CWT Hands-On Summation Lab 1 Checkpoints 1-8 Clear devices prior to starting summation 1. Erase any existing configuration on the routers and switches. On routers (repeat for all routers): R1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]<enter> [OK] Erase of nvram: complete R1#reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm]<enter> On switches (repeat for all switches): RSW1#erase startup-config Erasing the nvram filesystem will remove all files! Continue? [confirm] <Enter> [OK] Erase of nvram: complete RSW1#delete flash:vlan.dat Delete filename [vlan.dat]?<enter> Delete flash:vlan.dat? [confirm]<enter> RSW1#reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm]<enter> **Note that you should never use erase flash: on real Cisco devices because it will erase the IOS image from flash memory. You are using emulators so using erase flash: is ok in this lab environment, if you happen to forget. Revised March 28, 2018 Copyright LANWANProfessional.com 1
Checkpoint 1 Requirements (Required) Base Device Configuration (apply on all 6 devices): Global Configuration 1. Assign the appropriate names to each of the devices based on the Layer 2 diagram. If the device is not present on the Layer 2 diagram, assign the appropriate name based on the Physical Diagram. 2. Disable the DNS lookup feature on all devices. 3. Assign s as the enable secret password. 4. Direct the Cisco IOS to encrypt any passwords stored in clear-text. Console Port 5. Configure the console port on all devices to log input synchronously. 6. Set the password to c. 7. Configure idling timeout to 2 hours 15 minutes. VTY Port 8. Allow 5 concurrent sessions of remote access to each device. 9. Configure the vty ports to log input synchronously. 10. Set the password to v. 11. Configure idling timeout to 1 hour 30 seconds. 12. Verify steps using show run command. Checkpoint 2 Requirements (Required) VTP Configuration: 13. Configure RSW1 to VTP Server mode. 14. Configure RSW2 and RSW3 to VTP Client mode. 15. Use cwa6 for the VTP domain name and password on all switches. 16. Verify steps using show vtp status and show vtp password commands. Revised March 28, 2018 Copyright LANWANProfessional.com 2
VLAN Trunking: 17. Shutdown the following ports: o RSW2 Fa1/11 12 o RSW3 Fa1/11 12 18. Configure VLAN trunking using 802.1q on the following ports: o RSW1 Fa1/1, fa1/9 10, fa1/13 14 o RSW2 Fa1/9 10 o RSW3 Fa1/13 14 19. Verify steps using show ip interface brief and show interface trunk commands. Checkpoint 3 Requirements (Required) VLAN Configuration [refer to the Physical and Layer 2 diagram for this section]: 20. Create VLANs and assign respective VLANs to appropriate switch ports. (Before configuring the switches, complete the VLAN mapping process using the acronym MAST as guidance.) 21. Name the following VLANs accordingly: VLAN 12 = Transportation VLAN 13 = Hospitality 22. Verify steps using show vlan-switch command on RSW1, RSW2, and RSW3. Spanning-tree: 23. Configure portfast on the following edge ports: o RSW1 Fa1/2 o RSW2 Fa1/2 24. Verify steps using show spanning-tree interface <interface> command. Revised March 28, 2018 Copyright LANWANProfessional.com 3
Checkpoint 4 Requirements (Required) LAN [refer to the Layer 3 diagram for this section]: 25. Assign IPv4 addresses for each FastEthernet interface, Switch Virtual Interface (SVI), and loopback. 26. Verify IP addressing and interface status using show ip interface brief command. 27. Use ping to ensure local connectivity (same VLAN \ subnet) between routers and switches. WAN Links: Basic Frame Relay [refer to the Layer 2 and 3 diagrams for this section]: 28. Enable frame encapsulation on the Serial 0/0 interfaces of R1_Gateway and R2. 29. Configure a point-to-point network between R1_Gateway and R2. 30. Assign IP address and DLCI for each frame subinterface. 31. Verify IP addressing and interface status using show ip interface brief command, and verify interface DLCI mapping using show frame-relay map command. 32. Ensure R2 can ping 172.16.12.1 (R1_Gateway). Point-to-Point Protocol (PPP) [refer to the Layer 3 diagram for this section]: 33. Enable PPP encapsulation on the S0/3 interfaces of R1_Gateway and R3_ISP. 34. Enable PPP authentication using Challenge-Handshake Authentication Protocol (CHAP) on the S0/3 interfaces of R1_Gateway and R3_ISP. 35. Bring up the S0/3 interfaces on R1_Gateway and R3_ISP. 36. Configure username and password for authentication on R1_Gateway and R3_ISP. Use CWA6 as the password. 37. Ensure that R1_Gateway can ping R3_ISP (31.33.11.3). Revised March 28, 2018 Copyright LANWANProfessional.com 4
Checkpoint 5 Requirements (Recommended) Static Routing: 38. Configure static routes to meet the following criteria: RSW3: create a static route to reach the Vlan212 network using a next-hop IP address. RSW3: create a default route using interface vlan 113 as the exiting interface. RSW2: create a default route using interface vlan 212 as the exiting interface. R2: create a default route using interface S0/0.1 as the exiting interface. R1_Gateway: create a default route using interface S0/3 as the exiting interface. R1_Gateway: create a static route to reach R2 s Loopback1 address (2.2.2.2/32) using a next-hop IP address. 39. Ensure RSW3 can ping RSW2 s Vlan212 interface IP address. 40. Verify steps using the show ip route command. Checkpoint 6 Requirements (Recommended) EIGRP: Basic EIGRP 41. Configure EIGRP on R1_Gateway, R2 and RSW2 for the networks as listed in the Layer 3 diagram using AS 1212. 42. Verify steps using show ip protocol, show ip eigrp neighbor, and show ip route commands. EIGRP Features 43. Disable auto-summarization on R1_Gateway, R2, and RSW2. 44. Configure EIGRP message authentication on R1_Gateway, R2, and RSW2 using the keychain CWA6 and keystring LIGHTNING on all EIGRP enabled subnets. Do not apply authentication to loopback interfaces. 45. Verify steps using show key chain, show run interface <interface>, and show ip eigrp neighbor commands. Revised March 28, 2018 Copyright LANWANProfessional.com 5
Checkpoint 7 Requirements (Recommended) OSPF: Single Area OSPF 46. Configure OSPF on R1_Gateway, R2, and RSW3 in Area 0 with the networks as listed in the Layer 3 diagram. 47. Verify steps using show ip protocol, show ip ospf neighbor, and show ip route commands. Checkpoint 8 Requirements (Recommended) Network Address Translation: Port Address Translation (PAT) 48. Configure Network Address Translation on R1_Gateway to allow all users except the one listed below to reach networks attached to R3_ISP. Please note that the only valid public IP address R1_Gateway can use is 31.33.11.1 Prevent 2.2.2.2 from reaching R3_ISP s networks. 49. Verify using show access-list, show ip nat statistics, and show run commands. 50. Ensure all devices can successfully ping the ISP. However, ping should fail if R2 uses 2.2.2.2 as the source IP address. 51. Verify Port Address Translation on R1_Gateway using the show ip nat translation command. Revised March 28, 2018 Copyright LANWANProfessional.com 6
Revised March 28, 2018 Copyright LANWANProfessional.com 7
Revised March 28, 2018 Copyright LANWANProfessional.com 8
Revised March 28, 2018 Copyright LANWANProfessional.com 9
Revised March 28, 2018 Copyright LANWANProfessional.com 10