En RSE PTSAv21 PT61 Student

7/24/2019 En RSE PTSAv21 PT61 Student

1/8

CCNA Routing and Switching

Routing and Switching Essentials

Practice Skills Assessment - Packet TracerA few things to keep in mind while completing this activity:

1. Do not use the browser Backbutton or close or reload any exam windows during the exam.2. Do not close Packet racer when you are done. !t will close automatically.". #lick the Submit Assessmentbutton in the browser window to submit your work.

Introduction

!n this practice skills assessment$ you will configure the %%label&rg'' network with single(area &)P*v2. !n addition$you will configure router(on(a(stick routing between +,A-s. ou will also implement -A$ D/#P and access lists.

All IOS device configurations should be completed from a direct terminal connection to the deviceconsole.

Some values that are required to complete the configurations have not been given to you. In those cases,create the values that you need to complete the requirements. These values may include certain Iaddresses, pass!ords, interface descriptions, banner te"t, and other values.

*or the sake of time$ many repetitive but important configuration tasks have been omitted from this activity. 0anyof these tasks$ especially those related to device security$ are essential elements of a network configuration. heintent of this activity is not to diminish the importance of full device configurations.

ou will practice and be assessed on the following skills:

#onfiguration of initial device settings

!Pv address assignment

#onfiguration and addressing of router interfaces

#onfiguration of a router as a D/#P server

!mplementation of static and dynamic -A

#onfiguration of the single(area &)P*v2 routing protocol

#onfiguration of a default route and static summary routes

#onfiguration of +,A-s and trunks

#onfiguration of routing between +,A-s

#onfiguration of A#, to limit device access

# $%&' (isco and)or its affiliates. All rights reserved. This document is (isco ublic. age & of *


2/8

+outing and S!itching ssentials ractice Skills Assessment - acket Tracer ((A +S

ou are reuired to configure the following:

%%31-ame'':

#onfiguration of initial router settings

!nterface configuration and !Pv addressing

#onfiguration of D/#P

#onfiguration of single(area &)P*v2

#onfiguration of routing between +,A-s

%%32-ame'':



#onfiguration of !Pv route summari4ation

#onfiguration and propagation of a default route

#onfiguration of static summary routes

#onfiguration of static and dynamic -A

#onfiguration of A#,s

%%3"-ame'':



#onfiguration of a static summary route

%%)1-ame'':

#onfiguration of +,A-s

Assignment of switch ports to +,A-s

#onfiguration of trunking

#onfiguration of unused switch ports

# $%&/ (isco and)or its affiliates. All rights reserved. This document is (isco ublic. age $ of *


3/8


%%)2-ame'':

#onfiguration of +,A-s

Assignment of switch ports to +,A-s

#onfiguration of trunking

#onfiguration of unused switch ports

!nternal P# hosts:

#onfiguration as D/#P clients

Addressing Tables

ote0 1ou are provided !ith the net!orks that interfaces should be configured on. 2nless you are told to

do differently in the detailed instructions belo!, you are free to choose the host addresses to assign.

Addressing able:

3evice Interface et!ork (omments

44+&ame55

)56565 172.189.15.156"5 any address in the network

i565.; 172.189.;.562 first address in the network

i565.< 172.189.


4/8


44Test6ost55 25".5.11".19

44Other6ost55 25".5.11".129

44InetServerame55 257.18;.251.2";

44Branch&6ostame55 172.189.255.1562

44Branch$6ostame55 172.189.251.1562

44Branch'6ostame55 172.189.252.1562

VLAN Table:

78Aumber

78A ame 78A et!ork 3evice0ort

/9 %%+,A-;-ame'' 172.189.;.562%%)1-ame'': *a5615%%)2-ame'': *a56"

/: %%+,A-


5/8


#onfigure the router host name: 44+&6ostame55

Prevent the router from attempting to resolve command line entries to !P addresses.

Protect privileged >?># mode from unauthori4ed access with the 0D; encrypted password.

Prevent device status messages from interrupting command line entries at the device console.

)ecure the router console and elnet terminal lines.

Prevent all passwords from being viewed in clear text in the device configuration file.

#onfigure a message(of(the(day banner.

Step '0 (onfigure the +outer hysical Interfaces

#onfigure the interfaces of the routers for full connectivity with the following:

!P addresses as shown in the addressing table.

Describe the operational %%31-ame'' serial interface. he %%31-ame'' >thernet interfaces will be

configured at the end of this assessment.

D#> settings where appropriate. =se a rate of &$*%%%.

Step /0 (onfigure static and default routing

#onfigure the following static routes:

a. 0anually configure default routes to the !nternet. =se the exit interface argument. All hosts on the internal,A-s and %%@ranch#loud-ame'' networks should be able to reach the !nternet.

b. !t has been decided to use static routes to reach the branch networks that are connected to %%3"-ame''.=se a single summary to represent the branch networks in the most efficient way possible. #onfigure thesummary static route on%%32-ame'' and %%3"-ame'' using the exit interface argument.

Step 90 (onfigure OS; +outing

#onfigure single(area &)P*v2 to route between all internal networks. he branch networks are not routed with&)P*v2.

=se a process !D of &%. he routers should be configured in area %.

=se the correct inverse masks for all network statements. Do not use uad 4ero masks 5.5.5.5B.

Step


6/8


a. )et the bandwidth of the serial interfaces to &$* kb)s.

b. #onfigure &)P* router !Ds as follows:

%%31-ame'': &.&.&.&

%%32-ame'': $.$.$.$

%%3"-ame'': '.'.'.'

c. #onfigure the &)P* cost of the link between %%31-ame'' and %%32-ame'' to :9%%.

d. Prevent routing updates from being sent out of any of the ,A- interfaces that are routed with &)P*v2. Do notuse the default keyword in the commands you use to do this.

Step :0 (onfigure 78As and Trunking

#onfigure %%)1-ame'' and %%)2-ame'' with +,A-s and trunk ports as follows:

a. #onfigure names for the +,A-s. he +,A- names must be configured to match the names in the +,A-able exactly case and spellingB. 3efer to the +,A- table above for the +,A- numbers and names that shouldbe configured on both switches.

b. #onfigure the ports that link the switches with each other and the %%31-ame'' router as functioning trunkports.

c. Assign the switch ports shown in the table as access ports in the +,A-s as indicated in the +,A- able.

d. Address +,A- 151 on the network indicated in the +,A- able. -ote that the first address in this network willbe assigned to the router in a later step in this assessment. he management interfaces of both switches should

configured to be reachable by hosts on other networks.

e. #onfigure all unused switch ports as access ports$ and shutdown the unused ports.

Step *0 (onfigure 36(

%%31-ame'' should be configured as a D/#P server that provides addressing to the hosts attached to %%)1-ame''and %%)2-ame''. he reuirements are as follows:

=se 78A/9and 78A/:as the pool names. -ote that the pool names must match the names given

here exactly$ all capital letters and exact spelling.

Addresses.& to .$%should be reserved for static assignment from each pool.

he first address in each network will be assigned to the router interface attached to the networks as

shown in the addressing table.

=se a D-) server address of &>$.&


7/8


>nsure that hosts in each ,A- are able to communicate with hosts on remote networks.

Step >0 (onfigure AT

#onfigure -A to translate internal private addresses into public addresses for the !nternet. he reuirements are:

a. #onfigure static -A to the %%#orp)erver-ame''.

ranslate the internal address of the server to the address &>*.9&.&%%.&/.

#onfigure the correct interfaces to perform this -A translation.

b. #onfigure dynamic -A not -A with overload$ or PAB.

=se the addresses remaining in the public address subnet of &>*.9&.&%%.%)$*. he first two addresses in

the subnet have already been assigned to the %%32-ame'' and !)P serial interfaces. Also$ anotheraddress has already been used in the static mapping in the step above.

=se a pool name of IT+T. -ote that the pool name must match this name exactly$ in spelling and

capitali4ation.

/osts on each of the internal ,A-s shown in the topology and on all of the branch networks should be

permitted to use the -A addresses to access the !nternet.

=se a source list number of &.

our source list should consist of three entries$ one each for the ,A-s and one for the branch networks.

Step &%0 (onfigure Access (ontrol 8ists

ou will configure two access control lists to limit device access on %%32-ame''. ou should use the any and hostkeywords in the A#, statements as reuired. he A#, reuirements are:

a. 3estrict access to the vty lines on %%32-ame'':

#reate a named standard A#, using the name ?AA@. @e sure that you use this name exactly as it

appears in these instructions case and spellingB.

Allow only the %%est/ost'' to access the vty lines of %%32-ame''.

-o other !nternet hosts including !nternet hosts not visible in the topologyB should be able to access the

vty lines of %%32-ame''.

our solution should consist of a single A#, statement.

b. Allow outside access to the %%#orp)erver-ame'' while controlling other traffic from the outside. #reate the A#,as directed below:

=se access list number &%&.

# $%&/ (isco and)or its affiliates. All rights reserved. This document is (isco ublic. age : of *


8/8


*irst$ allow %%est/ost'' full access to all network hosts and devices.

hen$ allow outside hosts to access the %%#orp)erver-ame'' over /P only.

Allow traffic that is in response to data reuests from the internal and %%@ranch#loud-ame'' hosts to enter

the network.

Add a statement so that counts of all denied traffic will be shown in the sho! access-lists command

output.

our A#, should have only four statements.

our A#, should be placed in the most efficient location possible to conserve network bandwidth and deviceprocessing resources.

Step &&0 (onfigure +outer-on-a-Stick Inter-78A +outing.

#onfigure %%31-ame'' to provide routing between the +,A-s configured on the switches. As follows:

=se the +,A- numbers for the reuired interface numbers.

=se the first addresses in the +,A- networks for the interfaces.

Step &$0 Test and Troubleshoot (onnectivity.

>nsure that the hosts attached to the +,A-s can reach hosts on the %%@ranch#loud-ame'' and the !nternet.

,ast =pdated: June, 2014

!D: %%name!ndex''

Version 2.1Created in Packet Tracer 6.1 and Marvel 2.0.5

All contents are Copyright 12 ! 201" Cisco #yste$s% &nc. All rights reserved. This doc'$ent is Cisco P'(lic&n)or$ation.

# $%&/ (isco and)or its affiliates. All rights reserved. This document is (isco ublic. age * of *

Documents

En RSE PTSAv21 PT61 Student