Labs of Computer Netwoking

Packet Tracer 8.0.
0 labs
Packet Tracer 8.0.0 supports labs created in previous Packet Tracer versions 7.3, 7.2, 7.1.
However, the files created in Packet Tracer 8.0.0 are not backward compatible with previous
versions. Please download the latest Cisco Packet Tracer 8.0.0 on Cisco Netacad before using
our labs.
All activities included in the new CCNA v7.02 curricula are fully compatible with Packet Tracer
8.0.0. CCNA v7 students should continue to use Packet Tracer 7.3.1. It is highly
recommended for CCNA Routing & Switching (v6), CCNA Discovery, CCNA Exploration, CCNA
Security students to stay with Packet Tracer 7.2.2 as they could encounter a warning
messages in Packet Tracer 8.0.0.
Packet Tracer Network CCNA labs

1. CCNA labs - LAN Switching
Lab 1 : Basic switch setup
Lab 2 : Configuring switch interfaces
Lab 3 : VLAN and VTP configuration
Lab 4 : Port security
Coming
Lab 5 : Troubleshooting
soon
2. CCNA labs - IP Routing

Lab 6 : Basic router setup
Lab 7 : Static routes
Coming
Lab 8 : RIP v2
soon
Coming
Lab 9 : Troubleshooting
soon
3. CCNA labs - WAN

Coming
Lab 10 : Configuring serial links
soon
Lab 11 : HDLC
1
Lab 12 : PPP
Lab 13 : Frame Relay
Source: https://www.packettracernetwork.com/labs/packettracerlabs.html
2
Lab 1 : Basic switch setup
Introduction
A new switch just purchased from Cisco contains no default configuration. You need to
configure the switch with setup mode or from scratch using the command line interface (CLI)
before connecting it in your network environment.
As a Cisco certified professional (CCENT or CCNA), it is very important to know the basic
Cisco switch configuration commands to improve the performances and the security of the
enterprise network.
Network diagram
Lab instructions
This lab will test your ability to configure basic settings such as hostname, motd banner,
encrypted passwords, and terminal options on a Cisco Catalyst 2960 switch simulated in
Packet Tracer 7.2.1.
1. Use the local laptop connect to the switch console and configure the laptop with the
right parameters for console access to the Cisco 2960 Catalyst switch
2. Configure Switch hostname as LOCAL-SWITCH
3. Configure the message of the day as "Unauthorized access is forbidden"
4. Configure the password for privileged mode access as "cisco". The password must be
md5 encrypted
3
5. Configure password encryption on the switch using the global configuration command
6. Configure CONSOLE access with the following settings :

- Login enabled
- Password : ciscoconsole
- History size : 15 commands
- Timeout : 6'45''
- Synchronous logging
6. Configure TELNET access with the following settings :

- Login enabled
- Password : ciscotelnet
- History size : 15 commands
- Timeout : 8'20''
- Synchronous logging
7. Configure the IP address of the switch as 192.168.1.2/24 and it's default gateway IP
(192.168.1.1).
8. Test telnet connectivity from the Remote Laptop using the telnet client.
Lab solution
Configure Switch hostname as LOCAL-SWITCH
Switch(config)#hostname LOCAL-SWITCH
Configure the message of the day as "Unauthorized access is forbidden"
Switch(config)#banner motd #
Unauthorized access is forbidden#
4
Configure the password for privileged mode access as "cisco". The password
must be md5 encrypted
Switch(config)#enable secret cisco
Configure password encryption on the switch using the global configuration

command
Switch(config)#service password-encryption
Configure CONSOLE access [...]
Switch(config)#line con 0
Switch(config-line)#password ciscoconsole
Switch(config-line)#logging synchronous
Switch(config-line)#login
Switch(config-line)#history size 15
Switch(config-line)#exec-timeout 6 45
Configure TELNET access [...]
Switch(config)#line vty 0 15
Switch(config-line)#exec-timeout 8 20
Switch(config-line)#password ciscotelnet
Switch(config-line)#logging synchronous
Switch(config-line)#login
Switch(config-line)#history size 15
Configure the IP address of the switch as 192.168.1.2/24 and it's default

gateway IP (192.168.1.1).
Switch(config)#interface Vlan1
Switch(config-if)#ip address 192.168.1.2 255.255.255.0
Switch(config-if)#ip default-gateway 192.168.1.1
Source: https://www.packettracernetwork.com/labs/lab1-basicswitchsetup.html
5
Lab 2 : Interfaces configuration
Network diagram
This lab will test your ability to configure speed, duplex, and vlan settings on the network
interfaces of a Catalyst 2960 switch using Cisco Packet Tracer 7.2.1.
Lab instructions
1. Connect to Switch0 using console interface and configure each Switch0 fastethernet
switchport for operation.
Settingsto be configured on each port are :
• Port type : access port

• Speed : 100 Mbit/s
• Duplex mode : Full Duplex
• Autonegotiation disabled
6
2. PC "192.168.1.4" seems to be unable to ping other PCs in the network. Check switch
configuration.
TIP : How many broadcast domains are there in this network ?
3. Choose the right cable to connect :
• Switch0 gigabitethernet 1/1 to Switch1 gigabitethernet 1/1

• Switch1 gigabitethernet 1/2 to Switch2 gigabitethernet 1/2
4. Configure those two links as trunk lines without using trunk negotiation between
switches
Lab Solution
1. Connect to Switch0 using console interface and configure each Switch0
fastethernet switchport for operation.
Switch(config)#interface FastEthernet0/1
switchport mode access

duplex full
speed 100
Switch(config-if)#switchport mode access
Switch(config-if)#duplex full
Switch(config-if)#speed 100
7
2. PC "192.168.1.4" seems to be unable to ping other PCs in the network. Check
switch configuration.
Switch(config-if)#switchport access vlan 1
3. Choose the right cable to connect Switch0 to Switch1 and Switch2
Crossover network cable have to be used to connect two network of the same type together
(two network switches, two routers, two PC). Crossed wiring inside the crossover
cable connects the transmit PIN at one end of the cable to the receive PIN at the other end.
8
4. Configure those two links as trunk lines without using trunk negotiation
between switches
On every interface that has to be configured for trunk operation, configure the following
settings :
Switch(config)#interface GigabitEthernet0/1
Switch(config-if)#switchport mode trunk
Verify interface operational mode using the command:
show interface GigabitEthernet0/1 switchport
Name: Gig0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Another usefull ios command is show interfaces trunk :
Switch#sh interfaces trunk

Port Mode Encapsulation Status Native vlan
Gig0/1 on 802.1q trunking 1
Port Vlans allowed on trunk

Gig0/1 1-1005
Port Vlans allowed and active in management domain

Gig0/1 1
9
Port Vlans in spanning tree forwarding state and not pruned
Gig0/1 1
Source: https://www.packettracernetwork.com/labs/lab2-switchinterfacesconfig.html
10
Lab 3 : VLAN and VTP
Network diagram
The aim of this lab is to test your ability to configure VLAN and VTP on a small network of 4
switches using Packet Tracer 7.2.1.
This lab will help you to prepare the VTP testlet and simlet questions of the Cisco
ICND1 exam.
Lab instructions
1.Configure the VTP-SERVER switch as a VTP server
2.Connect to the 3 other switches and configure them as VTP clients.

All links between swiches must be configured as trunk lines.
3.Configure VTP domain name as "TESTDOMAIN" and VTP password as "cisco"
4.Configure VLAN 10 with name "STUDENTS" and VLAN 50 with name "SERVERS"
5. Check propagation on all switches of the VTP domain.
Lab solution
1. Configure VTP domain name as "TESTDOMAIN" and VTP password as "cisco"
On the VTP server Catalyst switch:
11
VTP-SERVER(config)#vtp domain TESTDOMAIN
VTP-SERVER(config)#vtp password cisco
On each VTP client switch :
VTP-CLIENT1(config)#vtp domain TESTDOMAIN

VTP-CLIENT1(config)#vtp password cisco
2. Configure the VTP-SERVER switch as a VTP server
VTP-SERVER(config)#vtp mode server

Verify the VTP operating mode using the show vtp status command
VTP-SERVER#show vtp status

VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : TESTDOMAIN
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAE 0x4F 0x3F 0xC5 0xD3 0x41 0x9C 0x11
Configuration last modified by 192.168.1.1 at 3-1-93 00:27:41
Local updater ID is 192.168.1.1 on interface Vl1 (lowest numbered VLAN in
terface found)
3. Connect to the 3 other Catalyst switches and configure them as VTP clients.
All links between swiches must be configured as trunk lines.
VTP-CLIENT3(config)#vtp mode client
Verify the VTP operating mode of the switch using the show vtp status command. The
"VTP Operating Mode" shoud have the "Client" value. Example with VTP-CLIENT3 switch is
provided below.
12
VTP-CLIENT3#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : TESTDOMAIN
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAE 0x4F 0x3F 0xC5 0xD3 0x41 0x9C 0x11
Configuration last modified by 192.168.1.1 at 3-1-93 00:27:41
Configure each link between switches as a trunk line using the switchport mode
trunk command
interface GigabitEthernet1/1
switchport mode trunk
interface GigabitEthernet1/2
switchport mode trunk
4. Configure VLAN 10 with name "STUDENTS" and VLAN 50 with name

"SERVERS"
On the VTP server Catalyst 2960 switch, configure the following commands to create both
"STUDENTS" and "SERVERS" vlans :
VTP-SERVER(config)#vlan 10
VTP-SERVER(config-vlan)#name STUDENTS
VTP-SERVER(config)#vlan 50
VTP-SERVER(config-vlan)#name SERVERS
5. Check propagation of both "STUDENTS" and "SERVERS" vlans on all Catalyst

2960 network switches of the VTP domain.
13
Use the show vlan brief on each switch to check propagation of the 2 VLANS.
VTP-SERVER#show vlan brief
VLAN Name Status Ports

---- -------------------------------- --------- -------------------------
------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/
4, [...]
10 STUDENTS active
50 SERVERS active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Source: https://www.packettracernetwork.com/labs/lab3-vlanvtpconfig.html
14
Lab 4 : Port security
Introduction
A growing challenge for network administrators is to be able to control who is allowed - and
who isn't - to access the organization's internal network. This access control is mandatory for
critical infrastructure protection in your network. It is not on public parts of the network
where guest users should be able to connect.
Port security is a feature implemented in Cisco Catalyst switches which helps network
engineers in implementing network security on network boundaries.
In its most basic form, the Port Security feature remembers the MAC address of the device
connected to the switch edge port and allows only that MAC address to be active on that
port. If any other MAC address is detected on that port, port security feature shutdown the
switch port.
The switch can be configured to send a SNMP trap to a network monitoring solution to alert
that a port is disabled for security reasons.
Network diagram
Lab instructions
This lab will test your ability to configure port security on CiscoTM 2960 switch interfaces.
1. Configure port security on interface Fa 0/1 of the switch with the following settings :
15
- Port security enabled
- Mode : restrict
- Allowed mac addresses : 3
- Dynamic mac address learning.
- Mode : shutdown
- Allowed mac addresses : 3
- Dynamic mac address learning.
- Mode : protect
- Static mac address entry : 00E0.A3CE.3236
4. From LAPTOP 1 :
Try to ping 192.168.1.2 and 192.168.1.3. It should work.
Try to ping 192.168.1.4 and 192.168.1.5. It should work.
5. Connect ROGUE laptop to the hub.
Try to ping 192.168.1.1. It should work.
Try to ping 192.168.1.4. It should fail.
Lab Solution
Interface FastEthernet 0/1 configuration - Restrict mode
The port-security restrict mode drops packets with unknown source addresses until you
remove a sufficient number of secure MAC addresses to drop below the maximum value and
causes the SecurityViolation counter to increment.
Port security with sticky MAC addresses provides many of the same benefits as port
security with static MAC addresses, but sticky MAC addresses can be learned
16
dynamically. Port security with sticky MAC addresses retains dynamically learned MAC
addresses during a link-down condition.
interface FastEthernet0/1
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address sticky
switchport port-security violation restrict
When the rogue laptop is connected to the hub and tries to communicate with 192.168.1.4,
the number of mac-addresses learned ont the fastethernet 0/1 interface exceeds 3. The
interface drops traffic with the new mac-address (not learned by the switch because 3 mac
addresses have already been registered on the fa0/1 interface) and increases the security
viloation counter based on the 'restrict' port-security configuration of the interface.
Switch#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
--------------------------------------------------------------------
Fa0/1 3 3 5 Restrict
Fa0/2 3 1 0 Shutdown
Fa0/3 1 1 0 Protect
----------------------------------------------------------------------
Interface FastEthernet 0/2 configuration - Shutdown mode (default)

The port-security shutdown mode puts the interface into the error-disabled state
immediately and sends an SNMP trap notification.
switchport voice vlan 20
switchport port-security maximum 3
switchport port-security mac-address sticky
17
switchport port-security violation shutdown
Interface FastEthernet 0/3 configuration - Protect mode

The port-security protect mode silently drops packets with unknown source
addresses until you remove a sufficient number of secure MAC addresses to drop below the
maximum value. No counter is incremented
switchport port-security violation protect
switchport port-security mac-address 00E0.A3CE.3236
Note that to delete the MAC address from the address table, we use
no switchport port-security mac-address 00E0.A3CE.3236
To verifies address entries we use
show port-security address interface interface_id

or
show port-security address

Source: https://www.packettracernetwork.com/labs/lab4-portsecurity.html
18
Lab 6 : Basic router setup
Introduction
At the first boot of a Cisco ISR router, some basic configuration has to be performed to secure
adminitrative access to the router. This lab will test your ability to configure the basic security
settngs of a Cisco ISR router and help you to get ready for the router configuration simulation
activities in the CCENT / ICND1 certification exam (Chapter 5.0 Infrastructure
Maintenance of Cisco Certified Entry Networking Technician (CCENT) exam)
Network diagram
Lab instructions
The aim of this lab is to test your ability to perform a basic router setup. You have 15 minutes
to complete this simulation.
1. Configure the LAPTOP terminal software with the right console parameters.
2. Configure the router hostname to "GATEWAY"
3. Configure the enable password and secret to "cisco"
4. Configure password encryption on the router to secure stored passwords
5. Configure the console access :

- Login : yes
- Password : "cisco"
- History : 10 commands
- Logging synchronous
- Timeout : 2 minutes 45 seconds.
Lab solution
1. Configure the laptop terminal software
The terminal software in not correctly configured on the laptop. You have to change the
settings to 9600 / 8 / None / 1 to connect to the router's console. Remerber this tip as it
19
could help you answer CCENT questions or achieve CCENT simlet.
2. Configure the router's name
The hostname command has to be used to changethe router's hostname.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname GATEWAY
3. Configure the enable password and secret to "cisco"
The enable secret <password> command stores a MD5 hash of the password required
for privileged mode access. The enable secret password of a Cisco ISR router is used for
restricting access to enable mode and to the global configuration mode (configure terminal)
of a router.
20
GATEWAY(config)#enable secret cisco
4. Configure password encryption for this router
GATEWAY(config)#service password-encryption
5. Configure the console access
Console access is protected by the 'cisco' password and login is required at console access.
The exec-timeout command automatically logs off user from console after defined
inactivity period (2'45'' in this lab)
GATEWAY(config)#line console 0
GATEWAY(config-line)#password cisco
GATEWAY(config-line)#login
GATEWAY(config-line)#logging synchronous
GATEWAY(config-line)#exec-timeout 2 45
GATEWAY(config-line)#history size 10
Video tutorial
https://youtu.be/J9ZTDLf01UE
Source: https://www.packettracernetwork.com/labs/lab6-basicroutersetup.html
21
Lab 11 : HDLC configuration
Introduction
HDLC (High-Level Data Link Control) is a data link protocol used on synchronous serial data
links. Because the standardized HDLC cannot support multiple protocols on a single link (lack
of a mechanism to indicate which protocol is carried), Cisco developped a proprietary version
of HDLC, called cHDLC, with a proprietary field acting as a protocol field. This field makes it
possible for a single serial link to accommodate multiple network-layer protocols.
Cisco’s HDLC is a point-to-point protocol that can only be used on serial links or leased lines
between two Cisco devices. PPP (Point-to-Point Protocol) has to be used when communicating
with non-Cisco devices. HDLC is the default encapsulation on serial links in a Cisco router.
However, to change the encapsulation back to HDLC from PPP, use the following command
from interface configuration mode:
Router(config-if)#encapsulation hdlc
With a back-to-back serial connection, the ISR (Integrated Service Router ) router connected
to the DCE (Data circuit -terminating equipment) end of the serial cable provides the clock
signal for the serial link. This clock is received by the DTE (Data Terminal Equipment) device.
The clock rate command in the interface configuration mode enables the router at the DCE
end of the cable to provide the clock signal for the serial link. The default clock rate is 64000.
Network diagram
Lab instructions
This lab will test your ability to configure HDLC back to back connection on a serial link
between two Cisco ISR routers in Packet Tracer 7.1 . Practicing this labs will you to get
ready for the CCNA certification exam simulation questions.
1. Use the connected laptops to find the DCE and DTE routers. You can connect to the
routers using CLI.
2. Configure the routers with the following parameters :
- Clock : 250000
- HDLC link between the routers
- DCE router IP : 192.168.10.5/30
22
- DTE router IP : 192.168.10.6/30
3. Check IP connectivity between the two routers using the ping command.
Lab solution
1. Use the connected laptops to find the DCE and DTE routers
The show controllers <serial interface> command is used to determine which side of the
cable is the DCE side.
In this example, Router-A is the DTE side, and Router-B the DCE side (DCE V.35, clock rate
set).
Router-A#show controllers serial 1/0

Interface Serial1/0
Hardware is PowerQUICC MPC860
DTE V.35 TX and RX clocks detected
Router-B#show controllers serial 1/0

Interface Serial0/0/0
DCE V.35, clock rate 2000000
2. Configure the routers with the following parameters
Router-B beeing the DCE, clock rate has to be configured on Router-B serial 1/0 interface
Router-B(config)#interface serial 1/0

Router-B(config-if)#clock rate 250000
Then, configure HDLC encapsulation and IP address on Router-B serial 1/0 interface.
The encapsulation hdlc configures HDLC protocol on the serial interface.
Router-B beeing the DCE side of the serial link, the 192.168.1.5/30 IP address is configured
on Router-B serial 1/0 interface. Don't forget to enable the interface with a no
shutdown command.
23
Router-B(config-if)#encapsulation hdlc
Router-B(config-if)#ip address 192.168.10.5 255.255.255.252
Router-B(config-if)#no shutdown
The show interfaces serial 1/0 confirms that HDLC encapsulation is enabled on the interface
: Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Router-B#show interfaces serial 1/0

Serial0/0/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 192.168.10.5/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set, keepalive set (10 sec)
Last input never, output never, output hang never
[...]
Finally, configure HDLC encapsulation and IP address on Router-A serial 1/0 interface. The
link becomes up as both routers are correctly configured.
Router-A(config)#interface serial 1/0

Router-A(config-if)#encapsulation hdlc
Router-A(config-if)#ip address 192.168.10.6 255.255.255.252
Router-A(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
Issue a ping from Router-A to Router-B to test network connectivity between the two
routers.
Router-A#ping 192.168.10.5
Type escape sequence to abort.
24
Sending 5, 100-byte ICMP Echos to 192.168.10.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ms
Source: https://www.packettracernetwork.com/labs/lab11-hdlc.html
25
Lab 12 : PPP configuration
Introduction
PPP (Point-to-Point Protocol) is a non-proprietary WAN data-link layer encapsulation
protocol which can be viewed as an enhancement of HDLC as it embeds many additional
features when compared with HDLC:
• PPP Authentication. Supported authentication protocols are PAP (Password Authentication

Protocol) and CHAP (Challenge-handshake authentication protocol)
• Compression
• Error detection
• Multilink to provide load-balancing over multiple network interfaces
Network diagram
Lab instructions
This lab will test your ability to configure PPP on a serial link in Packet Tracer 7.1. Practicing
this labs will help you to better understand what is a DCE, a DTE, and aclock rates on a serial
router interconnection and make you ready for the CCNA ppp labs and simlets.
1. Use the connected laptops to find the DCE and DTE routers. You can connect to the
routers using CLI.
2. Configure the routers with the following parameters :
- Clock : 250000
- PPP link between the routers
- DCE IP : 192.168.10.5/30
- DTE IP : 192.168.10.6/30
Lab solution
1. Use the connected laptops to find the DCE and DTE routers
26
The show controllers <serial interface> command is used to determine which side of
the cable is the DCE side.
In this example, Router-A is the DTE side, and Router-B the DCE side (DCE V.35, clock rate
set).
Router-A#show controllers serial 1/0

Interface Serial1/0
DTE V.35 TX and RX clocks detected
Router-B#show controllers serial 1/0

Interface Serial1/0
DCE V.35, clock rate 2000000
2. Configure the routers with the following parameters
Router-B beeing the DCE, clock rate has to be configured on Router-B serial 1/0 interface

Router-B(config-if)#clock rate 250000
Then, configure PPP encapsulation and IP address on Router-B serial 1/0 interface.
The encapsulation ppp configures PPP protocol on the serial interface. PPP authenication
can be optionnally configured using the following IOS commands which are not used in this
lab :
• ppp authentication : Set PPP link authentication method

• ppp pap: Set PAP authentication parameters
Router-B beeing the DCE side of the serial link, the 192.168.10.5/30 IP address is
configured on Router-B serial 1/0 interface. Don't forget to enable the interface with a no
shutdown command.

Router-B(config-if)#encapsulation ppp
Router-B(config-if)#ip address 192.168.10.5 255.255.255.252
Router-B(config-if)#no shutdown
27
The show interfaces serial 1/0 confirms that PPP encapsulation is enabled on the interface
: Encapsulation PPP, loopback not set, keepalive set (10 sec)
Router-B#show interfaces serial 1/0

Serial0/0/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 192.168.10.5/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
Last input never, output never, output hang never
[...]
Finally, configure PPP encapsulation and IP address on Router-A serial 1/0 interface. The
link becomes up as both routers are correctly configured.
Router-A(config)#interface serial 1/0

Router-A(config-if)#encapsulation ppp
Router-A(config-if)#ip address 192.168.10.6 255.255.255.252
Router-A(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
Issue a ping from Router-A to Router-B to test network connectivity between the two
routers.
Router-A#ping 192.168.10.5
Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.10.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ms
Source: https://www.packettracernetwork.com/labs/lab12-ppp.html
28

Labs of Computer Netwoking

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Labs of Computer Netwoking

Uploaded by

Copyright:

Available Formats

Packet Tracer 8.0.

Packet Tracer Network CCNA labs

Lab 2 : Configuring switch interfaces

Lab 3 : VLAN and VTP configuration

Lab 4 : Port security

2. CCNA labs - IP Routing

Lab 7 : Static routes

3. CCNA labs - WAN

Lab 13 : Frame Relay

2. Configure Switch hostname as LOCAL-SWITCH

3. Configure the message of the day as "Unauthorized access is forbidden"

6. Configure CONSOLE access with the following settings :

6. Configure TELNET access with the following settings :

Configure the message of the day as "Unauthorized access is forbidden"

Switch(config)#enable secret cisco

Configure password encryption on the switch using the global configuration

Configure CONSOLE access [...]

Configure TELNET access [...]

Configure the IP address of the switch as 192.168.1.2/24 and it's default

Settingsto be configured on each port are :

• Port type : access port

3. Choose the right cable to connect :

• Switch0 gigabitethernet 1/1 to Switch1 gigabitethernet 1/1

switchport mode access

3. Choose the right cable to connect Switch0 to Switch1 and Switch2

Verify interface operational mode using the command:

show interface GigabitEthernet0/1 switchport

Another usefull ios command is show interfaces trunk :

Switch#sh interfaces trunk

Port Vlans allowed on trunk

Port Vlans allowed and active in management domain

2.Connect to the 3 other switches and configure them as VTP clients.

3.Configure VTP domain name as "TESTDOMAIN" and VTP password as "cisco"

5. Check propagation on all switches of the VTP domain.

On the VTP server Catalyst switch:

VTP-CLIENT1(config)#vtp domain TESTDOMAIN

2. Configure the VTP-SERVER switch as a VTP server

VTP-SERVER(config)#vtp mode server

VTP-SERVER#show vtp status

VTP-CLIENT3(config)#vtp mode client

4. Configure VLAN 10 with name "STUDENTS" and VLAN 50 with name

5. Check propagation of both "STUDENTS" and "SERVERS" vlans on all Catalyst

VTP-SERVER#show vlan brief

VLAN Name Status Ports

- Allowed mac addresses : 3

- Dynamic mac address learning.

- Port security enabled

- Allowed mac addresses : 3

- Dynamic mac address learning.

- Port security enabled

- Static mac address entry : 00E0.A3CE.3236

Try to ping 192.168.1.2 and 192.168.1.3. It should work.

Try to ping 192.168.1.4 and 192.168.1.5. It should work.

5. Connect ROGUE laptop to the hub.

Try to ping 192.168.1.1. It should work.

Try to ping 192.168.1.4. It should fail.

Interface FastEthernet 0/2 configuration - Shutdown mode (default)

Interface FastEthernet 0/3 configuration - Protect mode

no switchport port-security mac-address 00E0.A3CE.3236

To verifies address entries we use

show port-security address interface interface_id

show port-security address

2. Configure the router hostname to "GATEWAY"

3. Configure the enable password and secret to "cisco"