You are on page 1of 5

~

•• 11 •• 11.
CISCO.

Cisco Networking Academy'" _

CCNA Exploration: Accessing the WAN Student Skills Based


Assessment Lab

Topology Diagram
. ''l('\ b.c \l..
I \ oop
LoO
209.165.200.161 /27

172.16.0.4/30
HOLe

Frame Relay

FaO/1 172.16.0.8/30 FaO/1

10.0.0.0/25 10.0.0.128/25

10.0.0.10 10.0.0.139

Addressing Table

Device Interface IP Address Subnet Mask Default Gateway

FaO/1 10.0.0.1 255.255.255.128 N/A


R1 SOIO/O 172.16.0.1 255.255.255.252 N/A
SOl0/1 172.16.0.9 255.255.255.252 N/A
LoO 209.165.200.161 255.255.255.224 N/A
R2 SOIO/O 172.16.0.2 255.255.255.252 N/A
SOl0/1 172.16.0.5 255.255.255.252 N/A
FaO/1 10.0.0.129 255.255.255.128 N/A
R3
SOIOIO 172.16.0.10 255.255.255.252 N/A

All contents are Copyright @ 1992-2007 Cisco Systems, Inc All rights reserved. This document is CISCO Public Information Page 1 of 4
eeNA Exploration
Accessing the WAN: Skills Based Assessment Student Skills based Assessment Lab

Device Interface IP Address Subnet Mask Default Gateway

80/0/1 172.16.0.6 255.255.255.252 N/A

PC1 NIC 10.0.0.10 255.255.255.128 10.0.0.1

PC3 NIC 10.0.0.139 255.255.255.128 10.0.0.129

Learning Objectives
To complete this lab:
• Cable a network according to the topology diagram
• Erase the startup configuration and reload a router to the default state
• Perform basic configuration tasks on a router
• Configure and activate interfaces
• Configure and activate serial interfaces (PPP with CHAP, HDLC, and Frame Relay)
• Configure RIP on all the routers
• Configure basic router security
• Configure ACLs
• Configure basic NAT

Scenario
This lab tests you on the skills and knowledge that you learned in Exploration 4. Use cisco for all
passwords in this lab, except for the enable secret password, which is class.

Task 1: Prepare the Network

Step 1: Cable a network that is similar to the one in the topology diagram.

Step 2: Clear any existing configurations on the routers.

Task 2: Perform Basic Device Configurations


Configure the R1, R2, and R3 routers according to the following guidelines:

• Configure the router hostname. f.ls\-n..Q ~


C\~ • Disable DN8 lookup. AJe;)I r Dc.Mtl.n-looO""v,f ~ C \4..£5
• Configure an EXEC mode password. l'ifV~;e..J;lf&6')"tr'~
<{- • Configure a message-of-the-day banner. ba '" ttl."..... MoM /\ () X )Clt~'t.
. .
Configure a password for console connections. "0'1. e.. C01\>O
C-l~ 0 I (J~S.5~oI.. c:iS:
CU

. hi' l .. ,~ I~-. Y\ -
C on f Igure sync ronous ogglng. 1?J9'~ SYfl.o-. rc>'\.&J~
~ Configure a password for vty connections. lil\....L V+-) 0 15
r t5S~C) c..,:;e..t::J
L(}J I '"

Page 2 of 4
CCNA Exploration
Accessing the WAN: Skills Based Assessment Student Skills based Assessment Lab

Task 3: Configure and Activate Serial and Ethernet Addresses

Step 1: Configure interfaces on R1, R2, and R3.

Step 2: Verify IP addressing and interfaces. :5'k~w -.tP w\:~('~CE. Sner'


Step 3: Configure the PC1 and PC3 Ethernet interfaces.

Step 4: Test connectivity between the PCs and routers.

Task 4: Configure Serial Interfaces '*


P) ",
}'-
lP
--
pJ' ?/7 Step 1: Configure and verify PPP encapsulation with CHAP authentication between R1 and R2.
The password is "cisco".

Step 2: Configure and verify HDLC encapsulation between R2 and R3.


- t\~
I
f<t ~
e ~C.6 f t J
-
--0- \' vi'
ltl. ~
0
1:>0 "

~9~~~~~~P3:configUreFrnmeR~e~la~y_b_e_t_w_e_e_n_R_1_a_n_d~R_3_.~~~~~~~~~~~~~~~~~~~~~_
_ ~pq ,;;fa
~irask 5: Configure RIP

Step 1: Configure RIP on R1, R2, and R3.

RIP updates should only be sent on the serial links between the routers. Prevent all other RIP
updates on all networks.

Step 2: Test connectivity with the ping command.

Step 3: Verify the routing table with the appropriate command.

Task 6: Configure Basic Router Security

p9.1 ~Zep 1: Enable a secure Telnet login using a local database on R2.

I~~ Ste 2: Disable unused services and interfaces on R2.


5~f:).Gl'"
Step 3: Confirm that R2 is secured.

Task 7: Configure Access Control Lists


-
Step 1: Allow telnet to R1 and R3 from R2 only.V

Step 2: Do not allow HTTP, Telnet, and FTP traffic from the Internet to PC1.

Step 3: Do not allow PC1 to receive traffic from the 10.0.0.128/25 networks.

Step 4: Verify that PC3 cannot ping PC1, but can ping 10.0.0.1.
-----------------~----------------------
Task 8: Configure NAT.

Step 1: Configure NAT to allow PC3 to ping PC1.

Page 3 of 4
GGNA Exploration
Accessing the WAN: Skills Based Assessment Student Skills based Assessment Lab

Step 2: Verify that PC3 can reach PC1.

Task 9: Document the Router Configurations

Task 10: Clean Up


Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that are
normally connected to other networks, such as the school LAN or to the Internet, reconnect the
appropriate cabling and restore the TCP/IP settings.

Page 4 of 4
R1>enable
R1#configure terminal
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.1.1.1 255.255.0.0
R1(config-if)#no shutdown
R 1(config-if)#exit
R1(config)#interface serial 0
R1(config-if)#ip address 192.168.1.1255.255.255.192
R1(config-if)#no shutdown
R 1(config-if)#exit
R1(config)#interface serial 1
R1(config-if)#ip address 192.168.1.129255.255.255.192
R1(config-if)#no shutdown
R 1(config-if)#exit
R1(config)#router rip
R1 (config-router)#network 10.0.0.0
R 1(config-router)#network 192.168.1.0
R 1(config-router)#Version 2
~R2>enable
A fi'\'( R2#configure terminal
R2(config)#interface ethernet 0
-'
"""F'

,,~£p.e~ ofP(:c~2( config-if)#ip address 10.2.1.1 255.255. O.0


P ~$ve. ,
t11'l P'SS:\I'l." M~f'
p....u.. s01'l0R2(config-if)#no
R2(config-if)#exit
shutdown

R2(config)#interface serial 0
R2(config-if)#ip address 192.168.1.2 255.255.255.192
R2( config-if)#no sh utd own
R2(config-if)#exit
R2(config)#interface serial 1
R2(config-if)#ip address 192.168.1.65 255.255.255.192
R2(config-if)#no shutdown
R2( con fig -if)#exit
R2(config)#router rip
R2(config-router)#network 10.0.0.0
R2(config-router)#network 192.168.1.0
R2(config-router)#Version 2
R3>enable
R3#configure terminal
R3(config)#interface serial 0
R3(config-if)#ip address 192.168.1.130255.255.255.192
R3(config-if)#no shutdown
R3( config-if)#exit
R3(config)#interface serial 1
R3(config-if)#ip address 192.168.1.66 255.255.255.192
R3(config-if)#no shutdown
R3( config-if)#exit
R3(config)#router rip
R3(config-router)#network 10.0.0.0
R3(config-router)#network 192.168.1.0
R3(config-router)#Version 2