Ccna
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Ccna as PDF for free.
More details
- Words: 3,919
- Pages: 34
es gi lo
CCNA
M
Te
Lab Guide
ch
no
Cisco Certified Network Associate
ZO
O
Name: ______________________ Faculty:_____________________ Batch: ______________________ Branch:_____________________
Zoom Technologies®
1
Lab completion report Name:_________________________ Batch:_________________________ LAB
DATE
Student Sig
Lab Coordinator Sig
Remarks
es
Initial WAN Int
gi
Static
lo
RIP
no
EIGRP OSPF
ch
Access List
Frame Relay
M
VLAN
Te
NAT
VTP
ZO
O
InterVLAN Port Security
Sign Of the Faculty _________________________ Imp Note: After completing the lab on every session take the sign of the lab coordinator, course completion certificate will not be issued otherwise.
Zoom Technologies®
2
es gi lo no ch Te M O ZO Zoom Technologies®
3
es
Lab 1 - INITIAL ROUTER CONFIGURATION
gi
User mode: Router > Router > enable
Moving to Global configuration mode: Router # configure terminal Router(config) #
ch
Assigning Hostname to Router Rotuer(config)#Hostname Hyderabad
no
lo
Show commands: Router # show running-config Router # show startup-config Router # show version Router # show flash
ip address to Ethernet interface: (config) # interface Ethernet 0 (config-if) # ip address 192.168.1.1 255.255.255.0 (config-if) # no shut
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
Telnet password: (config) # line vty 0 4 (config-line) #login (config-line) #password zoom (config-line) #exit (config) #exit
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
console password: (config) # line con 0 (config-line) # login (config-line) # password ccna (config-line) # exit (config) # exit
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
Auxiliary password: (config) # line aux 0 (config-line) # login (config-line) # password cisco (config-line) # exit (config) # exit
ZO
O
M
Te
Assigning Hyderabad Hyderabad Hyderabad
Assigning enable password: Hyderabad (config) # enable password cisco
Zoom Technologies®
4
Hyderabad (config) # enable secret zoom
Checking the Changes in running-config Hyderabad # show running-config Hyderabad # show startup-config Commands to save the configuration:
Checking the startup-config: Hyderabad # show startup-config
2. Configure hostname to router.
no
1. Establish Telnet session to the Router
lo
Check the following if you have completed in the labs
gi
es
Hyderabad # copy running-config startup-config ( OR ) Hyderabad # write memory ( OR ) Hyderabad # wr
ch
3. Configuring Ethernet interface of the Router 4. Password protection to the Telnet session
Te
5. Password protection to the Console session
6. Password protection to the Auxiliary session 7. Setting up privilege mode Password.
M
8. Context sensitive help
O
9. Display the contents of Running-Configuration 10.Display the contents of Startup-configuration
ZO
11.Saving the Configuration 12.Establishing a console session to the Router
Important Note Please don’t forget to fill in the Lab Completion Report after the lab and take the signature of the lab coordinator as Course completion certificate will not be issued otherwise.
Zoom Technologies®
5
172.16.0.1/16 S0
s
Lab 2 - WAN INTERFACE CONFIGURATION:
HYD
S1 172.16.0.2/16
E0 192.168.1.1/24
LAN - 192.168.1.0/24
CHE
no lo gi e
172.17.0.1/16 S0
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
LAN – 10.0.0.0/8
CHE# configure terminal CHE(config)# interface serial 0 CHE(config-if)# ip address 172.16.0.1 255.255.0.0 CHE(config-if)# no shutdown CHE(config-if)# encapsulation hdlc CHE(config-if)# exit CHE(config)# exit
HYD # configure terminal HYD (config) # interface serial 1 HYD(config-if)#ip address 172.16.0.2 255.255.0.0 HYD(config-if)#no shutdown HYD(config-if)#clock rate 64000 HYD(config-if)#encapsulation hdlc HYD(config-if)#^z HYD# configure terminal HYD(config) #interface serial 0 HYD(config-if)#ip address 172.17.0.1 255.255.0.0 HYD(config-if)#no shutdown HYD(config-if)#encapsulation hdlc HYD(config-if)#clock rate 64000 HYD(config-if)#^z
O
M
Te
ON HYD:
ZO
E0 BAN 192.168.2.1/24
N
ON CHE:
Zoom Technologies®
BAN
6
LAN - 192.168.2.0/24
ON BAN: BAN# configure terminal BAN(config)#interface serial 1 BAN(config-if)#ip address 172.17.0.2 255.255.0.0 BAN(config-if)#no shutdown BAN(config-if)#encapsulation hdlc BAN(config-if)#^z
no lo gi e
s
Fill the Blanks before Starting your configuration
Router Name:_________________
ch
ROUTER # configure terminal ROUTER (config) # interface serial _____
ROUTER (config-if) # no shutdown ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # encapsulation hdlc
M
ROUTER (config-if) # exit
Te
ROUTER (config-if) # ip address ___________________ ___________________
ROUTER (config) # interface serial _____
O
ROUTER (config-if) # ip address ___________________ ___________________ ROUTER (config-if) # no shutdown
ZO
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit
Zoom Technologies®
7
s
Serial interface troubleshooting Router # show interfaces s 0
no lo gi e
Show commands:
Serial 0 is up , line protocol is up (connectivity is fine)
2.
Serial 0 is administratively down, line protocol is down (No Shutdown has to be given on the local router serial interface)
3.
Serial 0 is up, line protocol is down (Encapsulation mismatch or clock rate has to be given on DCE)
4.
Serial 0 is down, line protocol is down (Serial interface on the remote router has to be configure)
Te
ch
1.
Router # show controllers s 0
ZO
O
M
(To know whether the cable connected to the serial interface is DCE or DTE)
Zoom Technologies®
8
172.16.0.1/16 S0
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
LAN - 192.168.1.0/24
E0 10.0.0.1/8
ROUTER # show ip route
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
ON HYD :
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.168.1.0 255.255.255.0 172.16.0.1 HYD(config) # ip route 192.168.2.0 255.255.255.0 172.17.0.2
BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 10.0.0.0 255.0.0.0 172.17.0.1
M O ZO
Show commands:
S1 172.17.0.2/16
LAN – 10.0.0.0/8
Te
AREA 0
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 10.0.0.0 255.0.0.0 172.16.0.2
CHE
ch
E0 192.168.1.1/24
ON CHE :
s
no lo gi e
Lab 3.1 - STATIC ROUTING
Debug commands: ROUTER # debug ip routing ROUTER # debug ip packet
9
s no lo gi e
Fill the Blanks before Starting your configuration
Router Name:_________________ ROUTER # configure terminal ROUTER(config) # interface serial 0
ROUTER(config-if) # ip address ___________ _____________
ch
ROUTER(config-if) # no shutdown ROUTER(config-if) # clock rate 64000
ROUTER(config-if) # exit ROUTER(config) # interface serial 1
Te
ROUTER(config-if) # encapsulation hdlc
ROUTER(config-if) # ip address ___________ _____________
M
ROUTER(config-if) # no shutdown ROUTER(config-if) # encapsulation hdlc ROUTER(config-if) # clock rate 64000
ZO
ROUTER(config) #
O
ROUTER(config-if) # exit
ROUTER(config) # ip routing
ROUTER(config) # ip route _________________ ___________________ _________ ROUTER(config) # ip route _________________ ___________________ _________
Zoom Technologies®
10
172.16.0.1/16 S0
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
LAN - 192.168.1.0/24
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
ON HYD :
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.168.1.0 255.255.255.0 172.16.0.1 HYD(config) # ip route 192.168.2.0 255.255.255.0 172.17.0.2
BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 10.0.0.0 255.0.0.0 172.17.0.1 BAN(config) # ip route 192.168.1.0 255.255.255.0 172.17.0.1 BAN(config) # ip route 172.16.0.0 255.255.0.0 172.17.0.1
O ZO
Zoom Technologies®
S1 172.17.0.2/16
LAN – 10.0.0.0/8
M
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 10.0.0.0 255.0.0.0 172.16.0.2 CHE(config) # ip route 192.168.2.0 255.255.255.0 172.16.0.2 CHE(config) # ip route 172.17.0.0 255.255.0.0 172.16.0.2
E0 10.0.0.1/8
Te
AREA 0
CHE
ch
E0 192.168.1.1/24
ON CHE :
s
no lo gi e
Lab 3.2 - STATIC ROUTING
Show commands: ROUTER # show ip route
11
Lab 3.3: Default Routing 172.16.0.1 S0
CHE
es
E0
ON CHE :
ch
Show commands:
no
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 0.0.0.0 0.0.0.0 s0
lo
gi
192.168.1.1
Te
ROUTER # show ip route
Router Name:_________________ ROUTER # configure terminal
M
ROUTER(config) # interface serial 0 ROUTER(config-if) # ip address _________________________
O
ROUTER(config-if) # no shutdown ROUTER(config-if) # clock rate 64000
ZO
ROUTER(config-if) # encapsulation hdlc ROUTER(config-if) # exit ROUTER(config) # ROUTER(config) # ip routing ROUTER(config) # ip route 0.0.0.0 0.0.0.0 _____ ____
Zoom Technologies®
12
1. Assign the IP address and make the serial interface administratively up. 2. Understanding the importance of extended ping command. 3. Understanding the importance of debug IP packet command.
5. Adding a static route by defining the next hop address.
gi
6. Adding a static route by defining the exit interface.
es
4. Understanding the routing table.
ZO
O
M
Te
ch
no
lo
7. Adding a default route.
Zoom Technologies®
13
172.16.0.1/16 S0
no lo gi e
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
CHE
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
Te
HYD # config terminal HYD(config) # ip routing HYD(config) # router rip HYD(config-router) # network 10.0.0.0 0 HYD(config-router) # network 172.16.0.0 HYD(config-router) # network 172.17.0.0 HYD(config-router) # ^z HYD#
Show commands:
Debug commands:
M
E0 BAN 192.168.2.1/24
N
ON BAN:
CHE#config terminal CHE(config)#ip routing CHE(config)#router rip CHE(config-router)# network 192.168.1.0 CHE(config-router) # network 172.16.0.0 CHE(config-router) #^z AREA 0 CHE#
O
BAN
LAN - 192.168.2.0/24
ON HYD :
HYD # debug ip rip HYD# terminal monitor
ZO
Zoom Technologies®
S1 172.17.0.2/16
LAN – 10.0.0.0/8
ON CHE:
HYD # show ip route HYD # show ip protocols
s
Lab 4 - RIP:
14
BAN # config terminal BAN(config) # ip routing BAN(config) # router rip BAN(config-router) # network 192.168.2.0 BAN(config-router) # network 172.17.0.0 BAN(config-router) # ^z BAN#
no lo gi e
s
Fill the Blanks before Starting your configuration
Router Name:_________________ ROUTER # configure terminal
ROUTER(config) #
ch
ROUTER (config) # interface serial 0
ROUTER (config-if) # ip address ____________ ___________
ROUTER(config) # ip routing
ROUTER (config-if) # no shutdown
ROUTER(config) # router rip
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # exit ROUTER (config) # interface serial 1
ROUTER(config-router) # network ________________
Te
ROUTER (config-if) # clock rate 64000
M
ROUTER (config-if) # ip address ____________ ___________
ROUTER(config-router) # network ________________ ROUTER(config-router) # network________________ ROUTER(config-router) # ^z ROUTER#
ROUTER (config-if) # no shutdown
O
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # clock rate 64000
ZO
ROUTER (config-if) # exit
Zoom Technologies®
15
1. Enabling RIP Protocol process on the respective networks 2. Understanding the RIP protocol routes in the routing table 3. Understanding the RIP updates using debug IP RIP command
ZO
O
M
Te
ch
no
lo
gi
es
4. Check the A.D usage with RIP and Static
Zoom Technologies®
16
172.16.0.1/16 S0
s
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
LAN – 10.0.0.0/8
ZO
O
M
CHE # config terminal CHE(config) # ip routing CHE(config) # router eigrp 10 CHE(config-router)# network 192.168.1.0 CHE(config-router)# network 172.16.0.0 CHE(config-router)# exit CHE(config) AREA # exit 0
HYD # show ip route HYD # show ip protocols
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
Te
ON CHE:
Show commands:
no lo gi e
Lab 5 - EIGRP
ON HYD:
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # router eigrp 10 HYD(config-router)#network 10.0.0.0 HYD(config-router)#network 172.16.0.0 HYD(config-router)#network 172.17.0.0 HYD(config-router)#exit HYD(config) # exit
BAN # config terminal BAN(config) # ip routing BAN(config) # router eigrp 10 BAN(config-router)#network 192.168.2.0 BAN(config-router)#network 172.17.0.0 BAN(config-router)#exit BAN(config)#exit
Show commands: HYD # show ip eigrp topology [all] HYD # show ip eigrp neighbor HYD # show ip eigrp neighbor details
17
s no lo gi e
Fill the Blanks before Starting your configuration
Router Name:_________________
ROUTER(config) #
ch
ROUTER # configure terminal
ROUTER(config) # ip routing
ROUTER (config) # interface serial 0
ROUTER (config-if) # no shutdown
Te
ROUTER (config-if) # ip address ___________ ____________ ROUTER(config) # router eigrp _______ ROUTER(config-router) # network ________________
ROUTER (config-if) # clock rate 64000
ROUTER(config-router) # network ________________
ROUTER (config-if) # encapsulation hdlc
ROUTER(config-router) # network________________
ROUTER (config-if) # exit
ROUTER(config-router) # ^z
M
ROUTER (config) # interface serial 1
ROUTER#
ROUTER (config-if) # ip address ___________ ____________
O
ROUTER (config-if) # no shutdown
ROUTER (config-if) # encapsulation hdlc
ZO
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit
Zoom Technologies®
18
1. Configuration of EIGRP 2. Verify Neighbor table 3. Verify topology table (FD/AD)
ZO
O
M
Te
ch
no
lo
gi
es
4. Verify the routing table
Zoom Technologies®
19
s
Lab 6 - OSPF
172.16.0.1/16 S0
HYD
172.17.0.1/16 S0
S1 172.16.0.2/16
CHE CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
LAN – 10.0.0.0/8
ZO
O
AREA 0
Router # show ip route Router # show ip ospf database Router # show ip ospf neighbors
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24 N
N
ON HYD:
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # router ospf 3 HYD(config-router)# network 10.0.0.0 0.255.255.255 area 0 HYD(config-router)# network 172.16.0.0 0.0.255.255 area 0 HYD(config-router)# network 172.17.0.0 0.0.255.255 area 0 HYD(config-router)# ^z HYD #
BAN # config terminal BAN(config) # ip routing BAN(config) # router ospf 3 BAN(config-router)#network 192.168.2.0 0.0.0.255 area 0 BAN(config-router)#network 172.17.0.0 0.0.255.255 area 0 BAN(config-router)#^z BAN#
M
CHE # config terminal CHE(config) # ip routing CHE(config) # router ospf 5 CHE(config-router)#network 192.168.1.0 0.0.0.255 area 0 CHE(config-router)#network 172.16.0.0 0.0.255.255 area 0 CHE(config-router) #^z CHE#
BAN BAN
LAN - 192.168.2.0/24
Te
ON CHE:
Show commands:
no lo gi e
AREA 0
Debug commands: Router # debug ip ospf adj Router # debug ip ospf hello Router # debug ip ospf packets Router # debug ip ospf events
20
no lo gi e
s
Fill in the Blanks before starting your configuration
Router Name:_________________
ROUTER # configure terminal
ROUTER(config) # router OSPF ____
ch
ROUTER (config) # interface serial 0
ROUTER(config-router) # network _________ _______ area _____
ROUTER (config-if) # no shutdown
ROUTER(config-router) # network _________ _______ area _____
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # encapsulation hdlc
Te
ROUTER (config-if) # ip address ______________ _________
ROUTER(config-router) # network _________ _______ area _____ ROUTER(config-router) # ^z ROUTER#
ROUTER (config) # interface serial 1
M
ROUTER (config-if) # exit
ROUTER (config-if) # ip address ______________ _________
O
ROUTER (config-if) # no shutdown
ROUTER (config-if) # encapsulation hdlc
ZO
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit ROUTER(config) #
ROUTER(config) # ip routing
Zoom Technologies®
21
1. Configuration of OSPF 2. Automatic selection process of router-id 3. Debugging and understanding the functioning of hello packet 4. Debugging and understanding the adjacency formation
es
5. Verification of OSPF database 6. Verification of OSPF Neighbor table
ZO
O
M
Te
ch
no
lo
gi
7. Election of DR/BDR
Zoom Technologies®
22
172.16.0.1/16 S0
172.17.0.1/16 S0
no lo gi e
HYD
s
Lab 7 - STANDARD ACCESS-LIST:
S1 172.16.0.2/16
E0 192.168.1.1/24
LAN - 192.168.1.0/24
CHE
E0 10.0.0.1/8
S1 172.17.0.2/16
LAN – 10.0.0.0/8
BAN E0 BAN 192.168.2.1/24
N
ch
LAN - 192.168.2.0/24
SCENARIO 2:
SCENARIO 3:
Only 192.168.2.0 should communicate with 192.168.1.0
Configuration of an access-list on HYD that administrative access through Telnet is possible only from 10.0.0.10
Configuration of an standard access-list on Bangalore Ethernet 0 in the outbound direction denying 10.0.0.10
ON HYD:
ON BAN:
HYD #config terminal HYD (config) # access-list 1 permit 10.0.0.10 0.0.0.0 HYD (config) # line vty 0 4 HYD (config-line) # ip access-class in HYD (config-line) # exit HYD (config) # exit
BAN #config terminal BAN (config) # access-list 1 deny 10.0.0.10 0.0.0.0 BAN (config)#access-list 1 permit any BAN (config)#interface Ethernet 0 BAN (config-if) # ip access-group 1 out BAN (config-if) # exit BAN (config) # exit
ON CHE:
O
M
CHE #config terminal CHE (config) # access-list 1 permit 192.168.2.0 0.0.0.255 CHE (config) # int e0 CHE (config-if) # ip access-group 1 out CHE (config-if) # exit CHE (config) # exit
Te
SCENARIO 1:
ZO
CHE # show ip access-list
Note: Use the command prompt of a PC try to ping the filtered ip address
Zoom Technologies®
HYD # show ip access-list
23
172.16.0.1/16 S0 S1 172.16.0.2/16
`
CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
no lo gi e
HYD
172.17.0.1/16 S0
LAN - 192.168.1.0/24
s
Lab 8 - EXTENDED ACCESS-LIST:
LAN – 10.0.0.0/8
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
SCENARIO :1
SCENARIO :3
Configuration of an extended access-list CHESerial 0 in inbound direction deny PING (Echo) from Bang LAN to Chen LAN permit all other services.
Configuration of an extended access-list HYD Ethernet 0 in outbound direction. Allow only FTP service to be access from Bang LAN
Configuration of an extended access-list BAN serial 1 in inbound direction. Deny HTTP from Chen LAN to Bang LAN. Permit all other service from any network.
On HYD:
On BAN:
M
On CHE:
Te
SCENARIO :2
ZO
O
CHE#configure terminal CHE (config)#access-list 110 deny icmp 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255 echo CHE (config)#access-list 110 permit ip any any CHE (config)#interface serial 0 CHE (config-if)#ip access-group 110 in CHE (config-if)^z
HYD#configure terminal HYD (config)#access-list 101 permit tcp 192.168.2.0 0.0.0.255 10.0.0.10 0.0.0.0 eq ftp HYD (config)#interface ethernet 0 HYD (config-if)#ip access-group 101 out HYD (config-if)#exit HYD (config)#
0.0.0.255 192.168.2.0 0.0.0.255 eq 80
BAN BAN BAN BAN
(config)#access-list 111 permit ip any any (config)#interface serial 1 (config-if)#ip access-group 111 in (config-if)^z
BAN # sh ip access-list
HYD # sh ip access-list
CHE # sh ip access-list
Zoom Technologies®
BAN#configure terminal BAN (config)#access-list 111 deny tcp 192.168.1.0
24
1. Configure any routing protocol (e.g. RIP) & check the communication 2. Configure Standard access-list on CHE Ethernet 0 in the out bound direction, permitting only 192.168.2.0
4. Configure an access-list on BAN Ethernet 0 in the outbound direction, denying 10.0.0.10 host only
lo
gi
5. Configuration an access-list on CHE serial 0 in the inbound direction, deny ping request from 192.168.2.0 to 192.168.1.0 and permitting any other services.
es
3. Configure an access-list on HYD that administrative access through Telnet is possible only from 10.0.0.10
no
6. Configuration of an extended access-list on HYD Ethernet 0 in the outbound direction permitting only FTP service from the network 192.168.2.0 to 10.0.0.10
ZO
O
M
Te
ch
7. Configuration of an extended access-list on BAN serial 1 in inbound direction denying HTTP from 192.168.1.0 to 192.168.2.0 and permitting other traffic from any network to 192.168.2.0 network.
Zoom Technologies®
25
s no lo gi e
LAB 9: FRAME RELAY AREA 0
GOA S0.1 172.17.0.2/16 DLCI 400
BAN
DLCI 100
Te
S1.1 172.16.0.2/16
DLCI 300
DLCI 500
ch
172.17.0.1/16 S1.2
S0.2 172.18.0.1/16
DLCI 200
S0.1 172.16.0.1/16
172.18.0.2/16 S1.2
DLCI 800
S1.1 < 172.19.0.2/16
BOM
DLCI 700
M
S0.2 172.19.0.1/16
CHE
ZO
O
DLCI 600
Zoom Technologies®
26
CONFIGURATION ON BAN:
CONFIGURATION ON GOA:
CHE# CHE# config terminal CHE(config)# interface serial 0 CHE(config-if)# no ip address CHE(config-if)# no shut CHE(config-if)# encapsulation frame-relay CHE(config-if)#frame-relay lmi-type cisco CHE(config-if)# exit CHE(config)# interface serial 0.1 point-to-point CHE(config-if)#ip address 172.16.0.1 255.255.0.0 CHE(config-if)#frame-relay interface-dlci 200 CHE(config-if-dlci)#exit CHE(config-if)#exit CHE(config)# interface serial 0.2 point-to-point CHE(config-if)#ip address 172.19.0.1 255.255.0.0 CHE(config-if)#frame-relay interface-dlci 700 CHE(config-if-dlci)#exit CHE(config-if)#exit CHE(config)#^z CHE#
BAN# BAN # config terminal BAN (config)# interface serial 1 BAN (config-if)# no ip address BAN (config-if)# no shut BAN (config-if)# encapsulation frame-relay BAN (config-if)#frame-relay lmi-type cisco BAN (config-if)# exit BAN (config)# interface serial 1.1 point-to-point BAN (config-if)#ip address 172.16.0.2 255.255.0.0 BAN (config-if)#frame-relay interface-dlci 100 BAN (config-if-dlci)#exit BAN (config-if)#exit BAN (config)# interface serial 1.2 point-to-point BAN (config-if)#ip address 172.17.0.1 255.255.0.0 BAN (config-if)#frame-relay interface-dlci 300 BAN (config-if-dlci)#exit BAN (config-if)#exit BAN (config)#^z BAN #
GOA# GOA # config terminal GOA(config)# interface serial 0 GOA(config-if)# no ip address GOA(config-if)# no shut GOA(config-if)# encapsulation frame-relay GOA(config-if)#frame-relay lmi-type cisco GOA(config-if)# exit GOA(config)# interface serial 0.1 point-to-point GOA(config-if)#ip address 172.17.0.2 255.255.0.0 GOA(config-if)#frame-relay interface-dlci 400 GOA(config-if-dlci)#exit GOA(config-if)#exit GOA(config)# interface serial 0.2 point-to-point GOA(config-if)#ip address 172.18.0.1 255.255.0.0 GOA(config-if)#frame-relay interface-dlci 500 GOA(config-if-dlci)#exit GOA(config-if)#exit GOA(config)#^z GOA#
CONFIGURATION ON BOM:
Show commands:
no lo gi e
ch
Te
BOM# BOM # config terminal BOM(config)# interface serial 1 BOM(config-if)# no ip address BOM(config-if)# no shut BOM(config-if)# encapsulation frame-relay BOM(config-if)#frame-relay lmi-type cisco BOM(config-if)# exit BOM(config)# interface serial 1.1 point-to-point BOM(config-if)#ip address 172.19.0.2 255.255.0.0 BOM(config-if)#frame-relay interface-dlci 800 BOM(config-if-dlci)#exit BOM(config-if)#exit BOM(config)# interface serial 1.2 point-to-point BOM(config-if)#ip address 172.18.0.2 255.255.0.0 BOM(config-if)#frame-relay interface-dlci 600 BOM(config-if-dlci)#exit BOM(config-if)#exit BOM(config)#^z BOM#
M O ZO
Zoom Technologies®
s
CONFIGURATION ON CHE:
27
ROUTER# show frame-relay pvc ROUTER# show frame-relay map ROUTER # show ip route
1. Configuration of the frame-relay encapsulations 2. Observation of the status of PVCs 3. Verification of the frame relay map 4. Configure static routing on Frame relay and check communication
es
5. Verification of the routing tables
gi
ROUTER# ROUTER# config terminal
lo
ROUTER(config)# interface serial ____
ROUTER(config-if)# no shut
no
ROUTER(config-if)# no ip address
ROUTER(config-if)# encapsulation frame-relay
ROUTER(config-if)# exit
ch
ROUTER(config-if)#frame-relay lmi-type cisco
ROUTER(config)# interface serial ____.___ point-to-point
Te
ROUTER(config-if)#ip address ____________ ____________ ROUTER(config-if)#frame-relay interface-dlci _____ ROUTER(config-if-dlci)#exit ROUTER(config-if)#exit
M
ROUTER(config)# interface serial ___.____ point-to-point ROUTER(config-if)#ip address ____________ ____________
O
ROUTER(config-if)#frame-relay interface-dlci _____ ROUTER(config-if-dlci)#exit
ZO
ROUTER(config-if)#exit ROUTER(config)#^z ROUTER#
Zoom Technologies®
28
VLAN CREATION:
Te
ON 192.168.20.50
ch
no
lo
gi
es
Lab 10 - VLAN
O
M
2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt
ON 192.168.20.51 VLAN CREATION: 2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt ASSIGNING MEMBERSHIP TO THE PORTS:
2950(config) # interface range fa0/1 -2 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/4 - 5 2950(config)# switchport access vlan 20
2950(config) # interface range fa0/13 - 14 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/16 - 17 2950(config)# switchport access vlan 20
TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit 2950(config) # exit
TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit 2950(config) # exit
ZO
ASSIGNING MEMBERSHIP TO THE PORTS:
Zoom Technologies®
29
Te
ch
no
lo
gi
es
Lab 11 - Inter-VLAN
ZO
O
M
switch# configure terminal switch(config)#vlan 10 switch(config-vlan)# name Sales switch(config-vlan)# exit switch(config)# vlan 20 switch(config-vlan)# name Marketting switch(config-vlan)# exit switch(config)# interface range fa0/1 - 2 switch(config-if-range)# switchport mode access switch(config-if-range)# switchport access vlan 10 switch(config-if-range)# exit switch(config)# interface range fa0/5 - 6 switch(config-if-range)# switchport mode access switch(config-if-range)# switchport access vlan 20 switch(config-if-range)# exit switch(config)# interface fa0/10 switch(config-if)# switchport mode trunk switch(config-if)# switchport trunk allowed vlan all switch(config-if)# exit
Zoom Technologies®
router#configure terminal router(config)# interface ethernet 0 router(config-if)# no ip address router(config-if)# no shutdown router(config-if)# exit router(config)# interface ethernet 0.1 router(config-if)# encapsulation dot1q 10 router(config-if)# ip address 192.168.1.1 255.255.255.0 router(config-if)# exit router(config)# interface ethernet 0.2 router(config-if)# encapsulation dot1q 20 router(config-if)# ip address 192.168.2.1 255.255.255.0 router(config-if)# exit router(config)# no ip routing router(config)# ip routing
30
1. Verification of MAC address table 2. Creation of VLAN 3. Assigning the hosts to a VLAN
es
4. Configure Trunking between switches 5. Created Sub-interfaces on Router
7. Configuration of encapsulation for the trunk link
gi
6. Changed sub-interface encapsulation to dot1q
lo
8. Inter-VLAN communication through an external router.
no
9. Understanding the concepts of VTP modes Server mode
ch
Client mode
ZO
O
M
Te
Transparent mode
Zoom Technologies®
31
ch
no
lo
gi
es
Lab 12 - Port Security
ZO
O
M
Te
Switch(config-if)#Switchport port-security Switch(config-if)#Switchport port-security maximum Switch(config-if)#Switcport port-security mac-address <mac-address> Switch(config-if)#Switchport port-security violation{protect|restrict|shutdown}
Zoom Technologies®
32
ch
no
lo
gi
es
Lab 13 – NAT Configuration
Configuration of Static NAT
Te
Configuration of PAT
CHE# configure terminal CHE(config)# interface s0 CHE(config-if)#ip address 202.1.0.18 255.255.255.248 CHE(config-if)#no shutdown CHE(config-if)#encapsulation ppp CHE(config-if)#ip nat outside CHE(config-if)#exit CHE(config)#interface Ethernet 0 CHE(config-if)#ip nat inside CHE(config-if)#exit CHE(config)#ip nat inside source static 192.168.1.10 202.1.0.19
ZO
O
M
CHE# configure terminal CHE(config)# interface s0 CHE(config-if)#ip address 202.1.0.18 255.255.255.248 CHE(config-if)#no shutdown CHE(config-if)#encapsulation ppp CHE(config-if)#ip nat outside CHE(config-if)#exit CHE(config)#interface Ethernet 0 CHE(config-if)#ip nat inside CHE(config-if)#exit CHE(config)#access-list 10 permit 192.168.1.0 0.0.0.255 CHE(config)#ip nat inside source list 10 interface serial 0 overload CHE(config)#exit CHE#
Show Commands CHE# show ip nat translation CHE# debug ip nat
Zoom Technologies®
33
Check the following if you have completed the lab
1. Configure and verify Static Nat
lo
gi
3. Check the Nat table
es
2. Configure and verify Port Address Translation
no
4. Configure and verify PAT
ZO
O
M
Te
ch
5. Debugging of NAT
Zoom Technologies®
34
CCNA
M
Te
Lab Guide
ch
no
Cisco Certified Network Associate
ZO
O
Name: ______________________ Faculty:_____________________ Batch: ______________________ Branch:_____________________
Zoom Technologies®
1
Lab completion report Name:_________________________ Batch:_________________________ LAB
DATE
Student Sig
Lab Coordinator Sig
Remarks
es
Initial WAN Int
gi
Static
lo
RIP
no
EIGRP OSPF
ch
Access List
Frame Relay
M
VLAN
Te
NAT
VTP
ZO
O
InterVLAN Port Security
Sign Of the Faculty _________________________ Imp Note: After completing the lab on every session take the sign of the lab coordinator, course completion certificate will not be issued otherwise.
Zoom Technologies®
2
es gi lo no ch Te M O ZO Zoom Technologies®
3
es
Lab 1 - INITIAL ROUTER CONFIGURATION
gi
User mode: Router > Router > enable
Moving to Global configuration mode: Router # configure terminal Router(config) #
ch
Assigning Hostname to Router Rotuer(config)#Hostname Hyderabad
no
lo
Show commands: Router # show running-config Router # show startup-config Router # show version Router # show flash
ip address to Ethernet interface: (config) # interface Ethernet 0 (config-if) # ip address 192.168.1.1 255.255.255.0 (config-if) # no shut
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
Telnet password: (config) # line vty 0 4 (config-line) #login (config-line) #password zoom (config-line) #exit (config) #exit
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
console password: (config) # line con 0 (config-line) # login (config-line) # password ccna (config-line) # exit (config) # exit
Assigning Hyderabad Hyderabad Hyderabad Hyderabad Hyderabad
Auxiliary password: (config) # line aux 0 (config-line) # login (config-line) # password cisco (config-line) # exit (config) # exit
ZO
O
M
Te
Assigning Hyderabad Hyderabad Hyderabad
Assigning enable password: Hyderabad (config) # enable password cisco
Zoom Technologies®
4
Hyderabad (config) # enable secret zoom
Checking the Changes in running-config Hyderabad # show running-config Hyderabad # show startup-config Commands to save the configuration:
Checking the startup-config: Hyderabad # show startup-config
2. Configure hostname to router.
no
1. Establish Telnet session to the Router
lo
Check the following if you have completed in the labs
gi
es
Hyderabad # copy running-config startup-config ( OR ) Hyderabad # write memory ( OR ) Hyderabad # wr
ch
3. Configuring Ethernet interface of the Router 4. Password protection to the Telnet session
Te
5. Password protection to the Console session
6. Password protection to the Auxiliary session 7. Setting up privilege mode Password.
M
8. Context sensitive help
O
9. Display the contents of Running-Configuration 10.Display the contents of Startup-configuration
ZO
11.Saving the Configuration 12.Establishing a console session to the Router
Important Note Please don’t forget to fill in the Lab Completion Report after the lab and take the signature of the lab coordinator as Course completion certificate will not be issued otherwise.
Zoom Technologies®
5
172.16.0.1/16 S0
s
Lab 2 - WAN INTERFACE CONFIGURATION:
HYD
S1 172.16.0.2/16
E0 192.168.1.1/24
LAN - 192.168.1.0/24
CHE
no lo gi e
172.17.0.1/16 S0
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
LAN – 10.0.0.0/8
CHE# configure terminal CHE(config)# interface serial 0 CHE(config-if)# ip address 172.16.0.1 255.255.0.0 CHE(config-if)# no shutdown CHE(config-if)# encapsulation hdlc CHE(config-if)# exit CHE(config)# exit
HYD # configure terminal HYD (config) # interface serial 1 HYD(config-if)#ip address 172.16.0.2 255.255.0.0 HYD(config-if)#no shutdown HYD(config-if)#clock rate 64000 HYD(config-if)#encapsulation hdlc HYD(config-if)#^z HYD# configure terminal HYD(config) #interface serial 0 HYD(config-if)#ip address 172.17.0.1 255.255.0.0 HYD(config-if)#no shutdown HYD(config-if)#encapsulation hdlc HYD(config-if)#clock rate 64000 HYD(config-if)#^z
O
M
Te
ON HYD:
ZO
E0 BAN 192.168.2.1/24
N
ON CHE:
Zoom Technologies®
BAN
6
LAN - 192.168.2.0/24
ON BAN: BAN# configure terminal BAN(config)#interface serial 1 BAN(config-if)#ip address 172.17.0.2 255.255.0.0 BAN(config-if)#no shutdown BAN(config-if)#encapsulation hdlc BAN(config-if)#^z
no lo gi e
s
Fill the Blanks before Starting your configuration
Router Name:_________________
ch
ROUTER # configure terminal ROUTER (config) # interface serial _____
ROUTER (config-if) # no shutdown ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # encapsulation hdlc
M
ROUTER (config-if) # exit
Te
ROUTER (config-if) # ip address ___________________ ___________________
ROUTER (config) # interface serial _____
O
ROUTER (config-if) # ip address ___________________ ___________________ ROUTER (config-if) # no shutdown
ZO
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit
Zoom Technologies®
7
s
Serial interface troubleshooting Router # show interfaces s 0
no lo gi e
Show commands:
Serial 0 is up , line protocol is up (connectivity is fine)
2.
Serial 0 is administratively down, line protocol is down (No Shutdown has to be given on the local router serial interface)
3.
Serial 0 is up, line protocol is down (Encapsulation mismatch or clock rate has to be given on DCE)
4.
Serial 0 is down, line protocol is down (Serial interface on the remote router has to be configure)
Te
ch
1.
Router # show controllers s 0
ZO
O
M
(To know whether the cable connected to the serial interface is DCE or DTE)
Zoom Technologies®
8
172.16.0.1/16 S0
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
LAN - 192.168.1.0/24
E0 10.0.0.1/8
ROUTER # show ip route
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
ON HYD :
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.168.1.0 255.255.255.0 172.16.0.1 HYD(config) # ip route 192.168.2.0 255.255.255.0 172.17.0.2
BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 10.0.0.0 255.0.0.0 172.17.0.1
M O ZO
Show commands:
S1 172.17.0.2/16
LAN – 10.0.0.0/8
Te
AREA 0
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 10.0.0.0 255.0.0.0 172.16.0.2
CHE
ch
E0 192.168.1.1/24
ON CHE :
s
no lo gi e
Lab 3.1 - STATIC ROUTING
Debug commands: ROUTER # debug ip routing ROUTER # debug ip packet
9
s no lo gi e
Fill the Blanks before Starting your configuration
Router Name:_________________ ROUTER # configure terminal ROUTER(config) # interface serial 0
ROUTER(config-if) # ip address ___________ _____________
ch
ROUTER(config-if) # no shutdown ROUTER(config-if) # clock rate 64000
ROUTER(config-if) # exit ROUTER(config) # interface serial 1
Te
ROUTER(config-if) # encapsulation hdlc
ROUTER(config-if) # ip address ___________ _____________
M
ROUTER(config-if) # no shutdown ROUTER(config-if) # encapsulation hdlc ROUTER(config-if) # clock rate 64000
ZO
ROUTER(config) #
O
ROUTER(config-if) # exit
ROUTER(config) # ip routing
ROUTER(config) # ip route _________________ ___________________ _________ ROUTER(config) # ip route _________________ ___________________ _________
Zoom Technologies®
10
172.16.0.1/16 S0
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
LAN - 192.168.1.0/24
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
ON HYD :
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.168.1.0 255.255.255.0 172.16.0.1 HYD(config) # ip route 192.168.2.0 255.255.255.0 172.17.0.2
BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 10.0.0.0 255.0.0.0 172.17.0.1 BAN(config) # ip route 192.168.1.0 255.255.255.0 172.17.0.1 BAN(config) # ip route 172.16.0.0 255.255.0.0 172.17.0.1
O ZO
Zoom Technologies®
S1 172.17.0.2/16
LAN – 10.0.0.0/8
M
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 10.0.0.0 255.0.0.0 172.16.0.2 CHE(config) # ip route 192.168.2.0 255.255.255.0 172.16.0.2 CHE(config) # ip route 172.17.0.0 255.255.0.0 172.16.0.2
E0 10.0.0.1/8
Te
AREA 0
CHE
ch
E0 192.168.1.1/24
ON CHE :
s
no lo gi e
Lab 3.2 - STATIC ROUTING
Show commands: ROUTER # show ip route
11
Lab 3.3: Default Routing 172.16.0.1 S0
CHE
es
E0
ON CHE :
ch
Show commands:
no
CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 0.0.0.0 0.0.0.0 s0
lo
gi
192.168.1.1
Te
ROUTER # show ip route
Router Name:_________________ ROUTER # configure terminal
M
ROUTER(config) # interface serial 0 ROUTER(config-if) # ip address _________________________
O
ROUTER(config-if) # no shutdown ROUTER(config-if) # clock rate 64000
ZO
ROUTER(config-if) # encapsulation hdlc ROUTER(config-if) # exit ROUTER(config) # ROUTER(config) # ip routing ROUTER(config) # ip route 0.0.0.0 0.0.0.0 _____ ____
Zoom Technologies®
12
1. Assign the IP address and make the serial interface administratively up. 2. Understanding the importance of extended ping command. 3. Understanding the importance of debug IP packet command.
5. Adding a static route by defining the next hop address.
gi
6. Adding a static route by defining the exit interface.
es
4. Understanding the routing table.
ZO
O
M
Te
ch
no
lo
7. Adding a default route.
Zoom Technologies®
13
172.16.0.1/16 S0
no lo gi e
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
CHE
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
Te
HYD # config terminal HYD(config) # ip routing HYD(config) # router rip HYD(config-router) # network 10.0.0.0 0 HYD(config-router) # network 172.16.0.0 HYD(config-router) # network 172.17.0.0 HYD(config-router) # ^z HYD#
Show commands:
Debug commands:
M
E0 BAN 192.168.2.1/24
N
ON BAN:
CHE#config terminal CHE(config)#ip routing CHE(config)#router rip CHE(config-router)# network 192.168.1.0 CHE(config-router) # network 172.16.0.0 CHE(config-router) #^z AREA 0 CHE#
O
BAN
LAN - 192.168.2.0/24
ON HYD :
HYD # debug ip rip HYD# terminal monitor
ZO
Zoom Technologies®
S1 172.17.0.2/16
LAN – 10.0.0.0/8
ON CHE:
HYD # show ip route HYD # show ip protocols
s
Lab 4 - RIP:
14
BAN # config terminal BAN(config) # ip routing BAN(config) # router rip BAN(config-router) # network 192.168.2.0 BAN(config-router) # network 172.17.0.0 BAN(config-router) # ^z BAN#
no lo gi e
s
Fill the Blanks before Starting your configuration
Router Name:_________________ ROUTER # configure terminal
ROUTER(config) #
ch
ROUTER (config) # interface serial 0
ROUTER (config-if) # ip address ____________ ___________
ROUTER(config) # ip routing
ROUTER (config-if) # no shutdown
ROUTER(config) # router rip
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # exit ROUTER (config) # interface serial 1
ROUTER(config-router) # network ________________
Te
ROUTER (config-if) # clock rate 64000
M
ROUTER (config-if) # ip address ____________ ___________
ROUTER(config-router) # network ________________ ROUTER(config-router) # network________________ ROUTER(config-router) # ^z ROUTER#
ROUTER (config-if) # no shutdown
O
ROUTER (config-if) # encapsulation hdlc ROUTER (config-if) # clock rate 64000
ZO
ROUTER (config-if) # exit
Zoom Technologies®
15
1. Enabling RIP Protocol process on the respective networks 2. Understanding the RIP protocol routes in the routing table 3. Understanding the RIP updates using debug IP RIP command
ZO
O
M
Te
ch
no
lo
gi
es
4. Check the A.D usage with RIP and Static
Zoom Technologies®
16
172.16.0.1/16 S0
s
172.17.0.1/16 S0
HYD
S1 172.16.0.2/16
CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
LAN – 10.0.0.0/8
ZO
O
M
CHE # config terminal CHE(config) # ip routing CHE(config) # router eigrp 10 CHE(config-router)# network 192.168.1.0 CHE(config-router)# network 172.16.0.0 CHE(config-router)# exit CHE(config) AREA # exit 0
HYD # show ip route HYD # show ip protocols
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
Te
ON CHE:
Show commands:
no lo gi e
Lab 5 - EIGRP
ON HYD:
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # router eigrp 10 HYD(config-router)#network 10.0.0.0 HYD(config-router)#network 172.16.0.0 HYD(config-router)#network 172.17.0.0 HYD(config-router)#exit HYD(config) # exit
BAN # config terminal BAN(config) # ip routing BAN(config) # router eigrp 10 BAN(config-router)#network 192.168.2.0 BAN(config-router)#network 172.17.0.0 BAN(config-router)#exit BAN(config)#exit
Show commands: HYD # show ip eigrp topology [all] HYD # show ip eigrp neighbor HYD # show ip eigrp neighbor details
17
s no lo gi e
Fill the Blanks before Starting your configuration
Router Name:_________________
ROUTER(config) #
ch
ROUTER # configure terminal
ROUTER(config) # ip routing
ROUTER (config) # interface serial 0
ROUTER (config-if) # no shutdown
Te
ROUTER (config-if) # ip address ___________ ____________ ROUTER(config) # router eigrp _______ ROUTER(config-router) # network ________________
ROUTER (config-if) # clock rate 64000
ROUTER(config-router) # network ________________
ROUTER (config-if) # encapsulation hdlc
ROUTER(config-router) # network________________
ROUTER (config-if) # exit
ROUTER(config-router) # ^z
M
ROUTER (config) # interface serial 1
ROUTER#
ROUTER (config-if) # ip address ___________ ____________
O
ROUTER (config-if) # no shutdown
ROUTER (config-if) # encapsulation hdlc
ZO
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit
Zoom Technologies®
18
1. Configuration of EIGRP 2. Verify Neighbor table 3. Verify topology table (FD/AD)
ZO
O
M
Te
ch
no
lo
gi
es
4. Verify the routing table
Zoom Technologies®
19
s
Lab 6 - OSPF
172.16.0.1/16 S0
HYD
172.17.0.1/16 S0
S1 172.16.0.2/16
CHE CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
LAN - 192.168.1.0/24
LAN – 10.0.0.0/8
ZO
O
AREA 0
Router # show ip route Router # show ip ospf database Router # show ip ospf neighbors
Zoom Technologies®
BAN E0 BAN 192.168.2.1/24 N
N
ON HYD:
ON BAN:
HYD # config terminal HYD(config) # ip routing HYD(config) # router ospf 3 HYD(config-router)# network 10.0.0.0 0.255.255.255 area 0 HYD(config-router)# network 172.16.0.0 0.0.255.255 area 0 HYD(config-router)# network 172.17.0.0 0.0.255.255 area 0 HYD(config-router)# ^z HYD #
BAN # config terminal BAN(config) # ip routing BAN(config) # router ospf 3 BAN(config-router)#network 192.168.2.0 0.0.0.255 area 0 BAN(config-router)#network 172.17.0.0 0.0.255.255 area 0 BAN(config-router)#^z BAN#
M
CHE # config terminal CHE(config) # ip routing CHE(config) # router ospf 5 CHE(config-router)#network 192.168.1.0 0.0.0.255 area 0 CHE(config-router)#network 172.16.0.0 0.0.255.255 area 0 CHE(config-router) #^z CHE#
BAN BAN
LAN - 192.168.2.0/24
Te
ON CHE:
Show commands:
no lo gi e
AREA 0
Debug commands: Router # debug ip ospf adj Router # debug ip ospf hello Router # debug ip ospf packets Router # debug ip ospf events
20
no lo gi e
s
Fill in the Blanks before starting your configuration
Router Name:_________________
ROUTER # configure terminal
ROUTER(config) # router OSPF ____
ch
ROUTER (config) # interface serial 0
ROUTER(config-router) # network _________ _______ area _____
ROUTER (config-if) # no shutdown
ROUTER(config-router) # network _________ _______ area _____
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # encapsulation hdlc
Te
ROUTER (config-if) # ip address ______________ _________
ROUTER(config-router) # network _________ _______ area _____ ROUTER(config-router) # ^z ROUTER#
ROUTER (config) # interface serial 1
M
ROUTER (config-if) # exit
ROUTER (config-if) # ip address ______________ _________
O
ROUTER (config-if) # no shutdown
ROUTER (config-if) # encapsulation hdlc
ZO
ROUTER (config-if) # clock rate 64000 ROUTER (config-if) # exit ROUTER(config) #
ROUTER(config) # ip routing
Zoom Technologies®
21
1. Configuration of OSPF 2. Automatic selection process of router-id 3. Debugging and understanding the functioning of hello packet 4. Debugging and understanding the adjacency formation
es
5. Verification of OSPF database 6. Verification of OSPF Neighbor table
ZO
O
M
Te
ch
no
lo
gi
7. Election of DR/BDR
Zoom Technologies®
22
172.16.0.1/16 S0
172.17.0.1/16 S0
no lo gi e
HYD
s
Lab 7 - STANDARD ACCESS-LIST:
S1 172.16.0.2/16
E0 192.168.1.1/24
LAN - 192.168.1.0/24
CHE
E0 10.0.0.1/8
S1 172.17.0.2/16
LAN – 10.0.0.0/8
BAN E0 BAN 192.168.2.1/24
N
ch
LAN - 192.168.2.0/24
SCENARIO 2:
SCENARIO 3:
Only 192.168.2.0 should communicate with 192.168.1.0
Configuration of an access-list on HYD that administrative access through Telnet is possible only from 10.0.0.10
Configuration of an standard access-list on Bangalore Ethernet 0 in the outbound direction denying 10.0.0.10
ON HYD:
ON BAN:
HYD #config terminal HYD (config) # access-list 1 permit 10.0.0.10 0.0.0.0 HYD (config) # line vty 0 4 HYD (config-line) # ip access-class in HYD (config-line) # exit HYD (config) # exit
BAN #config terminal BAN (config) # access-list 1 deny 10.0.0.10 0.0.0.0 BAN (config)#access-list 1 permit any BAN (config)#interface Ethernet 0 BAN (config-if) # ip access-group 1 out BAN (config-if) # exit BAN (config) # exit
ON CHE:
O
M
CHE #config terminal CHE (config) # access-list 1 permit 192.168.2.0 0.0.0.255 CHE (config) # int e0 CHE (config-if) # ip access-group 1 out CHE (config-if) # exit CHE (config) # exit
Te
SCENARIO 1:
ZO
CHE # show ip access-list
Note: Use the command prompt of a PC try to ping the filtered ip address
Zoom Technologies®
HYD # show ip access-list
23
172.16.0.1/16 S0 S1 172.16.0.2/16
`
CHE
S1 172.17.0.2/16
E0 10.0.0.1/8
ch
E0 192.168.1.1/24
no lo gi e
HYD
172.17.0.1/16 S0
LAN - 192.168.1.0/24
s
Lab 8 - EXTENDED ACCESS-LIST:
LAN – 10.0.0.0/8
BAN E0 BAN 192.168.2.1/24
N
LAN - 192.168.2.0/24
SCENARIO :1
SCENARIO :3
Configuration of an extended access-list CHESerial 0 in inbound direction deny PING (Echo) from Bang LAN to Chen LAN permit all other services.
Configuration of an extended access-list HYD Ethernet 0 in outbound direction. Allow only FTP service to be access from Bang LAN
Configuration of an extended access-list BAN serial 1 in inbound direction. Deny HTTP from Chen LAN to Bang LAN. Permit all other service from any network.
On HYD:
On BAN:
M
On CHE:
Te
SCENARIO :2
ZO
O
CHE#configure terminal CHE (config)#access-list 110 deny icmp 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255 echo CHE (config)#access-list 110 permit ip any any CHE (config)#interface serial 0 CHE (config-if)#ip access-group 110 in CHE (config-if)^z
HYD#configure terminal HYD (config)#access-list 101 permit tcp 192.168.2.0 0.0.0.255 10.0.0.10 0.0.0.0 eq ftp HYD (config)#interface ethernet 0 HYD (config-if)#ip access-group 101 out HYD (config-if)#exit HYD (config)#
0.0.0.255 192.168.2.0 0.0.0.255 eq 80
BAN BAN BAN BAN
(config)#access-list 111 permit ip any any (config)#interface serial 1 (config-if)#ip access-group 111 in (config-if)^z
BAN # sh ip access-list
HYD # sh ip access-list
CHE # sh ip access-list
Zoom Technologies®
BAN#configure terminal BAN (config)#access-list 111 deny tcp 192.168.1.0
24
1. Configure any routing protocol (e.g. RIP) & check the communication 2. Configure Standard access-list on CHE Ethernet 0 in the out bound direction, permitting only 192.168.2.0
4. Configure an access-list on BAN Ethernet 0 in the outbound direction, denying 10.0.0.10 host only
lo
gi
5. Configuration an access-list on CHE serial 0 in the inbound direction, deny ping request from 192.168.2.0 to 192.168.1.0 and permitting any other services.
es
3. Configure an access-list on HYD that administrative access through Telnet is possible only from 10.0.0.10
no
6. Configuration of an extended access-list on HYD Ethernet 0 in the outbound direction permitting only FTP service from the network 192.168.2.0 to 10.0.0.10
ZO
O
M
Te
ch
7. Configuration of an extended access-list on BAN serial 1 in inbound direction denying HTTP from 192.168.1.0 to 192.168.2.0 and permitting other traffic from any network to 192.168.2.0 network.
Zoom Technologies®
25
s no lo gi e
LAB 9: FRAME RELAY AREA 0
GOA S0.1 172.17.0.2/16 DLCI 400
BAN
DLCI 100
Te
S1.1 172.16.0.2/16
DLCI 300
DLCI 500
ch
172.17.0.1/16 S1.2
S0.2 172.18.0.1/16
DLCI 200
S0.1 172.16.0.1/16
172.18.0.2/16 S1.2
DLCI 800
S1.1 < 172.19.0.2/16
BOM
DLCI 700
M
S0.2 172.19.0.1/16
CHE
ZO
O
DLCI 600
Zoom Technologies®
26
CONFIGURATION ON BAN:
CONFIGURATION ON GOA:
CHE# CHE# config terminal CHE(config)# interface serial 0 CHE(config-if)# no ip address CHE(config-if)# no shut CHE(config-if)# encapsulation frame-relay CHE(config-if)#frame-relay lmi-type cisco CHE(config-if)# exit CHE(config)# interface serial 0.1 point-to-point CHE(config-if)#ip address 172.16.0.1 255.255.0.0 CHE(config-if)#frame-relay interface-dlci 200 CHE(config-if-dlci)#exit CHE(config-if)#exit CHE(config)# interface serial 0.2 point-to-point CHE(config-if)#ip address 172.19.0.1 255.255.0.0 CHE(config-if)#frame-relay interface-dlci 700 CHE(config-if-dlci)#exit CHE(config-if)#exit CHE(config)#^z CHE#
BAN# BAN # config terminal BAN (config)# interface serial 1 BAN (config-if)# no ip address BAN (config-if)# no shut BAN (config-if)# encapsulation frame-relay BAN (config-if)#frame-relay lmi-type cisco BAN (config-if)# exit BAN (config)# interface serial 1.1 point-to-point BAN (config-if)#ip address 172.16.0.2 255.255.0.0 BAN (config-if)#frame-relay interface-dlci 100 BAN (config-if-dlci)#exit BAN (config-if)#exit BAN (config)# interface serial 1.2 point-to-point BAN (config-if)#ip address 172.17.0.1 255.255.0.0 BAN (config-if)#frame-relay interface-dlci 300 BAN (config-if-dlci)#exit BAN (config-if)#exit BAN (config)#^z BAN #
GOA# GOA # config terminal GOA(config)# interface serial 0 GOA(config-if)# no ip address GOA(config-if)# no shut GOA(config-if)# encapsulation frame-relay GOA(config-if)#frame-relay lmi-type cisco GOA(config-if)# exit GOA(config)# interface serial 0.1 point-to-point GOA(config-if)#ip address 172.17.0.2 255.255.0.0 GOA(config-if)#frame-relay interface-dlci 400 GOA(config-if-dlci)#exit GOA(config-if)#exit GOA(config)# interface serial 0.2 point-to-point GOA(config-if)#ip address 172.18.0.1 255.255.0.0 GOA(config-if)#frame-relay interface-dlci 500 GOA(config-if-dlci)#exit GOA(config-if)#exit GOA(config)#^z GOA#
CONFIGURATION ON BOM:
Show commands:
no lo gi e
ch
Te
BOM# BOM # config terminal BOM(config)# interface serial 1 BOM(config-if)# no ip address BOM(config-if)# no shut BOM(config-if)# encapsulation frame-relay BOM(config-if)#frame-relay lmi-type cisco BOM(config-if)# exit BOM(config)# interface serial 1.1 point-to-point BOM(config-if)#ip address 172.19.0.2 255.255.0.0 BOM(config-if)#frame-relay interface-dlci 800 BOM(config-if-dlci)#exit BOM(config-if)#exit BOM(config)# interface serial 1.2 point-to-point BOM(config-if)#ip address 172.18.0.2 255.255.0.0 BOM(config-if)#frame-relay interface-dlci 600 BOM(config-if-dlci)#exit BOM(config-if)#exit BOM(config)#^z BOM#
M O ZO
Zoom Technologies®
s
CONFIGURATION ON CHE:
27
ROUTER# show frame-relay pvc ROUTER# show frame-relay map ROUTER # show ip route
1. Configuration of the frame-relay encapsulations 2. Observation of the status of PVCs 3. Verification of the frame relay map 4. Configure static routing on Frame relay and check communication
es
5. Verification of the routing tables
gi
ROUTER# ROUTER# config terminal
lo
ROUTER(config)# interface serial ____
ROUTER(config-if)# no shut
no
ROUTER(config-if)# no ip address
ROUTER(config-if)# encapsulation frame-relay
ROUTER(config-if)# exit
ch
ROUTER(config-if)#frame-relay lmi-type cisco
ROUTER(config)# interface serial ____.___ point-to-point
Te
ROUTER(config-if)#ip address ____________ ____________ ROUTER(config-if)#frame-relay interface-dlci _____ ROUTER(config-if-dlci)#exit ROUTER(config-if)#exit
M
ROUTER(config)# interface serial ___.____ point-to-point ROUTER(config-if)#ip address ____________ ____________
O
ROUTER(config-if)#frame-relay interface-dlci _____ ROUTER(config-if-dlci)#exit
ZO
ROUTER(config-if)#exit ROUTER(config)#^z ROUTER#
Zoom Technologies®
28
VLAN CREATION:
Te
ON 192.168.20.50
ch
no
lo
gi
es
Lab 10 - VLAN
O
M
2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt
ON 192.168.20.51 VLAN CREATION: 2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt ASSIGNING MEMBERSHIP TO THE PORTS:
2950(config) # interface range fa0/1 -2 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/4 - 5 2950(config)# switchport access vlan 20
2950(config) # interface range fa0/13 - 14 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/16 - 17 2950(config)# switchport access vlan 20
TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit 2950(config) # exit
TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit 2950(config) # exit
ZO
ASSIGNING MEMBERSHIP TO THE PORTS:
Zoom Technologies®
29
Te
ch
no
lo
gi
es
Lab 11 - Inter-VLAN
ZO
O
M
switch# configure terminal switch(config)#vlan 10 switch(config-vlan)# name Sales switch(config-vlan)# exit switch(config)# vlan 20 switch(config-vlan)# name Marketting switch(config-vlan)# exit switch(config)# interface range fa0/1 - 2 switch(config-if-range)# switchport mode access switch(config-if-range)# switchport access vlan 10 switch(config-if-range)# exit switch(config)# interface range fa0/5 - 6 switch(config-if-range)# switchport mode access switch(config-if-range)# switchport access vlan 20 switch(config-if-range)# exit switch(config)# interface fa0/10 switch(config-if)# switchport mode trunk switch(config-if)# switchport trunk allowed vlan all switch(config-if)# exit
Zoom Technologies®
router#configure terminal router(config)# interface ethernet 0 router(config-if)# no ip address router(config-if)# no shutdown router(config-if)# exit router(config)# interface ethernet 0.1 router(config-if)# encapsulation dot1q 10 router(config-if)# ip address 192.168.1.1 255.255.255.0 router(config-if)# exit router(config)# interface ethernet 0.2 router(config-if)# encapsulation dot1q 20 router(config-if)# ip address 192.168.2.1 255.255.255.0 router(config-if)# exit router(config)# no ip routing router(config)# ip routing
30
1. Verification of MAC address table 2. Creation of VLAN 3. Assigning the hosts to a VLAN
es
4. Configure Trunking between switches 5. Created Sub-interfaces on Router
7. Configuration of encapsulation for the trunk link
gi
6. Changed sub-interface encapsulation to dot1q
lo
8. Inter-VLAN communication through an external router.
no
9. Understanding the concepts of VTP modes Server mode
ch
Client mode
ZO
O
M
Te
Transparent mode
Zoom Technologies®
31
ch
no
lo
gi
es
Lab 12 - Port Security
ZO
O
M
Te
Switch(config-if)#Switchport port-security Switch(config-if)#Switchport port-security maximum
Zoom Technologies®
32
ch
no
lo
gi
es
Lab 13 – NAT Configuration
Configuration of Static NAT
Te
Configuration of PAT
CHE# configure terminal CHE(config)# interface s0 CHE(config-if)#ip address 202.1.0.18 255.255.255.248 CHE(config-if)#no shutdown CHE(config-if)#encapsulation ppp CHE(config-if)#ip nat outside CHE(config-if)#exit CHE(config)#interface Ethernet 0 CHE(config-if)#ip nat inside CHE(config-if)#exit CHE(config)#ip nat inside source static 192.168.1.10 202.1.0.19
ZO
O
M
CHE# configure terminal CHE(config)# interface s0 CHE(config-if)#ip address 202.1.0.18 255.255.255.248 CHE(config-if)#no shutdown CHE(config-if)#encapsulation ppp CHE(config-if)#ip nat outside CHE(config-if)#exit CHE(config)#interface Ethernet 0 CHE(config-if)#ip nat inside CHE(config-if)#exit CHE(config)#access-list 10 permit 192.168.1.0 0.0.0.255 CHE(config)#ip nat inside source list 10 interface serial 0 overload CHE(config)#exit CHE#
Show Commands CHE# show ip nat translation CHE# debug ip nat
Zoom Technologies®
33
Check the following if you have completed the lab
1. Configure and verify Static Nat
lo
gi
3. Check the Nat table
es
2. Configure and verify Port Address Translation
no
4. Configure and verify PAT
ZO
O
M
Te
ch
5. Debugging of NAT
Zoom Technologies®
34
