D4 SBA Student Ans Key

CCNA Discovery Designing and Supporting Computer Networks
Skills-Based Assessment Academy Student Answer Key
Grading The exam is divided into two parts. If the exam is conducted in two separate sessions, hand out Part 1 on planning and let the students complete it. Then have them turn in Part 1 so that you can grade it before the second session. Return Part 1 to the students at the start of the second session, which is a hands-on session. If there are problems with the planning in Part 1, the student will know of them before starting on Part 2. If both parts of the exam are done in one session, you should still grade Part 1 before the students start on Part 2. Students must complete Part 1 before starting Part 2. Suggested point totals are listed for the main fill-in-the-blank questions. They currently total 100 points, but can be adjusted or changed as desired. Divide the correct points by the possible points for an overall percentage grade. Exam Time The suggested time allowed to complete each part is 50 minutes. Part 2 takes longer than 50 minutes. At the instructors discretion, the amount of time allowed may be adjusted. Part 2 of the exam can be split into two parts to accommodate class schedules. Part 3 starts at Task 5 Configuring ACLs.
All contents are Copyright 19922010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 30
To save time and avoid splitting Part 2, have the equipment set up and cabled for the students prior to starting device configuration.
Exam Overview
This skills-based assessment is the final practical exam for the course CCNA Discovery Designing and Supporting Computer Networks. The exam is divided into two parts, and Part 1 must be completed before Part 2. When you have completed Part 1, give it to the instructor to check before starting Part 2. In Part 1, you start with a test plan for the connecting the Team-A remote office to the Stadium Network. Appendix A in this exam contains the test plan. In Part 1, you develop the IP subnet scheme, document the device interfaces, and create an installation checklist. In Part 2, you build the network and configure the Team-A routers and switches using Cisco IOS CLI commands. The Team-A branch office router BR2 connects the local network to the Stadium Network router Edge3 through a simulated Frame Relay switch. The Stadium router provides access to the Team-A server. The EIGRP routing protocol is used between the Team-A remote office router and the Stadium Network router.
Scenario
The new equipment has arrived for the remote Team-A office, and it is ready to be installed and tested. Team-A ordered an 1841 router to connect to the main Stadium Headquarters Edge3 router through a Frame Relay service provider network. They also ordered a backup DSL link through the ISP. The ISP router and simulated Frame Relay router are preconfigured. The ISP link has assigned IP addresses. A test plan for testing the new equipment and configurations in the NetworkingCompany lab has already been created.
Objectives
Part 1 Using a network design and test plan, create an IP addressing plan and document the network device interfaces. Create an installation checklist based on the test plan. Part 2 Connect and configure the network equipment and verify network connectivity.
Required Equipment
The following equipment is required for each student: ISP router with two Fast Ethernet interfaces (preconfigured by the instructor) Router to simulate a Frame Relay switch with two serial interfaces (preconfigured by the instructor) Two 1841 routers (or other router with one serial interface and two Fast Ethernet interfaces) One computer to act as the Discovery Server (using the Discovery Server Live CD). Optionally, the ISP router loopback address can be used. If the loopback address is used, it restricts the protocols that can be filtered using an ACL. One 2960 switch (or other switch) or crossover cable to connect the Discovery Server to the ISP router Ethernet 2960 switches for Team-A Two Windows XP-based PCs Cat 5 and serial cabling, as necessary
Device running-configs are provided at end of this document.
Page 2 of 30
Skills-Based Assessment Part 1 [44 points]

Network Planning
Step 1: Analyze the remote network test plan and develop an IP addressing scheme.
Appendix A contains the TeamA test plan. Review the network design topology diagram and the tests to be performed. The general test procedures and the expected results are provided. Use the information that you acquire in the next steps, along with the topology diagram and equipment list in the test plan, to create a VLSM subnet plan and an IP addressing plan. Instructor note: IP addresses in the lab answers are based on Team-A.
Step 2: Document the assigned network IP addressing.

a. You will be working with the Team-X remote network, where X is the letter assigned by the instructor. Enter the Team letter your are assigned here: Team- ________ b. The base IP address CIDR block of 512 addresses from which you will create your VLSM addressing scheme is based on a private Class B network address. Check with the instructor to verify the correct IP address block for you to use. Enter the Team-X base IP network address and subnet mask: IP address: __________________ 172.2X.0.0 Subnet mask: _______________ 255.255.254.0 172.2X.0.0/23, where X is 1-9, depending on the Team letter assigned. Team-A is assigned 172.21.0.0/23, Team-B 172.22.0.0/23, Team-C 172.23.0.0/23, etc.
Step 3: Allocate blocks of addresses to each area of the network. [10 points, two for each block] VLSM and VLAN Plan
VLSM block size (Number of IPs) 512 (9 bits) N/A 256 16 64 128 4 468
Network Area Team-X block size to subdivide Edge3 Discovery Server local network Edge3 user local network (Sim Lo0) BR2 local network / VLANs VLAN 1 (Default/mgmt IP) VLAN 11 (Name: Dept-11, Ports 3-11 on switches S1, S2) VLAN 12 (Name: Dept-12, Ports 12-24 on switches S1, S2) BR2 to Edge3 Frame Relay WAN link Total users and total block sizes
Number of Users / IPs N/A N/A 195 12 53 105 2 367
IP Address Range 172.2X.0.0/23 172.17.0.0/16 172.21.0.0/24 172.21.1.192/28 172.21.1.128/26 172.21.1.0/25 172.21.1.208/30 N/A
Step 4: Select IP addresses for use when configuring devices. [14 points, one for each IP address/mask and one for each gateway]
Write the addresses and subnet masks (/##) from the IP Address Plan next to the appropriate devices and interfaces on the test plan network topology diagram.
All contents are Copyright 19922010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 30
IP Address Plan
Device Name Edge3 Interface Fa0/0 Fa0/1 S0/0/0.101 Lo0 Fa0/1 Fa0/0 Fa0/1.1 Fa0/1.11 Fa0/1.12 S0/0/0.100 Fa0/0 Fa0/1 S0/0/0 S0/0/1 VLAN1 VLAN1 VLAN1 NIC NIC NIC IP Address 172.17.0.1/16 172.16.1.6/30 172.21.1.209/30 172.21.0.1/24 172.16.1.2/30 172.21.1.193/28 172.21.1.129/26 172.21.1.1/25 172.21.1.210/30 172.16.1.1/30 172.16.1.5/30 DLCI 100 DLCI 101 172.21.1.194/28 172.21.1.195/28 172.17.0.2/16 172.21.1.130/26 172.21.1.2/25 172.17.1.1/16 Subnet Mask 255.255.0.0 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.240 255.255.255.192 255.255.255.128 255.255.255.252 255.255.255.252 255.255.255.252 N/A N/A 255.255.255.240 255.255.255.240 255.255.0.0 255.255.255.192 255.255.255.128 255.255.0.0 N/A N/A 172.21.1.193/28 172.21.1.193/28 172.17.0.1/16 172.21.1.129/26 172.21.1.1/25 172.17.0.1/16 Default Gateway N/A
BR2
N/A
ISP (preconfigured) SP-FR (preconfigured) S1 S2 S3 (optional) H1 H2 Discovery Server
Step 5: Create a network installation checklist.

Review each test and the related test procedures in the Team-A test plan in Appendix A to create an installation checklist. Use the following guidelines to build the checklist: Identify the steps necessary to configure each piece of equipment to perform each test. List only the configuration steps needed to complete the test. Be sure to specify the device name and what is to be configured. Specify just the key items and interfaces to be configured. It is not necessary to include the exact commands and every IP address. For each step under the configuration requirements, first identify the device being configured and then the item to be configured. Use as many lines as necessary. The final step in each set of installation test requirements specifies to perform the test as described in the test plan.
Team-A Prototype Network Installation Checklist [20 points total, 5 for each group of test items identified]
Installation Steps
Page 4 of 30
Step No. 1 2 3 4 5 6 7 8 9 10 11 12
Test 1: Basic Connectivity and VLAN Configuration Devices All devices S1 and S2 S1 S1 S1 S1 S2 S2 S2 BR2 BR2 Configuration Requirements Connect the cables between all devices as shown in the topology diagram. Perform basic switch configuration, including host name, passwords, and VLAN1 IP address. Configure VLANs on S1 and add ports according to the VLAN plan. Configure a VTP domain for Team-A with S1 as the VTP server and a password of cisco. Configure S1 as the STP root switch. Configure a trunk link to BR2 and S2. Configure S2 as the VTP client in the Team-A S1 domain. Add ports to VLANs according to the VLAN plan. Configure a trunk link to S1. Perform basic router configuration on BR2, including host name, passwords, and interface IP addresses. Configure Fa0/0 subinterfaces for inter-VLAN routing. Perform Test 1 according to the test plan. Completed
Step No. 1 2
Devices BR2 BR2
Test 2: Frame Relay and EIGRP Configuration Configuration Requirements Configure the Serial 0/0/0 interface on BR2 with Frame Relay encapsulation. Configure a point-to-point subinterface for DLCI 100. On BR2, configure the EIGRP routing protocol to advertise the Team-A LANs and the Frame Relay WAN link network. Use EIGRP process ID 200. Disable auto-summary. Configure EIGRP MD5 authentication to accept updates from the Stadium network router Edge3 on the Frame Relay subinterface. Perform basic router configuration on Edge3, including host name, passwords, and interface IP addresses. Configure the Serial 0/0/0 interface on Edge3 with Frame Relay encapsulation. Configure a point-to-point subinterface for DLCI 101. On Edge3, configure the EIGRP routing protocol to advertise the Discovery Server network, the simulated loopback network, and the Frame Relay WAN link network. Use EIGRP process ID 200. Disable auto-summary. Configure EIGRP MD5 authentication to accept updates from the Team-A network router BR2 on the Frame Relay subinterface. Perform Test 2 according to the test plan.
3 4 5 6
BR2 Edge3 Edge3 Edge3
7 8
Edge3
Step No. 1 2 3
Devices BR2 Edge3
Test 3: Backup Link Configuration Configuration Requirements Configure a floating static route on BR2 to the Discovery Server network using the Ethernet connection to the ISP router. Configure a floating static route on Edge3 to the Team-A remote LAN using the Ethernet connection to the ISP router. Perform Test 3 according to the test plan.
Page 5 of 30
Step No. 1
Devices BR2
Edge3
Test 4: ACL Filtering Configuration Requirements Configure a VTY ACL to permit telnet only from the stadium Edge3 router (S0/0/0 IP address or Fa0/1 IP address). Apply the ACL to BR2 VTY 0-4 inbound. Configure an extended numbered or named ACL to permit access to the Discovery Server only from the remote Team-A LAN. Apply the ACL to Edge3 Fa0/0 outbound. Perform Test 4 according to the test plan.
Check Your Work with the Instructor Before Going on to Part 2
Page 6 of 30
Skills-Based Assessment Part 2 [56 points]

Instructor Note: Part 2 of the exam may be split into two parts to accommodate class schedules. Part 3 starts at Task 5 Configuring ACLs. To save time and avoid splitting this part of the exam, have the equipment set up and cabled for the students prior to starting device configuration. Before students start Part 2, configure the SP-FR and ISP routers. (See the running-configs at end of lab.)
Part 1 of the exam must be completed before starting Part 2.
Task 1: Build the Network and Connect the Cables

Using the equipment list and topology diagram provided in the test plan, and the installation checklist and IP address plan completed in Part 1, build and configure the network. Note: The ISP router, the Frame Relay router, and the Discovery Server should be preconfigured by the instructor. Instructor note: If the ISP router is configured with a loopback address in lieu of the Discovery Server, the HTTP service in the router must be enabled. Use the following guidelines to build the test the network: Make sure that the router and switch startup configs and the switch vlan.dat files have been erased prior to beginning configuration. Be sure to save the running-config frequently and after any major configuration. After each test segment is built, have the instructor check off the test plan items to be verified. You can connect and configure all devices according to the installation checklist up through and including Test 3. Configuration items for those tests can be verified at the same time. Do not configure ACLs for Test 4 until all basic connectivity, routing, and backup links are tested and functional.
Task 2: Configure and Perform Test 1 Basic Connectivity and VLAN Configuration
Step 1: Build and configure the portion of the network being tested.
Refer to the installation checklist for the steps required. Instructor note: See device configs at the end of the exam.
Step 2: Review the expected test results.

Before beginning the test, review the expected results in the test plan. The testing procedures are listed here for convenience. Enter the command used, and have the instructor check off each item as verified.
Test 1 Testing Procedures [17 points, one for each item verified]
Configuration Items to Verify BR2 basic config (host, password, IPs) BR2 interface status BR2 routing table (VLANs) BR2 subinterfaces on Fa0/0 Command Used show running-config show ip interfaces brief show ip route show vlans Check
Page 7 of 30
BR2 subinterfaces 802.1Q encap S1 VLANs and port assignments S1 802.1Q trunk ports S1 is root switch S1 is VTP server S2 basic config (host, password, IPs) S2 VLANs and port assignments S2 802.1Q trunk ports S2 is VTP client Ping from S1 or S2 to BR2 Telnet from S1 or S2 to router BR2 Ping from the hosts to their default gateways Verify inter-VLAN routing by pinging from H1 to H2
show vlans show show show show show show show show vlan brief interfaces trunk spanning-tree vtp status running-config vlan brief interfaces trunk vtp status
ping IP address telnet IP address ping IP address ping IP address
Step 3: Record the results and conclusions.

__________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________
Step 4: Have the instructor verify all Test 1 test items before going on to Test 2.
Task 3: Configure and Perform Test 2 Frame Relay and EIGRP Configuration

Test 2 Testing Procedures [10 points, one for each item verified]
Configuration Items to Verify BR2 configuration for Frame Relay, EIGRP, and MD5 authentication BR2 Frame Relay status of point-to-point links BR2 Frame Relay permanent virtual circuit (PVC) status and statistics BR2 Frame Relay Local Management Command Used show running-config show frame-relay map show frame-relay pvc show frame-relay lmi
Page 8 of 30
Check
Interface (LMI) statistics BR2 EIGRP routing configuration BR2 routing table (EIGRP routes) Ping from hosts H1 and H2 to the Edge3 router Ping from hosts H1 and H2 to the Discovery Server Verify path that packets are taking from H1 to the Discovery Server Verify EIGRP MD5 authentication as it occurs
show running-config show ip route ping IP address ping IP address tracert or traceroute IP debug eigrp packet

__________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________
Task 4: Configure and Perform Test 3 Backup Link Configuration


Test 3 Testing Procedures [10 points, two for each item verified]
Configuration Items to Verify BR2 and Edge3 floating static route configuration BR2 routing table with primary Frame Relay link up and backup link down BR2 routing table with primary Frame Relay link down and backup link up Ping test output from H1 and H2 to Discovery Server Tracert test output from H1 and H2 to Discovery Server showing use of backup route through the ISP Command Used show running-config show ip route show ip route Check
ping IP address tracert URL or IP address
Page 9 of 30

__________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________
Task 5: Configure and Perform Test 4 ACL Filtering


Test 4 Testing Procedures [12 points, two each for each item verified]
Configuration Items to Verify ACL configuration on Team-A and Stadium routers Access list output on both routers Telnet to BR2 from any host other than Edge3 Telnet from Edge3 to BR2 On H1, connect to the Discovery Server using URL http://server.discovery.ccna or IP address 172.17.1.1 Attempt to access the Discovery Server from the Edge3 Lo0 simulated internal network using extended ping with the source address of the Edge3 interface Lo0 IP address. The ACL should block the attempt. Command Used show running-config show access-lists telnet IP address telnet IP address Open browser or ping IP address ping (pinging with no argument prompts for extended commands, including source IP address) Instructor note: If necessary, show the student how to do the extended ping command to perform this test item. Check

__________________________________________________________________________________________ __________________________________________________________________________________________ __________________________________________________________________________________________
Page 10 of 30
Step 5: Save the running configs for each networking device to a file. [7 points]
Save the output from BR2, Edge3, S1, and S2 to a single text file on your desktop and name it XXX-D4-SBAConfigs.txt, where XXX are your initials. Show it to the instructor. _________ Instructor check
Page 11 of 30
Appendix A Test Plan

Team-A Remote Office Design
The purpose of this test is to verify these items: Team-A branch network design Switch and router configurations proposed for the Team-A connections to the Stadium Network Frame Relay WAN design and backup capability Design functions as expected
Tests to run: Test 1: Basic Connectivity and VLAN Configuration o o o o Verify physical and IP connectivity between devices on the prototype network Demonstrate the VLAN and VTP configuration Demonstrate routing of traffic between VLANs Document operation
Test 2: Frame Relay and EIGRP Configuration o o o o Demonstrate functionality of primary Frame Relay link Demonstrate MD5 authentication process Demonstrate routing to remote resources Document operation
Test 3: Backup Link Configuration o o Demonstrate that traffic takes the alternate route if the Frame Relay link goes down Document operation
Test 4: ACL Filtering o o Demonstrate filtering of traffic to devices and resources from various sources Document operation
Page 12 of 30
Equipment
Quantity required 2 Additional options or software required none Cisco IOS software version 12.2 or later
Model 1841 router
3 1 2
Preconfigured router to simulate ISP; can be 1841 with two Fast Ethernet interfaces Preconfigured router to simulate Frame Relay switch 2960 Layer 2 switch Discovery Server Personal computer end devices V.35 DTE cables V.35 DCE cables Cat 5 or above straight-through patch cables Cat 5 or above crossover patch cables Console cable
none
Configured as a Frame Relay switch none HTTP and FTP server software Fast Ethernet NIC
Substitute Any router with two Ethernet or Fast Ethernet interfaces capable of running 802.1q protocol Any router or multilayer switch that can support two separate Ethernet networks Any Cisco router with two serial interfaces Any 2950 or 2960 model switch
any
12.2 or later
12.2 or later
none
2 2 5
none none none
V.35 crossover cable none none
Windows, Mac, or Linux operating system n/a n/a n/a
none
none
n/a
none
none
none
Page 13 of 30
Design and Topology Diagram
Page 14 of 30
Test 1 Basic Connectivity and VLAN Configuration

Goals of Test Verify that the test topology is up and running and that VLANs are correctly configured between switches S1 and S2 and router BR2. A VTP domain is to be set up with S1 as the server and S2 as a client. S1 should also be the STP root switch. The Frame Relay links and EIGRP routing protocol are not included in this test (although they may be configured). Data to Record BR2, S1, and S2 running configuration VLAN configurations on switches S1 and S2 and router BR2 STP and VTP configurations on switches S1 and S2 Ping output between hosts H1 and H2, switches S1 and S2, and router BR2 Estimated Time 50 minutes total 40 minutes build 10 minutes test
Procedures
1. Build the topology according to the Design and Topology diagram. Assign IP addresses to all devices according to the IP Address Plan, and activate interfaces. 2. Create a basic configuration on all Team-A and Stadium Network devices 3. Configure Team-A LAN devices S1, S2, and BR2 to support VLANs. 4. Console into one of the switches in the topology, and ping BR2. Record any anomalies. 5. Telnet from the switch to router BR2, and verify that you can start a session. 6. Verify that the BR2 routing table contains routes to each VLAN. 7. Ping from the hosts to their default gateways and between VLANs to each other. 8. Record the output of the show running-config and show interfaces commands for BR2, Edge3, and switches S1 and S2 in a text file, using a text editor such as Notepad. Record the output of the show vlans command for BR2 and switches S1 and S2. Save this file for later analysis.
Expected Results and Success Criteria

VLANs exist on switches S1 and S2. Hosts can ping successfully to hosts on other VLANs. Switches S1, S2, and router BR2 can ping each other and are accessible through Telnet.
Page 15 of 30
Results and Conclusions ___________________________________________________________________________ ___________________________________________________________________________ ___________________________________________________________________________

Instructor note: Students fill out this section upon completion of the exam.
Page 16 of 30
Test 2 Frame Relay and EIGRP Configuration

Goals of Test Verify that the Frame Relay link to the Stadium network is functional, the EIGRP routing protocol is properly configured with MD5 authentication, and the correct static routes are configured. Data to Record BR2 and Edge3 running configuration with Frame Relay, EIGRP, and MD5 authentication Frame Relay show command output EIGRP MD5 authentication debug output IP routing table information Ping output between hosts H1, H2, routers BR2 and Edge3, and Discovery Server Tracert output from H1 and H2 to Discovery Server Estimated Time 20 minutes total 10 minutes configure 10 minutes test
Procedures
1. Configure Frame Relay on the Team-A and Stadium Network routers. 2. Configure EIGRP with MD5 on Team-A and Stadium Network routers. 3. Record the output of the debug eigrp packet command on the Team-A router to verify MD5 authentication. 4. Record the router output of the show running-config and show ip route commands. 5. Record the router output for the Frame Relay circuit using the show frame-relay map, show framerelay pvc, and show frame-relay lmi commands. 6. Record ping results from the hosts H1 and H2 to the Edge3 router and the Discovery Server. 7. Use tracert or traceroute to verify that packets are taking the primary Frame Relay link.

EIGRP debug output shows that the Team-A and Stadium Network routers are authenticating with each other. IP routing table information for the Team-A and Stadium Network routers shows that they have learned EIGRP routes and the route from Team-A to the Stadium Network is via the primary Frame Relay link. Ping tests from hosts H1 and H2 to the Discovery Server are successful. Traceroute tests from H1 and H2 to the Discovery Server are successful and take the primary Frame Relay link.
Page 17 of 30
Results and Conclusions

____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ Instructor note: Students fill out this section upon completion of the exam.
Page 18 of 30
Test 3 Backup Link Configuration

Goals of Test Verify that the backup DSL link from the Team-A router BR2 through the ISP router to the Stadium Network is activated if the primary Frame Relay link fails. Data to Record Floating static route configuration using the show running-config command Show IP route output with the primary Frame Relay link up and the backup link down Show IP route output with the primary Frame Relay link down and the backup link up Ping output from H1 and H2 to the Discovery Server Tracert output from H1 and H2 to the Discovery Server showing use of backup route through the ISP Estimated Time 20 minutes total 10 minutes configure 10 minutes test
Procedures
1. Configure floating static routes on the Team-A and Stadium Network routers to the Discovery Server through the ISP router. 2. Cause the Frame Relay link from BR2 to SP-FR to fail by shutting down the Serial 0/0/0 interface on BR2. 3. Display the routing table for BR2 and Edge3 using the show ip route command to verify that the floating static route through the ISP is installed in the routing table. Record the results. 4. Ping from the hosts H1 and H2 to the Discovery server at URL http://server.discovery.ccna or IP address 172.17.1.1. Record the results. 5. Verify that packets are taking the backup simulated DSL link using tracert from H1 or traceroute from BR2.

Routing tables for BR2 and Edge3 show that the backup floating static route through the ISP is installed in the routing table. Pings from the hosts H1 and H2 to the Discovery Server are successful using the backup link. Packets from H1 or BR2 to the Discovery Server are using the backup link route, as shown by tracert or traceroute.
Page 19 of 30

Page 20 of 30
Test 4 ACL Filtering Test

Goals of Test Verify that an ACL placed on the Team-A BR2 router allows Telnet only from the stadium Edge3 router. Also, an ACL on Edge3 permits access to the Discovery Server only from the remote Team-A LAN. Data to Record ACL configuration on Team-A and Stadium routers show ip access-lists output on both routers Ping output Telnet output Estimated Time: 20 minutes total 10 minutes configure 10 minutes test
Procedures
1. Configure an ACL on the Team-A router BR2 and the Stadium Edge3 router to control traffic as described in the Test 4 goals. 2. Telnet to BR2 from any host other than Edge3, and then telnet from Edge3 to BR2. Record the results. 3. Open a browser on H1 and connect to the Discovery Server using URL http://server.discovery.ccna or IP address 172.17.1.1. Record the results. 4. Attempt to access the Discovery Server from the Edge3 Internet network using extended ping with a source address of interface Lo0 IP address. Record the results.

Telnet to BR2 from Edge3 is successful. Telnet from any host other than Edge3 fails. Using a browser from H1 or H2 to connect to the Discovery Server is successful. Extended ping to the Discovery Server with the source address from the Edge3 Internet network interface Lo0 IP address fails.

Page 21 of 30
Appendix B Test Device Configs

Note: Some commands entered by the router or switch have been removed to focus on those configuration commands that need to be graded.
BR2 Router Config (1841 Cisco IOS 12.4)

hostname BR2 ! enable secret class ! no ip domain lookup ! key chain MYCHAIN key 1 key-string securetraffic ! interface FastEthernet0/0 description Team-A LAN no ip address no shutdown interface fa0/0.1 encapsulation dot1Q 1 ip address 172.21.1.193 255.255.255.240 interface fa0/0.11 encapsulation dot1Q 11 ip address 172.21.1.129 255.255.255.192 interface fa0/0.12 encapsulation dot1Q 12 ip address 172.21.1.1 255.255.255.128 ! interface FastEthernet0/1 description backup link to ISP ip address 172.16.1.2 255.255.255.252 duplex auto speed auto no shutdown ! interface Serial0/0/1 no ip address shutdown no fair-queue ! interface Serial0/0/0 description primary Frame relay link to Edge3 no ip address encapsulation frame-relay no shutdown ! interface Serial0/0/0.100 point-to-point ip address 172.21.1.210 255.255.255.252 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 MYCHAIN frame-relay interface-dlci 100 ! interface Vlan1 no ip address !
router eigrp 200 network 172.21.1.192 0.0.0.15 network 172.21.1.128 0.0.0.63 network 172.21.1.0 0.0.0.127 network 172.21.1.228 0.0.0.3 ! no auto-summary ! ip route 172.17.0.0 255.255.0.0 172.16.1.1 130 ! ip http server no ip http secure-server ! banner motd ^CUnauthorized use prohibited^C ! access-list 1 permit 172.21.1.229 access-list 1 permit 172.16.1.6 access-list 1 deny any ! line con 0 password cisco login line aux 0 line vty 0 4 access-class 1 in password cisco login !
Edge3 Router Config (1841 Cisco IOS 12.4)

hostname Edge3 ! enable secret class ! no ip domain lookup ! key chain MYCHAIN key 1 key-string securetraffic ! interface FastEthernet0/0 description Edge3 Discovery server ip address 172.17.0.1 255.255.0.0 ip access-group Server-Access out duplex auto speed auto no shutdown ! interface FastEthernet0/1 description backup link to ISP ip address 172.16.1.6 255.255.255.252 duplex auto speed auto no shutdown ! interface Serial0/0/0 description primary Frame Relay link to BR2
no ip address encapsulation frame-relay no shutdown ! interface Serial0/0/0.101 point-to-point ip address 172.21.1.209 255.255.255.252 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 MYCHAIN frame-relay interface-dlci 101 ! interface Serial0/0/1 no ip address shutdown ! interface Lo0 description Edge3 local LAN ip address 172.21.0.1 255.255.255.0 ! interface Vlan1 no ip address ! router eigrp 200 network 172.17.0.0 0.0.255.255 network 172.21.0.0 0.0.0.255 network 172.21.1.228 0.0.0.3 no auto-summary ! ip route 172.21.1.0 255.255.255.0 172.16.1.5 130 ! ip http server no ip http secure-server ! ip access-list extended Server-Access remark Allow only Team-A LAN access to server permit ip 172.21.1.0 0.0.0.255 host 172.17.1.1 remark Deny and log all other traffic deny ip any any log banner motd #Unauthorized use prohibited# ! line con 0 password cisco login line aux 0 line vty 0 4 password cisco login
ISP Router Config (1841 Cisco IOS 12.4)

hostname ISP ! enable secret class ! no ip domain lookup ! interface FastEthernet0/0 description backup link to BR2 ip address 172.16.1.1 255.255.255.252
duplex auto speed auto no shutdown ! interface FastEthernet0/1 description backup link to Edge3 ip address 172.16.1.5 255.255.255.252 duplex auto speed auto no shutdown ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 no ip address shutdown ! interface Vlan1 no ip address ! ip route 172.21.1.0 255.255.255.0 172.16.1.2 ip route 172.17.0.0 255.255.0.0 172.16.1.6 ! banner motd #Unauthorized use prohibited# ! line con 0 password cisco login line aux 0 line vty 0 4 password cisco login
SP-FR Router Config (2620XM Cisco IOS 12.2)

hostname SP-FR ! enable secret class no ip domain-lookup banner motd #Unauthorized use prohibited# ! frame-relay switching ! interface serial0/0 description link to Team-A BR2 encapsulation frame-relay clock rate 64000 no shutdown frame-relay intf-type dce frame-relay route 100 interface serial0/1 101 ! interface serial0/1 description link to Stadium Edge3 encapsulation frame-relay clock rate 64000 no shutdown
frame-relay intf-type dce frame-relay route 101 interface serial0/0 100 line console 0 password cisco login line vty 0 4 password cisco login
S1 Switch Config (2960 Cisco IOS 12.2)

hostname S1 ! enable secret class ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id spanning-tree vlan 1 priority 4096 ! vlan internal allocation policy ascending ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 switchport access vlan 11 switchport mode access ! interface FastEthernet0/4 switchport access vlan 11 switchport mode access ! interface FastEthernet0/5 switchport access vlan 11 switchport mode access ! interface FastEthernet0/6 switchport access vlan 11 switchport mode access ! interface FastEthernet0/7 switchport access vlan 11 switchport mode access ! interface FastEthernet0/8 switchport access vlan 11 switchport mode access ! interface FastEthernet0/9 switchport access vlan 11 switchport mode access ! interface FastEthernet0/10 switchport access vlan 11 switchport mode access !
interface FastEthernet0/11 switchport access vlan 11 switchport mode access ! interface FastEthernet0/12 switchport access vlan 12 switchport mode access ! interface FastEthernet0/13 switchport access vlan 12 switchport mode access ! interface FastEthernet0/14 switchport access vlan 12 switchport mode access ! interface FastEthernet0/15 switchport access vlan 12 switchport mode access ! interface FastEthernet0/16 switchport access vlan 12 switchport mode access ! interface FastEthernet0/17 switchport access vlan 12 switchport mode access ! interface FastEthernet0/18 switchport access vlan 12 switchport mode access ! interface FastEthernet0/19 switchport access vlan 12 switchport mode access ! interface FastEthernet0/20 switchport access vlan 12 switchport mode access ! interface FastEthernet0/21 switchport access vlan 12 switchport mode access ! interface FastEthernet0/22 switchport access vlan 12 switchport mode access ! interface FastEthernet0/23 switchport access vlan 12 switchport mode access ! interface FastEthernet0/24 switchport access vlan 12 switchport mode access ! interface Vlan1 ip address 172.21.1.194 255.255.255.240
no ip route-cache no shutdown ! ip default-gateway 172.21.1.193 ip http server ! vlan 11 name Dept11 vlan 12 name Dept12 exit ! vtp domain Team-A vtp mode server vtp password cisco ! banner motd ^Unauthorized use prohibited^ ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
S2 Switch Config (2960 Cisco IOS 12.2)

hostname S2 ! enable secret class ! no ip domain-lookup ! ! interface FastEthernet0/2 switchport mode trunk ! interface FastEthernet0/3 switchport access vlan 11 switchport mode access ! interface FastEthernet0/4 switchport access vlan 11 switchport mode access ! interface FastEthernet0/5 switchport access vlan 11 switchport mode access ! interface FastEthernet0/6 switchport access vlan 11 switchport mode access !
interface FastEthernet0/7 switchport access vlan 11 switchport mode access ! interface FastEthernet0/8 switchport access vlan 11 switchport mode access ! interface FastEthernet0/9 switchport access vlan 11 switchport mode access ! interface FastEthernet0/10 switchport access vlan 11 switchport mode access ! interface FastEthernet0/11 switchport access vlan 11 switchport mode access ! interface FastEthernet0/12 switchport access vlan 12 switchport mode access ! interface FastEthernet0/13 switchport access vlan 12 switchport mode access ! interface FastEthernet0/14 switchport access vlan 12 switchport mode access ! interface FastEthernet0/15 switchport access vlan 12 switchport mode access ! interface FastEthernet0/16 switchport access vlan 12 switchport mode access ! interface FastEthernet0/17 switchport access vlan 12 switchport mode access ! interface FastEthernet0/18 switchport access vlan 12 switchport mode access ! interface FastEthernet0/19 switchport access vlan 12 switchport mode access ! interface FastEthernet0/20 switchport access vlan 12 switchport mode access ! interface FastEthernet0/21 switchport access vlan 12
switchport mode access ! interface FastEthernet0/22 switchport access vlan 12 switchport mode access ! interface FastEthernet0/23 switchport access vlan 12 switchport mode access ! interface FastEthernet0/24 switchport access vlan 12 switchport mode access ! interface Vlan1 ip address 172.21.1.195 255.255.255.240 no ip route-cache no shutdown ! ip default-gateway 172.21.1.193 ip http server ! vtp domain Team-A vtp mode client vtp password cisco ! banner motd ^Unauthorized use prohibited^ ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
Page 30 of 30

D4 SBA Student Ans Key

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

D4 SBA Student Ans Key

Загружено:

Авторское право:

Доступные форматы

CCNA Discovery Designing and Supporting Computer Networks

Skills-Based Assessment Academy Student Answer Key

Device running-configs are provided at end of this document.

Skills-Based Assessment Part 1 [44 points]

Step 2: Document the assigned network IP addressing.

Number of Users / IPs N/A N/A 195 12 53 105 2 367

ISP (preconfigured) SP-FR (preconfigured) S1 S2 S3 (optional) H1 H2 Discovery Server

Step 5: Create a network installation checklist.

Devices BR2 BR2

BR2 Edge3 Edge3 Edge3

Devices BR2 Edge3

Check Your Work with the Instructor Before Going on to Part 2

Skills-Based Assessment Part 2 [56 points]

Part 1 of the exam must be completed before starting Part 2.

Task 1: Build the Network and Connect the Cables

Step 2: Review the expected test results.

ping IP address telnet IP address ping IP address ping IP address

Step 3: Record the results and conclusions.

Step 2: Review the expected test results.

Step 3: Record the results and conclusions.

Task 4: Configure and Perform Test 3 Backup Link Configuration

Step 2: Review the expected test results.

ping IP address tracert URL or IP address

Step 3: Record the results and conclusions.

Task 5: Configure and Perform Test 4 ACL Filtering

Step 2: Review the expected test results.

Step 3: Record the results and conclusions.

Appendix A Test Plan

Model 1841 router

none none none

V.35 crossover cable none none

Windows, Mac, or Linux operating system n/a n/a n/a

Design and Topology Diagram

Test 1 Basic Connectivity and VLAN Configuration

Expected Results and Success Criteria

Results and Conclusions ___________________________________________________________________________ ___________________________________________________________________________ ___________________________________________________________________________

Test 2 Frame Relay and EIGRP Configuration

Expected Results and Success Criteria

Results and Conclusions

Test 3 Backup Link Configuration

Expected Results and Success Criteria

Results and Conclusions

Test 4 ACL Filtering Test

Expected Results and Success Criteria

Results and Conclusions

Appendix B Test Device Configs

BR2 Router Config (1841 Cisco IOS 12.4)

Edge3 Router Config (1841 Cisco IOS 12.4)

ISP Router Config (1841 Cisco IOS 12.4)

SP-FR Router Config (2620XM Cisco IOS 12.2)

S1 Switch Config (2960 Cisco IOS 12.2)

S2 Switch Config (2960 Cisco IOS 12.2)

Вам также может понравиться

Results and Conclusions _____________________________________ _ _______________________________________