This document is exclusive property of Cisco Systems, Inc. Permission is granted to
print and copy this document for non-commercial distribution and exclusive use by
instructors in the CCNA Discovery Introducing Routing and Switching in the
Enterprise course as part of an official Cisco Networking Academy.
CCNA Discovery
Introducing Routing and Switching in the Enterprise
1.1.2 Observing Traffic Flow in an Enterprise Network
Objectives
•
•
•
•
Develop an understanding of the basic functions of Packet Tracer.
Model a simple network and observe traffic behavior on the network.
Create a simple Ethernet network using 3 hosts and a switch.
Observe data flow of ARP broadcasts and pings.
Background / Preparation
Create a logical network diagram with 3 PCs and a switch, connected with straight-through cables.
Step 1: Build the network
The bottom left-hand corner of the screen displays the icons that represent device categories or groups, such as
Routers, Switches, or End Devices. Moving the cursor over the device categories will display each individual
device category. To select a device, first select the device category and then select the device that is required.
a. Select End Devices from the options in the bottom left-hand corner. Drag and drop 3 Generic PCs onto
your design area.
b. Select Switches from the options in the bottom left-hand corner. Add a 2950-24 switch to the design
area.
c.
Select Connections from the bottom left-hand corner and choose Copper Straight-through to connect
each PC to the switch.
1. PC0 connects to Fast Ethernet 0/1
2. PC1 connects to Fast Ethernet 0/2
3. PC2 connects to Fast Ethernet 0/3
Step 2: Configure network devices
a. Select a PC and choose the Desktop tab.
b. Select IP Configuration.
c.
Set the IP Address, Subnet Mask, and Default Gateway using information from the table shown below.
d. Repeat steps a – c for each PC.
Device
PC0
PC1
PC2
IP Address
192.168.1.10
192.168.1.11
192.168.1.12
Subnet Mask
255.255.255.0
255.255.255.0
255.255.255.0
Default Gateway
192.168.1.1
192.168.1.1
192.168.1.1
e. Click Check Results.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 3: Observe traffic flow
a. Switch to Simulation mode by selecting the tab that is partially hidden behind the Realtime tab in the
bottom right-hand corner. The tab has the icon of a stopwatch on it.
b. Select Edit Filters and ensure that only ARP and ICMP are selected.
c.
Add a Simple PDU by clicking the closed envelope on the right vertical toolbar. Move to PC0 and click to
establish the source. Move to PC2 and click to establish the destination.
Notice that two envelopes are now positioned beside PC0. One envelope is ICMP, while the other is ARP.
The Event List in the Simulation Panel will identify exactly which envelope represents ICMP and which
represents ARP.
d. Select Auto Capture / Play and observe the entire ARP and ICMP communication.
Below the Auto Capture / Play button is a horizontal bar, with a vertical button that controls the speed of the
simulation. Dragging the button to the right will speed up the simulation, while dragging is to the left will slow
down the simulation. When the Buffer Full window pops up, the simulation is complete. Close the window by
selecting the x in the upper right-hand corner of the Buffer Full window.
Step 4: View ARP Tables.
a. Select PC0 and choose the Desktop tab.
b. Select the Command Prompt and type the command arp -a.
Notice that the MAC address for PC2 is in the table.
c.
Examine the ARP tables for PC1 and PC2.
Reflection
a. Why is the ARP table for PC1 empty?
_________________________________________________________________________________
_________________________________________________________________________________
b. If a ping was sent from PC0 to PC1, would an ARP packet be generated?
_________________________________________________________________________________
c.
If a ping was sent from PC0 to PC2, would an ARP packet be generated?
_________________________________________________________________________________
_________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
2.3.3 Basic Router Configuration Using CLI
Objective
•
•
Use the CLI to perform basic router configurations.
Verify configurations and connectivity.
Background / Preparation
A small company has expanded its office into another building. You must configure the routers so that traffic can
transverse between the two networks.
Required File: Basic Router Configuration Using CLI.pka
Step 1: Configure device hostnames
a. Set the hostname on the MainOffice Router
1. Select the MainOffice router.
2. From the CLI, enter the following commands
Router>enable
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname MainOffice
MainOffice(config)#
Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
MainOffice#copy running-config startup-config
b. Set the hostname on the Rmt_Site1 Router
1. Select the Rmt_Site1 router.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 4
CCNA Discovery
Introducing Routing and Switching in the Enterprise
2. From the CLI, enter the following commands:
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname Rmt_Site1
Rmt_Site1(config)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
Rmt_Site1#copy running-config startup-config
Step 2: Configure router interfaces
a. Configure the Serial interface on the MainOffice router.
1. Select the MainOffice router.
2. From the CLI, enter the following commands:
MainOffice#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
MainOffice(config)#interface serial0/1/0
MainOffice(config-if)#ip address 192.168.1.1 255.255.255.252
MainOffice(config-if)#clock rate 64000
MainOffice(config-if)#no shutdown
MainOffice(config-if)#exit
b. Configure the Fast Ethernet interface on the MainOffice router.
1. From the CLI, enter the following commands:
MainOffice(config)#interface fastethernet0/0
MainOffice(config-if)#ip address 192.168.2.1 255.255.255.0
MainOffice(config-if)#no shutdown
MainOffice(config-if)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
MainOffice#copy running-config startup-config
c.
Configure the Serial interface on the Rmt_Site1 router.
1. Select the Rmt_Site1 router.
2. From the CLI, enter the following commands:
Rmt_Site1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Rmt_Site1(config)#interface serial0/1/0
Rmt_Site1(config-if)#ip address 192.168.1.2 255.255.255.252
Rmt_Site1(config-if)#no shutdown
Rmt_Site1(config-if)#exit
d. Configure the Fast Ethernet interface on the Rmt_Site1 router.
1. From the CLI, enter the following commands:
Rmt_Site1(config)#interface fastethernet0/0
Rmt_Site1(config-if)#ip address 192.168.3.1 255.255.255.0
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 4
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Rmt_Site1(config-if)#no shutdown
Rmt_Site1(config-if)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
Rmt_Site1#copy running-config startup-config
Step 3: Configure the RIP routing protocol
a. Configure RIP version 2 on the MainOffice router.
1. Select the MainOffice router.
2. From the CLI, enter the following commands:
MainOffice#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
MainOffice(config)#router rip
MainOffice(config-router)#version 2
MainOffice(config-router)#network 192.168.1.0
MainOffice(config-router)#network 192.168.2.0
MainOffice(config-router)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
MainOffice#copy running-config startup-config
b. Configure RIP version 2 on the Rmt_Site1 router.
1. Select the Rmt_Site1 router.
2. From the CLI, enter the following commands:
Rmt_Site1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Rmt_Site1(config)#router rip
Rmt_Site1(config-router)#version 2
Rmt_Site1(config-router)#network 192.168.1.0
Rmt_Site1(config-router)#network 192.168.3.0
Rmt_Site1(config-router)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
Rmt_Site1#copy running-config startup-config.
Step 4: Configure enable, console and vty passwords
a. Select the MainOffice router.
1. Enter into global configuration.
2. Set the enable secret, line console, and telnet passwords from the CLI using the following
commands:
MainOffice#configure terminal
Enter configuration commands, one per line.
MainOffice(config)#enable secret cisco123
MainOffice(config)#line console 0
MainOffice(config-line)#password class
MainOffice(config-line)#login
MainOffice(config-line)#exit
MainOffice(config)#line vty 0 4
End with CNTL/Z.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 4
CCNA Discovery
Introducing Routing and Switching in the Enterprise
MainOffice(config-line)#password class
MainOffice(config-line)#login
MainOffice(config-line)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
MainOffice#copy running-config startup-config
b. Select the Rmt_Site1 router.
1. Enter into global configuration.
2. Set the enable secret, line console, and telnet passwords from the CLI using the following
commands:
Rmt_Site1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Rmt_Site1(config)#enable secret cisco123
Rmt_Site1(config)#line console 0
Rmt_Site1(config-line)#password class
Rmt_Site1(config-line)#login
Rmt_Site1(config-line)#exit
Rmt_Site1(config)#line vty 0 4
Rmt_Site1(config-line)#password class
Rmt_Site1(config-line)#login
Rmt_Site1(config-line)# Use the key sequence cntl + z here
%SYS-5-CONFIG_I: Configured from console by console
Rmt_Site1#copy running-config startup-config
Step 5: Verify configurations and connectivity
a.
b.
c.
d.
e.
Show the running configuration for the MainOffice router using the show running-config command.
Find the hostname, passwords, ip address, and routing protocol configurations.
Show the running configuration for the Rmt_Site1 router using the show running-config command.
Find the hostname, passwords, ip address, and routing protocol configurations.
Ping PC1 from the Command Prompt on PC0:
PC>ping 192.168.3.3
f.
Trace the network path from PC0 to PC1 from the Command Prompt on PC0:
PC>tracert 192.168.3.3
g. Choose Check Results.
Reflection
a. What commands are used to enter into Fast Ethernet 0/0, when starting at the user Exec prompt?
_________________________________________________________________________________
_________________________________________________________________________________
b. Which interface must be configured with the clock rate command? (DCE or DTE)
_________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 4 of 4
CCNA Discovery
Introducing Routing and Switching in the Enterprise
2.3.5 Basic Switch Configuration Using CLI
Objective
•
•
Perform basic switch configurations.
Verify connectivity.
Background/Preparation
As the network administrator you have been assigned a task from the help desk ticketing system. You must
complete basic switch configurations at two sites. Once complete the senior network engineer has requested that
connectivity is tested before closing the ticket. Complete the configuration of Switch0 and Switch1 with the steps
provided. Router0 and Router1 are already installed and configured properly.
Required file: Basic Switch Configuration Using CLI.pka
Step 1: Configure Switch0
a. Configure the hostname.
1. Select Switch0, choose the CLI tab, and enter the following commands:
enable
configure terminal
hostname Switch0
b. Configure the enable secret password.
1. Enter the following configuration command:
enable secret cisco
c.
Configure Interface VLAN 1.
1. Enter the following configuration commands:
interface vlan 1
ip address 192.168.10.254 255.255.255.0
no shutdown
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
exit
d. Configure the default gateway.
1. Enter the following configuration command:
ip default-gateway 192.168.10.1
e. Configure the console and vty lines.
1. Enter the following configuration commands:
line console 0
password cisco
login
line vty 0 4
password cisco
login
exit
f.
Configure Fast Ethernet interfaces.
1. Enter the following configuration commands:
interface fastethernet0/1
switchport mode access
no shutdown
end
g. Save the configuration.
1. Enter the following configuration command:
copy running-config startup-config
Step 2: Configure Switch 1
a. Configure the hostname
1. Select Switch1, choose the CLI tab, and enter the following commands:
enable
configure terminal
hostname Switch1
b. Configure the enable secret password.
1. Enter the following configuration command:
enable secret cisco
c.
Configure interface VLAN 1.
1. Enter the following configuration commands:
interface vlan 1
ip address 192.168.20.254 255.255.255.0
no shutdown
exit
d. Configure the default gateway.
1. Enter the following configuration command:
ip default-gateway 192.168.20.1
e. Configure the console and vty lines
1. Enter the following configuration commands:
line console 0
password cisco
login
line vty 0 4
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
password cisco
login
exit
f.
Configure Fast Ethernet interfaces
1. Enter the following configuration commands:
interface fastethernet0/1
switchport mode access
no shutdown
end
g. Save the configuration.
1.
Enter the following configuration command:
copy running-config startup-config
Step 3: Verify Connectivity
a. From the command prompt on PC0, enter the following commands:
ping 192.168.10.1
ping 192.168.10.254
ping 192.168.20.1
b. From the command prompt on PC1, enter the following commands:
ping 192.168.20.1
ping 192.168.20.254
ping 192.168.10.1
c. Ping PC1 from PC0
Reflection
a. Do you need to have interface VLAN1 configured with an IP address to ping from PC1 to PC0?
___________________________________________________________________________________
b. What would happen if five people tried to telnet to either one of the switches?
___________________________________________________________________________________
___________________________________________________________________________________
c.
The CLI command enable password creates a password that is clear text, what command is used to
encrypt the enable password?
___________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
3.2.1 Disabling Redundant Links to Avoid Switching Loops
Objective
•
Identify and disable redundant links.
Background / Preparation
The network engineering department has just recently installed the cabling to provide redundancy within the
Enterprise network. One Gigabit Ethernet connection was installed from the Core switch to Switch4. There
was also one Fast Ethernet connection installed from Switch3 to Switch4.
Required file: Disabling Redundant Links to Avoid Switching Loops.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Identify redundant links and disable redundant links
The redundant links will be managed manually by an administrator in the event of an outage related to a link
going down. You have been tasked to determine which port should be disabled so that only one path to each
switch is active, thus preventing a switching loop. The following requirements have been provided to assist in
the decision as to which ports should be disabled.
•
•
•
•
All direct links to the Core switch shall remain active.
Switches shall utilize the path which has the least number of hops to the Core switch.
Switches which have identical hops shall utilize the path with the highest cumulative bandwidth.
Disable the switch ports located the greatest distance from the Core switch.
a. Select the switch or switches that require ports to be disabled.
b. Disable the ports that meet the requirements.
Step 2: Test connectivity
a. Select PC0 and ping PC1.
b. Select PC0 and ping PC2.
c.
Select PC0 and ping PC3.
d. Select PC0 and ping PC4.
e. Select PC0 and ping PC5.
f.
Choose Check Results.
Reflection
a. What are some problems that may be caused by redundant links?
______________________________________________________________________________
______________________________________________________________________________
b. What are some benefits of implementing redundant links?
______________________________________________________________________________
______________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
Curriculum Name
Course Name: Chapter Name
3.5.2 Configuring a VTP Domain
Objective
•
Properly configure a VTP Domain.
•
Configure VLANs on a VTP server and observe the change on the VTP client.
Background / Preparation
Configuring a VTP domain for your Enterprise network is an effective way to configure and maintain VLANs
on the network. As the network administrator for the XYZ Company, you have been asked to set up a working
VTP environment at one of your remote sites. This will allow you and your team to maintain VLANs from your
main office more efficiently.
Required file: Configuring a VTP Domain.pka
Step 1: Configure the VTP Server
a. Select the VTP Server switch and choose the CLI tab.
b. Enter into global configuration.
c.
Set the VTP domain to Discovery. Enter:
vtp domain Discovery
d. Set the VTP mode to server. Enter:
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 4
Curriculum Name
Course Name: Chapter Name
vtp mode server
Note: The message “Device mode already VTP SERVER” is displayed. By default a switch is set as
a VTP server.
e. Set the VTP password to Cisco123. Enter:
vtp password Cisco123
f.
Exit global configuration mode and save the configuration.
Step 2: Configure a switch as a VTP client
a. Select the VTP Client1 switch and choose the CLI tab.
b. Enter into global configuration.
c.
Set the VTP domain to Discovery. Enter:
vtp domain Discovery
d. Set the VTP mode to Client. Enter:
vtp mode client
e. Set the VTP password to Cisco123. Enter:
vtp password Cisco123
f.
Exit global configuration mode and save the configuration.
g. Repeat Steps b – f for the VTP Client2 and the VTP Client3 switch.
Step 3: Configure a transparent VTP switch
a. Select the VTP Transparent switch and choose the CLI tab.
b. Enter into global configuration.
c.
Set the VTP domain to Discovery. Enter:
vtp domain Discovery
d. Set the VTP mode to Transparent. Enter:
vtp mode transparent
e. Set the VTP password to Cisco123. Enter:
vtp password Cisco123
f.
Exit global configuration mode and save the configuration.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 4
Curriculum Name
Course Name: Chapter Name
Step 4: Configure a new VLAN on the VTP Server
a. Select the VTP Server switch and choose the CLI tab.
b. Enter into global configuration.
c.
Create a new VLAN. Enter:
vlan 10
d. Name the VLAN Research. Enter:
name Research
e. Exit global configuration mode and save the configuration.
Step 5: Verify VTP Configurations
a. Select the VTP Server switch and choose the CLI tab.
b. Enter into privileged EXEC mode.
c.
Verify that the VTP mode is Server and the domain is Discovery. Enter:
show vtp status
d. Verify that the VTP password is set to Cisco123. Enter:
show vtp password
e. Verify that VLAN 10 is created. Enter:
show VLAN
f.
Select the VTP Client1 switch and choose the CLI tab.
g. Verify the VTP mode, domain, password, and configured VLANs with the commands from steps c –
e.
h. Repeat step g for the VTP Client2 and VTP Client3 switches.
The switches should show VLAN 10 even though you have not configured that VLAN on the switch. Only
the VTP Server switch has been configured with VLAN 10, but because the switches are all properly
configured in the same VTP domain, all VTP clients will have the same VLAN database as the VTP
server.
Step 6: Add client workstations to the new VLAN and verify connectivity
a. Select the VTP Client2 switch and add Fast Ethernet 0/1 to VLAN 10.
Switch(config)# interface fastethernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 4
Curriculum Name
Course Name: Chapter Name
b. Select the VTP Client3 switch and add Fast Ethernet 0/1 to VLAN 10.
Switch(config)# interface fastethernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
c.
Using the Command Prompt, ping PC1 from PC0. The ping should be successful.
d. Choose Check Results.
Reflection
a. What VTP mode is a switch set to by default?
_____________________________________________________________________________
b. What three commands are required to configure and integrate a new switch into an existing VTP
domain?
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 4 of 4
CCNA Discovery
Introducing Routing and Switching in the Enterprise
3.5.2 Adding a Switch to a VTP Domain
Objective
•
•
•
Configure the VTP domain, mode, and password.
Clear the VTP revision number and add a switch to an existing VTP domain.
Use show commands to verify VTP configuration.
Background / Preparation
A company has expanded its office space on the first floor. The expansion requires the addition of a new switch to
accommodate the additional workstations. They are using the equipment from a closed branch to complete the
expansion. The senior network administrator has tasked you to configure a new switch so that it participates in the
VTP domain.
VTP updates occur every 300 seconds. After properly configuring your new switch as a member of the VTP
domain it may take a few minutes to converge.
Required file: Adding a Switch to a VTP Domain.pka
Step 1: Verify current revision number on the VTP server and new switch
a. Select the VTP Server switch and select the CLI tab.
b. Enter privileged EXEC.
c. Verify the existing configuration revision. Enter the command:
show vtp status
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
d. Select the 1st_Floor3 switch.
e. Verify the existing configuration revision. Enter the command:
show vtp status
Does the configuration revision need to be reset on the new switch? _____________________________
Step 2: Connect the new switch to the network
a. Connect Fast Ethernet 0/24 on the 1st_Floor3 switch to Fast Ethernet 0/23 on the 1st_Floor2 switch.
b. Set both Fast Ethernet 0/24 on the 1st_Floor3 switch and Fast Ethernet 0/23 on the 1st_Floor2 switch
as a trunk port.
c. Save the configuration on both switches.
Step 3: Configure the VTP Domain, mode and password.
a. Select the 1st_Floor3 switch
b. After the trunk link connecting 1st_Floor3 switch to 1st_Floor2 switch displays green link lights on each
end of the link, configure VTP on the 1st_Floor3 switch using the following information:
Set the VTP mode to: client
Set the VTP domain to: Cisco
Set the VTP password to: password
c. Save the configuration.
Step 4: Verify VTP Operation
a. Select the VTP Server switch.
b. Enter privileged EXEC mode.
c. View the VLAN database. Enter the command:
show vlan
d. Select the 1st_Floor3 switch.
e. Enter privileged EXEC mode.
f. View the VLAN database. Enter the command:
show vlan
With VTP configured properly the VLAN database on the VTP Server switch and the 1st_Floor3 switch
should be identical. VTP Server sends updates every 300 seconds. Depending on where the VTP update
timer is when you complete the configuration you may have to wait up to 5 minutes for the 1st_Floor3 switch to
update.
g. Choose Check Results.
Reflection
a. What would be the effect of adding a new switch to an existing network, with VTP properly configured as a
server and the configuration revision number is higher than that currently on the rest of the switches?
______________________________________________________________________________________
______________________________________________________________________________________
b. Why did the uplink to the new switch have to be set as a trunk?
______________________________________________________________________________________
______________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
3.5.3 Configuring Wireless and Voice VLANs
Objective
•
Create separate VLANs for the wireless and voice devices.
•
Verify connectivity.
Background / Preparation
An installation team has just completed installing wireless APs and Voice over IP (VoIP) telephones across
your network. The APs, phones, and workstations have been configured with the proper IP settings. Your task
is to configure the switches to separate the devices into three VLANs.
Required file: Configuring Wireless and Voice VLANs.pka
Step 1: Create a VTP domain
VTP Domain:
Cisco
VTP Password: class
a. Select Switch 1 and configure it as the VTP server.
b. Select Switch 2 and configure it as a VTP client.
c.
Select Switch 3 and configure it as a VTP client.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 2: Create VLANS
Create three VLANs with following information.
•
VLAN 20 Name:
Data
•
VLAN 30 Name:
Wireless
•
VLAN 40 Name:
Voice
a. Select Switch 1 (VTP Server).
b. Create the three necessary VLANs.
c.
Select the other switches and ensure the VLANs have propagated from Switch 1.
Step 3: Assign the devices to the correct ports
a. Assign Fast Ethernet 0/1 to VLAN 20 on Switch 2 and Switch 3.
b. Assign Fast Ethernet 0/9 to VLAN 40 on Switch 2 and Switch 3.
c.
Assign Fast Ethernet 0/17 to VLAN 30 on Switch 2 and Switch 3.
d. Ensure the devices are in the correct VLANs.
Step 4: Test Connectivity
a. Select PC0 and ping PC1
b. Select PC0 and ping Wireless Router 1.
c.
Select PC1 and ping Wireless Router 2.
d. Choose Check Results.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
3.5.4 Planning and Building an Enterprise Network
Objective
•
Plan, design, and build a large enterprise network utilizing multiple VLANs, inter-VLAN routing, and
VTP domains.
Background / Preparation
A new remote site has been acquired by your company and the network needs to be built. You must plan,
design, and build the network to meet company standards. The following equipment has been provided.
•
Three Cisco 2960 switches have been purchased, one for each of the three floors.
•
One Cisco 1841 router has been purchased as the Integrated Service Router (ISR).
Required file: Planning and Building an Enterprise Network.pka
Step 1: Connecting the network
a. Utilize the first FastEthernet interface on the ISR router to connect to the last FastEthernet interface
on the Floor 1 switch.
b. Connect GigabitEthernet 1/1 on the Floor 1 switch to GigabitEthernet 1/1 on the Floor 2 switch.
c.
Connect GigabitEthernet 1/2 on the Floor 2 switch to GigabitEthernet 1/1 on the Floor 3 switch.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 2: Configure basic switch and router configurations
Utilize the following table to configure the ISR router, Floor 1, Floor 2, and Floor 3 switches.
Hostname
Enable password
VTY password
Console password
ISR Router
ISR_Rtr
cisco123
class
class
Floor 1 Switch
Floor1_Sw
cisco123
class
class
Floor 2 Switch
Floor2_Sw
cisco123
class
class
Floor 3 Switch
Floor3_Sw
cisco123
class
class
a. Set the hostname on all four devices
b. Set the enable password on all four devices
c.
Set the password for the vty 0 through 4 lines and enable login on all four devices.
d. Set the password for the console line and enable login on all four devices.
Step 3: Configure the interfaces connecting the router and switches
a. Set the interfaces connecting the Floor 1, Floor 2, and Floor 3 switches as trunk ports.
b. Set the interface on the Floor 1 switch connecting to the ISR router as a trunk port.
c.
Enable the interface on the ISR router connecting to the Floor 1 switch.
d. Create and configure three sub-interfaces on the ISR router FastEthernet 0/0 interface. Use the
following table.
1. Set the encapsulation for each sub-interface
2. Set the IP address for each sub-interface
Sub Interface
FastEthernet 0/0.20
FastEthernet 0/0.25
FastEthernet 0/0.30
Encapsulation
dot1q
dot1q
dot1q
IP Address
192.168.20.1
192.168.25.1
192.168.30.1
Subnet Mask
255.255.255.0
255.255.255.0
255.255.255.0
Step 4: Configure a VTP Domain
Utilize the following table to configure the Floor 1, Floor 2, and Floor 3 switches.
VTP Domain
VTP Password
SiteX
ciscoVTP
a. Configure the Floor 2 and Floor 3 switches as VTP clients.
1. Set the VTP domain.
2. Set the VTP mode.
3. Set the VTP password.
b. Configure the Floor 1 switch as a VTP server.
1. Set the VTP domain.
2. Set the VTP mode.
3. Set the VTP password.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 5: Configure VLANs
Utilize the following table to configure the VLANs from the VTP server.
VLAN Number
20
25
30
VLAN Name
Admin
Management
Finance
Step 6: Add switch ports to the appropriate VLAN
a. Configure the Floor 1 switch so that FastEthernet 0/1 is on VLAN 20.
b. Configure the Floor 2 switch so that FastEthernet 0/1 is on VLAN 25.
c.
Configure the Floor 3 switch so that FastEthernet 0/1 is on VLAN 30.
Step 7: Connect and configure client workstations
a. Connect PC0 to the Floor 1 switch via FastEthernet 0/1.
b. Connect PC1 to the Floor 2 switch via FastEthernet 0/1.
c.
Connect PC2 to the Floor 3 switch via FastEthernet 0/1.
Step 8: Verify connectivity
a. Using the Command Prompt, ping PC1 and PC2 from PC0.
b. Using the Command Prompt, ping PC0 and PC2 from PC1.
c.
Using the Command Prompt, ping PC0 and PC1 from PC2.
d. Choose Check Results.
Reflection
a. What is the advantage of using VTP to manage VLANs?
_____________________________________________________________________________
_____________________________________________________________________________
b. What are some advantages and disadvantages of implementing VLANs?
_____________________________________________________________________________
_____________________________________________________________________________
c.
What is required for host on different VLANs to communicate with each other?
_____________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
4.4.3 Configuring and Verifying Static NAT
Objective
•
Configure static NAT.
•
Configure inside and outside NAT interfaces.
•
Verify connectivity.
Background / Preparation
You are currently interning at an academic institution, which has a Research and Development (R&D) subnet
configured with private IP addresses. The configuration does not currently utilize static or dynamic NAT to
allow communication outside of the Border router. A new application being developed has provided a need for
one workstation on the R&D subnet to communicate with a remote workstation at a different institution. You
have been tasked to configure the Border router with static NAT so that the two workstations can
communicate. The following information has been provided by the network engineering department.
•
NAT Inside Address 192.168.1.10
•
NAT Outside Address 209.165.202.6
Required file: Configuring and Verifying Static NAT.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Configure static NAT
a. Select the Border router.
b. Enter configuration mode.
c.
Enter the command:
ip nat inside source static 192.168.1.10 209.165.202.6
Step 2: Configure the inside and outside NAT interface
a. Configure Fast Ethernet 0/0 as the NAT inside interface.
b. Enter the command:
ip nat inside
c.
Configure Serial 0/1/0 as the NAT outside interface.
d. Enter the command:
ip nat outside
Step 3: Test connectivity
a. Select the R&D_1 workstation and ping the Rmt_Wks.
b. Select the R&D_2 workstation and ping the Rmt_Wks.
c.
Choose Check Results.
Reflection
a. Why was the R&D_2 workstation unable to ping the Rmt_Wks?
___________________________________________________________________________
___________________________________________________________________________
b. Can static NAT be used to translate a public IP addresses to another public IP address verses
translating a private IP address to a public IP address?
___________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
4.4.3 Configuring and Verifying Dynamic NAT
Objective
•
Configure dynamic NAT.
•
Configure inside and outside NAT interfaces.
•
Verify connectivity.
Background / Preparation
You are currently interning at an academic institution, which has a Research and Development (R&D) subnet
configured with private IP addresses. The configuration does not currently utilize static or dynamic NAT to
allow communication outside of the Border router. A new application being developed has provided a need for
all workstations on the R&D subnet to communicate with a remote workstation at a different institution. You
have been tasked to configure the Border router with dynamic NAT. The following information has been
provided by the network engineering department.
•
Address pool: 209.165.202.5 to 209.165.202.30
•
Access list number: 10
•
Pool Name: public
Required file: Configuring and Verifying Dynamic NAT.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Configure dynamic NAT
a. Select the Border router.
b. Enter configuration mode.
c.
Enter the command:
access-list 10 permit 192.168.1.0 0.0.0.255
d. Enter the command:
ip nat pool public 209.165.202.5 209.165.202.30 netmask 255.255.255.224
e. Enter the command:
ip nat inside source list 10 pool public
Step 2: Configure the inside and outside NAT interface
a. Configure Fast Ethernet 0/0 as the NAT inside interface.
b. Enter the command:
ip nat inside
c.
Configure Serial 0/1/0 as the NAT outside interface.
d. Enter the command:
ip nat outside
Step 3: Test connectivity
a. Select the R&D_1 workstation and ping the Rmt_Wks.
b. Select the R&D_2 workstation and ping the Rmt_Wks.
c.
Choose Check Results.
Reflection
a. When will a host release an outside global address back to the pool for use by other host?
_________________________________________________________________________
_________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. What device maintains the translation between internal local and internal global address?
a. Source host
b. Destination host
c.
Router
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.1.3 Investigating Connected, Static, and Dynamic Routing
Objective
•
•
•
Identify directly connected routes in converged network.
Identify static routes in a converged network.
Identify dynamic routes in a converged network.
Background / Preparation
The network administrator has recently hired you to assist in maintaining the routed network. As an experienced
network administrator, you realize that learning the network configuration is extremely important. The network
administrator has given you access to all the routers so that you can view the routing tables.
Note
This is a discovery lab. Grading will not be conducted.
Required File: Investigating Connected, Static, and Dynamic Routing.pka
Step 1: Identify Directly Connected Routes
a. Select the Phoenix1 router.
1. Enter privileged EXEC mode.
2. View the routing table. Enter the show ip route command.
3. Identify the directly connected routes.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Select the Denver router.
1. Enter privileged EXEC mode.
2. View the routing table. Enter the show ip route command.
3. Identify the directly connected routes.
Step 2: Identify Static Routes
a. Select the Phoenix2 router.
4. Enter privileged EXEC mode.
5. View the routing table. Enter the show ip route command.
1. Identify the static routes.
b. Select the Dallas router.
6. Enter privileged EXEC mode.
7. View the routing table. Enter the show ip route command.
1. Identify the static routes.
Step 3: Identify Dynamic Routes
a. Select the Denver router.
1. Enter privileged EXEC mode.
2. View the routing table. Enter the show ip route command.
3. Identify the dynamic routes.
b. Select the Dallas router.
1. Enter privileged EXEC mode.
2. View the routing table. Enter the show ip route command.
3. Identify the dynamic routes.
Reflection
a. How many directly connected routes were in the Denver routers routing table?
__________________________________________________________________________________
b. What was the next hop IP address for the static routes in the Phoenix2 routers routing table?
__________________________________________________________________________________
c.
Based on the routing table from the Denver router, what routing protocol is being used?
__________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.1.4 Configuring Static Routes
Objective
•
•
•
Configure static routes.
Identify the different types of routes in a routing table.
Verify configuration and connectivity.
Background / Preparation
A small company has two offices located in different buildings. Both offices need access to each other and the
Web Server which is hosted by their ISP. You must configure static routes on all three routers to establish
communications.
Required File: Configuring Static Routes.pka
Step 1: Configure Static Routes
a. Select the Branch router.
b. Enter into configuration mode and create the three required static routes:
ip route 209.165.200.224 255.255.255.224 192.168.2.130
ip route 192.168.2.64 255.255.255.192 192.168.2.130
ip route 209.165.201.0 255.255.255.252 192.168.2.130
c.
Exit to privileged EXEC mode.
d. Save the configuration. Enter the copy running-config startup-config command.
e. Select the HQ router.
f.
Enter into configuration mode and create the two required static routes:
ip route 192.168.2.192 255.255.255.192 192.168.2.129
ip route 209.165.200.224 255.255.255.224 209.165.201.1
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
g. Exit to privileged EXEC mode.
h. Save the configuration. Enter the copy running-config startup-config command.
i.
Select the ISP router.
j.
Enter into configuration mode and create the three required static routes:
ip route 192.168.2.64 255.255.255.192 209.165.201.2
ip route 192.168.2.192 255.255.255.192 209.165.201.2
ip route 192.168.2.128 255.255.255.192 209.165.201.2
k. Exit to privileged EXEC mode.
l.
Save the configuration. Enter the copy running-config startup-config command.
Step 2: Verify configurations and connectivity
a. Select each router and view the routing table. Enter the show ip route command.
b. Ensure the routing tables are correct.
c.
Ping PC2 from the Command Prompt of PC1.
PC>ping 192.168.2.126
d. Trace the route from PC1 to the Web Server from the Command Prompt.
PC>tracert 209.165.200.254
e. Navigate to www.cisco.com from the Web Browser on PC1
f.
Choose Check Results.
Reflection
a. What is the difference the C and the S codes next to the routes in the routing table?
____________________________________________________________________________________
b. What command is used to create a static route to the 192.168.10.0 255.255.255.0 network, when the next
hop 172.16.200.1?
____________________________________________________________________________________
____________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.1.5 Configuring Default Routes
Objective
•
•
Configure default routes.
Verify configuration and connectivity.
Background / Preparation
Your company has recently installed a new Cisco 1841 router as its border device. They have leased a 64 Kbps
circuit for each office from the local ISP. Since all traffic that is not local must be routed to the ISP router, the
senior network administrator has decided that a default route to the ISP router will be configured. You have been
assigned the ticket to complete this configuration.
Required File: Configuring Default Routes.pka
Step 1: Configure Default Route
a.
b.
c.
d.
Select the Border1 router.
View the routing table. Enter the show ip route command.
Select the Border2 router.
View the routing table. Enter the show ip route command.
Note:
Currently the routing tables only contain routing information for the two locally connected networks and
the Gateway of last resort is not set.
Step 2: Configure the Border1 router
a. Select the Border1 router.
b. Enter into configuration mode.
c. Configure the default route with next hop address:
ip route 0.0.0.0 0.0.0.0 172.16.2.1
d. Exit to privileged EXEC mode.
e. Save the configuration. Enter the copy running-config startup-config command.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 3: Configure the Border2 router
a. Select the Border2 router.
b. Enter into configuration mode.
c. Configure the default route exit interface parameter:
ip route 0.0.0.0 0.0.0.0 s0/1/1
d. Exit to privileged EXEC mode.
e. Save the configuration. Enter the copy running-config startup-config command.
Step 4: Verify configurations and connectivity
a. Select the Border1 router and view the routing table. Enter the show ip route command.
b. Select the Border2 router and view the routing table. Enter the show ip route command.
Note:
The routing table now contains routing information for the two locally connected networks and a default
route setting the Gateway of last resort.
c. Select PC0 and enter into the Command Prompt.
d. Ping the DNS Server.
PC0>ping 10.10.10.250
e. Choose Check Results.
Reflection
a. What are two ways a default route can be configured?
_____________________________________________________________________________
_____________________________________________________________________________
b. How can you identify if a default route is configured when viewing the routing table?
_____________________________________________________________________________
_____________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.2.4 Routing Between Discontiguous Networks
Objective
•
•
Observe the differences between RIP Version 1 and Version 2.
Configure RIP Version 1 and Version 2.
Background / Preparation
The XYZ Company has recently expanded its business to include an uptown office. Currently the company has a
downtown office and the corporate headquarters office, which contains the Core Router. The network
administrators have used static routing up to this point, but want to convert to the RIP routing protocol with the
addition of the uptown office. The Core_Rtr and Downtown router have already been configured with RIP
version 1.
Since the conversion from static routes to RIP version 1, the connectivity between the corporate headquarters
and the downtown office has been down. The senior network administrator is currently troubleshooting the issue
and has tasked you to configure the Uptown router. The two 64 Kbps circuits have already been installed and
configured. You must configure the LAN interfaces and the routing protocol. The following configuration table has
been provided to assist in the configuration and troubleshooting of the network.
Required File: Routing Between Discontiguous Networks.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Interface
FastEthernet 0/0
FastEthernet 0/1
Serial 0/0/0
Serial 0/1/0
Uptown Router
IP Address
Subnet Mask
192.168.2.17 255.255.255.240
192.168.1.33 255.255.255.224
172.16.1.5
255.255.255.252
172.16.1.2
255.255.255.252
Network
192.168.2.16
192.168.1.32
172.16.1.4
172.16.1.0
Step 1: Configure the Uptown router and verify connectivity
a. Select the Uptown router.
1. Set Uptown as the hostname.
2. Configure the FastEthernet 0/0 interface.
3. Configure the FastEthernet 0/1 interface.
4. Configure RIP version 1.
5. Configure the networks to advertise.
6. Save the configuration.
b. Verify RIP configuration
1. View the routing table. Enter the show ip route command.
2. View the RIP database. Enter the show ip rip database command.
c.
Select PC3 and verify connectivity.
1. Ping PC2 from the Command Prompt.
2. Ping PC1 from the Command Prompt.
3. Ping PC5 from the Command Prompt.
The connectivity within the uptown office seems to be working, but you are now experiencing the same problems
that corporate headquarters and the downtown office are experiencing. After conducting some research on RIP,
you discover that RIP version 1 does not support VLSM. The current configuration of your network utilizes VLSM.
Further research indicates that RIP version 2 does support VLSM. You contact the senior network administrator
and provide this information. You are now tasked to change RIP to version 2 on all three routers.
Step 2: Configure routers with RIP version 2
a. Select the Downtown router.
1. Configure RIP version 2.
b. Select the Uptown router.
1. Configure RIP version 2.
c.
Select the Core_Rtr router.
1. Configure RIP version 2.
Step 3: Verify connectivity
a. Select the Uptown router.
1. View the routing table. Enter the show ip route command.
2. Compare the routing table to the previous RIP version 1 routing table. The output below represents
the routing table when the Uptown router was configured with RIP version 1.
C
C
R
C
172.16.0.0/30
172.16.1.0
172.16.1.4
172.16.1.8
is subnetted, 3 subnets
is directly connected, Serial0/1/0
is directly connected, Serial0/0/0
[120/1] via 172.16.1.6, 00:00:18, Serial0/0/0
[120/1] via 172.16.1.1, 00:00:05, Serial0/1/0
192.168.1.0/27 is subnetted, 1 subnets
192.168.1.32 is directly connected, FastEthernet0/1
192.168.2.0/28 is subnetted, 1 subnets
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
C
192.168.2.16 is directly connected, FastEthernet0/0
3. View the RIP database. Enter the show ip rip database command.
4. Compare the routing table to the previous RIP version 1 RIP database. The output below represents
the RIP database when the Uptown router was configured with RIP version 1.
172.16.1.0/30
directly connected, Serial0/1/0
172.16.1.4/30
directly connected, Serial0/0/0
172.16.1.8/30
[1] via 172.16.1.6, 00:00:07, Serial0/0/0
[1] via 172.16.1.1, 00:00:20, Serial0/1/0
192.168.1.32/27
directly connected, FastEthernet0/1
192.168.2.16/28
directly connected, FastEthernet0/0
b. Select PC3 and verify connectivity.
1. Ping PC2 from the Command Prompt.
2. Ping PC1 from the Command Prompt.
3. Ping PC5 from the Command Prompt.
4. Choose Check Results.
Reflection
a. What is the maximum hop count that the RIP routing protocol can support?
__________________________________________________________________________________
b. Why would an expanding company want to make the switch from static routes to routing protocols?
__________________________________________________________________________________
__________________________________________________________________________________
__________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.2.5 Troubleshooting RIPv2
Objective
•
Troubleshoot and resolve configuration issues related to RIP.
Background / Preparation
The network administrators of this corporate network have decided to convert their legacy flat network into a
segmented network. They have divided each floor into separate VLANs. The decision was to use RIPv2 as the
routing protocol. All the equipment has been installed; however, users are complaining that they cannot reach the
Corporate Web server.
Required file: Troubleshooting RIPv2.pka
Step 1: View current configuration and the status of connectivity
a. Select the 1st Floor PC.
1. Ping the default gateway address.
2. Navigate to the website www.cisco.com.
3. Ping 192.168.3.2, the web server address.
4. View the IP configuration and note the network for the PC.
b. Select the 2nd Floor PC.
1. Ping the default gateway address.
2. Navigate to the website www.cisco.com.
3. Ping 192.168.3.2, the web server address.
4. View the IP configuration and note the network for the PC.
Step 2: View router configurations and make necessary configuration changes
a. View the Corp_RT router configuration.
1. Select the Corp_RT router.
2. View the running configuration.
3. Observe the IP addressing, routing protocols, and network statements.
4. View the routing table. Enter the show ip route command.
5. Make any changes to the router configuration that may be necessary.
b. View the Corp_Edge router configuration.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
1.
2.
3.
4.
5.
Select the Corp_Edge router.
View the running configuration.
Observe the IP addressing, routing protocols, and network statements.
View the routing table. Enter the show ip route command.
Make any changes to the router configuration that may be necessary.
Step 3: Verify connectivity
a.
b.
c.
d.
e.
Select the 1st Floor PC and ping 192.168.3.2, the web server address.
Navigate to the website www.cisco.com.
Select the 2nd Floor PC, and ping 192.168.3.2, the web server address
Navigate to the website www.cisco.com.
Choose Check Results.
Reflection
a. What were the configuration changes that you made to establish connectivity to the web server?
___________________________________________________________________________________
___________________________________________________________________________________
b. On the Corp_Edge router enter the show ip rip database command. What routes were learned by the
RIP routing protocol?
___________________________________________________________________________________
___________________________________________________________________________________
c.
What command will display the RIP updates in real-time?
___________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.4.2 Configuring EIGRP and EIGRP Summary Routes
Objective
•
Study the differences in routing when the no auto-summary command is used with EIGRP.
Background / Preparation
As the network administrator you have been assigned a task from the senior network engineer to remove autosummarization from all three routers.
Note: Before beginning the lab ensure that the network is fully converged. All links should be green.
Required file: Configuring EIGRP and EIGRP Summary Routes.pka
Step 1: Remove auto-summarization
a. Select the R1 router.
b. View the routing table with auto-summary enabled. Enter the show ip route command and note the
routes.
c. Repeat steps a and b with R2 and R3.
Step 2: Configure manual summarization
a. Select the R1 router.
1. Enter privileged EXEC mode.
2. Enter the router eigrp 1 command.
3. Disable auto summary. Enter the no auto-summary command.
4. Repeat steps 2 and 3 on the R2 and R3 routers.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 3: Confirm the removal of auto-summarization and verify connectivity
a. Compare the R3 router routing table to the one below. Enter the show ip route command. This
represents the routing table of the R3 router when auto-summary was enabled.
D
C
D
C
C
172.16.0.0/16 [90/2172416] via 192.168.10.9, 00:01:05, Serial0/0/1
[90/2172416] via 192.168.10.5, 00:01:00, Serial0/0/0
192.168.1.0/24 is directly connected, FastEthernet0/0
192.168.10.0/24 is variably subnetted, 3 subnets, 2 masks
192.168.10.0/24 is a summary, 00:00:59, Null0
192.168.10.4/30 is directly connected, Serial0/0/0
192.168.10.8/30 is directly connected, Serial0/0/1
b. Select PC1 and go to the Command Prompt.
c. Ping PC3 (192.168.1.10).
d. Choose Check Results.
Reflection
a. What is the benefit in using default summarization?
___________________________________________________________________________________
___________________________________________________________________________________
___________________________________________________________________________________
b. This activity demonstrated the difference in the routing table when changing from auto-summarization via
EIGRP to no auto-summarization. What would be a situation where some subnets would need to be
manually summarized?
___________________________________________________________________________________
___________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
5.4.3 Verifying and Troubleshooting EIGRP Operation
Objective
•
Apply the troubleshooting techniques related to EIGRP to identify configuration issues.
•
Identify and correct EIGRP configuration issues.
Background / Preparation
As the network administrator for the XYZ Company, you have been asked to set up a lab mockup of your
network for testing and implementation of new hardware. You have added all the IP addresses to the router
interfaces and configured the routing protocols. You decided to use EIGRP 10 as the routing protocol. After
conducting pings to all the devices you found that PC1 and PC4 cannot ping any of the other PC’s in the lab.
Required file: Verifying and Troubleshooting EIGRP Operation.pka
Step 1: Determine the status of connectivity
a. Select PC1 and ping the following:
1. The default gateway.
2. The FastEthernet 0/0 interface on Chicago1 router.
3. The FastEthernet 0/0 on the Chicago router.
4. The FastEthernet 0/1 interface on the Chicago router.
The last two pings were unsuccessful, identifying a potential problem between the Chicago and Chicago1
routers.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Select the Chicago router and enter into privileged EXEC mode.
1. Enter the show ip protocols command.
2. Enter the show running-config command.
c.
Select the Chicago1 router and enter into privileged EXEC mode.
1. Enter the show ip protocols command.
2. Enter the show running-config command.
The Chicago router is configured with EIGRP as the routing protocol and an autonomous system number
of 10. The Chicago1 router does not have any routing protocol or static routes configured.
d. Select PC4 and ping the default gateway.
e. Ping the FastEthernet 0/0 interface on the Denver router.
The ping was unsuccessful, identifying a potential problem between the Denver and Denver1 router.
f.
Select the Denver router and enter into privileged EXEC mode.
1. Enter the show ip eigrp neighbors command.
2. Enter the show running-config command.
g. Select the Denver1 router and enter into privileged EXEC mode.
1. Enter the show ip eigrp neighbors command.
2. Enter the show running-config command.
The Denver1 router is configured with the EIGRP routing protocol and an autonomous system number of
100. The Denver router is configured with the EIGRP routing protocol and an autonomous system
number of 10.
Step 2: Configure EIGRP properly on the Chicago1 and Denver1 Routers
a. Select the Chicago1 and enter into configuration mode.
1. Configure EIGRP with the correct autonomous system number.
2. Advertise the proper networks.
b. Select the Denver1 and enter into configuration mode.
1. Configure EIGRP with the correct autonomous system number.
2. Advertise the proper networks.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 3: Verify connectivity
a. Enter the show ip eigrp traffic command on the Chicago1 and Denver1 routers.
b. Enter the show ip eigrp topology command on the Chicago1 and Denver1 routers.
c.
Conduct pings from PC1 to PC2, PC3, and PC4.
d. Conduct pings from PC4 to PC1, PC2, and PC3.
e. Choose Check Results.
Reflection
a. What does the debug eigrp packet command display?
_________________________________________________________________________________
_________________________________________________________________________________
b. What does the debug eigrp fsm command display?
_________________________________________________________________________________
_________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
8.3.5 Configuring and Verifying Standard Named ACLs
Objective
•
•
Create a standard named access control list (ACL).
Test ACL functionality.
Background / Preparation
The senior network administrator has tasked you to create a standard named ACL to prevent access to a file
server. All clients from one network and one specific workstation from a different network should be denied
access.
Required File: Configuring and Verifying Standard Named ACLs.pka
Step 1: Verify current connectivity
a. Select PC0.
1. Ping the Web Server.
2. Ping the File Server.
b. Select PC1.
1. Ping the Web Server.
2. Ping the File Server.
c. Select PC2.
1. Ping the Web Server.
2. Ping the File Server.
All three workstations should be able to ping both the Web and File server.
Step 2: Create a standard named ACL
a. Select the R1 router.
b. Enter configuration mode.
c. Create a standard named ACL.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Enter the following global configuration commands:
ip access-list standard File_Server_Restrictions
deny 192.168.20.0 0.0.0.255
deny host 192.168.10.3
permit any
Exit to configuration mode.
Apply the ACL outbound on the sub-interface Fast Ethernet 0/1.1:
interface fastethernet 0/1.1
ip access-group File_Server_Restrictions out
Save the configurations.
Step 3: Verify the ACLs is working properly
a. Select PC0.
1. Ping the Web Server.
2. Ping the File Server.
b. Select PC1.
1. Ping the Web Server.
2. Ping the File Server.
c.
Select PC2.
1. Ping the Web Server.
2. Ping the File Server.
All three workstations should be able to ping the Web Server, but only PC1 should be able to ping the File
Server.
d. Choose Check Results.
Reflection
a. Could you have used the command ip access-group File_Server_Restrictions in instead of
ip access-group File_Server_Restrictions out and get the same results?
____________________________________________________________________________________
____________________________________________________________________________________
b. Could you have used a number instead of the name File_Server_Restrictions when you created the
ACL? If so, the number would need to be within what range?
____________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
8.3.6 Planning, Configuring, and Verifying Standard, Extended, and
Named ACLs
Objective
•
•
Configure a VTY ACL to secure remote access.
Create standard, extended and named ACLs for improved network security.
Background / Preparation
The network maintenance shop needs access to a router recently installed in London. You must configure an ACL
to grant them telnet access to the router while denying telnet access from everyone else. Additional ACLS must
be created on the London and DC routers to meet the below requirements.
•
•
Allow all London clients access to the London server and resources, while limiting access by all other
users.
Allow all DC clients access to the DC server and resources, while limiting access by all other users.
The enable password is admin.
Required File: Planning, Configuring, and Verifying Standard, Extended, and Named ACLs.pka
Step 1: Create ACLs to restrict VTY access
a. Select the London router.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Configure the vty 0 through 4 lines for login access. The password should be set to cisco123.
c.
Create a standard ACL which allows telnet access for any client on the maintenance subnet.
1. Number the access-list 10.
2. Maintenance subnet is 172.16.50.0 255.255.255.0.
d. Apply the ACL to vty lines 0 thru 4.
1. Enter into configuration mode.
line vty 0 4
access-class 10 in
e. Save the configurations.
Step 2: Create extended ACLs on the DC router
a. Using the table below, plan and create numbered ACLs on the DC router which meet the following
requirements. The first goal is to allow the London clients access to the London server. All other traffic
must be limited. The second goal is allow all DC clients access to the DC server. All other traffic must be
limited. Attempt to create both ACLs in as few lines as possible.
1. Create an outbound ACL numbered 150 and apply to the interface Fast Ethernet 0/1.1.
2. Create an outbound ACL numbered 160 and apply to the interface Fast Ethernet 0/1.2.
Clients
London Clients
DC Clients
DC Clients
DC Clients
London Clients
London Clients
Source
172.16.100.0
255.255.255.0
172.16.10.0
255.255.255.0
172.16.10.0
255.255.255.0
172.16.10.0
255.255.255.0
172.16.100.0
255.255.255.0
172.16.100.0
255.255.255.0
Resources
London Resources
London Server
London Resources
DC Resources
DC Server
DC Resources
Destination
172.16.20.0
255.255.255.0
172.16.20.100
255.255.255.0
172.16.100.0
255.255.255.0
172.16.30.0
255.255.255.0
172.16.30.100
255.255.255.0
172.16.10.0
255.255.255.0
Permit
Deny
Protocol
X
All
X
HTTP Only
X
ICMP
X
All
X
HTTP Only
X
ICMP
b. Save the configurations.
Step 3: Create a named ACL on the London router
a. Plan and create a named ACL on the London router that meets the following requirements. Name the
ACL ICMP.
Clients
DC Clients
DC Clients
Source
172.16.10.0
255.255.255.0
172.16.10.0
255.255.255.0
Resources
London Clients
London Clients
Destination
172.16.100.0
255.255.255.0
172.16.100.0
255.255.255.0
Permit
Deny
Protocol
ICMP
X
X
All
b. Apply the ACL to the Serial interface as an inbound ACL.
c. Save the configurations.
Step 4: Verify the configured ACLs
a. Verify the vty restrictions placed on the London router.
1. Select the Maint PC and telnet to the London router.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
2. Select PC2 and telnet to the London router.
Telnet from the Maint PC should be successful and the telnet from PC2 should be denied.
b. Verify the extended ACL on the DC router.
1. Select PC2 and browse to the DC server (172.16.30.100).
2. Ping the DC server (172.16.30.100).
3. Browse to the London server (172.16.20.100).
4. Ping the London server (172.16.20.100).
5. Select PC1 and browse to the London server (172.16.20.100).
6. Ping the London server (172.16.20.100).
7. Browse to the DC server (172.16.30.100).
8. Ping the DC server (172.16.30.100).
Browsing should be successful, while pings from PC2 to the London server and from PC1 to DC server
should be unsuccessful.
c.
Verify the named ACL on the London router.
1. Select PC2 and ping PC1.
2. Browse from PC2 to Server0 (172.16.100.250).
Ping should be successful, but browsing should time out.
d. Choose Check Results.
Reflection
a. What is the significance of the “out” at the end of the line of an ip access-group statement?
__________________________________________________________________________________
__________________________________________________________________________________
b. What is the difference in the commands between adding an ACL on a specific interface and the VTY?
__________________________________________________________________________________
__________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
8.4.1 Configuring and Verifying Extended ACLs to Filter on Port
Numbers
Objective
•
Configure an extended ACL to filter using port numbers.
•
Verify that the extended ACL is working.
Background / Preparation
The security office has instructed you to increase security into the server farm. The Senior Network Engineer
only wants to allow web and DNS traffic into the 10.10.10.0 network. All other traffic should be denied into the
10.10.10.0 network.
Required file: Configuring and Verifying Extended ACLs to Filter on Port Numbers.pka
Step 1: Verify current connectivity
a. Ping the DNS Server (10.10.10.250) from PC0.
b. Ping the Web Server (10.10.10.254) from PC0.
c.
Repeat steps a - b on PC1.
Step 2: Build an extended ACL
a. Select the ISP router.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Enter the following commands from configuration mode:
access-list 100 permit tcp any host 10.10.10.254 eq 80
access-list 100 permit udp any host 10.10.10.250 eq 53
access-list 100 deny ip any any
c.
Apply the ACL as an outbound ACL on Fast Ethernet 0/0.
Step 3: Test the ACL
a. Ping the DNS Server (10.10.10.250) from PC0.
b. Ping the Web Server (10.10.10.254) from PC0.
c.
Navigate to www.cisco.com from PC0.
d. Repeat steps a-c on PC1.
The pings should be unsuccessful. If you are able to navigate to www.cisco.com the ACL has been
properly configured to allow HTTP and DNS traffic.
e. Choose Check Results.
Reflection
a. What are the most common abbreviations used to specify a port condition?
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
b. Finish the following ACL to allow TCP port ranges 20-80.
ip access-list 100 permit tcp any 192.168.1.0 0.0.0.255
________________________________________________________________________________
________________________________________________________________________________
c.
What is the implied statement at the end of all access-lists?
________________________________________________________________________________
________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
8.4.5 Configuring and Verifying Extended ACLs with a DMZ
Objective
•
Allow only DNS and HTTP access with an extended access control list (ACL).
•
Deny Telnet and ICMP with an extended ACL.
•
Verify that the ACLs are working properly.
Background / Preparation
As the network administrator for the XYZ Company, you have been asked to increase security between your
VLANs and server farm. The server farm consists of a Web Server and a DNS Server. The Senior Network
Engineer only wants to allow web access to the Web Server and DNS traffic into the server farm using the
DNS Server. You have also been tasked to deny telnet and ICMP between VLAN 10 and VLAN 20.
Required file: 8.4.5 Configuring and Verifying Extended ACLs with a DMZ.pka
Device
PC0
PC1
Border1
Web Server
DNS Server
Interface
Fast Ethernet
Fast Ethernet
Fast Ethernet 0/0.1
Fast Ethernet 0/0.2
Fast Ethernet 0/1
Fast Ethernet
Fast Ethernet
IP Address
172.16.3.3
172.16.1.3
172.16.3.1
172.16.1.1
10.10.10.1
10.10.10.254
10.10.10.250
Subnet Mask
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
255.255.255.0
Step 1: Determine current connectivity
a. Select PC0 and ping PC1.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Select PC0 and telnet to the Border1 router.
c.
Select PC1 and ping PC0.
d. Select PC1 and telnet to the Border1 router.
e. Select PC1 and ping the Web Server by URL (www.cisco.com).
f.
Navigate to www.cisco.com from both PC1 and PC0.
g. All attempts to ping, telnet and browse should be successful.
Step 2: Build an extended ACL to allow Web and DNS
a. Select the Border1 router.
b. Enter configuration mode.
c.
Create an ACL numbered 110 which permits the HTTP and DNS protocols for any host, but denies all
other IP traffic Web Server and DNS Server.
Web Server IP Address: 10.10.10.254
DNS Server IP Address: 10.10.10.250
Note: Create the ACL to filter traffic using protocols instead of port numbers.
d. Apply the ACL outbound on Fast Ethernet 0/1.
Step 3: Build an extended ACL to deny ICMP and Telnet
a. Select the Border1 router.
b. Enter configuration mode.
c.
Create an ACL numbered 100 which denies ICMP and Telnet, but permits all other IP traffic between
VLAN 10 and VLAN 20.
Note: Create the statement that denies ICMP before the statement that denies Telnet. Create the
ACL to filter traffic using protocols instead of port numbers.
d. Apply the ACL inbound on both sub-interface Fast Ethernet 0/0.1 and Fast Ethernet 0/0.2.
Step 4: Verify ACL 100 and 110
a. Select PC0 and ping PC1.
b. Select PC0 and telnet to the Border1 router.
c.
Select PC1 and ping PC0.
d. Select PC1 and telnet to the Border1 router.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
e. Select PC1 and ping the Web Server by URL (www.cisco.com).
f.
Navigate to www.cisco.com from both PC1 and PC0.
The attempts to ping and telnet should be unsuccessful, while browsing should be successful.
g. Choose Check Results.
Reflection
a. Recently there was a web server installed on VLAN 10. Can the client on VLAN 20 browse to the server?
____________________________________________________________________________________
b. Can PC2 telnet to 172.16.3.1 and 172.16.1.1, why or why not?
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
c.
If you wanted to block telnet and ICMP into the VLAN10 and VLAN20 networks from PC2 which interface
and direction would apply access-list 100?
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
d. Since PC2 can telnet to the Border1 router, should PC1 and PC2 be able telnet to each other’s default
gateway address?
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.1.2 Creating a Baseline
Objective
•
Create a performance baseline
•
Create a configuration baseline
Background / Preparation
As the network administrator for the XYZ Company, you have been tasked to create a baseline for the newly
installed network. Router0 has just been installed and configured to support a new satellite office. Use ping
and tracert to create a baseline.
This lab does not require configuration, thus grading will not be conducted.
Required file: Creating a Baseline.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Create a Performance Baseline
a. Using the Baseline Chart or a scrap piece of paper identify the following information.
b. Select PC2 and execute a ping and tracert to each of the devices in the chart below.
c.
Document the results.
Note: To create a baseline using ping, you would use an extended ping to ping the target 100 or 500
times. This provides a reference the average time of the total number of pings. The command syntax to
perform an extended ping from the PC is:
PC>ping [-n count] target
To ping PC0 from PC2 using a series of 100 pings, the command would be:
PC>ping -n 100 10.10.10.2
Average Round Trip Time
Path
PC2 to PC0
PC2 to PC1
PC2 to PC3
PC2 to PC4
PC2 to PC5
Baseline Chart
Step 2: Create a Configuration Baseline
a. Document the client configurations.
1. Client IP range
2. Subnet Mask
3. Default Gateway
b. Document the router configurations.
1. Active interfaces and IP address
2. View and document the routing table.
3. Save the startup configuration to the TFTP server.
Router# copy startup-config tftp
Address or name of remote host []? 10.10.40.250
Destination filename [Router-confg]? Router0_Config_Baseline
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
After creating a baseline network performance should be compared to the baseline every time a major change
has occurred. Periodically checking performance against the baseline will assist administrators in proactively
identifying potential problems.
Reflection
a. What is the purpose of network monitoring?
________________________________________________________________________________
________________________________________________________________________________
b. Name three groups of tools used to measure network monitoring?
________________________________________________________________________________
________________________________________________________________________________
c.
What is SNMP used for on a network device?
________________________________________________________________________________
________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 3 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.2.1 Troubleshooting Host Connectivity on a Switch
Objective
•
Troubleshoot and resolve host connectivity
Background / Preparation
A local warehouse has hired a new systems administrator to help maintain the existing network. While
troubleshooting normal user issues the new systems administrator moved the patch cables around on the switch
and now more users are have lost connectivity. You must troubleshoot the switch and correct any issues found.
Required File: Troubleshooting Host Connectivity on a Switch.pka
Note:
Ensure the network has fully converged before starting. All links will be green once converged.
Step 1: View current configuration and verify connectivity
a. Select PC1.
1. View the IP configuration, note the MAC Address and list the network/subnet address assignment for
the PC.
2. Ping the default gateway address.
3. Ping the next PC from PC1, which is PC2.
b. Select each PC in the activity and repeat all the steps under Step 1a on each PC.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 2: View switch configurations and verify physical connectivity
a. Select Switch0.
1. View the running configuration on the switch and note the interface configurations.
2. Use show commands to help identify VLANs and port assignments.
After viewing the switch configuration and comparing it to the baseline that was on file, you have
determined that the switch configurations are correct.
b. Using your notes from Step 1, ensure all PC links connect to the correct switch port.
c.
Adjust any links between the PCs and the switch that are incorrect.
d. From the Switch CLI, what additional commands are necessary to resolve the problems with the network?
Enter the commands so that each PC can successfully ping all other PCs in the activity.
Step 3: Verify connectivity
a. Select PC1.
1. Ping the default gateway address.
2. Ping PC2.
b. Select PC3.
1. Ping the default gateway address.
2. Ping PC4.
c.
Select PC5.
1. Ping the default gateway address.
2. Ping PC6.
d. Each PC should be able to successfully ping all the other PCs in the activity. Choose Check Results to
verify successful completion of the activity.
Reflection
a. What command could be used to determine if a port was disabled due to port security?
____________________________________________________________________________________
b. What are the pros and cons to using port security?
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.2.2 Troubleshooting Inter-VLAN Routing Issues
Objective
•
Troubleshoot and resolve issues related to Inter-VLAN routing
Background / Preparation
A small business has decided to implement VLANs and configure Inter-VLAN routing on the Core router to
improve performance. Since the VLANs have been implemented, users have not been able to access network
resources. Troubleshoot the network and resolve any configuration issues.
Document connectivity and configuration issues to assist in troubleshooting.
Required File: Troubleshooting Inter-VLAN Routing Issues.pka
Step 1: Verify status of connectivity and view current configuration
a. Select the PC 01A workstation.
1. View the IP configuration and list the network/subnet address assignment for the PC.
2. Ping the default gateway address.
3. Ping the PC 02A workstation.
4. Ping the PC 02C workstation.
b. Repeat steps 1 through 4 on each PC, having each PC ping one PC from each floor shown in the
topology.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 2: View router configurations and make necessary configuration changes
a.
b.
c.
d.
Select the Core router.
View the running configuration.
Note the interfaces and IP addresses.
Make any changes to the routers configuration that may be necessary.
Step 3: Verify switch configurations
a. Select the 1st Floor switch.
1. View the running configuration.
2. Note the interfaces settings.
3. Make any changes to the switch configuration that may be necessary.
b. Select the 2nd Floor switch.
1. View the running configuration.
2. Note the interfaces settings.
3. Make any changes to the switch configuration that may be necessary.
c.
Select the 3rd Floor switch.
1. View the running configuration.
2. Note the interfaces settings.
3. Make any changes to the switch configuration that may be necessary.
Step 4: Verify connectivity
a. Select the PC 01A workstation and ping PC 01C workstation.
b. Select the PC 01C workstation and ping PC 02B workstation.
Reflection
a. What prevented PC 01A from pinging the default gateway?
__________________________________________________________________________________
__________________________________________________________________________________
b. What command would you use to display the ports assigned to each VLAN?
__________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 3
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.2.3 Troubleshooting VTP Issues
Objective
•
Identify VTP configuration issues
•
Correct the VTP configuration errors
•
Test connectivity
Background / Preparation
Users are currently complaining that they are unable to ping their default gateways or other hosts on the
same VLAN. After examining the configuration baseline you have determined the following information.
Troubleshoot the connectivity issues and resolve the problem.
•
VTP server - Switch 4
•
VTP clients – Switch 1, Switch 2, Switch 3, and Switch 5
•
VTP transparent - Switch 0
•
Existing VLANs – VLAN 1, VLAN 10, and VLAN 20
Required file: Troubleshooting VTP Issues.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Identify and correct VTP settings
Initial troubleshooting indicates that VTP is configured correctly on Switch 4.
a. Use show commands to identify potential configuration issues on the remaining switches.
•
show running-config
•
show vtp status
•
show vtp password
b. Make any required configuration changes.
c.
Ensure all VLANs are added to the VTP server.
a. VLAN10 – Name vlan10
b. VLAN20 – Name vlan20
Step 3: Test the switch configurations
a. Ensure that all hosts can ping their default gateways.
b. Ensure that all hosts can ping the other host in its VLAN.
c.
Ensure that all hosts can ping across VLANs.
Reflection
a. What would prevent VLAN updates on a VTP client in the same domain as the VTP server?
___________________________________________________________________________________
___________________________________________________________________________________
b. What would be the result if a new switch is added to the network and is configured as a VTP server
with a lower revision number than the current VTP server?
___________________________________________________________________________________
___________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.3.1 Troubleshooting RIP
Objective
•
Troubleshoot and resolve configuration issues related to RIP
Background / Preparation
A small business has decided to implement RIP to help with network traffic. Since the implementation of RIP
users have been complaining that they have not been able to access other hosts on the network. You must
troubleshoot and fix the issues. The RIP version implemented is classless, supports discontiguous networks, and
VLSM.
Required File: Troubleshooting RIP.pka
Step 1: Verify connectivity and router configurations
a. Select each PC and determine the current status of connectivity.
b. Select Router1.
c. Enter debug ip rip
1. Switch to Simulation Mode and choose Auto / Capture Forward.
2. Select Router1 and view the debug messages for possible issues.
3. Enter undebug all.
d. Enter show ip protocols.
e. Enter show ip interface.
f. Enter show running-config.
g. Annotate the potential configuration issues.
h. Repeat steps c – g for Router0 and Router1.
i. Make any configuration changes necessary to restore communications between each host.
Step 2: Verify configurations and connectivity
a. Select each router and ensure the routing table is correct.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Select the PC0 and ping the other two hosts.
c.
Choose Check Results.
Reflection
a. What three commands used in the section would you use to display the version of rip being used?
_______________________________________________________________________________________
_______________________________________________________________________________________
b. Which version of RIP is classless and supports Variable Length Subnet Mask (VLSM)?
_______________________________________________________________________________________
_______________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.3.2 Troubleshooting Common EIGRP Issues
Objective
•
Troubleshoot the routed network
•
Identify and make any necessary configuration changes
•
Verify connectivity
Background / Preparation
You have received several complaints from your customers the day after you performed a network migration.
Over the weekend the network was migrated from RIP to EIGRP. The Senior Network Engineer is counting
on you to resolve the issue. You were instructed to use EIGRP and an AS number of 10. Use the
troubleshooting techniques you have learned throughout the course to isolate and reconfigure any devices
necessary to re-establish network connectivity.
Required file: Troubleshooting Common EIGRP Issues.pka
Step 1: Isolate and correct any configuration errors
a. Isolate the problem with connectivity tests.
1. Select PC0.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
2. Use ping and tracert commands to test connectivity to the other workstations.
3. Select PC1.
4. Use ping and tracert commands to test connectivity to the other workstations.
b. Select each router and gather information.
1. Enter the show ip route command.
2. Enter the show ip eigrp neighbors command.
3. Enter the show running-config command.
c.
Make the necessary configuration changes.
Step 2: Verify Configuration and Connectivity
a. Select each router and ensure all networks shown in the routing tables are correct.
b. Use the show ip eigrp interfaces command to verify that all routers have three EIGRP
interfaces.
c.
Select PC1 and ping all the other hosts on the network.
d. Choose Check Results.
Reflection
a. How many EIGRP and connected routes exist on all the routers?
____________________________________________________________________________________
____________________________________________________________________________________
b. How many passive routes are known in the EIGRP topology?
____________________________________________________________________________________
____________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.4.1 Troubleshooting WAN Connectivity
Objective
•
Troubleshoot issues related to WAN connectivity
•
Identify and make any necessary configuration changes
•
Verify connectivity
Background / Preparation
The XYZ Corporation has recently extended their WAN to a new office in Atlanta. The extension of the WAN
included the installation of router R4. The R4 router has two point-to-point serial connections to the R2 and
R3 routers and an Ethernet LAN segment. The installation team has been unsuccessful in establishing
connectivity. You have been called in to assist in troubleshooting. A meeting has provided the following
information.
•
•
•
•
•
Encapsulation: PPP
Serial interfaces: 30 bit subnet mask
Clock rate: 64000
Ethernet interface: 24 bit subnet mask
Routing protocol: EIGRP and AS is 10
Required file: Troubleshooting WAN Connectivity.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Isolate and correct any configuration errors
a. Select workstations and perform connectivity tests.
b. Select each router and use show commands to identify potential configuration issues.
c.
Make the necessary configuration changes.
Step 2: Verify Configuration and Connectivity
a. Select each router and ensure all networks in the routing tables are correct.
b. Select PC1 and ping all the other hosts on the network.
c.
Choose Check Results.
Reflection
a. What show commands can assist in troubleshooting WAN connectivity problems?
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
b. What might an administrator implement to secure the negotiations of the PPP links?
______________________________________________________________________________
______________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.4.2 Troubleshooting PPP Authentication Using CHAP
Objective
•
Troubleshoot issues related to PPP authentication
•
Identify and make any necessary configuration changes
•
Verify connectivity
Background / Preparation
The XYZ Corporation has decided to secure their WAN links with CHAP authentication. Once again the
migration to the new configuration has not been successful. After successfully troubleshooting the WAN
connectivity during the installation of the R4 router, the company has asked for your assistance with the latest
issues. The following information has been provided.
•
•
•
•
Authentication: CHAP
Password: cisco123
Encapsulation: PPP
Clock rate: 64000
Required file: Troubleshooting PPP Authentication Using CHAP.pka
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 1: Isolate and correct any configuration errors
a. Select workstations and perform connectivity tests.
b. Select workstations and perform trace routes.
c.
Select each router. Use show and debug commands to identify potential configuration issues.
d. Make the necessary configuration changes.
Note:
After the configuration errors have been corrected it may take a few minutes for EIGRP to converge.
Step 2: Verify Configuration and Connectivity
a. Select each router and ensure all networks shown in the routing tables are correct.
b. Select PC1 and ping all the other hosts on the network.
c.
Select PC3 and use the tracert command to trace the route to all other hosts on the network.
Ensure the path taken is correct.
d. Choose Check Results.
Reflection
a. What show and debug commands can assist in troubleshooting PPP authentication?
_________________________________________________________________________________
_________________________________________________________________________________
_________________________________________________________________________________
b. What is the difference between CHAP and PAP?
_________________________________________________________________________________
_________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.5.1 Troubleshooting ACL Issues
Objective
•
•
Verify and identify the ACL configuration issues
Verify the ACLs are working properly
Background / Preparation
The security office wants to increase security to certain network resources via ACLs. The network administrator
that configured the ACLs has asked you to verify the configuration. The following information has been provided
by the security office. Verify the ACLs are working properly and make any changes necessary to meet the
security requirements.
•
•
Restrict Telnet from the 192.168.4.0 network to all devices
Restrict Telnet, WWW, DNS, and ICMP from the 192.168.1.0 network to all devices on the 192.168.2.0
network
Enable secret: class
VTY password: cisco123
Required file: Troubleshooting ACL Issues.pka
Step 1: Verify Telnet restrictions
a. Verify that Telnet is restricted for all hosts on the 192.168.4.0 network.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
b. Select the R0 router.
c.
Examine the extended ACL configured on the router.
d. Make the necessary changes to meet the security requirements.
Step 2: Verify Telnet, WWW, DNS, and ICMP restrictions
a. Verify that access via Telnet, HTTP, DNS, and ICMP is restricted for all hosts on the 192.168.1.0
network.
b. Select the R3 router.
c.
Examine the extended ACL configured on the router.
d. Make the necessary changes to meet the security requirements.
Step 3: Verify connectivity
a. Verify that PC0 and PC1 are unable to Telnet to R0, R1, R2, and R3.
b. Verify that PC3 is unable to ping the Web and DNS server.
c.
Choose Check Results.
Reflection
a. What show commands can be used to view existing ACLs? (Identify two.)
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
b. Which OSI layers are used by extended ACLs to filter packets?
________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
9.5.2 Troubleshooting ACL Placement
Objective
•
•
•
Verify the placement of existing ACLs
Create and properly place new ACLs
Verify the ACLs are working properly
Background / Preparation
The security office wants to secure access to a web server. The only network that should have access to the web
server is the 192.168.3.0 network. The night shift created a standard ACL on the R3 router and applied it to the
Fast Ethernet 0/0 interface. Ever since the change, the workstations on the 192.168.1.0 network have not been
able to communicate with the workstations on the both the 192.168.2.0 and 192.168.4.0 networks.
Required file: Troubleshooting ACL Placement.pka
Step 1: Verify and resolve the placement of a standard ACL
a. Verify connectivity between PC3 and the other hosts.
b. Select the R3 router.
c.
Examine the standard ACL.
d. Locate the interface and direction the ACL is applied.
e. Without changing the ACL, place the ACL on an interface which meets the security requirement.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise
Step 2: Create and properly place an extended ACL
After resolving the issue on the R3 router, you have been tasked to create an extended ACL on the R0 router that
accomplishes the same objective as the standard ACL that was placed on the R3 router. You must prevent all
traffic from the 192.168.4.0 network from getting to the 192.168.2.0 network using an extended ACL numbered
100. All other traffic should be permitted.
a. Verify connectivity between PC0 and the other hosts.
b. Select the R0 router.
c.
Create the necessary extended ACL.
d. Apply the ACL to the most efficient interface in terms of reducing bandwidth on the serial links and
reducing the routing decisions.
Step 3: Verify connectivity
a. Verify connectivity between PC3 and the other hosts.
PC3 should be able to ping PC0 and PC2, but not the Web Server.
b. Verify connectivity between PC0 and the other hosts.
PC0 should be able to ping PC2 and PC3, but not the Web Server.
c.
Verify connectivity between PC2 and the Web Server.
PC2 should be able to ping the Web Server.
d. Choose Check Results.
Reflection
a. What would happen if the standard ACL were placed on the Serial 0/0/0 interface in the inbound
direction?
________________________________________________________________________________
________________________________________________________________________________
b. What would happen if the extended ACL were placed on the Fast Ethernet 0/0 interface in the
outbound direction?
________________________________________________________________________________
________________________________________________________________________________
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2
CCNA Discovery
Introducing Routing and Switching in the Enterprise: Course Summary
10.0.1 Putting it All Together
Objectives
•
•
•
•
Troubleshoot VLAN configuration.
Troubleshoot OSPF configuration.
Troubleshoot WAN interface configuration.
Troubleshoot ACL configuration.
Background / Preparation
AnyCompany1 has been a victim of a hacking attack. This focus of the attack was on disrupting communication
versus destroying data. The attack focused on the company routers and switches. Identify any configuration
changes that the hacker made. All passwords should be set to cisco. Once errors are identified, correct the
configuration and test connectivity.
Step 1: Troubleshoot VLAN configurations
a.
b.
c.
d.
e.
Use ping to identify any potential connectivity problems.
View the R2 sub-interface configurations.
Identify the configured VLANs on each switch.
Ensure that the H1, H2, and H3 workstations are on the correct VLANs.
Make any necessary changes.
Step 2: Troubleshoot OSPF configurations
a.
View the OSPF configuration on the HQ and R2 routers.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 2
Curriculum Name
Course Name: Chapter Name
b.
c.
Ensure that all the network and wildcard mask statements are correct.
Make any necessary changes.
Step 3: Troubleshoot WAN interface configuration
a.
b.
c.
View the HQ and ISP router configurations
Ensure that the serial interfaces are configured properly.
Make any necessary changes.
Step 4: Troubleshoot the ACL configuration
a.
b.
c.
The company routing policy allows the following activities:
All users are allowed web access to any destination.
All users are allowed to use ping to test connectivity.
Users working in Dept 2 are allowed to use Telnet.
Users working in Dept 3 are allowed to use FTP.
All other user traffic is blocked.
View the R2 ACL configuration.
Ensure the ACL is properly built and correctly applied to the interfaces.
Make any necessary changes.
Step 5: Verify connectivity
a.
b.
c.
Select each PC and ensure they can ping each other.
Select each PC and ensure they can ping the Web Server (172.16.0.250).
Choose Check Results.
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 2