[CCNAv6 S2] 9.4.1.2 Packet Tracer - Skills Integration Challenge Part II



Packet Tracer – Skills Integration Challenge
Addressing Table

VLANs and Port Assignments Table



Scenario

This culminating activity includes many of the skills that you have acquired during this course. First, you will complete the documentation for the network. So make sure you have a printed version of the instructions. During implementation, you will configure VLANs, trunking, port security and SSH remote access on a switch. Then, you will implement inter-VLAN routing and NAT on a router. Finally, you will use your documentation to verify your implementation by testing end-to-end connectivity.

Documentation

You are required to fully document the network. You will need a print out of this instruction set, which will include an unlabeled topology diagram:

-       Label all the device names, network addresses and other important information that Packet Tracer generated.
-       Complete the Addressing Table and VLANs and Port Assignments Table.
-       Fill in any blanks in the Implementation and Verification steps. The information is supplied when you launch the Packet Tracer activity.
Implementation

Note: All devices in the topology except HQ, HQ-Sw, and Staff are fully configured. You do not have access to the other routers. You can access all the servers and PCs for testing purposes.

Implement to following requirements using your documentation:

HQ-Sw

·         Configure remote management access including IP addressing and SSH:
-       Domain is cisco.com
-       User Admin with password letmein
-       Crypto key length of 1024
-       SSH version 2, limited to 2 authentication attempts and a 60 second timeout
-       Clear text passwords should be encrypted.
·         Configure, name and assign VLANs. Ports should be manually configured as access ports.
·         Configure trunking.
·         Implement port security:
-       On Fa0/1, allow 2 MAC addresses that are automatically added to the configuration file when detected. The port should not be disabled, but a syslog message should be captured if a violation occurs.
-       Disable all other unused ports.
HQ

·         Configure inter-VLAN routing.
·         Configure DHCP services for VLAN 30. Use LAN as the case-sensitive name for the pool.
·         Implement routing:
-       Use OSPF process ID 1 and router ID 1.1.1.1
-       Configure one network statement for the entire 10.10.10.0/24 address space
-       Disable interfaces that should not send OSPF messages.
-       Configure a default route to the Internet.
·         Implement NAT:
-       Configure a standard, one statement ACL number 1. All IP addresses belonging to the 10.10.10.0/24 address space are allowed.
-       Refer to your documentation and configure static NAT for the File Server.
-       Configure dynamic NAT with PAT using a pool name of your choice, a /30 mask, and these two public addresses:
        198.133.219.128 and 198.133.219.129
Staff

Verify Staff has received full addressing information from HQ.
Verification

All devices should now be able to ping all other devices. If not, troubleshoot your configurations to isolate and solve problems. A few tests include:

·         Verify remote access to HQ-Sw by using SSH from a PC.
·         Verify VLANs are assigned to appropriate ports and port security is in force.
·         Verify OSPF neighbors and a complete routing table.
·         Verify NAT translations and statics.
-       Outside Host should be able to access File Server at the public address.
-       Inside PCs should be able to access Web Server.
·         Document any problems you encountered and the solutions in the Troubleshooting Documentation table below.



Configuration HQ-Sw:

enable
configure terminal
ip domain-name cisco.com
username Admin password letmein
crypto key generate rsa
1024
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
line vty 0 15
 transport input ssh
 login local
 exit
service password-encryption
vlan 15
 name Servers
vlan 30
 name PCs
vlan 45
 name Native
vlan 60
 name Management
 exit
ip default-gateway 10.10.10.145
interface range f0/1-20
 switchport mode access
 switchport access vlan 30
interface range f0/11-20
 switchport mode access
 switchport access vlan 15
interface g0/1
 switchport mode trunk
 switchport trunk native vlan 45
interface vlan 60
 ip address 10.10.10.146 255.255.255.240
interface f0/1
 switchport port-security
 switchport port-security maximum 2
 switchport port-security mac-address sticky
 switchport port-security violation restrict
interface range f0/21-24,g0/2
 shutdown
end
write memory
!

Configuration HQ:

enable
configure terminal
interface g0/0
 no shutdown
interface g0/0.15
 encapsulation dot1q 15
 ip address 10.10.10.161 255.255.255.224
interface g0/0.30
 encapsulation dot1q 30
 ip address 10.10.10.193 255.255.255.192
interface g0/0.45
 encapsulation dot1q 45 native
 ip address 10.10.10.129 255.255.255.240
interface g0/0.60
 encapsulation dot1q 60
 ip address 10.10.10.145 255.255.255.240
 exit
ip dhcp pool LAN
 network 10.10.10.192 255.255.255.192
 default-router 10.10.10.193
 dns-server 10.10.10.193
 exit
router ospf 1
 router-id 1.1.1.1
 passive-interface GigabitEthernet0/0
 passive-interface Serial0/1/0
 passive-interface GigabitEthernet0/0.15
 passive-interface GigabitEthernet0/0.30
 passive-interface GigabitEthernet0/0.45
 passive-interface GigabitEthernet0/0.60
 network 10.10.10.0 0.0.0.255 area 0
 default-information originate
 exit
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
access-list 1 permit 10.10.10.0 0.0.0.255
ip nat inside source static 10.10.10.162 198.133.219.130
ip nat pool PAT 198.133.219.128 198.133.219.129 netmask 255.255.255.252
ip nat inside source list 1 pool PAT overload
interface g0/0
 ip nat inside
interface g0/0.15
 ip nat inside
interface g0/0.30
 ip nat inside
interface g0/0.45
 ip nat inside
interface g0/0.60
 ip nat inside
interface s0/0/0
 ip nat inside
interface s0/0/1
 ip nat inside
interface s0/1/0
 ip nat outside
 end
write memory

!

Configuration Staff:


























Click Reset Activity to convert the lab!!!








Nhận xét

Đăng nhận xét

Bài đăng phổ biến từ blog này

[CCNAv6 S2] 2.2.2.4 Packet Tracer - Configuring IPv4 Static and Default Routes

Hình ảnh
Packet Tracer - Configuring IPv4 Static and Default Routes Addressing Table Objectives Part 1: Examine the Network and Evaluate the Need for Static Routing Part 2: Configure Static and Default Routes Part 3: Verify Connectivity Background In this activity, you will configure static and default routes. A static route is a route that is entered manually by the network administrator to create a reliable and safe route. There are four different static routes that are used in this activity: a recursive static route, a directly attached static route, a fully specified static route, and a default route. Part 1:     Examine the Network and Evaluate the Need for Static Routing a.     Looking at the topology diagram, how many networks are there in total? b.    How many networks are directly connected to R1, R2, and R3? c.     How many static routes are required by each router to reach networks that are not directly connected? d.    Test connectivity to the R2 and R3
Đọc thêm

[CCNAv6 S3] 7.2.3.5 Packet Tracer - Troubleshooting EIGRP for IPv4

Hình ảnh
Packet Tracer – Troubleshooting EIGRP for IPv4 Addressing Table Scenario In this activity, you will troubleshoot EIGRP neighbor issues. Use show commands to identify errors in the network configuration. Then, you will document the errors you discover and implement an appropriate solution. Finally, you will verify full end-to-end connectivity is restored. Troubleshooting Process 1.     Use testing commands to discover connectivity problems in the network and document the problem in the Documentation Table. 2.     Use verification commands to discover the source of the problem and devise an appropriate solution to implement. Document the proposed solution in the Documentation Table. 3.     Implement each solution one at a time and verify if the problem is resolved. Indicate the resolution status in the Documentation Table. 4.     If the problem is not resolved, it may be necessary to first remove the implemented solution before returning to Step 2. 5.     Once al
Đọc thêm

[CCNAv6 S2] 8.3.1.2 Packet Tracer - Skills Integration Challenge

Hình ảnh
Packet Tracer – Skills Integration Challenge Addressing Table VLAN Port Assignments and DHCP Information Scenario In this culminating activity, you will configure VLANs, trunks, DHCP Server, DHCP relay agents, and configure a router as a DHCP client. Requirements Using the information in the tables above, implement the following requirements: ·         Create VLANs on S2 and assign VLANs to appropriate ports. Names are case-sensitive ·         Configure S2 ports for trunking. ·         Configure all non-trunk ports on S2 as access ports. ·         Configure R1 to route between VLANs. Subinterface names should match the VLAN number. ·         Configure R1 to act as a DHCP server for the VLANs attached to S2. -       Create a DHCP pool for each VLAN. Names are case-sensitive. -       Assign the appropriate addresses to each pool. -       Configure DHCP to provide the default gateway address -       Configure the DNS server 209.165.201.14 for each pool. - 
Đọc thêm