 195.10.1.1 (router4’s Ethernet address).
> enable # configure terminal (config)# hostname 1900sw1 1900sw1(config)# enable password level 15 cisco 1900sw1(config)# ip address 195.10.1.99 255.255.255.0 1900sw1(config)# ip default-gateway 195.10.1.1

7. On switch1, issue the show ip command to verify that the IP address, mask, and default gateway are correct.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

1900sw1# show ip

8. On switch1, issue the show interfaces command. a. Question: What is the Spanning Tree (802.1D) state of interface e0/1? b. Question: What is the duplex setting for interface e0/2?
1900sw1# show interfaces

9. From the NetSim tool bar, select Switch 2 (Catalyst 1900). Configure it with a hostname of 1900sw2 and an enable password of cisco (the enable password should be encrypted when displaying the configuration file). Assign an IP address of 195.10.1.100/24 and a default-gateway of 195.10.1.1
> enable # configure terminal (config)# hostname 1900sw2 1900sw2(config)# enable secret level 15 cisco 1900sw2(config)# ip address 195.10.1.100 255.255.255.0 1900sw2(config)# ip default-gateway 195.10.1.1

10. On switch2, issue the show version command. a. Question: What version of IOS is the switch running? b. Question: What is the base Ethernet address of 1900sw2?
1900sw2# show version

11. On switch1, issue the show spantree command. a. Question: what is the address of the root bridge? b. Question: what is the port cost of E0/1? c. Question: what is the maxage interval? d. Question: what is the hello interval?
1900sw1# show spantree

12. On switch1, issue the show mac-address-table command. This shows which devices are attached to which switch ports.
1900sw1# show mac-address-table

13. On switch1, permanently assign a device with MAC address 1111-1111-1111 to port E0/5. Issue the show mac-address-table command to verify the device is in the table as a permanent entry.
1900sw1(config)# mac-address-table permanent 1111-1111-1111 e0/5 1900sw1(config)# exit 1900sw1# show mac-address-table

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

14. On switch1, configure port security for port e0/9. The switch will ‘sticky-learn’ the MAC address of the device connected to port e0/9 and will only allow that device to connect to this port in the future.
1900sw1(config)# interface e0/9 1900sw1(config-if)# port secure 1900sw1(config-if)# port secure max-mac-count 1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 11 – VLANs and TRUNKING (Catalyst 1900 Switches) 1. In this lab, you will set up VLANs on the Catalyst 1900 switches and test them by pinging between router4 and PC1. Router4 is connected to e0/1 on switch1 and PC1 is connected to e0/1 on switch2. Switch1 and switch2 are interconnected through their fa0/26 Fast Ethernet ports. 2. Using winipcfg on PC1, configure an IP address of 195.10.1.2/24 and a default gateway of 195.10.1.1 (if not already configured from a previous lab).
c:> winipcfg

3. Verify you can presently ping between PC1 and router4. If you cannot ping successfully, check that router4’s Ethernet0 IP address is 195.10.1.1/24 and that the interface is enabled. Also, using the winipcfg utility, check that the PC has a configured IP address of 195.10.1.2/24.
c:> ping 195.10.1.1

4. On switch1 and switch2, issue the show vlan command. You should note that, by default, all switch ports are in VLAN1. Because router4, PC1, and the switch-to-switch link are all in VLAN1, should be able to ping between PC1 and router4.
1900swx# show vlan

5. On switch1 and switch2, set up a VTP domain called bigdomain. Verify it has been created with the show vtp command. a. Question: what VTP operating mode are the switches in?
1900swx(config)# vtp domain bigdomain 1900swx(config)# exit 1900swx# show vtp

6. On switch1 and switch2, create VLAN 10, calling it ccnavlan. Issue the show vlan command to verify it was successfully created. a. Question: do you see any ports connected to VLAN 10. If not, why not?
1900swx(config)# vlan 10 name ccnavlan 1900swx(config)# exit 1900swx# show vlan

7. On switch1 and switch2, assign the e0/1 ports to the new VLAN you created. Router4 and PC1 are attached to these ports. Issue the show vlan command on both switches to verify these ports have been moved to VLAN10. Also, issue the show vlan-membership command. This is another command that shows VLAN assignments by port on the 1900.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

1900swx(config)# interface e0/1 1900swx(config-if)# vlan-membership static 10 1900swx(config-if)# ctrl-z 1900swx# show vlan 1900swx# show vlan-membership

8. Now that both router4 and PC1 are in VLAN10, try to ping from the PC1 to router4. It should fail. a. Question: if both devices are in the same VLAN, why should the pings fail?
c:> ping 195.10.1.1

9. Make the link between switch1 and switch2 a trunk line capable of carrying traffic for any VLAN. Use the show trunk a command to verify trunking is enabled on port fa0/26 on both switches (it should say “Trunking: on”) a. Question: what trunking protocol does the 1900 use – ISL or 802.1Q?
1900swx(config)# interface fa0/26 1900swx(config-if)# trunk on 1900swx(config-if)# ctrl-z 1900swx# show trunk a

10. Now ping between PC1 and router4. The pings should succeed because both devices are in the same VLAN and the inter-switch link is a trunk line capable of carrying traffic for any VLAN.
c:> ping 195.10.1.1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 12 - CATALYST 2950 SWITCH CONFIGURATION 1. In this lab, you will configure basic IOS commands on switch3 and switch4 which are Catalyst 2950 switches. 2. From the NetSim tool bar, select Switch3 (Catalyst 2950). Press enter to get into the user prompt mode. Enter enable to get into privileged mode. Type ? to see a list of privileged mode commands. Enter disable to go back to user mode.
enter > enable # ? # disable >

3. On switch3, go into privileged mode and then into global configuration mode. Assign Switch3 a host name of 2950sw3. Use exit or ctrl-z to get out of configuration mode.
> enable # configure terminal (config)# hostname 2950sw3 2950sw3(config)# exit 2950sw3#

4. On switch3, type show running-config to see the active configuration. a. Question: Do you need to issue copy running-config startup-config on the Catalyst 2950 to save the running configuration?
2950sw3# show running-config

5. On switch3, type copy running-config startup-config to save the active configuration to NVRAM. Display the saved configuration in NVRAM with the show startup-config command.
2950sw3# copy running-config startup-config 2950sw3# show startup-config

6. On switch3, erase the saved configuration and reload the box.
2950sw3# erase startup-config 2950sw3# reload

7. On switch3, go into privileged mode and then into global configuration mode. Reassign the switch a hostname of 2950sw3 and an enable password of ‘cisco’ (unencrypted). Assign the switch an IP address of 197.10.1.99 with a subnet mask of 255.255.255.0. Assign the switch a default gateway of 197.10.1.1 (router3’s Ethernet address).

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

> enable # configure terminal (config)# hostname 2950sw3 2950sw3(config)# enable password cisco 2950sw3(config)# interface vlan1 2950sw3(config-if)# ip address 197.10.1.99 255.255.255.0 2950sw3(config-if)# no shutdown 2950sw3(config-if)# exit 2950sw3(config)# ip default-gateway 197.10.1.1

8. On switch3, issue the show interface vlan1 command to verify that the IP address, mask, and default gateway are correct.
2950sw3# show interface vlan1

9. On switch3, issue the show interfaces command. a. Question: What is the Spanning Tree (802.1D) state of interface fa0/1? b. Question: What is the duplex setting for interface fa0/2?
2950sw3# show interfaces

10. From the NetSim tool bar, select Switch 4 (Catalyst 2950). Configure it with a hostname of 2950sw4 and an enable password of cisco (the enable password should be encrypted when displaying the configuration file). Assign an IP address of 197.10.1.100/24 and a default gateway of 197.10.1.1.
> enable # configure terminal (config)# hostname 2950sw4 2950sw4(config)# enable secret cisco 2950sw4(config)# interface vlan1 2950sw4(config-if)# ip address 197.10.1.100 255.255.255.0 2950sw4(config-if)# no shutdown 2950sw4(config-if)# exit 2950sw4(config)# ip default-gateway 197.10.1.1

On switch4, issue the show version command.
2950sw4# show version

11. On switch4, issue the show spantree command. a. Question: what is the address of the root bridge? b. Question: what is the port cost of fa0/1? c. Question: what is the maxage interval? d. Question: what is the hello interval?
2950sw4# show spanning-tree

12. On switch4, issue the show mac-address-table command. This shows which devices are attached to which switch ports.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

2950sw4# show mac-address-table

13. On switch4, permanently assign a device with MAC address 4444-4444-4444 to port fa0/5. Issue the show mac-address-table command to verify the device is in the table as a permanent entry.
2950sw4(config)# mac-address-table static 4444-4444-4444 vlan 1 int fa0/5 2950sw4(config)# exit 2950sw4# show mac-address-table

14. On switch4, configure port security for port fa0/9. The switch will ‘sticky-learn’ the MAC address of the device connected to port fa0/9 and will only allow that device to connect to the port in the future.
2950sw4(config)# interface fa0/9 2950sw4(config-if)# switchport port-security 2950sw4(config-if)# switchport port-security maximum 1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 13 – VLANs and TRUNKING (Catalyst 2950 Switches) 1. In this lab, you will set up VLANs on switch3 and switch4 (Catalyst 2950 switches) and test them by pinging between router3 and PC2. Router3 is connected to Fa0/1 on switch3 and PC2 is connected to Fa0/1 on switch4. Switch3 and switch4 are interconnected through their fa0/12 Fast Ethernet ports. 2. On PC2 using winipcfg, configure an IP address of 197.10.1.2/24 and a default gateway of 197.10.1.1.
c:> winipcfg

3. Verify you can presently ping between PC2 and router3. If you cannot ping successfully, check that router3’s FastEthernet0 IP address is 197.10.1.1/24 and that the interface is enabled. Also, using the winipcfg utility, check that PC2 has a configured IP address of 197.10.1.2/24.
c:> ping 197.10.1.1

4. On switch3 and switch4, issue the show vlan command. You should note that, by default, all switch ports are in VLAN1. Because router3, PC2, and the switch-to-switch link are all in VLAN1, you should be able to ping between PC2 and router3.
2950swx# show vlan

5. On switch3 and switch4, set up a VTP domain called classroom. Verify it has been created with the show vtp status command.
2950swx# vlan database 2950swx(vlan)# vtp domain classroom 2950swx(vlan)# ctrl-z 2950swx# show vtp status

6. On switch3 and switch4, create VLAN 20, calling it 2950vlan. Issue the show vlan command to verify it was successfully created. a. Question: do you see any ports connected to VLAN 20. If not, why not?
2950swx# vlan database 2950swx(vlan)# vlan 20 name 2950vlan 2950swx(vlan)# exit 2950swx# show vlan

7. On switch3 and switch4, assign the fa0/1 ports to the new VLAN you created. Router3 and PC2 are attached to these ports. Issue the show vlan command on both switches to verify these ports have been moved to VLAN20.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

2950swx(config)# interface fa0/1 2950swx(config-if)# switchport mode access 2950swx(config-if)# switchport access vlan 20 2950swx(config-if)# ctrl-z 2950swx# show vlan

8. Now that both router3 and PC2 are in VLAN20, try to ping from PC2 to router3. It should fail. a. Question: if both devices are in the same VLAN, why should the pings fail?
c:> ping 197.10.1.1

9. Make the link between switch3 and switch4 a trunk line capable of carrying traffic for any VLAN. Use the show interface fa0/12 switchport command to verify trunking is enabled on port fa0/12 on both switches. a. Question: what trunking protocol does the 2950 use – ISL or 802.1Q?
2950swx(config)# interface fa0/12 2950swx(config-if)# switchport mode trunk 2950swx(config-if)# ctrl-z 2950swx# show interface fa0/12 switchport

10. Now ping between PC2 and router3. The pings should succeed because both devices are in the same VLAN and the inter-switch link is a trunk line capable of carrying traffic for any VLAN.
c:> ping 197.10.1.1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 14 – IP ACCESS-LISTS 1. In this lab, you will build standard and extended IP access-lists to filter traffic coming inbound on router1’s serial0 interface. 2. Insure you can ping router2 (160.10.1.2) from both router3 and router4. The path to router2 is through router1’s serial0 interface. If you cannot successfully ping router2, check that IP addresses have been assigned, all interfaces are up, and that a dynamic routing protocol (RIP, IGRP, EIGRP, or OSPF) is running on all routers.
router3# ping 160.10.1.2 router4# ping 160.10.1.2

3. On router1, build a standard IP access-list that permits traffic from subnet 175.10.1.0, but blocks traffic from all other devices. Apply this access-list to router1’s serial0 interface for inbound traffic. a. Question: is a ‘deny any’ statement required in the access-list? b. Question: what does the mask 0.0.0.255 mean in the access-list? c. Question: can any number be assigned to a standard IP access-list?
router1(config)# access-list 1 permit 175.10.1.0 0.0.0.255 router1(config)# interface serial0 router1(config-if)# ip access-group 1 in

4. Test your access-list by ping’ing from router3 and router4 to router2. The pings from router3 (in subnet 175.10.1.0) should succeed while the pings from router4 (in subnet 180.10.1.0) should fail. 5. On router1, build an extended IP access-list that will allow Telnet traffic from host 175.10.1.2 (router3), and ICMP traffic from host 180.10.1.2 (router4), but that will block everything else. Remove the previous access-list and apply this new one to router1’s serial0 interface. a. Question: what are two ways you can specify a host address in an extended IP accesslist? b. Question: what is the number range for extended IP access-lists? c. Question: how would you permit RIP routing updates?
router1(config)# access-list 100 permit tcp host 175.10.1.2 any eq telnet router1(config)# access-list 100 permit icmp host 180.10.1.2 any router1(config)# interface serial0 router1(config-if)# no ip access-group 1 in router1(config-if)# ip access-group 100 in

6. Test access-list 100 by pinging and telneting from router3 & router4 to router2. Router3 (175.10.1.2) should be able to telnet to router2, but not ping to it. Router4 (180.10.1.2) should be able to ping to router2, but not telnet to it.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

router3# router3# router4# rotuer4#

ping 160.10.1.2 telnet 160.10.1.2 ping 160.10.1.2 telnet 160.10.1.2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 15 - NAT/PAT 1. In this lab, you will configure NAT/PAT function on router1. You will configure three forms of translation: static network address translation, dynamic translation, and overloading (port address translation). Remember to disable the access lists your configured in the previous lab before continuing this lab. 2. On router1, configure NAT to statically translate router2’s Ethernet address 160.10.1.2 to 169.10.1.2.
router1(config)# ip nat inside source static 160.10.1.2 169.10.1.2 router1(config)# interface ethernet0 router1(config-if)# ip address 160.10.1.1 255.255.255.0 router1(config-if)# ip nat inside router1(config-if)# interface serial0 router1(config-if)# ip address 175.10.1.1 255.255.255.0 router1(config-if)# ip nat outside router1(config-if)# no shut

3. Test the static NAT translation by telnet’ing from router2 to router3. Once into router3, issue the show users command. The output of this command should show that 169.10.1.2 (the translated IP address) is the logged-in device.
router2# telnet 175.10.1.2 router3# show users

4. Display the NAT Translation table on router1. The output of the display should show that the inside local IP address (160.10.1.2) is translated to the inside global IP address (169.10.1.2). a. Question: does the “inside global IP address” normally represent a public or a private IP address?
router1# show ip nat translations

5. On router1, remove the previous static NAT commands and configure NAT to translate router2’s Ethernet address to a dynamically assigned address. You will utilize a pool of public addresses in the range of 169.10.1.50 to 169.10.1.100. a. Question: if the pool of dynamically assigned addresses only contains one IP address entry, what’s another term for this form of NAT translation?
router1(config)# no ip nat inside source static 160.10.1.2 169.10.1.2 router1(config)# ip nat pool pool1 169.10.1.50 169.10.1.100 netmask 255.255.255.0 router1(config)# ip nat inside source list 1 pool pool1 router1(config)# access-list 1 permit 160.10.1.0 0.0.0.255

6. Test the dynamic NAT translation function by telneting from router2 to router3. Once into router3, issue the show users command. The output of this command should show

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

that the logged-in device is 169.10.1.50 (the translated address). Also, display the NAT translation table on router1 using the show ip nat translations command.
router2# telnet 175.10.1.2 router3# show users |router1# show ip nat translations

7. Remove the previous NAT commands. Configure NAT overloading (port address translation) on router1 to translate router2’s Ethernet address (160.10.1.2) to the serial0 interface address (175.10.1.1) on router1.
router1(config)# ip nat inside source list 1 interface serial0 overload router1(config)# interface Ethernet 0 router1(config-if)# ip address 160.10.1.1 255.255.255.0 router1(config-if)# ip nat inside router1(config-if)# interface serial 0 router1(config-if)# ip address 175.10.1.1 255.255.255.0 router1(config-if)# ip nat outside router1(config-if)# exit router1(config)# access-list 1 permit 160.10.1.0 0.0.0.255

8. Test the overloading (PAT) function by Telnet’ing from router2 to router3. Issue the show users command on router3. It should show that the logged-in device is 175.10.1.1 (the translated IP address). Also, issue the show ip nat translations command on router1 to display the NAT translation table.
router2# telnet 175.10.1.2 router3# show users router1# show ip nat translations

9. Remove all NAT/PAT configuration commands from router1 before continuing on with the CCNA labs.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 16 - PPP & CHAP 1. In this lab, you will configure PPP and CHAP authentication on a serial interface. On router1, issue the show interfaces serial 0 command. Note the encapsulation type of HDLC which is the default for serial links.
router1# show interfaces serial 0

2. On router1 and router3, configure PPP encapsulation for interface S0. Note that the link will not come up unless both ends are configured with the same encapsulation type.
routerx(config)# interface serial0 routerx(config-if)# encapsulation ppp

3. On router1 and router3, issue the show interfaces serial 0 command to verify that PPP is configured for the link. The output should show the PPP LCP phase as ‘Open’ from router1, ping router3 to verify the link is operational.
routerx# show interfaces serial 0 router1# ping 175.10.1.2

4. Configure PPP CHAP authentication for the S0 link on router1 and router3. Use the password of ‘cisco’.
router1(config)# username router3 password cisco router1(config)# interface serial 0 router1(config-if)# ppp authentication chap router3(config)# username router1 password cisco router3(config)# interface serial 0 router3(config-if)# ppp authentication chap

5. On router1 and router3, issue the show interfaces serial0 command to verify the link is ‘up and up’. Ping from router1 to router3 across the link.
routerx# show interfaces serial0 router1# ping 175.10.1.2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 17 – ISDN BRI-BRI using Legacy DDR Router IP Address Mask SPID1 Local Tel# ISDN Switch router1 200.10.1.1 /24 32177820010100 7782001 basic-ni router2 200.10.1.2 /24 32177820020100 7782002 basic-ni

ISDN Parameters 1. Configure ISDN between router1 and router2 using Legacy Dial on Demand Routing. Legacy DDR means all ISDN parameters are configured under the BRI/PRI interface and not under a dialer interface. Any IP packet should represent ‘interesting traffic’ and either router should be able to initiate the call. PPP encapsulation and CHAP authentication should be used. Refer to the table above for ISDN switch-type, IP addresses, subnet masks, and telephone numbers.
router1(config)# isdn switch-type basic-ni router1(config)# dialer-list 1 protocol ip permit router1(config)# username router2 password cisco router1(config)# interface bri0 router1(config-if)# encap ppp router1(config-if)# ip address 200.10.1.1 255.255.255.0 router1(config-if)# isdn spid1 32177820010100 router1(config-if)# dialer-group 1 router1(config-if)# dialer map ip 200.10.1.2 name router2 broadcast 7782002 router1(config-if)# ppp authentication chap router1(config-if)# no shut router2(config)# isdn switch-type basic-ni router2(config)# dialer-list 1 protocol ip permit router2(config)# username router1 password cisco router2(config)# interface bri0 router2(config-if)# encap ppp router2(config-if)# ip address 200.10.1.2 255.255.255.0 router2(config-if)# isdn spid1 32177820020100 router2(config-if)# dialer-group 1 router2(config-if)# dialer map ip 200.10.1.1 name router1 broadcast 7782001 router2(config-if)# ppp authentication chap router2(config-if)# no shut

2. Issue the show isdn status command on both router1 and router2. You should see: Layer1: Active Layer2: Multiple Frame Established with spid1 valid.
routerx# show isdn status

3. Issue the show interfaces bri0 command on router1. This displays the signaling or D Channel. It should show ‘Up and Up (spoofing)’ if it is ready to handle a call request.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Now issue the command show interfaces bri0 1 2. This should show the status of the two data, or B channels. a. Question: what status are the B channels? Why?
router1# show interfaces bri0 router1# show interfaces bri0 1 2

4. From router1, ping the ISDN interface of router2. This should cause an ISDN call to be initiated and the pings should succeed. a. Question: which configuration parameter(s) on router1 identifies the interesting traffic that will trigger a call?
router1# ping 200.10.1.2

5. Issue the show isdn status command on router1. a. Question: what does it show for the ‘Layer 3 Status’?
router1# show isdn status

6. Issue the show interfaces bri0 1 2 command on router1. a. Question: what is the status of the two B channels?
router1# show interfaces bri0 1 2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 18 – ISDN BRI-BRI using Dialer Profiles Router IP Address Mask SPID1 Local Tel# ISDN Switch router1 200.10.1.1 /24 32177820010100 7782001 basic-ni router2 200.10.1.2 /24 32177820020100 7782002 basic-ni ISDN Parameters 1. In this lab, you will configure ISDN BRI on router1 and router2 using dialer profiles. With dialer profiles, you are effectively moving some of the logical ISDN parameters from the physical BRI/PRI interface to a dialer interface. Any IP packet should represent ‘interesting traffic’ in this lab and either router should be able to initiate the call. PPP encapsulation and CHAP authentication should be used. Refer to the table above for ISDN switch-type, IP addresses, subnet masks, and telephone numbers.
router1(config)# isdn switch-type basic-ni router1(config)# dialer-list 1 protocol ip permit router1(config)# username router2 password cisco router1(config)# interface bri0 router1(config-if)# encap ppp router1(config-if)# ppp authentication chap router1(config-if)# isdn spid1 32177820010100 router1(config-if)# dialer pool-member 1 router1(config-if)# no shut router1(config-if)# interface dialer 1 router1(config-if)# no shut router1(config-if)# ip address 200.10.1.1 255.255.255.0 router1(config-if)# encap ppp router1(config-if)# dialer-group 1 router1(config-if)# dialer pool 1 router1(config-if)# dialer remote-name router2 router1(config-if)# dialer string 7782002 router1(config-if)# ppp authentication chap router2(config)# isdn switch-type basic-ni router2(config)# dialer-list 1 protocol ip permit router2(config)# username router1 password cisco router2(config)# interface bri0 router2(config-if)# encap ppp router2(config-if)# ppp authentication chap router2(config-if)# isdn spid1 32177820020100 router2(config-if)# dialer pool-member 1 router2(config-if)# no shut router2(config-if)# interface dialer 1 router2(config-if)# no shut router2(config-if)# ip address 200.10.1.2 255.255.255.0 router2(config-if)# encap ppp router2(config-if)# dialer-group 1 router2(config-if)# dialer pool 1 router2(config-if)# dialer remote-name router1 router2(config-if)# dialer string 7782001 router2(config-if)# ppp authentication chap

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

2. Issue the show isdn status command on both router1 and router2. You should see:
Layer1: Active Layer2: Multiple Frame Established with spid1 valid. routerx# show isdn status

3. Issue the show interfaces bri0 command on router1. This displays the signaling or D Channel. It should show ‘Up and Up (spoofing)’ if it is ready to handle a call request. Now issue the command show interfaces bri0 1 2. This should show the status of the two data, or B channels.
router1# show interfaces bri0 router1# show interfaces bri0 1 2

4. From router1, ping the ISDN interface of router2. This should cause an ISDN call to be initiated and the pings should succeed.
router1# ping 200.10.1.2

6. Issue the show isdn status command on router1. Under the Layer 3 status in the output, it should show one call active.
router1# show isdn status

7. Issue the show interfaces bri0 1 2 command on router1. This shows the status of the B channels (data channels). One of the B channels should have a status of ‘UP and UP’ indicating a successful call is in progress.
router1# show interfaces bri0 1 2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 19 – ISDN PRI using Dialer Profiles Router IP Address Mask SPID1 Local Tel# ISDN Switch router1 201.10.1.1 /24 32177820010100 7782001 basic-ni router2 201.10.1.2 /24 ----7782002 primary-5ess

1. In this lab, you will configure ISDN BRI on router1 and ISDN PRI on router2 using dialer profiles. Router2 has a primary rate ISDN interface (S0/0) as well as a basic rate ISDN interface. Any IP packet should represent ‘interesting traffic’ in this lab and either router should be able to initiate the call. PPP encapsulation and CHAP authentication should be used. Refer to the table above for ISDN switch-type, IP addresses, subnet masks, and telephone numbers. a. Question: if this PRI was being configured in Europe, what would the options be for controller type, framing, and linecode? b. Question: On the PRI interface statement, what is the significance of: 23
router1(config)# isdn switch-type basic-ni router1(config)# dialer-list 1 protocol ip permit router1(config)# username router2 password cisco router1(config)# interface bri0/0 router1(config-if)# encap ppp router1(config-if)# ppp authentication chap router1(config-if)# isdn spid1 32177820010100 router1(config-if)# dialer pool-member 1 router1(config-if)# no shut router1(config-if)# interface dialer 2 router1(config-if)# no shut router1(config-if)# ip address 201.10.1.1 255.255.255.0 router1(config-if)# encap ppp router1(config-if)# dialer-group 1 router1(config-if)# dialer pool 1 router1(config-if)# dialer remote-name router2 router1(config-if)# dialer string 7782002 router1(config-if)# ppp authentication chap router2(config)# isdn switch-type primary-5esss router2(config)# dialer-list 1 protocol ip permit router2(config)# username router1 password cisco router2(config)# controller t1 0/0 router2(config-controller)# framing esf router2(config-controller)# linecode b8zs router2(config-controller)# pri-group timeslots 1-24 router2(config-controller)# exit router2(config)# interface serial0/0:23 router2(config-if)# encapsulation ppp router2(config-if)# ppp authentication chap router2(config-if)# dialer pool-member 2 router2(config-if)# no shut

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

router2(config-if)# interface dialer 2 router2(config-if)# ip address 201.10.1.2 255.255.255.0 router2(config-if)# encapsulation ppp router2(config-if)# dialer-group 1 router2(config-if)# dialer pool 2 router2(config-if)# dialer remote-name router1 router2(config-if)# dialer string 7782001 router2(config-if)# ppp authentication chap router2(config-if)# no shut

2. Issue the show isdn status command on both router1 and router2. You should see:
Layer1: Active Layer2: Multiple Frame Established routerx# show isdn status

3. From router1, ping the ISDN interface of router2. This should cause an ISDN call to be initiated and the pings should succeed.
router1# ping 201.10.1.2

4. Issue the show isdn status command on router1. Under the Layer 3 status in the output, it should show one call active.
router1# show isdn status

5. Issue the show interfaces bri0 1 2 command on router1. This shows the status of the B channels (data channels). One of the B channels should have a status of ‘UP and UP’ indicating a successful call is in progress.
router1# show interfaces bri0 1 2

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 20 – FRAME RELAY Router router1 router5 Interface serial 1 serial 0 IP Address 215.10.1.1 /24 215.10.1.2 /24 Local DLCI 105 501

1. In this lab, you will set up frame relay PVC’s between router1 and router5 using both physical interfaces and point-to-point sub interfaces. Both routers will be frame relay DTE devices connected to a frame relay cloud. 2. Using physical interfaces (no sub interfaces), configure frame relay on router1’s serial1 interface and router5’s serial0 interface. Refer to the chart above for IP addresses and local DLCI’s. Both routers will use ANSI as their lmi-type. Frame relay map statements should be used for static mapping. a. Question: what is the default lmi-type on Cisco routers?
router1(config)# interface serial1 router1(config-if)# encapsulation frame-relay router1(config-if)# ip address 215.10.1.1 255.255.255.0 router1(config-if)# frame-relay map ip 215.10.1.2 105 broadcast router1(config-if)# frame-relay lmi-type ansi router1(config-if)# no shut router5(config)# interface serial0 router5(config-if)# encapsulation frame-relay router5(config-if)# ip address 215.10.1.2 255.255.255.0 router5(config-if)# frame-relay map ip 215.10.1.1 501 broadcast router5(config-if)# frame-relay lmi-type ansi router5(config-if)# no shut

3. Issue the show interfaces serial x command on both router1 and router5. This will show if the routers are successfully connected to their local frame relay switches. The status on the first line should be ‘up and line protocol is up’. On the fifth line of output, you should also see ‘DTE LMI up’. The encapsulation type should be frame relay.
router1# show interfaces serial1 router5# show interfaces serial0

4. Issue the show frame-relay map command on router1 and router5. This will show the mapping of local DLCI’s to remote IP addresses.
routerx# show frame-relay map

5. Issue the show frame-relay pvc command on router1 and router5. This will show the status of the PVC’s connected to the routers. You want to see a status of ‘active’ which indicates the PVC is operational end-to-end.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

routerx# show frame-relay pvc

6. Issue the show frame-relay lmi command on router1. This will show LMI statistics including how many status inquiries and replies have been exchanged.
router1# show frame-relay lmi

7. Ping router1 from router5 to verify the frame-relay connection is working correctly.
router5# ping 215.10.1.1

8. You will now create point-to-point sub interfaces on router1 and router5. You will use the same IP addresses and local DLCI’s as in the previous exercise. It will be necessary to remove the IP addresses and frame map statements from the physical interfaces prior to configuring the sub interfaces.
router1(config)# interface serial1 router1(config-if)# no ip address 215.10.1.1 255.255.255.0 router1(config-if)# no frame map ip 215.10.1.2 105 broadcast router1(config-if)# interface serial1.1 point-to-point router1(config-subif)# ip address 215.10.1.1 255.255.255.0 router1(config-subif)# frame-relay interface-dlci 105 router5(config)# interface serial0 router5(config-if)# no ip address 215.10.1.2 255.255.255.0 router5(config-if)# no frame map ip 215.10.1.1 501 broadcast router5(config-if)# interface serial0.1 point-to-point router5(config-subif)# ip address 215.10.1.2 255.255.255.0 router5(config-subif)# frame-relay interface-dlci 501

9. On both router1 and router5, issue the show ip interface brief command to insure the physical interfaces and sub interfaces are active (status = up and up). Issue a show frame relay pvc command on both routers to insure the PVC with DLCI 105 on router1 and DLCI 501 on router5 is active.
routerx# show ip interface brief routerx# show frame-relay pvc

10. Test the PVC by pinging from router5 to router1.
router5# ping 215.10.1.1

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Appendix A - IPX LAB

Router router1 router2 router3 router4

Interface E0 S0 Fa0/0 S0 S1 E0 S0 E0

IPX NTWK # a b a b c e c d

IPX Encapsulation sap(802.3/802.2) hdlc sap hdlc hdlc novell-ether hdlc arap (Ethernet V2)

1. Configure IPX routing on all LAN/WAN interfaces on router1, router2, router3, and router4 (excluding ISDN and frame-relay interfaces). Refer to the table above for IPX network numbers and encapsulation types.
router1(config)# ipx routing router1(config)# interface ethernet0 router1(config-if)# ipx network a encapsulation sap router1(config-if)# interface serial0 router1(config-if)# ipx network b router2(config)# ipx routing router2(config)# interface ethernet0 router2(config-if)# ipx network a encapsulation sap router3(config)# ipx routing router3(config)# interface serial0 router3(config-if)# ipx network b router3(config-if)# interface serial1 router3(config-if)# ipx network c router3(config-if)# interface ethernet0 router3(config-if)# ipx network e router4(config)# ipx routing router4(config)# interface ethernet0 router4(config-if)# ipx network d encapsulation arpa router4(config-if)# interface serial0 router4(config-if)# ipx network c

2. On router1, issue the show protocols command. This should show IPX routing is enabled.
router1# show protocols

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

3. On router1, issue the show ipx interface command. This will show IPX addresses and other information on any interfaces where IPX is enabled. a. Question: for LAN interfaces, where does the host portion of the IPX address come from? b. Question: for serial interfaces, where does the host portion of the IPX address come from by default?
router1# show ipx interface

4. On router2, issue the show ipx route command. You should see one directly connected network (designated by a ‘C’ in the left column) and four remote IPX networks (designated by an ‘R’ in the left column).
router2# show ipx route

5. From router2, do a ping ipx to router3’s S0 interface and router4’s E0 interface. This will demonstrate that there is connectivity across the IPX network.
router2# ping ipx b.000c.1695.2148 router2# ping ipx d.000c.9273.2381

6. From router2, issue the show ipx traffic command. a. Question: What different Novell packet types does this command show traffic statistics for?
router2# show ipx traffic

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Appendix B:

ANSWERS TO QUESTIONS

LAB 1 - Basic Router Configuration 9a. Question: When both encrypted and unencrypted enable passwords are configured, which one is used? • Answer: The enable secret (encrypted) password is used and the enable password is ignored. 18a. Question: does anything exist in NVRAM? If not, why not? • Answer: No - nothing will be saved to NVRAM until you do a copy running-config startup-config. 21a. Question: What IOS release is running router1? Answer: 12.1(9)T b. Question: What are the contents of the configuration register? Answer: 0x’2102’ 22a. Question: which protocols are currently running on the router? • Answer: IP is the only protocol currently running on the router. IP is supported by default on the Cisco router. Routing for other layer 3 protocols must be turned on explicitly using commands such as ipx routing or decnet routing. 26a. Question: what status should interface E0/0 show if it is fully activated? • Answer: ‘Ethernet is up and Line Protocol is Up’ b. Question: what status would E0/0 show if it was in ‘shutdown’ mode? • Answer: ‘Administratively Down’ 27a. Question: Were you successful? If not what commands should you use for trouble-shooting? • Answer: If you cannot successfully ping router1, you should use: 1. show interfaces: to verify the interface(s) are up 2. show run: to verify the IP addresses and subnet masks are correct LAB 2 – Advanced Router Configuration 9a. Question: what is the name of the IOS image in flash and how large is it? • Answer: c2500-js-mz.121-9.T.bin; 5.88MB LAB 3 – CDP 4a. Question: what is the CDP advertisement interval: • Answer: CDP advertises information every 60 seconds by default. b. Question: what is the holdtime interval and what does it signify? • Answer: The default holdtime interval is 180 secs. This is how long the remote device should keep this

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

CDP advertisement information in its tables if it doesn’t receive another CDP advertisement from this device. LAB 5 – TFTP 7a. Question: was it necessary to clear out router4’s NVRAM in order to copy a file into it? Why? • Answer: No. When you copy a file into NVRAM, it will overwrite completely what’s in there. When you copy a file into DRAM (running-config), however, it merges that file with what is already in there. LAB 6 - RIP 1a. Question: On router1, why doesn’t the network statement under RIP specify 160.10.1.0 rather than 160.10.0.0? • Answer: The network statement under both RIP and IGRP must specify a classful network number (A, B, or C address). It cannot be a subnet. 160.10.1.0 is a subnet, not a classful address. 2a. Question: how frequently does RIP advertise routing updates? • Answer: every 30 seconds. b. Question: what is the holddown interval for RIP? • Answer: 180 seconds. 3a. Question: what is the administrative distance for RIP? • Answer: 120. LAB 7 – IGRP 3a. Question: how frequently does IGRP send out routing updates? • Answer: every 90 seconds. b. Question: what is the holddown interval for IGRP? • Answer: 280 seconds. c. Question: what is the default hop count for IGRP? • Answer: 100 (maximum of 100 routers along the path). 4a. Question: what is the administrative distance for IGRP? • Answer: 100. 6a. Question: what is the difference between the two debug ip igrp commands? • Answer: the debug ip igrp events command traces IGRP routing updates without showing individual network numbers. The debug ip igrp transactions command shows routing updates with individual network numbers that are being advertised or received. LAB 8 – EIGRP

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

3a. Question: what is the maximum router hop count with EIGRP?

Answer: 100 hops.

6a. Question: what does the EIGRP topology database contain? • Answer: the EIGRP topology database contains primary and backup routes to each destination learned from EIGRP neighbors. The ‘best routes’ (those with the lowest composite metric) are termed successor routes and are inserted in the IP routing table on the router. 7a. Question: what is the administrative distance for EIGRP? LAB 9 – OSPF 3a. Question: how frequently does OSPF send routing updates. • Answer: OSPF is a link state routing protocol and does not send out periodic routing updates. OSPF will flood a Link State Advertisement (LSA) when a topology change occurs. 5a. Question: what is the OSPF cost for a 10Mbps Ethernet interface? • Answer: the default cost is 10 which is calculated by dividing the speed of the interface into 100,000,000. The default cost can be overridden using the ip ospf cost interface-level command. 6a. Question: what is the administrative distance for OSPF? LAB 10 – 1900 Switch Configuration 4a. Question: do you need to issue copy running-config startup-config on the Catalyst 1900 to save the running configuration? If not, why not? • Answer: No – the Catalyst 1900 automatically saves any configuration changes you make to NVRAM. 8a. Question: What is the Spanning Tree (802.1D) state of interface e0/1? • Answer: it is in the ‘forwarding’ state. b. Question: What is the duplex setting for interface e0/2? • Answer: Half-duplex - 10baseT ports default to half-duplex. 10a. Question: What version of IOS is the switch running? • Answer: Version V4.00.00. b. Question: What is the base Ethernet address of switch2? • Answer: 00-0C-55-09-32-11. 11a. b. c. d. Question: Question: Question: Question: what is the address of the root bridge? what is the port cost of E0/1? what is the maxage interval? what is the hello interval? Answer: Answer: Answer: Answer: 000C.1835.8565 100. 20 seconds 2 seconds Answer: 110. Answer: 90.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

LAB 11 – VLANS and TRUNKING (Catalyst 1900 Switches) 5a. Question: what VTP operating mode are the switches in? • Answer: the Catalyst 1900 switch defaults to ‘server’ mode. 6a. Question: do you see any ports connected to VLAN 10. If not, why not? • Answer: No. Although VLAN 10 has been created, no ports have been manually assigned to it, as yet. 8a. Question: if both devices are in the same VLAN, why should the pings fail? • Answer: The link connecting switch1 and switch2 is still in VLAN 1. It must be configured to be in VLAN 10 or configured as a trunk line which, by definition, is capable of supporting all VLANs. 9a. Question: what trunking protocol does the 1900 use – ISL or 802.1Q? • Answer: ISL. Lab 12 – CATALYST 2950 SWITCH CONFIGURATION 4a. Question: Do you need to issue copy running-config startup-config on the Catalyst 2950 to save the running configuration? • Answer: Yes. The active configuration is not automatically saved to NVRAM on the 2950. 9a. Question: What is the Spanning Tree (802.1D) state of interface fa0/1? • Answer: forwarding. b. Question: What is the duplex setting for interface fa0/2? • Answer: auto – 10//100 ports default to auto-negotiate on the 2950. 12a. b. c. d. Question: what is the address of the root bridge? Question: what is the port cost of fa0/1? Question: what is the maxage interval? Question: what is the hello interval? Answer: 000C 1835 8565 Answer: 19 Answer: 20 seconds Answer: 2 seconds

LAB 13 – VLANs and TRUNKING (Catalyst 2950 Switches) 6a. Question: do you see any ports connected to VLAN 20? If not, why not? • Answer: No. Although VLAN 20 has been created, no ports have been manually assigned to it, as yet. 8a. Question: if both devices are in the same VLAN, why should the pings fail? • Answer: The link connecting switch3 and switch4 is still in VLAN 1. It must be configured to be in VLAN 20 or configured as a trunk line which, by definition, is capable of supporting all VLANs.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

9a. Question: what trunking protocol does the 2950 use – ISL or 802.1Q? • Answer: the 2950 only supports 802.1Q. LAB 14 – ACCESS LISTS 3a. Question: is a ‘deny any’ statement required in the access-list? • Answer: No – an implicit ‘deny any’ is at the end of every access-list. b. Question: what does the mask 0.0.0.255 mean in the access-list? • Answer: This is a wildcard or reverse mask. It means permit any device where the source address starts with 175.10.1 in the first three octets. c. Question: can any number be assigned to a standard IP access-list? • Answer: No – standard IP access-lists are in the range 1-99 or 1300-1999.. 5a. Question: what are two ways you can specify a host address in an extended IP access-list? • Answer: You can specify ‘host 172.16.1.1’ or ‘172.16.1.1 0.0.0.0’. b. Question: what is the number range for extended IP access-lists? • Answer: 100-199 or 2000-2699.. c. Question: how would you permit RIP routing updates: • Answer: access-list 100 permit udp any any eq 520 (RIP uses UDP port 520) Lab 15 – NAT/PAT 4a. Question: does the “inside global IP address” normally represent a public or a private IP address? • Answer: the inside global IP address normally represents a public, or registered IP address. NAT/PAT translates the inside local IP address, which is usually a private IP address, to an inside global IP address, which is usually a registered IP address. 5a. Question: if the pool of dynamically assigned addresses only contains one IP address entry, what’s another term for this form of NAT translation? • Answer: this is also known as overloading or Port Address Translation (PAT). It is possible to configure overloading by defining one or a few IP addresses in the dynamic address pool. This is an alternative to pointing to a physical interface in the PAT definitions. LAB 17 – ISDN BRI-BRI using Legacy DDR 3a. Question: what status are the B channels? Why? • Answer: the B channels are ‘down and down’ since no calls are active. 4a. Question: which configuration parameter(s) on router1 identifies the interesting traffic that will trigger a call?

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

• Answer: the dialer-list and dialer-group commands are used to identify ‘interesting traffic’ 5a. Question: what does it show for ‘Layer 3 Status’? • Answer: It should show ‘1 Active Layer 3 Call’ 6a. Question: what is the status of the two B channels? • Answer: Now that a call has been established, one of the B channels should be ‘up and line protocol up’. The other one should still have a status of down and down. LAB 19 – ISDN PRI using Dialer Profiles 1a. Question: if this PRI was being configured in Europe, what would the options be for controller type, framing, and linecode? • Answer: In Europe, the controller type is E1; the framing is either crc4 or no-crc4, and the linecode is hdb3. b. Question: On the PRI interface statement, what is the significance of :23? • Answer: 23 represents the ISDN signaling channel on the PRI/T1 link. It is the 24th time-slot on the T1 link. LAB 20 – FRAME RELAY 2a. Question: what is the default lmi-type on Cisco routers? IPX LAB (Appendix A) 3a. Question: for LAN interfaces, where does the host portion of the IPX address come from? • Answer: the host address is equivalent to the six-byte MAC address b. Question: for serial interfaces, where does the host portion of the IPX address come from by default? • Answer: the host address is equivalent to the MAC address of the lowest-numbered Ethernet interface. 6a. Question: what different Novell packet types does this command show traffic statistics for? • Answer: RIP, SAP, ECHO, WATCHDOG, EIGRP Answer: cisco.

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Appendix C:

LAB CONFIGURATIONS Coming Soon!!!

Copyright (c) 1998-2004 Boson Software, Inc. All Rights Reserved.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.