Skills Assessment Student Training

Similar documents
Skills Assessment (OSPF) Student Training Exam

Skills Assessment (EIGRP) Student Training Exam

Skills Assessment (OSPF) Student Training Exam

Skills Assessment (EIGRP) Student Training Exam

Skills Assessment Student Training Exam

Skills Assessment Student Practice

Skills Assessment Student Training Exam

Lab Using the CLI to Gather Network Device Information Topology

Lab Troubleshooting Basic PPP with Authentication Topology

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing Topology

Retake - Skills Assessment Student Training (Answer Key)

Lab Configuring and Verifying Extended ACLs Topology

Lab - Troubleshooting Standard IPv4 ACL Configuration and Placement Topology

Lab - Building a Switch and Router Network

Lab Configuring Basic RIPv2 (Solution)

Lab - Examining Telnet and SSH in Wireshark

Device Interface IP Address Subnet Mask R1 G0/ N/A

Lab Configuring Dynamic and Static NAT (Solution)

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Lab Configuring Port Address Translation (PAT) Topology

Lab Configuring and Verifying Standard IPv4 ACLs Topology

Lab Managing Router Configuration Files with Terminal Emulation Software

Skills Assessment. CCNA Routing and Switching: Connecting Networks. Topology. Assessment Objectives. Scenario

Lab Configuring Per-Interface Inter-VLAN Routing (Solution)

Lab Configuring Per-Interface Inter-VLAN Routing (Instructor Version)

Lab Configuring Port Address Translation (PAT) (Instructor Version)

Lab Configuring 802.1Q Trunk-Based Inter-VLAN Routing (Instructor Version Optional Lab)

Lab Configuring Switch Security Features Topology

Lab - Configuring Multi-area OSPFv2

Lab - Troubleshooting DHCPv4 Topology

Lab - Troubleshooting ACL Configuration and Placement Topology

Lab Securing Network Devices

Lab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)

Lab 7 Configuring Basic Router Settings with IOS CLI

Lab - Configuring Basic DHCPv4 on a Router (Solution)

CCNA Semester 2 labs. Labs for chapters 2 10

Lab - Designing and Implementing a Subnetted IPv4 Addressing Scheme

Lab Correcting RIPv2 Routing Problems

Lab Configuring and Verifying Standard ACLs Topology

Lab Configuring HSRP and GLBP Topology

Lab - Configuring IPv6 Addresses on Network Devices

Lab Designing and Implementing a VLSM Addressing Scheme. Topology. Objectives. Background / Scenario

Lab Configuring IPv4 Static and Default Routes (Solution)

Lab Troubleshooting IPv4 and IPv6 Static Routes (Instructor Version Optional Lab)

Lab Configuring EtherChannel

Lab - Configuring a Switch Management Address

Lab - Configuring VLANs and Trunking

Lab Configuring Advanced EIGRP for IPv4 Features Topology

Lab 1.3.2: Review of Concepts from Exploration 1 - Challenge

Lab 6.4.2: Challenge Inter-VLAN Routing

Lab - Configuring Multi-area OSPFv3 Topology

Chapter 8: Lab B: Configuring a Remote Access VPN Server and Client

Lab- Troubleshooting Basic EIGRP for 1Pv4

Lab Configuring Basic Switch Settings (Solution)

CCNA 1 Chapter 2 v5.0 Exam Answers %

Chapter 10 - Configure ASA Basic Settings and Firewall using ASDM

Lab - Configuring VLANs and Trunking

Lab Well-Known Port Numbers and Multiple Sessions

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Lab Student Lab Orientation

Lab - Configuring & Troubleshooting Basic DHCPv4 on a Router

Lab Configuring IPv6 Static and Default Routes

Chapter 10 Configure Clientless Remote Access SSL VPNs Using ASDM

Interconnecting Cisco Networking Devices Part 1 ICND1

CCNA 1 Chapter 2 v5.0 Exam Answers 2013

Lab Troubleshooting RIP

Lab Troubleshooting VTP Configuration

Interconnecting Cisco Networking Devices Part 1 ( )

Chapter 10 Lab 10-1, Troubleshooting Complex Environments

Lab - Configuring VLANs and Trunking (Solution)

Lab VTY Restriction Instructor Version 2500

Introduction to Networks: Case Study, Option 2

Lab - Troubleshooting VLAN Configurations (Instructor Version Optional Lab)

ICND1 v2.0 Interconnecting Cisco Networking Devices Part 1 CCENT & Part of CCNA Rout/Switch

Chapter 3 Lab 3-1, Assembling Maintenance and Troubleshooting Tools

EIGRP Practice Skills Assessment - Packet Tracer

Lab Configuring IPv6 Static and Default Routes (Solution)

Laboration 2 Troubleshooting Switching and First-Hop Redundancy

Lab Configuring an ISR with SDM Express

Lab 5.6.2: Challenge RIP Configuration

Lab Establishing and Verifying a Telnet Connection Instructor Version 2500

This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and

ICND1. Switch Configuration Lab. All configurations have been set to factory defaults for these labs

Lab Configuring Basic Router Settings with IOS CLI (Instructor Version Optional Lab)

Laboration 1 Examine the Topology and Basic Troubleshooting Commands

PT Activity: Configure AAA Authentication on Cisco Routers

CHAPTER 2 ACTIVITY

PT Activity 8.6.1: CCNA Skills Integration Challenge Topology Diagram

UniNets CCNA Security LAB MANUAL UNiNets CCNA Cisco Certified Network Associate Security LAB MANUAL UniNets CCNA LAB MANUAL

Lab: RIP v2 with VLSM

Lab - Securing Administrative Access Using AAA and RADIUS

Device Interface IP Address Subnet Mask Default Gateway

CCNA Semester 3 labs. Labs for chapters 2 10

Interconnecting Cisco Network Devices Part 1 v2.0 (ICND 1)

CCNA Semester 3 labs. Part 1 of 1 Labs for chapters 1 8

Lab Configure Extended VLANs, VTP, and DTP

Lab Configuring DHCP

Lab 4.2.5a Connectivity Tests Ping

Transcription:

Skills Assessment Student Training Topology Assessment Objectives Part 1: Initialize Devices (6 points, 5 minutes) Part 2: Configure Device Basic Settings (33 points, 20 minutes) Part 3: Configure Switch Security, VLANs, and Inter-VLAN Routing (18 points, 15 minutes) Part 4: Configure RIPv2 Dynamic Routing Protocol (14 points, 15 minutes) Part 5: Implement DHCP and NAT for IPv4 (15 points, 15 minutes) Part 6: Configure NTP (5 points, 5 minutes) Part 7: Configure and Verify Access Control Lists (ACLs) (9 points, 15 minutes) 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 14

Scenario In this Skills Assessment (SA) you will configure a small network to support IPv4 and IPv6 connectivity, switch security, inter VLAN routing, RIPv2 dynamic routing protocol, Dynamic Host Configuration Protocol (DHCP), dynamic and static Network Address Translation (NAT), Access Control Lists (ACLs), and server/client Network Time Protocol (NTP). You will test and document the network using common CLI commands throughout the assessment. Required Resources 3 Routers (Cisco 1941 with Cisco IOS Release 15.4(3)M2 universal image or comparable) 2 Switches (Cisco 2960 with Cisco IOS Release 15.0(2)SE7 lanbasek9 image or comparable) 3 PCs (Windows 7, Vista, or XP with terminal emulation program, such as Tera Term) Console cable to configure the Cisco IOS devices via the console ports Ethernet and Serial cables as shown in the topology Part 1: Initialize Devices Total points: 6 Time: 5 minutes Step 1: Initialize and reload the routers and switches. Erase the startup configurations and reload the devices. Before proceeding, have your instructor verify device initializations. Task IOS Command Points Erase the startup-config file on all routers. Reload all routers. Erase the startup-config file on all switches and remove the old VLAN database. Reload both switches. Verify VLAN database is absent from flash on both switches. 1½ points (½ point per router) 1 ½ points (½ point per router) 1 point (½ point per switch) 1 point (½ point per switch) 1 point (½ point per switch) Instructor Sign-off Part 1: Points: of 6 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 14

Part 2: Configure Device Basic Settings Total points: 30 Time: 20 minutes Step 1: Configure the Internet PC. Configuration tasks for the Internet Server include the following (refer to the Topology for IP address information): IPv4 Address IPv4 Subnet Mask Default Gateway first IP in subnet IPv6 Address/Subnet IPv6 Default Gateway first IP in subnet Note: It may be necessary to disable the PC firewall for pings to be successful later in this lab. Step 2: Configure R1. Configuration tasks for R1 include the following: Disable DNS lookup Router name R1 Encrypted privileged exec password class Console access password cisco Telnet access password cisco Encrypt the clear text passwords MOTD banner Unauthorized Access is Prohibited! Interface S0/0/0 Default routes Set the description Set the IPv4 address. Refer to Topology diagram for address information. Set the IPv6 address. Refer to Topology diagram for address information. Set the clocking rate to 128000 Activate Interface Configure a default IPv4 route out S0/0/0. Configure a default IPv6 route out S0/0/0 Note: Do not configure G0/1 at this time. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 14

Step 3: Configure R2. Configuration tasks for R2 include the following: Disable DNS lookup Router name R2 Encrypted privileged exec password class Console access password cisco Telnet access password cisco Encrypt the clear text passwords Enable HTTP server MOTD banner Unauthorized Access is Prohibited! Interface S0/0/0 Interface S0/0/1 Interface G0/0 (Simulated Internet) Interface Loopback 0 (Simulated Web Server) Default route Set the description Set the IPv4 address. Use the next available address in the subnet. Set the IPv6 address. Refer to Topology diagram for address information. Activate Interface Set the description Set the IPv4 address. Use the first available address in the subnet. Set the IPv6 address. Refer to Topology diagram for address information. Set clocking rate to 128000 Activate Interface Set the Description Set the IPv4 address. Use the first available address in the subnet. Set the IPv6 address. Use the first available address in the subnet. Activate Interface Set the description. Set the IPv4 address. Configure a default IPv4 route out G0/0. Configure a default IPv6 route out G0/0. Step 4: Configure R3. Configuration tasks for R3 include the following: 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 14

Disable DNS lookup Router name R3 Encrypted privileged exec password class Console access password cisco Telnet access password cisco Encrypt the clear text passwords MOTD banner Unauthorized Access is Prohibited! Interface S0/0/1 Interface Loopback 4 Interface Loopback 5 Interface Loopback 6 Interface Loopback 7 Default routes Set the description Set the IPv4 address. Use the next available address in the subnet. Set the IPv6 address. Refer to Topology diagram for address information. Activate Interface Set the IPv4 address. Use the first available address in the subnet. Set the IPv4 address. Use the first available address in the subnet. Set the IPv4 address. Use the first available address in the subnet. Set the IPv6 address. Refer to Topology diagram for address information. Configure a default IPv4 route out S0/0/1. Configure a default IPv6 route out S0/0/1. Step 5: Configure S1. Configuration tasks for S1 include the following: 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 14

Disable DNS lookup Switch name S1 Encrypted privileged exec password class Console access password cisco Telnet access password cisco Encrypt the clear text passwords MOTD banner Unauthorized Access is Prohibited! Step 6: Configure S3 Configuration tasks for S3 include the following: Disable DNS lookup Switch name S3 Encrypted privileged exec password class Console access password cisco Telnet access password cisco Encrypt the clear text passwords MOTD banner Unauthorized Access is Prohibited! Step 7: Verify network connectivity. Use the ping command to test connectivity between network devices. Use the following table to methodically verify connectivity with each network device. Take corrective action to establish connectivity if a test fails: From To IP Address Ping Results Points R1 R2, S0/0/0 R2 R3, S0/0/1 Internet PC Default Gateway Note: It may be necessary to disable the PC firewall for pings to be successful. Instructor Sign-off Part 2: Points: of 33 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 14

Part 3: Configure Switch Security, VLANS, and Inter VLAN Routing Total points: 18 Time: 15 minutes Step 1: Configure S1. Configuration tasks for S1 include the following: Create the VLAN database Assign the management IP address. Assign the default-gateway Use Topology VLAN Key table to create and name each of the listed VLANS. Assign the IPv4 address to the Management VLAN. Use the IP address assigned to S1 in the Topology diagram. Assign the first IPv4 address in the subnet as the default-gateway. Force trunking on Interface F0/3 Use VLAN 1 as the native VLAN. Force trunking on Interface F0/5 Use VLAN 1 as the native VLAN. Configure all other ports as access ports Assign F0/6 to VLAN 21 Shutdown all unused ports Use the interface range command. Step 2: Configure S3. Configuration tasks for S3 include the following: Create the VLAN database Assign the management IP address Assign the default-gateway Use Topology VLAN Key Table to create each of the listed VLANS. Name each VLAN. Assign the IPv4 address to the Management VLAN. Use the IP address assigned to S3 in the Topology diagram. Assign the first IP address in the subnet as the default-gateway. Force trunking on Interface F0/3 Use VLAN 1 as the native VLAN. Configure all other ports as access ports Assign F0/18 to VLAN 23 Shutdown all unused ports Use the interface range command. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 14

Step 3: Configure R1. Configuration tasks for R1 include the following: Configure 802.1Q subinterface.21 on G0/1 Configure 802.1Q subinterface.23 on G0/1 Configure 802.1Q subinterface.99 on G0/1 Activate Interface G0/1 Description Accounting LAN Assign VLAN 21. Assign the first available address to this interface. Description Engineering LAN Assign VLAN 23. Assign the first available address to this interface. Description Management LAN Assign VLAN 99. Assign the first available address to this interface. Step 4: Verify network connectivity. Use the ping command to test connectivity between the switches and R1. Use the following table to methodically verify connectivity with each network device. Take corrective action to establish connectivity if a test fails: From To IP Address Ping Results Points S1 R1, VLAN 99 address S3 R1, VLAN 99 address S1 R1, VLAN 21 address S3 R1, VLAN 23 address Instructor Sign-off Part 2: Points: of 18 Part 4: Configure RIPv2 Dynamic Routing Protocol Total points: 14 Time: 15 minutes Step 1: Configure RIPv2 on R1. Configuration tasks for R1 include the following: 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 14

Configure RIP Version 2 Advertise directly connected Networks Set all LAN interfaces as passive Disable automatic summarization Assign all directly connected networks. Step 2: Configure RIPv2 on R2. Configuration tasks for R2 include the following: Configure RIP Version 2 Advertise directly connected Networks Note: Omit the G0/0 network. Set the LAN (Loopback) interface as passive Disable automatic summarization Step 3: Configure RIPv2 on R3. Configuration tasks for R3 include the following: Configure RIP Version 2 Advertise directly connected IPv4 Networks Set all IPv4 LAN (Loopback) interfaces as passive Disable automatic summarization Step 4: Verify RIP information. Verify that RIP is functioning as expected. Enter the appropriate CLI command to discover the following information: 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 9 of 14

Question Response Points What command displays the RIP Process ID, Router ID, Routing Networks, and passive interfaces configured on a router? What command displays only RIP routes? What command displays the RIP section of the runningconfiguration? Instructor Sign-off Part 3: Points: of 14 Part 5: Implement DHCP and NAT for IPv4 Total points: 15 Time: 15 minutes Step 1: Configure R1 as the DHCP server for VLANs 21 and 23. Configuration tasks for R1 include the following: Reserve the first 20 IP addresses in VLAN 21 for static configurations Reserve the first 20 IP addresses in VLAN 23 for static configurations Create a DHCP pool for VLAN 21 Create a DHCP pool for VLAN 23 Name: ACCT DNS-Server: 10.10.10.10 Domain-Name: ccna-sa.com Set the default gateway. Name: ENGNR DNS-Server: 10.10.10.10 Domain-Name: ccna-sa.com Set the default gateway. Step 2: Configure Static and Dynamic NAT on R2. Configuration tasks for R2 include the following: 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 10 of 14

Create a local database with 1 user account Enable HTTP server service Configure the HTTP server to use the local database for authentication Username: webuser Password: cisco12345 Privilege level: 15 Create a static NAT to the Web Server Inside Global Address: 209.165.200.229 (2 point) Configure the dynamic NAT for described networks with the pool of usable public IP addresses Allow the Accounting and Engineering networks on R1 to be translated. Allow a summary of the LANs (loopback) networks on R3 to be translated. Pool Name: INTERNET Pool of addresses include: 209.165.200.225 209.165.200.228 (3 point) Step 3: Verify DHCP and Static NAT. Use the following tasks to verify that DHCP and Static NAT settings are functioning correctly. It may be necessary to disable the PC firewall for pings to be successful: Test Results Points Verify that PC-A acquired IP information from the DHCP server Verify that PC-C acquired IP information from the DHCP server Verify that PC-A can ping PC-C. Note: It may be necessary to disable the PC firewall Use a Web browser on the Internet PC to access the Web server (209.165.200.229). Login with Username: webuser, Password: cisco12345 Note: Verification of dynamic NAT will be performed in Part 6. Instructor Sign-off Part 2: Points: of 15 Part 6: Configure NTP Total points: 5 Time: 5 minutes 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 11 of 14

Set the date and time on R2. March 5, 2016, 9 am (1 points) Configure R2 as a NTP Master. Stratum level: 5 Configure R1 as an NTP client. Server: R2 Configure R1 for periodical calendar updates with NTP time. Verify the NTP configuration on R1. Part 7: Configure and Verify Access Control Lists (ACLs) Total points: 9 Time: 15 minutes Step 1: Restrict access to VTY lines on R2. Configure a named access list to only allow R1 to telnet to R2 ACL Name: ADMIN-MGT (1 points) Apply the named ACL to the VTY lines Allow telnet access to VTY lines Verify ACL is working as expected 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 12 of 14

Step 2: Enter the appropriate CLI command needed to display the following: Command Description Student Input (command) Points Display the matches an access-list has received since the last reset. Reset access-list counters. What command is used to display what ACL is applied to an interface and the direction that it is applied? What command displays the NAT translations? What command is used to clear dynamic NAT translations? Note: The translations for PC-A and PC-C were added to the table when the Internet PC attempted to ping these PCs in Step 2. Pinging the Internet PC from PC-A or PC- C will not add the translations to the table because of the way the Internet is being simulated on the network. Instructor Sign-off Part 4: Points: of 9 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 13 of 14

Router Interface Summary Table Router Interface Summary Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2 1800 Fast Ethernet 0/0 (F0/0) 1900 Gigabit Ethernet 0/0 (G0/0) 2801 Fast Ethernet 0/0 (F0/0) 2811 Fast Ethernet 0/0 (F0/0) 2900 Gigabit Ethernet 0/0 (G0/0) Fast Ethernet 0/1 (F0/1) Gigabit Ethernet 0/1 (G0/1) Fast Ethernet 0/1 (F0/1) Fast Ethernet 0/1 (F0/1) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/0 (S0/0/0) Serial 0/1/0 (S0/1/0) Serial 0/0/0 (S0/0/0) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1) Serial 0/0/1 (S0/0/1) Serial 0/1/1 (S0/0/1) Serial 0/0/1 (S0/0/1) Serial 0/0/1 (S0/0/1) Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface. 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 14 of 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback