2007年最新CCNA实验手册

广西思科认证培训中心
http://www.GXcisco.com 技术支持：广西南宁欧朋信息技术有限公司
广西权威ＩＴ认证培训中心
广西专业的 Cisco 实验室
多名CCNA CCNP资深讲师 100多套 Cisco 设备
写在文前：在此特别感谢ＣＣＩＥ＃１２４２１田家昌老师郭老师ＣＣＩＥ＃１６１９２董智老师
网络小菜鸟３１５安全网许子华老师等无私的帮助！感谢欧朋公司周老师
代老师黎老师宋老师等提供原资料！
由于比较匆忙，如有错误之处，请大家谅解！！２００７年元月１５日
172.16.1.1
172.16.1.254
R1 E0
12.1.1.1 S1
S0 13.1.1.1
12.1.1.2
13.1.1.3
S0 S0
S1 S1
220.1.1.2
R2 R3 33.1.1.3
23.1.1.2 23.1.1.3
CCNA 实验拓图
实验目录：
•Lab 1 - Basic Router Configuration
•Lab 2 - Advanced Router Configuration
•Lab 3 - CDP
•Lab 4 - Telnet
•Lab 5 - TFTP
•Lab 6 - RIP
•Lab 7 - IGRP
•Lab 8 - EIGRP
•Lab 9 - OSPF
•Lab 10 –Catalyst 1900 Switch Configuration
•Lab 11 - VLANs & Trunking (Catalyst 1900)
•Lab 12 - Catalyst 2950 Switch Configuration
•Lab 13 - VLANs and Trunking (Catalyst 2950)
•Lab 13-1 Routing inter VLAN(Dot1q)
•Lab 14 - IP Access Lists
•Lab 15 - NAT/PAT
•Lab 16 - PPP & CHAP
•Lab 17 - ISDN BRI-BRI using Legacy DDR
•Lab 18 - ISDN BRI-BRI using Dialer Profiles
地址：广西省南宁市火炬路金达花园８栋１０１室
电话：：
（0771）-2655215 3832816
http://www.GXcisco.com 技术支持：广西南宁欧朋信息技术有限公司
•Lab 19 - ISDN PRI using Dialer Profiles

•Lab 20 - Frame Relay
LAB 1 – 基本配置
1.
Router>
3.
Router> ?
4. Router> enable
Router#
5. Router# ?
6. Router# disable
Router>
7. Router> enable
Router# configure terminal
Router(config)#
8. 配置路由器名字如 ‘naxxr1’(注：如果你用的试验台号是 03，则命名为 na03r1,如果
为
12，则命名 na12r1,依次类推).
Router(config)# hostname naxxr1
naxxr1(config)#
9. 修改特权模式密码
问题 A: when both encrypted and unencrypted enable passwords are configured, which one is
used?
naxxr1(config)# enable ?
naxxr1(config)# enable password
ccnalab naxxr1(config)# enable secret
cisco
10. 在接口配置 IP
naxxr1(config)# int<tab>
naxxr1(config)# interface ethernet0
naxxr1(config-if)# ip address 172.16.1.1 255.255.255.0
naxxr1(config-if)# no shutdown
11. 在 S0 口配置
naxxr1(config-if)# int s0
naxxr1(config-if)# no shut
12. 测试 ctrl-z 的作用
naxxr1(config-if)# ctrl-
z naxxr1#
13. 退出路由器
naxxr1# logout
14. 回到特权模式
电话：：
（0771）-2655215 3832816
http://www.GXcisco.com
naxxr1> enable
password:
cisco naxxr1#
15.显示接口的概况:
naxxr1# show ip interface brief
16. 显示详细信息:
naxxr1# show interfaces
17.显示内存信息:
naxxr1# show running-config
18. 显示 NVRAM? If not, why not?
naxxr1# show startup-config
19. 保存配置:
naxxr1# copy running-config startup-config
20. 现在显示 NVRAM.
naxxr1# show startup-config
21. 使用 Show version:
问题 A: What IOS release is running 在 naxxr1?
问题 B: What are the contents of the configuration register?
naxxr1# show version
22. 查看运行的协议
问题 A:which protocols are currently running on the router?
naxxr1# show protocols
23. 进入另一台 Router.
Router> enable
Router# configure terminal
Router(config)#
24. 配置主机名，配置密码.
Router(config)# hostname naxxr2
naxxr2(config)# enable secret cisco
25. 配置以太网 IP.
naxxr2(config)# interface E0
26. 显示所有接口简单信息
naxxr2(config-if)# ctrl-z
naxxr2# show ip interface
brief
LAB 2 – 路由器配置
2. 配置路由器 Console 接口的密码 wisdom
naxxr1(config)# line console 0
naxxr1(config-line)# login
naxxr1(config-line)# password wisdom
3. 配置 Banner” Welcome to WISDOM LAB - Authorized Users Only”.
电话：：
（0771）-2655215 3832816
naxxr1(config)# banner motd #
Welcome to WISDOM LAB - Authorized Users Only #
4. 退出路由器,重新登录.
naxxr1# logout
enter
password:
wisdom naxxr1>
enable
password: cisco
naxxr1#
5. 配置 Telnet 密码:
naxxr2(config)# line vty 0 4
naxxr2(config-line)# login
naxxr2(config-line)# password
cisco
6. 在 Naxxr1 上将 Naxxr2 和 12.1.1.2 对应起来
（相当于 Windows 里的 Hosts 文件的作
用）。
.
naxxr1(config)# ip host naxxr2 12.1.1.2
7. 检查 Naxxr1 中主机名和 IP 地址的对应.
naxxr1# show hosts
8. Ping ‘naxxr2’看是否成功.
naxxr1# ping naxxr2
9.显示 naxxr2 上的 Flash.
问题 A: what is the name of the IOS image in flash and how large is it?
naxxr2# show flash
10. 显示 Naxxr1 上曾经敲入的命令，可以看到前 10 条，可以通过 Ctrl＋P 或向上箭头调
出这些命令.
naxxr1# show history
naxxr1# ctrl-p (to see previously entered commands)
11.
naxxr1# show interfaces serial 0
naxxr1# configure terminal
naxxr1(config)# interface serial
0
如果 Naxxr1 的 S0 口接的线是 DCE 接头，输入下面命令，使得这个接口能根对端的接口建立串行连接，
否
则即使你配置了 IP 也没法连通。
naxxr1(config-if)# clock rate 64000
naxxr1(config-if)# ctrl-z
12. 配置接口的 LABEL.
naxxr1(config)# interface serial 0
naxxr1(config-if)# description Serial Link to Naxxr2
naxxr1(config-if)# exit
naxxr1(config)# exit
13. 配置 naxxr3
电话：：
（0771）-2655215 3832816
LAB 3 –CDP
1. 做好基本配置
naxxr1# config t
naxxr1(config-if)# no sh
naxxr1(config-if)# ip add 12.1.1.1 255.255.255.0
naxxr1(config-if)#exit
naxxr1(config)# interface serail 1
naxxr1(config-if)# end
naxxr2# config t
naxxr2(config-if)#end
naxxr3# config t
2. 在 Naxxr1.
naxxr1# sh cdp neighbors
3. 显示邻居的详细信息.
naxxr1# show cdp neighbors
detail naxxr1# show cdp entry *
4. 查看那个接口运行 CDP.
问题 A: what is the CDP advertisement interval?
问题 B: what is the holdtime interval and what does it signify?
naxxr1# show cdp interface
5.在 naxxr1,改变 CDP 的计时器.
naxxr1(config)# cdp timer 50
naxxr1(config)# cdp holdtime
170 naxxr1(config)# exit
naxxr1# sh cdp interface
6. 启用和禁用 CDP
Naxxr1(config)#no cdp run !禁止路由器运行 CDP
naxxr1#show cdp nei ！检查看到没有ＣＤＰ运行
naxxr1#configure terminal
电话：：
（0771）-2655215 3832816
naxxr1(config)#interface serial0
naxxr1(config-if)#no cdp enable !禁止此接口运行 CDP
naxxr1#show cdp interface !看不到 Serial0 运行 CDP
启用 CDP
naxxr1(config)#cdp run
naxxr1(config)#interface serial0
ｎａｘｘｒ１（ｃｏｎｆｉｇ
－ｉｆ）＃ｃｄｐｅｎａｂｌｅ
LAB 4 –TELNET
1. 基本配置要配置好
naxxr1# config t
naxxr1(config-if)# end
naxxr2# config t
naxxr3# config t
2. 首先在 naxxr2 和 naxxr3 上配置好密码.

naxxr3>
naxxr3# config t
naxxr3(config)#line vty 0 4
naxxr3(config-line)#login
naxxr3(config-line)#password cisco
naxxr3>
naxxr3# config t
naxxr3(config)#line vty 0 4
电话：：
（0771）-2655215 3832816
naxxr3(config-line)#login
naxxr3(config-line)#password cisco
3. 在 Naxxr1 上登录到 Naxxr2.
naxxr1# telnet 12.1.1.2
naxxr2>
naxxr2# show users
4. 在 Naxxr2 上输入 CTRL-SHIFT-6 ，松开手然后输入 X. 将回到 Naxxr1
naxxr2# ctrl-shift-6
x naxxr1#
naxxr1# show sessions
5. Telnet 到 Naxxr3.
naxxr3>
naxxr3> ctrl-shift-6
x naxxr1#
naxxr1# show sessions
6. 在 Naxxr1 上断开连接
naxxr1# disconnect
2 naxxr1# disconnect
1 naxxr1# show
sessions
7．在 naxxr2 和 naxxr3 上清除连接

LAB 5 - TFTP
在 naxxr1 上配置：
naxxr1#conf t
naxxr1(config)#int e0
naxxr1(config-if)#ip address 172.16.1.xx(xx 是你的实验台的编号,请不要随意配置其他 IP 地址,否则会跟其他学
员的地址产生冲突)
naxxr1#ping 172.16.1.254 !tftp Server 的地址是 172.16.1.254,测试是否能连通
naxxr1# copy startup-config
tftp naxxr1# copy tftp startup-
config
LAB 6 - RIP
假设所有路由器已经配置好了 IP 地址(路已经修好了)
路由器基本配置：
naxxr1# config t
电话：：
（0771）-2655215 3832816

naxxr1(config-if)# exit
naxxr1(config)#interface ethernet0
naxxr1(config-if)#ip add 172.16.1.1 255.255.255.0
naxxr1(config-if)#no shut
naxxr1(config-if)#no keepalive
naxxr2# config t
naxxr3# config t
naxxr1(config)# router rip

naxxr1(config-router)# network
172.16.0.0 naxxr1(config-router)#
network 12.0.0.0 naxxr1(config-router)#
network 13.0.0.0 naxxr2(config)# router
rip
network 220.1.1.0 naxxr3(config)#
router rip
naxxr3(config-router)# network 13.1.0.0
电话：：
（0771）-2655215 3832816
2. 在 naxxr1 上使用 sh ip protocols 查看动态路由的信息

问题 A: how frequently does RIP advertise routing updates?
问题 B: what is the holddown timer interval for RIP?
naxxr1# show ip protocols
3． naxxr1 上有多少条路由？有几条是从 RIP 得到的？其他两台呢？
a. RIP 的管理距离是多少?
Naxxr1# show ip route
4.在 naxxr2, ping naxxr3.
naxxr2# ping 33.1.1.3
5. 使用 cle ip route *清除路由表.
router4# clear ip route *
6. 在 naxxr1 使用 Debug 命令,将可以看到路由器每 30 秒更新一次路由.
naxxr1# debug ip rip
7. 使用 undebug all 命令
Naxxr1#show debuging !检查目前打开了那些 Debug 命令
naxxr1# undebug all !关掉所有打开的 Debug 命令
LAB 7 –IGRP
假设所有路由器已经配置好了 IP 地址(路已经修好了)
清除刚才配置的 RIP
routerx(config)# no router
rip routerx# show ip protocols
2. 在 naxxr1, naxxr2, naxxr3,使用自治系统号 100.
naxxr1(config)# router igrp 100
igrp 100 naxxr2(config-router)# network
12.0.0.0 naxxr2(config-router)# network
220.1.1.0 naxxr3(config)# router igrp 100
3.显示动态路由协议.
问题 A: how frequently does IGRP send out routing updates?
问题 B: what is the holddown interval for IGRP?
问题 C: what is the default hop count for IGRP?
naxxr1# show ip protocols
4. 显示 IP 路由.
问题 A: what is the administrative distance for IGRP?
Naxxr1# show ip route
5. 在 naxxr2, ping naxxr3.
电话：：
（0771）-2655215 3832816

6.
问题 A: what is the difference between the two debug ip igrp commands?
naxxr1# debug ip igrp events
naxxr1# debug ip igrp
transactions
LAB 8 –EIGRP
1. 清除刚才配置的 IGRP
routerx(config)# no router igrp 100
2.
naxxr1(config)# router eigrp 1
eigrp 1 naxxr2(config-router)# network
12.0.0.0 naxxr2(config-router)# network
220.1.1.0 naxxr3(config)# router eigrp 1
3. 查看路由协议.
问题 A: what is the maximum router hop count with EIGRP?
router4# show ip protocols
4.在 naxxr1 上显示 EIGRP 邻居.
naxxr1# show ip eigrp neighbors
5.在 naxxr1 是能够显示 EIGRP 包的发送和接受数量.
naxxr1# show ip eigrp traffic
6.在 naxxr1 上显示 EIGRP topology database.
问题 A: what does the EIGRP topology database contain?
naxxr1# show ip eigrp topology
7. 在 naxxr2 上显示路由
问题 A: EIGRP 的管理距离多少?
router4# show ip route
9.
naxxr1# debug ip eigrp
电话：：
（0771）-2655215 3832816
LAB 9 - OSPF
naxxx(config)# no router eigrp 100
2..
naxxr1(config)# router ospf 1
naxxr1(config-router)# network 172.16.1.0 0.0.0.255
area 0 naxxr1(config-router)# network 12.1.1.0 0.0.0.255
area 0 naxxr1(config-router)# network 13.1.1.0 0.0.0.255
area 0 naxxr2(config)# router ospf 1
naxxr2(config-router)# network 12.1.1.0 0.0.0.255
area 0 naxxr2(config-router)# network 220.1.1.0
0.0.0.255 area 0 naxxr3(config)# router ospf 1
naxxr3(config-router)# network 13.1.1.0 0.0.0.255 area 0
naxxr3(config-router)# network 33.1.1.0 0.0.0.255 area 0
3. 显示路由协议信息.
问题 A: How frequently does OSPF send routing updates?
Naxxr1# sh ip protocols
4.在 naxxr1 上检查邻居.
naxxr1# sh ip ospf neighbor
5.在 naxxr1 检查运行 OSPF 的接口.
问题 A: 10Mbps 以太网接口中的 COST 是多少?
naxxr1# sh ip ospf interface
6. 检查路由表.
问题 A: OSPF 的管理距离多少?
router4# show ip route
LAB 10 –CATALYST 1900 SWITCH 配置(不要求)

> enable
# ?
# disable
>
3. On switch1, go into privileged mode and then into global configuration mode. Assign
Switch1 a host name of 1900sw1. Use exit or ctrl-z to get out of configuration mode.
> enable
# configure terminal
(config)# hostname 1900sw1
1900sw1(config)# exit
1900sw1#
4. On switch1, type show running-config to see the active configuration.
问题 A: Do you need to issue copy running-config startup-config on the Catalyst 1900 to save
电话：：
（0771）-2655215 3832816
the running configuration?

If not, why not?
1900sw1# show running-config
5. On switch1, erase the current configuration with the following command:
1900sw1# delete nvram
6. On switch1, get into privileged mode and then into global configuration. Reassign the switch
a hostname of 1900sw1 and an enable password of ‘cisco’. Assign the switch an IP address of
195.10.1.99 with a subnet mask of 255.255.255.0. Assign the switch a default gateway of
195.10.1.1 (router4’s Ethernet address).
> enable
1900sw1(config)# enable password level 15 cisco
1900sw1(config)# ip address 195.10.1.99 255.255.255.0
1900sw1(config)# ip default-gateway 195.10.1.1
7. On switch1, issue the show ip command to verify that the IP address, mask, and default
gateway are correct.
1900sw1# show ip
8. On switch1, issue the show interfaces command.
问题 A: What is the Spanning Tree (802.1D) state of interface e0/1?
问题 B: What is the duplex setting for interface e0/2?
1900sw1# show interfaces
9. From the NetSim tool bar, select Switch 2 (Catalyst 1900). Configure it with a hostname of
1900sw2 and an enable password of cisco (the enable password should be encrypted when
displaying the configuration file). Assign an IP address of 195.10.1.100/24 and a
default-gateway of 195.10.1.1
> enable
1900sw2(config)# enable secret level 15 cisco
1900sw2(config)# ip address 195.10.1.100 255.255.255.0
1900sw2(config)# ip default-gateway 195.10.1.1
10. On switch2, issue the show version command.

问题 A: What version of IOS is the switch running?
问题 B: What is the base Ethernet address of 1900sw2?
1900sw2# show version
11. On switch1, issue the show spantree command.
问题 A: what is the address of the root bridge?
问题 B: what is the port cost of E0/1?
问题 C: what is the maxage interval?
问题 D: what is the hello interval?
1900sw1# show spantree
电话：：
（0771）-2655215 3832816
12. On switch1, issue the show mac-address-table command. This shows which devices are
attached to which switch ports.
1900sw1# show mac-address-table
13. On switch1, permanently assign a device with MAC address 1111-1111-1111 to port
E0/5. Issue the show mac-address-table command to verify the device is in the table as
a permanent entry.
1900sw1(config)# mac-address-table permanent 1111-1111-1111 e0/5
1900sw1(config)# exit
1900sw1# show mac-address-table
14. On switch1, configure port security for port e0/9. The switch will ‘sticky-learn’the MAC
address of the device connected to port e0/9 and will only allow that device to connect to this
port in the future.
1900sw1(config)# interface e0/9
1900sw1(config-if)# port secure
1900sw1(config-if)# port secure max-mac-count 1
LAB 11 –VLANs and TRUNKING (Catalyst 1900 Switches)

1. In this lab, you will set up VLANs on the Catalyst 1900 switches and test them by pinging
between router4 and PC1. Router4 is connected to e0/1 on switch1 and PC1 is connected
to e0/1 on switch2. Switch1 and switch2 are interconnected through their fa0/26 Fast
Ethernet ports.
2. Using winipcfg on PC1, configure an IP address of 195.10.1.2/24 and a default gateway of
195.10.1.1
(if not already configured from a previous lab).
c:> winipcfg
3. Verify you can presently ping between PC1 and router4. If you cannot ping successfully,
check that router4’s Ethernet0 IP address is 195.10.1.1/24 and that the interface is
enabled. Also, using the winipcfg utility, check that the PC has a configured IP address of
195.10.1.2/24.
c:> ping 195.10.1.1
4. On switch1 and switch2, issue the show vlan command. You should note that, by default,
all switch ports are in VLAN1. Because router4, PC1, and the switch-to-switch link are all in
VLAN1, should be able to ping between PC1 and router4.
1900swx# show vlan
5. On switch1 and switch2, set up a VTP domain called bigdomain. Verify it has been created
with the show vtp command.
问题 A: what VTP operating mode are the switches in?
1900swx(config)# vtp domain bigdomain
1900swx(config)# exit
1900swx# show vtp
6. On switch1 and switch2, create VLAN 10, calling it ccnavlan. Issue the show vlan command
to verify it was successfully created.
问题 A: do you see any ports connected to VLAN 10. If not, why not?
电话：：
（0771）-2655215 3832816
1900swx(config)# vlan 10 name ccnavlan

1900swx(config)# exit
1900swx# show vlan
7. On switch1 and switch2, assign the e0/1 ports to the new VLAN you created. Router4 and
PC1 are attached to these ports. Issue the show vlan command on both switches to verify
these ports have been moved to VLAN10. Also, issue the show vlan-membership command.
This is another command that shows VLAN assignments by port on the 1900.
1900swx(config)# interface e0/1
1900swx(config-if)# vlan-membership static 10
1900swx(config-if)# ctrl-z
1900swx# show vlan
1900swx# show vlan-membership
8. Now that both router4 and PC1 are in VLAN10, try to ping from the PC1 to router4. It
should fail.
问题 A: if both devices are in the same VLAN, why should the pings fail?
c:> ping 195.10.1.1
9. Make the link between switch1 and switch2 a trunk line capable of carrying traffic for any
VLAN. Use the show trunk a command to verify trunking is enabled on port fa0/26 on both
switches (it should say “Trunking: on”)
问题 A: what trunking protocol does the 1900 use –ISL or 802.1Q?
1900swx(config)# interface fa0/26
1900swx(config-if)# trunk on
1900swx(config-if)# ctrl-z
1900swx# show trunk a
10. Now ping between PC1 and router4. The pings should succeed because both devices are in
the same VLAN and the inter-switch link is a trunk line capable of carrying traffic for any
VLAN.
c:> ping 195.10.1.1
LAB 12 - 2950 交换机配置
Switch> enable
Switch# ?
Switch#
disable Switch>
3.
Switch> enable
Switch# configure terminal
Switchconfig)# hostname
sw2950 sw2050(config)# exit
sw2950#
4. 检查运行配置
电话：：
（0771）-2655215 3832816
sw2950# show running-config

5. 保存配置
sw2950# copy running-config startup-
config sw2950# show startup-config
6. 删除配置,重起
sw2950# erase startup-
config sw2950# reload
7. 配置交换机的 IP 地址和默认网关
Switch> enable
Switch # configure terminal
Switch (config)# hostname sw2950
sw2950(config)# enable password
cisco sw2950(config)# interface vlan1
sw2950(config-if)# ip address 172.16.1.110 255.255.255.0
sw2950(config-if)# no
shutdown sw2950(config-if)#
exit
sw2950(config)# ip default-gateway 172.16.1.254
8. 检查地址
sw2950# show interface vlan1
9. On switch3, issue the show interfaces command.
问题 A: interface fa0/1 的生成树状态是什么?
问题 B: fa0/2 的双工模式是什么?
sw2950# show
interfaces sw2950#
show version
11. 使用 Show spanning-tree
问题 A: 根网桥的网桥 ID 是多少?
问题 B: fa0/1 的 COST 是多少?
问题 C: maxage 是多少?
问题 D: hello 间隔是多少?
sw2950# show spanning-tree
12.检查 MAC 地址表
sw2950# show mac-address-table
13. MAC 地址的静态指定
sw2950(config)# mac-address-table static 4444-4444-4444 vlan 1 int fa0/5
sw2950(config)# exit
sw2950# show mac-address-table
14. 交换机端口安全配置
sw2950(config)# interface fa0/9
sw2950(config-if)# switchport port-security
sw2950(config-if)# switchport port-security maximum 1
sw2950(config-if)# switchport port-security mac-address-table 1111.1111.1111
LAB 13 –VLANs and TRUNKING
电话：：
（0771）-2655215 3832816
F0/1 F0/1 VLAN3

F0/4 Sw01 Sw02 F0/110.1.1.3
F0/6 R3
VLAN2
1.1.1.1 1.1.1.2
R1 VLAN2
R2
1. 检查交换机上的 VLAN
sw01# show vlan
２．配置Ｔｒｕｎｋ
ＩＳＬ封装方式：
Sw01(config)# interface fa0/1
sw01(config-if)# switchport mode trunk
Sw01(conifg-if)#swtichport trunk encapsulation isl !2950 交换机不能敲入此命令
sw01(config-if)# ctrl-z
sw01# show interface fa0/1 switchport

Sw01(conifg-if)#swtichport trunk encapsulation isl !2950 交换机不能敲入此命令
ＤＯＴ１Ｑ封装方式：
Sw01(conifg-if)#swtichport trunk encapsulation dot1q !2950 交换机不用敲入此命令

Sw01(conifg-if)#swtichport trunk encapsulation isl !2950 交换机不用敲入此命令
3. 配置 VTP(两种方法)
第一种:
sw01# vlan database
sw01(vlan)# vtp domain wisdom
电话：：
（0771）-2655215 3832816
HTTP://WWW.WISDOMINFO.COM
sw01(vlan)#vtp server
sw01(vlan)# ctrl-z
sw01# show vtp
status
第二种:
sw01(config)#vtp domain wisdom
sw01(vlan)#vtp mode server
sw01(config)#end
sw01#show vtp status
sw02# vlan database

sw02(vlan)# vtp domain
wisdom sw02(vlan)#vtp client
sw02(vlan)# ctrl-z
sw02# show vtp
status
4.创建 Vlan
sw01# vlan database
sw01(vlan)# vlan 2 name
vlan2 sw01(vlan)# vlan 3
name vlan3 sw01(vlan)# exit
sw01# show vlan
在 sw02 上检查 Vlan,应该可以看到 Vlan 2,3

Sw02#show vlan
5. 在 sw01 上将 f0/4 加入 Vlan2,在 Sw02 上将 f0/6 加入 Vlan2,将 f0/10 加入 Vlan3
Sw01 (config-if)# switchport mode access
Sw01 (config-if)# switchport access vlan 2
Sw02(config-if)# switchport mode access
Sw02(config-if)# switchport access vlan 2
Sw02(config-if)# switchport mode access
Sw02(config-if)# switchport access vlan 3
Sw02(config-if)# ctrl-z
2950swx# show vlan
6.配置 R1、R2 和 R3 的 IP
Ｎａｘｘｒ１（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｅ０
Ｎａｘｘｒ１（ｃｏｎｆｉｇ－ｉｆ）＃ｉｐａｄｄ１．１．１．１
Ｎａｘｘｒ２（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｅ０
Ｎａｘｘｒ２（ｃｏｎｆｉｇ－ｉｆ）＃ｉｐａｄｄ１．１．１．２
电话：：
（0771）-2655215 3832816
Ｎａｘｘｒ３（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｅ０
Ｎａｘｘｒ３（ｃｏｎｆｉｇ－ｉｆ）＃ｉｐａｄｄ１．１．１．３
７．测试
在ｎａｘｘｒ１上能ｐｉｎｇ通１．１．１．２，不能ｐｉｎｇ通１．１．１．３
ｎａｘｘｒ１＃ｐｉｎｇ１．１．１．２
ｎａｘｘｒ１＃ｐｉｎｇ１．１．１．３
LAB 13 –1 VLAN间路由
R2610
TRUNK
VLAN2 VLAN3 VLAN4
2.1.1.254 3.1.1.254 4.1.1.254
路由器配置：
Ｒｏｕｔｅｒ＞
Ｒｏｕｔｅｒ＞
Ｒｏｕｔｅｒ＞ｅｎａｂｌｅ
Ｒｏｕｔｅｒ＃ｃｏｎｆ
Ｒｏｕｔｅｒ＃ｃｏｎｆｉｇｕｒｅｔ
Ｒｏｕｔｅｒ＃ｃｏｎｆｉｇｕｒｅｔｅｒｍｉｎａｌ
Ｒｏｕｔｅｒ（ｃｏｎｆｉｇ）＃ｈｏｓｔｎａｍｅＲ２６１０
Ｒ２６１０（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｅ０／０
Ｒ２６１０（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｓｈｕｔｄｏｗｎ
Ｒ２６１０（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｉｐ
ａｄｄｒｅｓｓＲ２６１０（ｃｏｎｆｉｇ－ｉｆ）＃ｅｘｉｔ
Ｒ２６１０（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｅ０／０．２
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｅｎｃａｐｓｕｌａｔｉ
ｏｎｄｏｔ１Ｑ２
电话：：
（0771）-2655215 3832816
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐａｄｄ２．１．１．１２５５．２５５．２５５．０

Ｒ２６１０（ｃｏｎｆｉｇ）＃ｉｎｔｅ０／０．３
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｅｎｃａｐｓｕｌａｔｉｏｎｄｏｔ１Ｑ３
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐａｄｄ３．１．１．１２５５．２５５．２５５．０
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｅｘｉｔ
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｅｎｃａｐｓｕｌａｔｉｏｎｄｏｔ１Ｑ４
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐａｄｄ４．１．１．１２５５．２５５．２５５．０
Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｅｎｄ
Ｒ２６１０＃
交换机配置：
Ｓｗｉｔｃｈ＞
Ｓｗｉｔｃｈ＞
Ｓｗｉｔｃｈ＞ｅｎａｂｌｅ
Ｓｗｉｔｃｈ＃ｃｏｎｆ
Ｓｗｉｔｃｈ＃ｃｏｎｆｉｇｕｒｅｔ
Ｓｗｉｔｃｈ＃ｃｏｎｆｉｇｕｒｅｔｅｒｍｉｎａｌ
Ｓｗｉｔｃｈ（ｃｏｎｆｉｇ）＃ｈｏｓｔｓｗ２９５０
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｉｎｔｆ０／２４
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ）＃ｓｗｉｔｃｈｐｏｒｔｍｏｄｅｔｒｕｎｋ
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ）＃ｅｘｉｔ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｖｌａｎ２
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｎａｍｅＶＬＡＮ２
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｅｘｉｔ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｖｌａｎ３
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｎａｍｅＶＬＡＮ３
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｅｘｉｔ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｖｌａｎ４
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｎａｍｅＶＬＡＮ４
ｓｗ２９５０（ｃｏｎｆｉｇ－ｖｌａｎ）＃ｅｘｉ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｉｎｔｆ０／１－６
ｒａｎｇｅ
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｓｗｉｔｃｈｐｏｒｔｍｏｄｅａｃｃｅｓｓ
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｓｗｉｔｃｈｐｏｒｔａｃｃｅｓｓｖｌａｎ２
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｅｘｉｔ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｉｎｔｒａｎｇｅ－１２
ｆ０／７
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｓｗｉｔｃｈｐｏｒｔａｃｃｅｓｓｖｌａｎ３
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｅｘｉｔ
ｓｗ２９５０（ｃｏｎｆｉｇ）＃ｉｎｔｒａｎｇｅ－１８
ｆ０／１３
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｓｗｉｔｃｈｐｏｒｔａｃｃｅｓｓｖｌａｎ４
ｓｗ２９５０（ｃｏｎｆｉｇ－ｉｆ－ｒａｎｇｅ）＃ｅｎｄ
ｓｗ２９５０＃
电话：：
（0771）-2655215 3832816
LAB 14 –IP 访问列表
172.16.1.1
172.16.1.254
Naxxr1 E0
12.1.1.1 S1
S0 13.1.1.1
12.1.1.2
13.1.1.3
S0 S0
220.1.1.2 naxxr2 Naxxr3
33.1.1.3
172.16.1.254
实验一:将 R2,R3 认为是一台计算机,R1 是路由器,配置标准访问列表,不允许 naxxr2 访问

naxxr3.
1. 做好基本配置,并测试连通性
Naxxr1:
naxxr1#conf t
naxxr1(config)#int s0
naxxr1(config-if)#no sh
naxxr1(config-if)#clo
naxxr1(config-if)#clock r 4000000
naxxr1(config-if)#exi
naxxr2:
naxxr2>en
naxxr2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
naxxr2(config)#hostname naxxr2
电话：：
（0771）-2655215 3832816
naxxr2(config-if)#ip address 12.1.1.2 255.255.255.0
naxxr2(config)#ip route 0.0.0.0 0.0.0.0 12.1.1.1
naxxr2(config)#end
naxxr2#ping 13.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/7/8 ms
naxxr2#
NAXXR3:
Router>en
Router#conf t
Router(config)#hostname naxxr3
naxxr3(config)#interface serial 0
naxxr3(config-if)#no shutdown
naxxr3(config-if)#
naxxr3(config)#end

!!!!!
naxxr3#
2. naxxr1(config)#access-list 1 deny 12.1.1.2 0.0.0.0
naxxr1(config)#access-list 1 permit any
naxxr1(config)#interface s1
naxxr1(config-if)#ip access-group 1 out !如将列表应用在 S0 口,怎么配置呢?
naxxr1#show access-list !或者使用 show ip access-list
naxxr1#show ip interface
在 naxxr2 上测试 Ping naxxr3
naxxr2#ping 13.1.1.3 !是否能 Ping 通?
naxxr2#telnet 13.1.1.3 !能 Telnet 到成功马?
naxxr1#conf t
naxxr1(conft)#no access-list 1 !删除列表 1
电话：：
（0771）-2655215 3832816
naxxr1#show run !检查列表 1,还有列表吗?
实验二:不允许 naxxr2 Ping naxxr3,其他的连接可以

1.做好基本配置,并测试连通性
Naxxr1:
naxxr1#conf t
naxxr1(config-if)#clo
naxxr2:
naxxr2>en
naxxr2#conf t
naxxr2(config)#end
!!!!!
naxxr2#
NAXXR3:
Router>en
Router#conf t
Router(config)#hostname naxxr3
naxxr3(config)#interface serial 0
电话：：
（0771）-2655215 3832816
naxxr3(config-if)#no shutdown
naxxr3(config-if)#
naxxr3(config)#end

!!!!!
naxxr3#
2.配置访问列表:
naxxr1(config)#access-list 101 deny icmp 12.1.1.2 0.0.0.0 host 13.1.1.3
naxxr1(config)#access-list 101 permit ip any
naxxr1(config)#interface s1
naxxr1(config-if)#ip access-group 101 out !如将列表应用在 S0 口,怎么配置呢?
naxxr1#show access-list !或者使用 show ip access-list
naxxr1#show ip interface
在 naxxr2 上测试 Ping naxxr3
naxxr2#ping 13.1.1.3 !是否能 Ping 通?
naxxr2#telnet 13.1.1.3 !能 Telnet 到成功马?
naxxr1#conf t
naxxr1(conft)#no access-list 101 !删除列表 1
naxxr1#show run !检查列表 1,还有列表吗?
LAB 15 - NAT/PAT
1. In this lab, you will configure NAT/PAT function 在 naxxr1. You will configure three forms
of translation: static network address translation, dynamic translation, and overloading
(port address translation). Remember to disable the access lists your configured in the
previous lab before continuing this lab.
2.在 naxxr1, configure NAT to statically translate naxxr2’s Ethernet address 220.1.1.2 to
169.10.1.2.
naxxr1(config)# ip nat inside source static 220.1.1.2 169.10.1.2
naxxr1(config)# interface ethernet0
naxxr1(config-if)# ip nat inside
naxxr1(config-if)# interface
serial0
naxxr1(config-if)# ip nat
outside naxxr1(config-if)# no
shut
电话：：
（0771）-2655215 3832816
3. Test the static NAT translation by Telnet’ing from naxxr2 to naxxr3. Once into
naxxr3, issue the show users command. The output of this command should show that
169.10.1.2 (the translated IP address) is the logged-in device.
naxxr3# show users
4. Display the NAT Translation table 在 naxxr1. The output of the display should show that the
inside local IP address (220.1.1.2) is translated to the inside global IP address (169.10.1.2).
问题 A: does the “inside global IP address”normally represent a public or a private IP
address?
naxxr1# show ip nat translations
5.在 naxxr1, remove the previous static NAT commands and configure NAT to translate
naxxr2’s Ethernet address to a dynamically assigned address. You will utilize a pool of public
addresses in the range of 169.10.1.50 to 169.10.1.100.
问题 A: if the pool of dynamically assigned addresses only contains one IP address
entry, what’s another term for this form of NAT translation?
naxxr1(config)# no ip nat inside source static 220.1.1.2 169.10.1.2
naxxr1(config)# ip nat pool pool1 169.10.1.50 169.10.1.100 netmask 255.255.255.0
naxxr1(config)# ip nat inside source list 1 pool pool1
naxxr1(config)# access-list 1 permit 160.10.1.0 0.0.0.255
6. Test the dynamic NAT translation function by Telnet’ing from naxxr2 to naxxr3. Once into
naxxr3, issue the show users command. The output of this command should show that the
logged-in device is 169.10.1.50 (the translated address). Also, display the NAT translation table
在 naxxr1 using the show ip nat translations command.
naxxr3# show users
7. Remove the previous NAT commands. Configure NAT overloading (port address translation)
在 naxxr1 to translate naxxr2’s Ethernet address
(220.1.1.2) to the serial0 interface address (12.1.1.1)在 naxxr1.
naxxr1(config)# ip nat inside source list 1 interface serial0 overload
naxxr1(config)# interface Ethernet 0
naxxr1(config-if)# ip nat inside
naxxr1(config-if)# interface serial
0
naxxr1(config-if)# ip nat
outside naxxr1(config-if)# exit
naxxr1(config)# access-list 1 permit 160.10.1.0 0.0.0.255
8. Test the overloading (PAT) function by Telnet’ing from naxxr2 to naxxr3. Issue the show
users command 在 naxxr3. It should show that the logged-in device is 12.1.1.1 (the translated IP
address). Also, issue the show ip nat translations command 在 naxxr1 to display the NAT
translation table.
naxxr2# telnet
175.10.1.2 naxxr3#
show users
电话：：
（0771）-2655215 3832816

9. Remove all NAT/PAT configuration commands from naxxr1 before continuing on with the
CCNA labs.
LAB 16 - PPP & CHAP
12.1.1.1
12.1.1.2
NAXXR1 NAXXR2
DDN
1. 做好最基本配置,先检查原来接口的封装方式.
Naxxr1:
naxxr1#conf t
naxxr2:
naxxr2>en
naxxr2#conf t
naxxr2(config)#end
2.在 naxxr1 和 naxxr2 上配置 PPP 封装.
Naxxr1(config)# interface serial0
naxxr1(config-if)# encapsulation
ppp Naxxr2(config)# interface
serial0 naxxr2(config-if)#
encapsulation ppp
电话：：
（0771）-2655215 3832816
3.检查接口的封装方式
routerx# show interfaces serial 0 !看到 PPP 了吗?
4. 配置 CHAP.
naxxr1(config)# username naxxr2 password
cisco naxxr1(config)# interface serial 0
naxxr1(config-if)# ppp authentication chap
naxxr2(config)# username naxxr1 password
cisco naxxr2(config)# interface serial 0
5.检查接口状态.
Naxxr1# show interfaces serial0
6.监视认证过程.
Naxxr1(config)#interface serial 0
Ｎａｘｘｒ１（ｃｏｎｆｉｇ－ｉｆ）＃ｓｈｕｔｄｏｗｎ
Ｎａｘｘｒ１＃ｄｅｂｕｇｐｐｐ
ａｕｔｈｅｎｔｉｃａｔｉｏｎＮａｘｘｒ１（ｃｏｎｆｉｇ－
ｉｆ）＃ｎｏｓｈ现在应该看到ＰＰＰ认证
的过程．
LAB 17 –ISDN BRI-BRI DDR 配置
ＩＳＤＮ参数
ＲｏｕｔｅｒＩＰＭａｓｋＳＰＩＤ１ＬｏｃａｌＩＳＤＮＳｗｉｔｃｈ
ＡｄｄｒｅｓｓＴｅｌ＃
Ｎａ１１ｒ１１０．１．１．１／２４２２０９４７６ｂａｓｉｃ－ｎｅｔ３
Ｎａ１１ｒ２１０．１．１．２／２４２２１２４０６ｂａｓｉｃ－ｎｅｔ３
1. 配置过程
naxxr1(config)# isdn switch-type basic-net3
naxxr1(config)# dialer-list 1 protocol ip permit
naxxr1(config)# username naxxr2 password cisco
naxxr1(config)# interface bri0
naxxr1(config-if)# encap ppp
naxxr1(config-if)# dialer-group 1
naxxr1(config-if)# dialer map ip 10.1.1.2 name naxxr2 broadcast 2212406
电话：：
（0771）-2655215 3832816


naxxr2(config)# interface bri0/0
naxxr2(config-if)# dialer-group 1
naxxr2(config-if)# dialer map ip 10.1.1.1 name naxxr1 broadcast 2209476
naxxr2(config-if)# ppp authentication
chap naxxr2(config-if)# no shut
2. 检查 ISDN 链路状态:
Layer1: Active
Layer2: Multiple Frame Established with spid1 valid.
routerx# show isdn status
3.
问题 A: what status are the B channels? Why?
naxxr1# show interfaces bri0 !显示 D 信道
naxxr1# show interfaces bri0 1 2 !显示 B 信道
4. 测试连通性
问题 A: which configuration parameter(s)在 naxxr1 identifies the interesting traffic that will
trigger a call?
5. 检查 ISDN 状态
问题 A: what does it show for the ‘Layer 3 Status’?
naxxr1# show isdn status
6. 检查 B 信道
问题 A: what is the status of the two B channels?
naxxr1# show interfaces bri0 1 2
LAB 18 –ISDN BRI-BRI using Dialer Profiles(不要求掌握)
ＲｏｕｔｅｒＩＰＭａｓｋＳＰＩＤ１ＬｏｃａｌＩＳＤＮ

ＡｄｄｒｅｓｓＴｅｌ＃Ｓｗｉｔｃｈ
ｎａｘｘｒ１１０．１．１．１／２４３２１２２０９４７６０１００２２０９４７６ｂａｓｉｃ－ｎｉ
ｎａｘｘｒ２１０．１．１．２／２４３２１７７８２００２０１００７７８２００２ｂａｓｉｃ－ｎｉ
ISDN Parameters
1. In this lab, you will configure ISDN BRI 在 naxxr1 and naxxr2 using dialer profiles.
With dialer profiles, you are effectively moving some of the logical ISDN parameters from the
电话：：
（0771）-2655215 3832816
physical BRI/PRI interface to a dialer interface. Any IP packet should represent ‘interesting
traffic’in this lab and either router should be able to initiate the call. PPP encapsulation and
CHAP authentication should be used. Refer to the table above for ISDN switch-type, IP
addresses, subnet masks, and telephone numbers.
naxxr1(config)# interface bri0
naxxr1(config-if)# isdn spid1
32122094760100 naxxr1(config-if)# dialer
pool-member 1 naxxr1(config-if)# no shut
naxxr1(config-if)# interface dialer 1
naxxr1(config-if)# dialer-group
1 naxxr1(config-if)# dialer pool
1
naxxr1(config-if)# dialer remote-name naxxr2
naxxr1(config-if)# dialer string 7782002
32177820020100 naxxr2(config-if)# dialer
pool-member 1 naxxr2(config-if)# no shut
1
naxxr2(config-if)# dialer remote-name
naxxr1 naxxr2(config-if)# dialer string
2209476 naxxr2(config-if)# ppp
authentication chap
2. Issue the show isdn status command on both naxxr1 and naxxr2. You should see:
Layer1: Active
Layer2: Multiple Frame Established with spid1 valid.
电话：：
（0771）-2655215 3832816
routerx# show isdn status

3. Issue the show interfaces bri0 command 在 naxxr1. This displays the signaling or D
Channel. It should show ‘Up and Up (spoofing)’if it is ready to handle a call request. Now
issue the command show interfaces bri0 1 2. This should show the status of the two data, or
B
channels.
naxxr1# show interfaces bri0
4. From naxxr1, ping the ISDN interface of naxxr2. This should cause an ISDN call to
be initiated and the pings should succeed.
6. Issue the show isdn status command 在 naxxr1. Under the Layer 3 status in the output, it
should show one call active.
7. Issue the show interfaces bri0 1 2 command 在 naxxr1. This shows the status of the B
channels (data channels). One of the B channels should have a status of ‘UP and UP’indicating
a successful call is in progress.
LAB 19 –ISDN PRI using Dialer Profiles (不要求掌握)
ＲｏｕｔｅｒＩＰＡｄｄｒｅｓｓＭａｓｋＳＰＩＤ１ＬｏｃａｌＩＳＤＮＳｗｉｔｃｈ

Ｔｅｌ＃
ｎａｘｘｒ１２０１．１０．１．１／２４３２１２２０９４７６０１００２２０９４７６ｂａｓｉｃ－ｎｉ
ｎａｘｘｒ２２０１．１０．１．２／２４－－－－－７７８２００２ｐｒｉｍａｒｙ－５ｅｓｓ
1. In this lab, you will configure ISDN BRI 在 naxxr1 and ISDN PRI 在 naxxr2 using dialer
profiles. Naxxr2 has a primary rate ISDN interface (S0) as well as a basic rate ISDN
interface. Any IP packet should represent ‘interesting traffic’in this lab and either
router should be able to initiate the call. PPP encapsulation and CHAP authentication
should be used. Refer to the table above for ISDN switch-type, IP addresses, subnet
masks, and telephone numbers.
问题 A: if this PRI was being configured in Europe, what would the options be for controller
type, framing, and linecode?
问题 B: On the PRI interface statement, what is the significance of :23
32122094760100
电话：：
（0771）-2655215 3832816
HTTP://WWW.WISDOMINFO.COM
naxxr1(config-if)# dialer pool-member 1

naxxr1(config-if)# interface dialer
2 naxxr1(config-if)# no shut
1
naxxr1(config-if)# dialer remote-name naxxr2
naxxr1(config-if)# dialer string 7782002
naxxr2(config)# isdn switch-type primary-5esss
naxxr2(config)# controller t1 0/0
naxxr2(config-controller)# framing esf
naxxr2(config-controller)# linecode
b8zs
naxxr2(config-controller)# pri-group timeslots 1-24
naxxr2(config-controller)# exit
naxxr2(config)# interface serial0/0:23
naxxr2(config-if)# encapsulation ppp
naxxr2(config-if)# ppp authentication
chap naxxr2(config-if)# dialer pool-
member 2 naxxr2(config-if)# no shut
naxxr2(config-if)# encapsulation
ppp naxxr2(config-if)# dialer-group
1 naxxr2(config-if)# dialer pool 2
naxxr2(config-if)# dialer remote-name
naxxr1 naxxr2(config-if)# dialer string
2209476 naxxr2(config-if)# ppp
authentication chap naxxr2(config-if)# no
shut
2. Issue the show isdn status command on both naxxr1 and naxxr2. You should see:
Layer1: Active
Layer2: Multiple Frame
Established routerx# show isdn
status
3. From naxxr1, ping the ISDN interface of naxxr2. This should cause an ISDN call to be
initiated and the pings should succeed.
naxxr1# ping 201.10.1.2
4. Issue the show isdn status command 在 naxxr1. Under the Layer 3 status in the output, it
should show one call active.
电话：：
（0771）-2655215 3832816
5. Issue the show interfaces bri0 1 2 command 在 naxxr1. This shows the status of the B
channels (data channels). One of the B channels should
have a status of ‘UP and UP’indicating a successful call is in progress.
LAB 20 –FRAME RELAY
DLCI=102
R1 DLCI=201
帧中继交换机
R2
12.1.1.1 12.1.1.2
实验拓扑
1. 配置帧中继交换机
Router(config)#hostname frsw !命名主机名
Frsw(config)#frame-relay switching !启用帧中继交换功能
!
Frsw(config)#interface Serial0
Frsw(config-if)# no ip address
Frsw(config-if)# no shutdown
Frsw(config-if)# encapsulation frame-relay
Frsw(config-if)# clock rate 4000000
Frsw(config-if)# frame-relay intf-type dce
Frsw(config-if)# frame-relay route 102 interface serial1 201
Frsw(config-if)# frame-relay lmi-type ansi
Frsw(config)# interface Serial1

Frsw(config-if)# no ip address
Frsw(config-if)# no shutdown
Frsw(config-if)# encapsulation frame-relay
Frsw(config-if)# clock rate 4000000
Frsw(config-if)# frame-relay intf-type dce
Frsw(config-if)# frame-relay route 201 interface serial0 102
Frsw(config-if)# frame-relay lmi-type ansi
2.
问题 A: what is the default lmi-type on Cisco routers?
naxxr1(config)# interface serial0
naxxr1(config-if)# encapsulation frame-relay
电话：：
（0771）-2655215 3832816

naxxr1(config-if)# frame-relay map ip 12.1.1.2 102
broadcast naxxr1(config-if)# frame-relay lmi-type ansi
naxxr2(config)# interface
serial0
naxxr2 (config-if)# encapsulation frame-relay
naxxr2 (config-if)# ip address 12.1.1.2 255.255.255.0
naxxr2 (config-if)# frame-relay map ip 12.1.1.1 201 broadcast
naxxr2 (config-if)# frame-relay lmi-type ansi
naxxr2 (config-if)# no shut
3.
naxxr1# show interfaces serial0
naxxr2# show interfaces serial0
4. 检查映射
routerx# show frame-relay map
5. 检查 PVC
routerx# show frame-relay pvc
6. 检查 LMI
naxxr1# show frame-relay lmi
7. 测试连通性
router5# ping 215.10.1.1
8. 配置点到点子接口.
ｎａｘｘｒ１（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｓｅｒｉａｌ０

ｎａｘｘｒ１（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｉｐａｄｄｒｅｓｓ１２．１．１．１２５５．２５５．２５５．０
ｎａｘｘｒ１（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｆｒａｍｅｍａｐｉｐ１２．１．１．２１０２
ｂｒｏａｄｃａｓｔｎａｘｘｒ１（ｃｏｎｆｉｇ－ｉｆ）＃ｉｎｔｅｒｆａｃｅ
ｓｅｒｉａｌ０．１ｐｏｉｎｔ－ｔｏ－ｐｏｉｎｔｎａｘｘｒ１（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐ
ａｄｄｒｅｓｓ１２．１．１．１２５５．２５５．２５５．０ｎａｘｘｒ１（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃
ｆｒａｍｅ－ｒｅｌａｙｉｎｔｅｒｆａｃｅ
－ｄｌｃｉ１０２
ｎａｘｘｒ２（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｓｅｒｉａｌ０

ｎａｘｘｒ２（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｉｐａｄｄｒｅｓｓ１２．１．１．２２５５．２５５．２５５．０
ｎａｘｘｒ２（ｃｏｎｆｉｇ－ｉｆ）＃ｎｏｆｒａｍｅｍａｐｉｐ１２．１．１．１２０１
ｂｒｏａｄｃａｓｔｎａｘｘｒ２（ｃｏｎｆｉｇ－ｉｆ）＃ｉｎｔｅｒｆａｃｅ
ｓｅｒｉａｌ０．１ｐｏｉｎｔ－ｔｏ－ｐｏｉｎｔｎａｘｘｒ２（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐ
ａｄｄｒｅｓｓ１２．１．１．２２５５．２５５．２５５．０ｎａｘｘｒ２（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃
ｆｒａｍｅ－ｒｅｌａｙｉｎｔｅｒｆａｃｅ
－ｄｌｃｉ２０１
９．
ｒｏｕｔｅｒｘ＃ｓｈｏｗｉｐｉｎｔｅｒｆａｃｅ
ｂｒｉｅｆｒｏｕｔｅｒｘ＃ｓｈｏｗｆｒａｍｅ－ｒｅｌａｙ
ｐｖｃ
１０．测试连通性
ｎａｘｘｒ２＃ｐｉｎｇ１２．１．１．１
Copyright (c) 2002-2005 Wisdom Network, Inc. All Rights Reserved

电话：：
（0771）-2655215 3832816

2007年最新CCNA实验手册

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2007年最新CCNA实验手册

Uploaded by

Copyright:

Available Formats

广西思科认证培训中心

•Lab 19 - ISDN PRI using Dialer Profiles

2. 首先在 naxxr2 和 naxxr3 上配置好密码.

7．在 naxxr2 和 naxxr3 上清除连接

tftp naxxr1# copy tftp startup-

naxxr1(config-if)# clock rate 4000000

naxxr1(config)# router rip

2. 在 naxxr1 上使用 sh ip protocols 查看动态路由的信息

naxxr2# ping 33.1.1.3

LAB 10 –CATALYST 1900 SWITCH 配置(不要求)

the running configuration?

10. On switch2, issue the show version command.

LAB 11 –VLANs and TRUNKING (Catalyst 1900 Switches)

1900swx(config)# vlan 10 name ccnavlan

LAB 12 - 2950 交换机配置

sw2950# show running-config

LAB 13 –VLANs and TRUNKING

F0/1 F0/1 VLAN3

Sw01(config)# interface fa0/1

Sw01(config)# interface fa0/1

sw02# vlan database

在 sw02 上检查 Vlan,应该可以看到 Vlan 2,3

VLAN2 VLAN3 VLAN4

2.1.1.254 3.1.1.254 4.1.1.254

Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐ ａｄｄ ２．１．１．１ ２５５．２５５．２５５．０

LAB 14 –IP 访问列表

实验一:将 R2,R3 认为是一台计算机,R1 是路由器,配置标准访问列表,不允许 naxxr2 访问

Type escape sequence to abort.

naxxr1#show run !检查列表 1,还有列表吗?

实验二:不允许 naxxr2 Ping naxxr3,其他的连接可以

Type escape sequence to abort.

naxxr1# show ip nat translations

LAB 16 - PPP & CHAP

LAB 17 –ISDN BRI-BRI DDR 配置

naxxr1(config-if)# ppp authentication chap

naxxr2(config)# isdn switch-type basic-net3

LAB 18 –ISDN BRI-BRI using Dialer Profiles(不要求掌握)

Ｒｏｕｔｅｒ ＩＰ Ｍａｓｋ ＳＰＩＤ１ Ｌｏｃａｌ ＩＳＤＮ

routerx# show isdn status

LAB 19 –ISDN PRI using Dialer Profiles (不要求掌握)

Ｒｏｕｔｅｒ ＩＰ Ａｄｄｒｅｓｓ Ｍａｓｋ ＳＰＩＤ１ Ｌｏｃａｌ ＩＳＤＮ Ｓｗｉｔｃｈ

naxxr1(config-if)# dialer pool-member 1

LAB 20 –FRAME RELAY

Frsw(config)# interface Serial1

naxxr1(config-if)# ip address 12.1.1.1 255.255.255.0

ｎａｘｘｒ１（ｃｏｎｆｉｇ）＃ ｉｎｔｅｒｆａｃｅ ｓｅｒｉａｌ０

ｎａｘｘｒ２（ｃｏｎｆｉｇ）＃ ｉｎｔｅｒｆａｃｅ ｓｅｒｉａｌ０

Copyright (c) 2002-2005 Wisdom Network, Inc. All Rights Reserved

You might also like

Ｒ２６１０（ｃｏｎｆｉｇ－ｓｕｂｉｆ）＃ｉｐａｄｄ２．１．１．１２５５．２５５．２５５．０

ＲｏｕｔｅｒＩＰＭａｓｋＳＰＩＤ１ＬｏｃａｌＩＳＤＮ

ＲｏｕｔｅｒＩＰＡｄｄｒｅｓｓＭａｓｋＳＰＩＤ１ＬｏｃａｌＩＳＤＮＳｗｉｔｃｈ

ｎａｘｘｒ１（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｓｅｒｉａｌ０

ｎａｘｘｒ２（ｃｏｎｆｉｇ）＃ｉｎｔｅｒｆａｃｅｓｅｒｉａｌ０