You are on page 1of 10

You will practice and be assessed on the following skills


Configuration of initial IOS device settings

Design and calculation of IPv4 addressing

Configuration of IOS device interfaces including IPv4 and IPv6 addressing
when appropriate
Addressing of network hosts with IPv4 and IPv6 addresses
Enhancing device security, including configuration of the secure transport
protocol for remote device configuration
Configuration of a switch management interface
Requirements by device:

Town Hall router:

Configuration of initial router settings

Interface configuration and IPv4 and IPv6 addressing

Device security enhancement or “device hardening”

Secure transport for remote configuration connections as covered in the labs.

Backup of the configuration file to a TFTP server

Administration Switch:

Enabling basic remote management by Telnet

PC and Server hosts:

IPv4 full addressing

IPv6 addressing

IPv6 Address IPv6 Defa ult Gate way 255.168. 1.224 2001:DB8:ACA D:A::1/64 N/A 255. 1. 1.97 255.240 2001:DB8:ACA D:B::1/64 N/A N/A N/A 2001:DB8:ACA D:A::FF FE80 ::1 Device Interf ace IPv4 Address Subnet Mask Town Hall G0/0 192.158 Administ ration Switch Vlan 1 Receptio n Host NIC 192.126 .2 55.255. 1.2 55.126 G0/1 55.224 IPv4 Default Gateway 192.168.255.

1.145 255. g.126 2001:DB8:ACA D:A::15 FE80 ::1 IT Host NIC 192.255. Assign the second to the last address (the second highest) in this subnet to the VLAN 1 interface of the Administration Switch.158 2001:DB8:ACA D:B::15 FE80 ::1 Step 1: Design an IPv4 addressing scheme and complete the Addressing Table based on the following requirements.255. Use the table above to help you organize your work. subnet the network again so that the new subnets will provide 14 host addresses per subnet while wasting the fewest addresses.158 2001:DB8:ACA D:B::FF FE80 ::1 TFTP Server NIC 192.146 255. d.2 55.Operator Host NIC 192. Configure the Town Hall router with all initial configurations that you have learned in the course so far: . a. Assign the fourth subnet to the IT Department LAN.0/24 network to provide 30 host addresses per subnet while wasting the fewest addresses. 1. Configure addresses on the hosts using any of the remaining addresses in their respective subnets. Assign the second of these new 14-host subnets to the Administration LAN.1. Assign the last network host address (the highest) in this subnet to the G0/0 interface on Town Hall. b. Subnet the 192. f. e. c. 1.168. Starting with the fifth subnet.2 55. h.168.240 192.168.240 192. Step 2: Configure the Town Hall Router.224 192. a. 1. Assign the last network host address (the highest) in the Administration LAN subnet to the G0/1 interface of the Town Hall router.98 255.168.2 55. 1.255.

Step 5: Backup the Configuration of the Town Hall Router to TFTP. b. . Configure the two Gigabit Ethernet interfaces using the IPv4 addressing values you calculated and the IPv6 values provided in the addressing table. · Newly-entered passwords must have a minimum length of 10 characters. Step 4: Configure and Verify Host Addressing. Step 3: Configure the Administration Switch. Configure Administration Switch for remote management. Use the router interface link-local addresses as the IPv6 default gateways on the hosts.· Configure the router hostname: Middle · Protect device configurations from unauthorized access with the encrypted password. · Configure user authentication for in-band management connections. The IPv6 link-local Interface ID should match the IPv6 unicast Interface ID as is practiced in the labs. All hosts should be able to ping each other over IPv4. · Secure all of the ways to access the router using methods covered in the course and labs. · Prevent all passwords from being viewed in clear text in device configuration files. c. as was done in the labs. Use the IPv4 addressing from Step 1 and the IPv6 addressing values provided in the addressing table to configure all host PCs with the correct addressing. Use the value 1024 for encryption key strength. · Document the interfaces in the configuration file. a. · Configure the router to only accept in-band management connections over the protocol that is more secure than Telnet. · Reconfigure the link local addresses as was practiced in the labs. b.

Backup the running configuration of Town Hall to the TFTP Server. Complete the configuration of the TFTP server using the IPv4 addressing values from Step 1 and the values in the addressing table. Router(config-if)#description Administration LAN Router(config-if)#no shutdown Router(config-if)#exit Router(config)#ipv6 unicast-routing Router(config)#interface g0/0 Router(config-if)#ipv6 address 2001:db8:acad:A::1/64 Router(config-if)#ipv6 address FE80::1 link-local Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface g0/1 Router(config-if)#ipv6 address 2001:db8:acad:B::1/64 Router(config-if)#ipv6 address FE80::1 link-local Router(config-if)#no shutdown Router(config-if)#exit Router(config)# Router(config)#hostname Middle Middle(config)#Enable secret class12345 Middle(config)#line console 0 Middle(config-line)#password ccna5.255.255.a.1. Answer Router> Router>enable Router#configure terminal Router(config)#interface g0/0 Router(config-if)#ip address 192.224 Router(config-if)#description IT Department LAN Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface g0/1 Router(config-if)#ip address 192. Use the default file name. b.net2014 Middle(config-line)#login .126 255.158 255.

keys will be non-exportable…[OK] Middle(config)#line vty 0 15 Middle(config-line)#login local Middle(config-line)#transport input ssh Middle(config-line)#exit Middle(config)# Middle# copy running-config startup-config —————————————– Administration Switch ip default-gateway 192.1.158 —————————————– .net Middle(config)#username cisco secret ccna5. Choosing a key modulus greater than 512 may take a few Middle(config)#line vty 0 15 Middle(config-line)#password ccna5.net2014 Middle(config-line)#login Middle(config-line)#exit Middle(config)# Middle(config)#Banner motd “Authorized Access Only” Middle(config)#security password min-length 10 Middle(config)#service password-encryption Middle(config)#ip domain-name ccna5.local Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys.net2014 Middle(config-line)#login Middle(config-line)#exit Middle(config)#line aux 0 Middle(config-line)#password ccna5.net2014 Middle(config)#crypto key generate rsa The name for the keys will be: Middle. default gateway: 192.Reception Host IPv4 IP address: 192.126 IPv6 IPv6 address: 2001:DB8:ACAD:A::15/64 default gateway: FE80::1 —————————————– IT Host IPv4 IP address: default gateway: 192.1.126 IPv6 IPv6 address: 2001:DB8:ACAD:A::FF/64 default gateway: FE80::1 —————————————– Operator Host IPv4 IP address: 192.255.145 Mask: 255.255.98 Mask: 255.168.97 Mask: .1.

146 Mask: gateway: IPv6 IPv6 address: 2001:DB8:ACAD:B::15/64 default gateway: FE80::1 —————————————– Backup the Configuration of the Town Hall Router to TFTP.146 Destination filename [Router-confg]? [Press Enter] —————————————– ========================================= By: remmyjha I had this exam Can someone help IPv4 Block: 10.1.0/8 .240 default gateway: 192.158 IPv6 IPv6 address: 2001:DB8:ACAD:B::FF/64 default gateway: FE80::1 —————————————– SERVER TFTP IPv4 IP address: Middle#copy running-config tftp Address or name of remote host []? 192.

com . PC1 will use the first usable address and PC2 will use the second usable address – For Makati Network.Perform VLSM to segment your network. Host Requirements: Manila Network – 1000 Makati Network – 500 Zamboanga Network – 250 Server Farm Network – 125 WAN Links will use the minimum allocated address IPv4 Addressing: – All Gateways will use the last usable address – DCE will use the first usable address – DTE will use the last usable address – For Manila Network. PC3 will use the first usable address and PC4 will use the second usable address – All End-Devices will be configured with DNS Server – VLAN 1 of all switches will use the fifth usable address – Please see attachment for Server Addresses Housekeeping: – Hostname must be configured to use their device name (written below the device) – 64000 will be used for clock rate on DCE devices – Set Banner MOTD to “Warning! Authorized Users Only!” – Enable Secret: s3cR3T1234 – Console Password: c0ns0L3123 – Telnet Password: t3lN3T1234 – encrypt all password using level 7 encryption – Set minimum length of password to 10 – Display status messages on new line – Set Exec timeout to 5 minutes – Allow 10 simultaneous telnet sessions – Disable CDP globally – Disable domain lookup – Allow device to be configured remotely via telnet and SSH – Configure domain name to test.

– generate 1024-bit keys – Enable ssh version 2 – Backup configuration to NVRAM Connectivity Test: – Routing are already pre-configured – End-devices must have full connectivity – Devices can be remotely configured through SSH or telnet IPv6 – Assign FE80::1 as the local-link to all LAN active interfaces – IPv6 routing will be enabled on the routers – Please see attachment for the Global Unicast Address .