Add to collection(s) Add to saved
  1. No category
Uploaded by H

CSCI392 - Skills Exam - Solution

advertisement 
School of Arts and Sciences
Computer Science Department
Student Name:
CSCI392 – Skills Exam
Spring 2016-2017
_Solution___________________
Duration: 75 minutes
Based on the network shown below and according to the addressing table, answer the
questions in the next page.
Device
Interface
G0/1
S0/0/0
R1
S0/0/1
S0/1/0
G0/1
S0/0/0
R2
S0/0/1
G0/1
S0/0/0
R3
S0/0/1
S0/0/0
ISP
G0/0
Web-Server NIC
NIC
PC1
NIC
PC2
NIC
PC3
IP Address
172.16.31.1
192.168.1.1
192.168.1.9
209.165.200.9
172.16.32.1
192.168.1.2
192.168.1.5
172.16.33.1
192.168.1.6
192.168.1.10
209.165.200.10
209.165.201.1
209.165.201.10
172.16.31.10
172.16.32.10
172.16.33.10
Subnet Mask
255.255.255.128
255.255.255.252
255.255.255.252
255.255.255.252
255.255.255.192
255.255.255.252
255.255.255.252
255.255.255.224
255.255.255.252
255.255.255.252
255.255.255.252
255.255.255.0
255.255.255.0
255.255.255.128
255.255.255.192
255.255.255.224
1
Gateway
209.165.201.1
172.16.31.1
172.16.32.1
172.16.33.1
Note: ISP, Web-Server, the three PCs, and all G0/1 interfaces of the routers are correctly
configured.
[5 points] Question 1: IP Addresses Configuration
Configure the serial interfaces of the three routers with their corresponding IP addresses as
shown in the table.
R1
R2
R3
interface GigabitEthernet0/1
ip address 172.16.31.1 255.255.255.128
duplex auto
speed auto
!
interface Serial0/0/0
ip address 192.168.1.1 255.255.255.252
clock rate 2000000
!
interface Serial0/0/1
ip address 192.168.1.9 255.255.255.252
!
interface Serial0/1/0
ip address 209.165.200.9 255.255.255.252
clock rate 2000000
!
interface GigabitEthernet0/1
ip address 172.16.32.1
255.255.255.192
duplex auto
speed auto
!
interface Serial0/0/0
ip address 192.168.1.2
255.255.255.252
!
interface Serial0/0/1
ip address 192.168.1.5
255.255.255.252
clock rate 2000000
!
interface GigabitEthernet0/1
ip address 172.16.33.1
255.255.255.224
duplex auto
speed auto
!
interface Serial0/0/0
ip address 192.168.1.6
255.255.255.252
!
interface Serial0/0/1
ip address 192.168.1.10
255.255.255.252
clock rate 2000000
!
[50 points] Question 2: OSPF Configuration
1. Configure the three routers to run OSPF with the below instructions: [15 points]
a. Assign the process ID to 20.
b. Advertise all the attached networks. Do NOT advertise the link to the internet.
c. Set all LANs to passive.
R1
R2
R3
R1(config)#router ospf 20
R1(config-router)#network 172.16.31.0 0.0.0.127 area 0
R1(config-router)#network 192.168.1.0 0.0.0.3 area 0
R1(config-router)#network 192.168.1.8 0.0.0.3 area 0
R1(config-router)#passive-interface g0/1
R2(config)#router ospf 20
R2(config-router)#network 172.16.32.0 0.0.0.63 area 0
R2(config-router)#network 192.168.1.0 0.0.0.3 area 0
R2(config-router)#network 192.168.1.4 0.0.0.3 area 0
R2(config-router)#passive-interface g0/1
R3(config)#router ospf 20
R3(config-router)#network 172.16.33.0 0.0.0.31 area 0
R3(config-router)#network 192.168.1.4 0.0.0.3 area 0
R3(config-router)#network 192.168.1.8 0.0.0.3 area 0
R3(config-router)#passive-interface g0/1
2
2. Set a default route on R1which directs traffic to S0/1/0. Redistribute the route to the other
routers. [10 points]
R1
R1(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0
(Default Route)
R1(config)#router ospf 20
R1(config-router)#default-information originate
(Redistribute route)
3. What is the router id for each of the three routers? [5 points]
R1: _____192.168.1.9___________________
R2: _____192.168.1.5___________________
R3: _____192.168.1.10__________________
4. How to verify the connectivity among the PCs? [5 points]
______Ping______________________________________________________________
5. Manually change the cost of the serial 0/0/0 interface of R1 to be 1000 using the cost
command. [5 points]
R1(config)#int s0/0/0
R1(config-if)#ip ospf cost 1000
6. Complete the routing table R1. [5 points]
3
Routing table of R3 (Using show ip route)
Remote Network/Mask [Administrative Distance/metric]
Via [next Hop]
172.16.32.0/26
[110/129]
192.168.1.10
172.16.33.0/27
[110/65]
192.168.1.10
192.168.1.4/30
[110/128]
192.168.1.10
7. Based on the previous question, verify the next hop to access LAN-2. [5 points]
_____The interface s0/0/0 at R1 has cost of 1000, having higher cost than the interface
s0/0/1; according the access for LAN 2 will be through R3.______________
[20 points] Question 4: Access Control List Configuration
1. Configure a numbered EXTENDED ACL such that LAN-2 cannot access Web-Server;
apply it on the correct interface. [10 points]
R2(config)#access-list 101 deny tcp 172.16.32.0 0.0.0.63 209.165.201.10 0.0.0.255 eq www
R2(config)#int g0/1
R2(config-if)#ip access-group 101 in
2. Configure a named STANDARD ACL such that PC1 cannot access LAN-3; apply it on
the correct interface. [10 points]
R3(config)#ip access-list standard PC1-Deny
R3(config-std-nacl)#10 deny 172.16.31.10 0.0.0.127
R3(config-std-nacl)#20 permit any
R3(config-std-nacl)#exit
R3(config)#int g0/1
R3(config-if)#ip access-group PC1-Deny out
[25 points] Question 5: NAT Configuration
1. Configure R1 with a NAT pool that uses all addresses in the 209.165.200.128/29 address
space. [5 points]
R1(config)#ip nat pool LAN-OUT 209.165.200.128 209.165.200.135 netmask 255.255.25.248
2. Configure R1 with an ACL to permit all the LAN networks to be translated. [5 points]
R1(config)#access-list 10 permit 172.16.31.0 0.0.0.127
R1(config)#access-list 10 permit 172.16.32.0 0.0.0.63
4
R1(config)#access-list 10 permit 172.16.33.0 0.0.0.31
R1(config)#ip nat inside source list 10 pool LAN-OUT
3. Configure R1 interfaces with the appropriate NAT commands and their corresponding
directions. [10 points]
R1(config)#int s0/1/0
R1(config-if)#ip nat outside
R1(config-if)#int g0/1
R1(config-if)#ip nat inside
R1(config-if)#int s0/0/0
R1(config-if)#ip nat inside
R1(config-if)#int s0/0/1
R1(config-if)#ip nat inside
4. In the topology, all the LAN networks would be translated based on the ACL created.
What will happen if more than 8 devices attempt to access the Internet at the same time?
[5 points]
_____The other PCs will not be able to access the internet because of the insufficient IP
addresses. To solve the problem, we need to configure the pool addresses with PAT
(overload).__________________________________________________
Scratch:
5
Related documents
Errata - Pearsoncmg
Errata - Pearsoncmg
Basic Switch Configuration
Basic Switch Configuration
Lab e- config
Lab e- config
SSH beáll
SSH beáll
Packet Tracer 5 3 8 2 - Class
Packet Tracer 5 3 8 2 - Class
Packet Tracer – Configuring Secure Passwords and SSH (Instructor
Packet Tracer – Configuring Secure Passwords and SSH (Instructor
101-labs-ccnp-enterprise-hands-on-labs-for-the-ccnp-350-401-encor-300-410-enarsi-exams
101-labs-ccnp-enterprise-hands-on-labs-for-the-ccnp-350-401-encor-300-410-enarsi-exams
Download
advertisement