Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Cisco 2

    Загружено:

    Laze Serafimov
    557 просмотров16 страниц
    Cisco Exercise

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    DOCX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Cisco Exercise

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    557 просмотров16 страниц

    Cisco 2

    Загружено:

    Laze Serafimov
    Cisco Exercise

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате DOCX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 16

    4.2.

    You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet. So all you have to do are: (Config via console of each router.) 1. Enable and set IP address on LAN interface of each router to be the first assignable IP of each subnet. 2. Enable serial interface on each router and set IP address on each interface as: - s0/0/0 on Ranet-BR: first IP of 98.83.165.72/30 - s0/0/0 on Ranet-HQ: last IP of 98.83.165.72/30 - s0/1/0 on Ranet-HQ: last IP of 52.9.236.20/30 all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side. 3. Set RIPv2 as routing protocol on each router to let Host1 connect to Host2. 4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server (55.8.92.3) in the internet. <<Answer for LAB 4-2: RIP>> [On Ranet HQ (via console)] : (Go to Desktop Tab > Terminal) Ranet-HQ>en Ranet-HQ#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-HQ(config)#int fa0/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-HQ(config-if)#ip add 98.83.165.65 255.255.255.248 Ranet-HQ(config-if)#int s0/0/0 Ranet-HQ(config-if)#no sh

    %LINK-5-CHANGED: Interface Serial0/0/0, changed state to down Ranet-HQ(config-if)#ip add 98.83.165.74 255.255.255.252 Ranet-HQ(config-if)#int s0/1/0 Ranet-HQ(config-if)#no sh Ranet-HQ(config-if)# %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)#ip add 52.9.236.22 255.255.255.252 Ranet-HQ(config-if)#exit Ranet-HQ(config)#router rip Ranet-HQ(config-router)#version 2 Ranet-HQ(config-router)#network 98.0.0.0 Ranet-HQ(config-router)#no auto-summary Ranet-HQ(config-router)#exit Ranet-HQ(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0 Ranet-HQ(config)# Ranet-HQ# %SYS-5-CONFIG_I: Configured from console by console Ranet-HQ#sh ip protocol Routing Protocol is "rip" Sending updates every 30 seconds, next due in 21 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 2, receive 2 Interface Send Recv Triggered RIP Keychain FastEthernet0/0 2 2 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 98.0.0.0 Passive Interface(s): Routing Information Sources: Gateway Distance Last Update Distance: (default is 120) Ranet-HQ#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-HQ#

    [On Ranet BR (via console)] : (Go to Desktop Tab > Terminal) Ranet-BR>en Ranet-BR#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-BR(config)#int fa0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-BR(config-if)#ip add 98.83.165.81 255.255.255.240 Ranet-BR(config-if)#int s0/0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#clock rate 64000 Ranet-BR(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#ip add 98.83.165.73 255.255.255.252 Ranet-BR(config-if)#exit Ranet-BR(config)#router rip Ranet-BR(config-router)#version 2 Ranet-BR(config-router)#network 98.0.0.0 Ranet-BR(config-router)#no au Ranet-BR(config-router)#no auto-summary Ranet-BR(config-router)#exit Ranet-BR(config)#ip route 0.0.0.0 0.0.0.0 se0/0/0 Ranet-BR(config)# Ranet-BR# %SYS-5-CONFIG_I: Configured from console by console Ranet-BR#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - ISIS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

    Gateway of last resort is 0.0.0.0 to network 0.0.0.0 98.0.0.0/8 is variably subnetted, 3 subnets, 3 masks R 98.83.165.64/29 [120/1] via 98.83.165.74, 00:00:27, Serial0/0/0 C 98.83.165.72/30 is directly connected, Serial0/0/0 C 98.83.165.80/28 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 is directly connected, Serial0/0/0 Ranet-BR#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-BR# [On Host1] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 98.83.165.82 Pinging 98.83.165.82 with 32 bytes of data: Request timed out. Reply from 98.83.165.82: bytes=32 time=12ms TTL=126 Reply from 98.83.165.82: bytes=32 time=14ms TTL=126 Reply from 98.83.165.82: bytes=32 time=6ms TTL=126 Ping statistics for 98.83.165.82: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 6ms, Maximum = 14ms, Average = 10ms PC>ping 55.8.92.3 Pinging 55.8.92.3 with 32 bytes of data: Request timed out. Reply from 55.8.92.3: bytes=32 time=15ms TTL=126 Reply from 55.8.92.3: bytes=32 time=10ms TTL=126 Reply from 55.8.92.3: bytes=32 time=14ms TTL=126 Ping statistics for 55.8.92.3: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 10ms, Maximum = 15ms, Average = 13ms

    PC> [On Host2] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 98.83.165.70 Pinging 98.83.165.70 with 32 bytes of data: Reply from 98.83.165.70: bytes=32 time=13ms TTL=126 Reply from 98.83.165.70: bytes=32 time=10ms TTL=126 Reply from 98.83.165.70: bytes=32 time=11ms TTL=126 Reply from 98.83.165.70: bytes=32 time=11ms TTL=126 Ping statistics for 98.83.165.70: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 10ms, Maximum = 13ms, Average = 11ms PC>ping 55.8.92.3 Pinging 55.8.92.3 with 32 bytes of data: Reply from 55.8.92.3: bytes=32 time=18ms TTL=125 Reply from 55.8.92.3: bytes=32 time=20ms TTL=125 Reply from 55.8.92.3: bytes=32 time=21ms TTL=125 Reply from 55.8.92.3: bytes=32 time=12ms TTL=125 Ping statistics for 55.8.92.3: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 21ms, Average = 17ms PC> 4.3. You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet. So all you have to do are: (Config via console of each router.) 1. Enable and set IP address on LAN interface of each

    router to be the last assignable IP of each subnet. 2. Enable serial interface on each router and set IP address on each interface as: - s0/0/0 on Ranet-BR: last IP of 128.0.6.156/30 - s0/0/0 on Ranet-HQ: first IP of 128.0.6.156/30 - s0/1/0 on Ranet-HQ: last IP of 128.0.6.92/30 all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side. 3. Set OSPF as routing protocol on each router to let Host1 connect to Host2 in the condition that: - Use Process ID: 1 for Ranet-HQ and Process ID: 100 for Ranet-BR - Set RouterID of Ranet-HQ to be 1.1.0.1, and set to be 1.1.1.1 for Ranet-BR 4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server (203.87.129.95) in the internet. <<Answer for LAB 4-3: OSPF>> [On Ranet HQ (via console)] : (Go to Desktop Tab > Terminal) Ranet-HQ>en Ranet-HQ#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-HQ(config)#int fa0/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-HQ(config-if)#ip add 128.0.6.142 255.255.255.240 Ranet-HQ(config-if)#int s0/0/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to down Ranet-HQ(config-if)#ip add 128.0.6.157 255.255.255.252 Ranet-HQ(config-if)#int s0/1/0

    Ranet-HQ(config-if)#no sh Ranet-HQ(config-if)# %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)#ip add 128.0.6.94 255.255.255.252 Ranet-HQ(config-if)#exit Ranet-HQ(config)#int loopback 0 %LINK-5-CHANGED: Interface Loopback0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up Ranet-HQ(config-if)#ip add 1.1.0.1 255.255.255.0 Ranet-HQ(config-if)#exit Ranet-HQ(config)#router ospf 1 Ranet-HQ(config-router)#network 128.0.6.128 0.0.0.15 area 0 Ranet-HQ(config-router)#network 128.0.6.156 0.0.0.3 area 0 Ranet-HQ(config-router)#exit Ranet-HQ(config)#ip route 0.0.0.0 0.0.0.0 se0/1/0 Ranet-HQ(config)# Ranet-HQ# %SYS-5-CONFIG_I: Configured from console by console Ranet-HQ#sh ip protocol Routing Protocol is "ospf 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 1.1.0.1 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 128.0.6.128 0.0.0.15 area 0 128.0.6.156 0.0.0.3 area 0 Routing Information Sources: Gateway Distance Last Update Distance: (default is 110) Ranet-HQ#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-HQ#

    [On Ranet BR (via console)] : (Go to Desktop Tab > Terminal) Ranet-BR>en Ranet-BR#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-BR(config)#int fa0/0 Ranet-BR(config-if)#no sh Ranet-BR(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-BR(config-if)#ip add 128.0.6.150 255.255.255.248 Ranet-BR(config-if)#int s0/0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#clock rate 64000 Ranet-BR(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#ip add 128.0.6.158 255.255.255.252 Ranet-BR(config-if)#exit Ranet-BR(config)#int loopback 0 %LINK-5-CHANGED: Interface Loopback0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up Ranet-BR(config-if)#ip add 1.1.1.1 255.255.255.0 Ranet-BR(config-if)#exit Ranet-BR(config)#router ospf 100 Ranet-BR(config-router)#network 128.0.6.144 0.0.0.7 area 0 Ranet-BR(config-router)#network 128.0.6.156 0.0.0.3 area 0 Ranet-BR(config-router)# 00:06:09: %OSPF-5-ADJCHG: Process 100, Nbr 1.1.0.1 on Serial0/0/0 from LOADING to FULL, Loading Done Ranet-BR(config-router)#exit Ranet-BR(config)#ip route 0.0.0.0 0.0.0.0 se0/0/0 Ranet-BR(config)# Ranet-BR# %SYS-5-CONFIG_I: Configured from console by console Ranet-BR#sh ip protocol

    Routing Protocol is "ospf 100" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 1.1.1.1 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks: 128.0.6.144 0.0.0.7 area 0 128.0.6.156 0.0.0.3 area 0 Routing Information Sources: Gateway Distance Last Update 128.0.6.157 110 00:00:20 Distance: (default is 110) Ranet-BR#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - ISIS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 0.0.0.0 to network 0.0.0.0 1.0.0.0/24 is subnetted, 1 subnets 1.1.1.0 is directly connected, Loopback0 128.0.0.0/16 is variably subnetted, 3 subnets, 3 masks O 128.0.6.128/28 [110/782] via 128.0.6.157, 00:00:29, Serial0/0/0 C 128.0.6.144/29 is directly connected, FastEthernet0/0 C 128.0.6.156/30 is directly connected, Serial0/0/0 S* 0.0.0.0/0 is directly connected, Serial0/0/0 Ranet-BR#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-BR# C [On Host1] : (Go to Desktop Tab > Command Prompt)

    Packet Tracer PC Command Line 1.0 PC>ping 128.0.6.148 Pinging 128.0.6.148 with 32 bytes of data: Request timed out. Reply from 128.0.6.148: bytes=32 time=11ms TTL=126 Reply from 128.0.6.148: bytes=32 time=12ms TTL=126 Reply from 128.0.6.148: bytes=32 time=8ms TTL=126 Ping statistics for 128.0.6.148: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 8ms, Maximum = 12ms, Average = 10ms PC>ping 203.87.129.95 Pinging 203.87.129.95 with 32 bytes of data: Request timed out. Reply from 203.87.129.95: bytes=32 time=10ms TTL=126 Reply from 203.87.129.95: bytes=32 time=8ms TTL=126 Reply from 203.87.129.95: bytes=32 time=10ms TTL=126 Ping statistics for 203.87.129.95: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 8ms, Maximum = 10ms, Average = 9ms PC> [On Host2] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 128.0.6.130 Pinging 128.0.6.130 with 32 bytes of data: Reply from 128.0.6.130: bytes=32 time=17ms TTL=126 Reply from 128.0.6.130: bytes=32 time=14ms TTL=126

    Reply from 128.0.6.130: bytes=32 time=12ms TTL=126 Reply from 128.0.6.130: bytes=32 time=12ms TTL=126 Ping statistics for 128.0.6.130: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 17ms, Average = 13ms PC>ping 203.87.129.95 Pinging 203.87.129.95 with 32 bytes of data: Reply from 203.87.129.95: bytes=32 time=24ms TTL=125 Reply from 203.87.129.95: bytes=32 time=16ms TTL=125 Reply from 203.87.129.95: bytes=32 time=17ms TTL=125 Reply from 203.87.129.95: bytes=32 time=12ms TTL=125 Ping statistics for 203.87.129.95: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 24ms, Average = 17ms PC> 4.4You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet. So all you have to do are: (Config via console of each router.) 1. Enable and set IP address on LAN interface of each router to be the last assignable IP of each subnet. 2. Enable serial interface on each router and set IP address on each interface as: - s0/0/0 on Ranet-BR: last IP of 5.88.192.56/29 - s0/0/0 on Ranet-HQ: first IP of 5.88.192.56/29 - s0/1/0 on Ranet-HQ: last IP of 5.88.192.224/30 all serial interface use HDLC as encapsulation protocol

    and do not forget to set clock rate at 64 kbps on Ranet-BR side. 3. Set EIGRP as routing protocol on each router to let Host1 connect to Host2 in the condition that: - Use AS no.10110 - Not permit EIGRP on interface that is not within Ranet Network. 4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server (177.87.0.39) in the internet. <<Answer for LAB 4-4: EIGRP>> [On Ranet HQ (via console)] : (Go to Desktop Tab > Terminal) Ranet-HQ>en Ranet-HQ#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-HQ(config)#int fa0/0 Ranet-HQ(config-if)#no sh

    %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up RanetHQ(config-if)#ip add 5.88.192.54 255.255.255.248 Ranet-HQ(config-if)#int s0/0/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to down Ranet-HQ(config-if)#ip add 5.88.192.57 255.255.255.248 Ranet-HQ(config-if)#int s0/0/0 Ranet-HQ(config-if)#int s0/1/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)#ip add 5.88.192.226 255.255.255.252 Ranet-HQ(config-if)#exit Ranet-HQ(config)#router eigrp 10110

    Ranet-HQ(config-router)#network 5.88.192.48 0.0.0.7 Ranet-HQ(config-router)#network 5.88.192.56 0.0.0.7 Ranet-HQ(config-router)#no auto-summary Ranet-HQ(config-router)#exit Ranet-HQ(config)#ip route 0.0.0.0 0.0.0.0 se0/1/0 Ranet-HQ(config)# Ranet-HQ# %SYS-5-CONFIG_I: Configured from console by console Ranet-HQ#sh ip protocol Routing Protocol is "eigrp 10110 " Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 1 Redistributing: eigrp 10110 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 5.88.192.48/29 5.88.192.56/29 Routing Information Sources: Gateway Distance Last Update Distance: internal 90 external 170 Ranet-HQ#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-HQ# [On Ranet BR (via console)] : (Go to Desktop Tab > Terminal) Ranet-BR>en Ranet-BR#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-BR(config)#int fa0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

    Ranet-BR(config-if)#ip add 5.88.192.46 255.255.255.240 Ranet-BR(config-if)#int s0/0/0 Ranet-BR(config-if)#no sh Ranet-BR(config-if)# %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#clock rate 64000 Ranet-BR(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#ip add 5.88.192.62 255.255.255.248 Ranet-BR(config-if)#exit Ranet-BR(config)#router eigrp 10110 Ranet-BR(config-router)#network 5.88.192.32 0.0.0.15 Ranet-BR(config-router)#network 5.88.192.56 0.0.0.3 Ranet-BR(config-router)# %DUAL-5-NBRCHANGE: IP-EIGRP 10110: Neighbor 5.88.192.57 (Serial0/0/0) is up: new adjacency Ranet-BR(config-router)#no auto-summary Ranet-BR(config-router)# %DUAL-5-NBRCHANGE: IP-EIGRP 10110: Neighbor 5.88.192.57 (Serial0/0/0) is up: new adjacency Ranet-BR(config-router)#exit Ranet-BR(config)#ip route 0.0.0.0 0.0.0.0 se0/0/0 Ranet-BR(config)# Ranet-BR# %SYS-5-CONFIG_I: Configured from console by console Ranet-BR#sh ip protocol Routing Protocol is "eigrp 10110 " Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum hopcount 100 EIGRP maximum metric variance 1 Redistributing: eigrp 10110 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 5.88.192.32/28 5.88.192.56/30 Routing Information Sources: Gateway Distance Last Update

    5.88.192.57 90 497401 Distance: internal 90 external 170 Ranet-BR#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - ISIS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 0.0.0.0 to network 0.0.0.0 5.0.0.0/8 is variably subnetted, 3 subnets, 2 masks C 5.88.192.32/28 is directly connected, FastEthernet0/0 D 5.88.192.48/29 [90/20514560] via 5.88.192.57, 00:00:53, Serial0/0/0 C 5.88.192.56/29 is directly connected, Serial0/0/0 S* 0.0.0.0/0 is directly connected, Serial0/0/0 Ranet-BR#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-BR# [On Host1] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 5.88.192.40 Pinging 5.88.192.40 with 32 bytes of data: Request timed out. Reply from 5.88.192.40: bytes=32 time=10ms TTL=126 Reply from 5.88.192.40: bytes=32 time=15ms TTL=126 Reply from 5.88.192.40: bytes=32 time=17ms TTL=126 Ping statistics for 5.88.192.40: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 10ms, Maximum = 17ms, Average = 14ms

    PC>ping 177.87.0.39 Pinging 177.87.0.39 with 32 bytes of data: Request timed out. Reply from 177.87.0.39: bytes=32 time=14ms TTL=126 Reply from 177.87.0.39: bytes=32 time=12ms TTL=126 Reply from 177.87.0.39: bytes=32 time=23ms TTL=126 Ping statistics for 177.87.0.39: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 23ms, Average = 16ms PC> [On Host2] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 5.88.192.32 Pinging 5.88.192.32 with 32 bytes of data: Reply from 5.88.192.46: bytes=32 time=5ms TTL=255 Reply from 5.88.192.46: bytes=32 time=2ms TTL=255 Reply from 5.88.192.46: bytes=32 time=22ms TTL=255 Reply from 5.88.192.46: bytes=32 time=4ms TTL=255 Ping statistics for 5.88.192.46: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 22ms, Maximum = 23ms, Average = 22ms PC>ping 177.87.0.39 Pinging 177.87.0.39 with 32 bytes of data: Reply from 177.87.0.39: bytes=32 time=22ms TTL=125 Reply from 177.87.0.39: bytes=32 time=23ms TTL=125

    Reply from 177.87.0.39: bytes=32 time=23ms TTL=125 Reply from 177.87.0.39: bytes=32 time=22ms TTL=125 Ping statistics for 177.87.0.39: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 22ms, Maximum = 23ms, Average = 22ms PC> 4.5. You are the network administrator at Ranet, and would like to enable Port-Security on the access ports of Ranet-SW to prevent the use of another switch connected that let multiple hosts connect through the same port at the same time, and to prevent the unauthorized host connect via some port. So all you have to do are: (Config via Console) 1. Enable Port-Security on all access ports (except Gig1/1, Gig1/2), and set parameter to allow only 1 MAC Address per port and the action when violation happened is shutdown port. 2. On port Fa0/1, now there is the authorized host connected (Host1), set the allow MAC Address on this port by "SecureSticky" method. 3. On port Fa0/3, now there is the unauthorized host connected (Rogue3), set the allow MAC Address to be 0030.F295.15C6. If everything is correct, you will see ports Fa0/2 and Fa0/3 change status to down (err-disabled) when there is the attempt to connect from unauthorized hosts, and Host1 will not be able to connect with the unauthorized hosts (192.168.0.58 - 192.168.0.60) <<Answer for LAB 4-5: Port Security>>

    Ranet-SW(config-if-range)#switchport port-security Ranet-SW(config-if-range)#switchport port-security maximum 1 Ranet-SW(config-if-range)#switchport port-security violation shutdown Ranet-SW(config-if-range)#int fa0/1 Ranet-SW(config-if)#switchport port-security macaddress sticky Ranet-SW(config-if)#int fa0/3 Ranet-SW(config-if)#switchport port-security macaddress 0030.F295.15C6 Ranet-SW(config-if)# %SYS-5-CONFIG_I: Configured from console by consoleRanet-SW# Ranet-SW#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-SW# [On Host1] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>ping 192.168.0.60 Pinging 192.168.0.60 with 32 bytes of data: Reply from 192.168.0.60: bytes=32 time=44ms TTL=128 Reply from 192.168.0.60: bytes=32 time=4ms TTL=128 Reply from 192.168.0.60: bytes=32 time=5ms TTL=128 Reply from 192.168.0.60: bytes=32 time=4ms TTL=128 Ping statistics for 192.168.0.60: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 4ms, Maximum = 44ms, Average = 14ms PC>ping 192.168.0.59

    [On Ranet SW (via console)] : (Go to Desktop Tab > Terminal) Ranet-SW>en Ranet-SW#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-SW(config)#int ran fa0/1 -24 Ranet-SW(config-if-range)#switchport mode access

    Pinging 192.168.0.59 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out.

    Ping statistics for 192.168.0.59: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC>ping 192.168.0.58 Pinging 192.168.0.58 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.0.58: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC> (Now you should see port Fa0/2 changed status to down due to sender MAC addresses exceed maximum, port Fa0/3 changed status to down due to incorrect sender MAC address.) [On Ranet SW (via console)] : (Go to Desktop Tab > Terminal) %LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/3, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down Ranet-SW#sh port-security address Secure Mac Address Table -----------------------------------------------------------------------------Vlan Mac Address Type Ports Remaining Age (mins) ----------- -------------------1 0030.F214.8793 SecureSticky FastEthernet0/1 1 0030.F295.15C6 SecureConfigured FastEthernet0/3 ----------------------------------------------------------------------------Total Addresses in System (excluding one mac per port) : 0 ----

    Max Addresses limit in System (excluding one mac per port) : 1024 Ranet-SW#sh int fa0/2 FastEthernet0/2 is down, line protocol is down (errdisabled) <Output is omitted> Ranet-SW#sh int fa0/3 FastEthernet0/3 is down, line protocol is down (errdisabled) 4.6. You are the network administrator at Ranet, and have to config router Ranet-HQ to connect its LAN to Branch network and Internet, and to config Access-List to control traffic as below: (via its console) 1. Enable and set IP address on LAN interface to be the first assignable IP of this subnet. 2. Enable and set IP address on each serial interface to be the last assignable IP of its own subnet. 3. Set RIPv2 to be the router protocol on this router to exchange route with Ranet-BR 4. Set default route to allow the connection with internet. 5. Set access-list to prevent the connection from hosts in LAN as: - allow only Admin-Host to telnet to Ranet-CoreSW (password: ranetpass) - Not permit only User-Host1 to connect to any site in the internet. - Any traffic beside these should be allow. Remark: Use ACL no.100 only!, and use as short as possible to gain %Completion <<Answer for LAB 4-6: AccessList>> [On Ranet HQ (via console)] : (Go to Desktop Tab > Terminal) Ranet-HQ>en Ranet-HQ#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-HQ(config)#int fa0/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up RanetHQ(config-if)#ip add 172.22.3.33 255.255.255.224 Ranet-HQ(config-if)#int s0/0/0

    Ranet-HQ(config-if)#no sh Ranet-HQ(config-if)# %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-HQ(config-if)#ip add 172.22.3.98 255.255.255.252 Ranet-HQ(config-if)#int s0/1/0 Ranet-HQ(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up Ranet-HQ(config-if)#ip add 203.144.7.254 255.255.255.252 Ranet-HQ(config-if)#exit Ranet-HQ(config)#router rip Ranet-HQ(config-router)#version 2 Ranet-HQ(config-router)#network 172.22.0.0 Ranet-HQ(config-router)#no auto-summary Ranet-HQ(config-router)#exit Ranet-HQ(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0 Ranet-HQ(config)#access-list 100 deny tcp 172.22.3.52 0.0.0.3 host 172.22.3.90 eq 23 Ranet-HQ(config)#access-list 100 deny tcp host 172.22.3.53 any eq 80 Ranet-HQ(config)#access-list 100 permit ip any any Ranet-HQ(config)#int fa0/0 Ranet-HQ(config-if)#ip access-group 100 in Ranet-HQ(config-if)# Ranet-HQ# %SYS-5-CONFIG_I: Configured from console by console Ranet-HQ#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-HQ# [On Admin-Host] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>telnet 172.22.3.90 Trying 172.22.3.90 ...Open

    Password: ranetpass Ranet-CoreSW> (Go to Desktop Tab > Web Browser) URL: http://www.ranet.co.th Output: Ranet Co.,Ltd - Welcome to Ranet Co.,Ltd. [On User-Host1] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>telnet 172.22.3.90 % Connection timed out; remote host not responding PC>ping 172.22.3.90 Pinging 172.22.3.90 with 32 bytes of data: Reply from 172.22.3.90: bytes=32 time=14ms TTL=253 Reply from 172.22.3.90: bytes=32 time=12ms TTL=253 Reply from 172.22.3.90: bytes=32 time=14ms TTL=253 Reply from 172.22.3.90: bytes=32 time=16ms TTL=253 Ping statistics for 172.22.3.90: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 16ms, Average = 14ms PC> (Go to Desktop Tab > Web Browser) URL: www.ranet.co.th Output: Request Timeout [On User-Host2] : (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 PC>telnet 172.22.3.90 Trying 172.22.3.90 ... % Connection timed out; remote host not responding PC>ping 172.22.3.90 Pinging 172.22.3.90 with 32 bytes of data: Reply from 172.22.3.90: bytes=32 time=18ms TTL=253 Reply from 172.22.3.90: bytes=32 time=14ms TTL=253

    User Access Verification

    Reply from 172.22.3.90: bytes=32 time=17ms TTL=253 Reply from 172.22.3.90: bytes=32 time=13ms TTL=253 Ping statistics for 172.22.3.90: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 13ms, Maximum = 18ms, Average = 15ms PC> (Go to Desktop Tab > Web Browser) URL: http://www.ranet.co.th Output: Ranet Co.,Ltd - Welcome to Ranet Co.,Ltd. 4.7. You are the network administrator at Ranet, and have to config the Ranet-GW router via Console Terminal to let hosts in our LAN that have IP address: 192.168.0.193 192.168.0.206 can connect to the internet. Your ISP has given global IP for 6 IP as 25.5.5.65 25.5.5.70. Remark: 1. Use ACL no.1 for Local IP list. 2. Use pool name "Ranet" for Global IP list. <<Answer for LAB 4-7: NAT>> [On Ranet GW (via console)] : (Go to Desktop Tab > Terminal) Ranet-GW>en Ranet-GW#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-GW(config)#int fa0/0 Ranet-GW(config-if)#ip nat inside Ranet-GW(config-if)#int s0/0/0 Ranet-GW(config-if)#ip nat outside Ranet-GW(config-if)#exit Ranet-GW(config)#access-list 1 permit 192.168.0.192 0.0.0.15 Ranet-GW(config)#ip nat pool Ranet 25.5.5.65 25.5.5.70 netmask 255.255.255.248 Ranet-GW(config)#ip nat inside source list 1 pool Ranet overload Ranet-GW(config)# Ranet-GW#

    %SYS-5-CONFIG_I: Configured from console by console Ranet-GW#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-GW# [On Ranet-Host] : (Go to Desktop Tab > Web Browser) URL: www.ranet.co.th Output: Ranet Co.,Ltd. - Welcome to Ranet Website. [On Ranet GW (via console)] : (Go to Desktop Tab > Terminal) Ranet-GW#sh ip nat translations Pro Inside global Inside local Outside local Outside global udp 25.5.5.65:1025 192.168.0.200:1025 21.5.6.7:53 21.5.6.7:53 tcp 25.5.5.65:1025 192.168.0.200:1025 21.5.8.7:80 21.5.8.7:80 Ranet-GW# You are the Network Administrator at Ranet Branch Office, and have to newly configure the Ranet-Br router to let your own host connect to the internet and connect to the hosts in Headquarter (192.168.0.0/24) via Site-to-Site IPsec VPN as below: (configure via console terminal for Ranet-BR router) 1. Enable LAN interface on Ranet-BR and set IP address to be the first assignable IP of 192.168.1.0/28 network. 2. Enable WAN interface on Ranet-BR and set IP address to be the last assignable IP of 202.170.100.28/30 network. 3. Set IP address on Host-BR to be the last assignable IP of 192.169.1.0/28 network, and set IP of Gateway and DNS server (202.170.100.54) also. 4. Config the route and NAT on Ranet-BR to let the Hosts in LAN connect to the internet (do not forget to exclude the VPN traffic). (for NAT, use access-list no.100 and pool name "Ranet" that contain the global IP received from ISP as 202.170.100.9 - 202.170.100.14) 5. Config the Site-to-Site IPsec VPN by using the properties as below: - For IKE phase I:- Policy Priority 101; Encryption Alg. AES; Hash Alg. Secure HAsh standard; Authen method. Pre-Shared Key; DiffieHellman

    group #5 and lifetime at 86,400 sec. Use "ranetvpnpass" as key. Please note that IP address of WAN interface of Ranet-HQ is 202.170.100.130. - For IKE phase II: Use Transform-set name "Ranet" and ESP transform using AES-128 bit with HMAC-SHA as authentication Alg. - Use crypto map name "Site-to-Site" with sequence no.101 and access-list no.101 to be the VPN traffic. If everthing is correct, Host-BR should be able to open website www.ranet.co.th, and test ping with Server-HQ 192.168.0.7 in Headquarter network.

    <<Answer for LAB 4-7: NAT>> [On Ranet BR (via console)] : (Go to Desktop Tab > Terminal) Ranet-BR>en Ranet-BR#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-BR(config)#int fa0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up Ranet-BR(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-BR(config-if)#ip add 192.168.1.1 255.255.255.240 Ranet-BR(config-if)#ip nat inside Ranet-BR(config-if)#int s0/0/0 Ranet-BR(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up Ranet-BR(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-BR(config-if)#ip add 202.170.100.30 255.255.255.252 Ranet-BR(config-if)#ip nat outside Ranet-BR(config-if)#exit Ranet-BR(config)#ip route 0.0.0.0 0.0.0.0 s0/0/0 Ranet-BR(config)#access-list 100 deny ip 192.168.1.0 0.0.0.15 192.168.0.0 0.0.0.255 Ranet-BR(config)#access-list 100 permit ip 192.168.1.0 0.0.0.15 any Ranet-BR(config)#ip nat pool Ranet 202.170.100.9 202.170.100.14 netmask 255.255.255.248

    Ranet-BR(config)#ip nat inside source list 100 pool Ranet overload Ranet-BR(config)#crypto isakmp policy 101 Ranet-BR(config-isakmp)#encryption aes 128 Ranet-BR(config-isakmp)#hash sha Ranet-BR(config-isakmp)#authentication pre-share Ranet-BR(config-isakmp)#group 5 Ranet-BR(config-isakmp)#lifetime 86400 Ranet-BR(config-isakmp)#exit Ranet-BR(config)#crypto isakmp key ranetvpnpass address 202.170.100.130 Ranet-BR(config)#access-list 101 permit ip 192.168.1.0 0.0.0.15 192.168.0.0 0.0.0.255 Ranet-BR(config)#crypto ipsec transform-set Ranet esp-aes esp-sha-hmac Ranet-BR(config)#crypto map Site-to-Site 101 ipsecisakmp % NOTE: This new crypto map will remain disabled until a peer and a valid access list have been configured. Ranet-BR(config-crypto-map)#set peer 202.170.100.130 Ranet-BR(config-crypto-map)#set transform-set Ranet Ranet-BR(config-crypto-map)#match address 101 Ranet-BR(config-crypto-map)#exit Ranet-BR(config)#int s0/0/0 Ranet-BR(config-if)#crypto map Site-to-Site *Jan 3 07:16:26.785: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON Ranet-BR(config-if)#end Ranet-BR# %SYS-5-CONFIG_I: Configured from console by console Ranet-BR#sh crypto isakmp policy Global IKE policy Protection suite of priority 101 encryption algorithm: AES - Advanced Encryption Standard (128 bit keys). hash algorithm: Secure Hash Standard authentication method: Pre-Shared Key Diffie-Hellman group: #5 (1536 bit) lifetime: 86400 seconds, no volume limit Default protection suite encryption algorithm: DES - Data Encryption Standard (56 bit keys). hash algorithm: Secure Hash Standard authentication method: Rivest-Shamir-Adleman Signature Diffie-Hellman group: #1 (768 bit) lifetime: 86400 seconds, no volume limit Ranet-BR#sh crypto ipsec sa

    PC>ping 192.168.0.7 interface: Serial0/0/0 Crypto map tag: Site-to-Site, local addr 202.170.100.30 protected vrf: (none) local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.240/0/0) remote ident (addr/mask/prot/port): (192.168.0.0/255.255.255.0/0/0) current_peer 202.170.100.130 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0 #send errors 0, #recv errors 0 local crypto endpt.: 202.170.100.30, remote crypto endpt.:202.170.100.130 path mtu 1500, ip mtu 1500, ip mtu idb Serial0/0/0 current outbound spi: 0x0(0) inbound esp sas: inbound ah sas: inbound pcp sas: outbound esp sas: outbound ah sas: outbound pcp sas: Ranet-BR#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-BR# [On Ranet-Host] : (Go to Desktop Tab > IP Configuration) IP Address: 192.168.1.14 Subnet Mask 255.255.255.240 Default Gateway: 192.168.1.1 DNS Server: 202.170.100.54 (Go to Desktop Tab > Command Prompt) Packet Tracer PC Command Line 1.0 Pinging 192.168.0.7 with 32 bytes of data: Request timed out. Request timed out. Reply from 192.168.0.7: bytes=32 time=32ms TTL=126 Reply from 192.168.0.7: bytes=32 time=31ms TTL=126 Ping statistics for 192.168.0.7: Packets: Sent = 4, Received = 2, Lost = 2 (50% loss), Approximate round trip times in milli-seconds: Minimum = 31ms, Maximum = 32ms, Average = 31ms PC> (Go to Desktop Tab > Web Browser) URL: www.ranet.co.th Output: RANET Co.,Ltd. - Ranet Co.,Ltd. We make iT easy! :) [On Ranet BR (via console)] : (Go to Desktop Tab > Terminal) Ranet-BR#sh ip nat translations Pro Inside global Inside local Outside local Outside global udp 202.170.100.9:1025 192.168.1.14:1025 202.170.100.54:53 202.170.100.54:53 tcp 202.170.100.9:1025 192.168.1.14:1025 202.170.100.70:80 202.170.100.70:80 Ranet-BR#sh crypto ipsec sa interface: Serial0/0/0 Crypto map tag: Site-to-Site, local addr 202.170.100.30 protected vrf: (none) local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.240/0/0) remote ident (addr/mask/prot/port): (192.168.0.0/255.255.255.0/0/0) current_peer 202.170.100.130 port 500 PERMIT, flags={origin_is_acl,} #pkts encaps: 3, #pkts encrypt: 3, #pkts digest: 0 #pkts decaps: 2, #pkts decrypt: 2, #pkts verify: 0 #pkts compressed: 0, #pkts decompressed: 0 #pkts not compressed: 0, #pkts compr. failed: 0 #pkts not decompressed: 0, #pkts decompress failed: 0

    #send errors 1, #recv errors 0 local crypto endpt.: 202.170.100.30, remote crypto endpt.:202.170.100.130 path mtu 1500, ip mtu 1500, ip mtu idb Serial0/0/0 current outbound spi: 0x593A3356(1496986454) inbound esp sas: spi: 0x17D06856(399534166) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2004, flow_id: FPGA:1, crypto map: Site-to-Site sa timing: remaining key lifetime (k/sec): (4525504/3502) IV size: 16 bytes replay detection support: N Status: ACTIVE inbound ah sas: inbound pcp sas: outbound esp sas: spi: 0x593A3356(1496986454) transform: esp-aes esp-sha-hmac , in use settings ={Tunnel, } conn id: 2005, flow_id: FPGA:1, crypto map: Site-to-Site sa timing: remaining key lifetime (k/sec): (4525504/3502) IV size: 16 bytes replay detection support: N Status: ACTIVE outbound ah sas: outbound pcp sas: Ranet-BR# 4.9. You are the network administrator at Ranet, and have to configure the router Ranet-GW to connect between LAN and Internet, and to do as DHCP server for LAN as below: (via Console) 1. Enable and set IP address on LAN interface to be the first IP of the subnet 10.0.0.128/28 2. Enable and set IP address on serial interface to be the last IP of the subnet 77.8.210.0/30 3. Set the default route to let the connection

    out to the internet. 4. Configure to let this router translate between the addresses in this LAN and the addresses ISP gave us (19.5.39.129 - 19.5.39.130) Remark: use ACL no.1 and pool named "Ranet" only! 5. Configure to let this router do as DHCP server for the hosts in LAN. You have to supply all information that is necessary for hosts to connect to the internet, and do not forget to exclude addresses of the gateway and the switch. Remark: use pool named "Ranet" also! If everything is correct, all hosts have to be able to open website http://www.ranet.co.th <<Answer for LAB 4-9: DHCP>> [On Ranet GW (via console)] : (Go to Desktop Tab > Terminal) Ranet-GW>en Ranet-GW#conf t Enter configuration commands, one per line. End with CNTL/Z. Ranet-GW(config)#int fa0/0 Ranet-GW(config-if)#no sh Ranet-GW(config-if)# %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up Ranet-GW(config-if)#ip add 10.0.0.129 255.255.255.240 Ranet-GW(config-if)#int s0/0/0 Ranet-GW(config-if)#no sh %LINK-5-CHANGED: Interface Serial0/0/0, changed state to up Ranet-GW(config-if)# %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up Ranet-GW(config-if)#ip add 77.8.210.2 255.255.255.252 Ranet-GW(config-if)#exit Ranet-GW(config)#ip route 0.0.0.0 0.0.0.0 se0/0/0 Ranet-GW(config)#int fa0/0 Ranet-GW(config-if)#ip nat inside Ranet-GW(config-if)#int se0/0/0 Ranet-GW(config-if)#ip nat outside Ranet-GW(config-if)#exit

    Ranet-GW(config)#access-list 1 permit 10.0.0.128 0.0.0.15 Ranet-GW(config)#ip nat pool Ranet 19.5.39.129 19.5.39.130 ne Ranet-GW(config)#ip nat pool Ranet 19.5.39.129 19.5.39.130 netmask 255.255.255.252 Ranet-GW(config)#ip nat inside source list 1 pool Ranet overload Ranet-GW(config)#ip dhcp pool Ranet Ranet-GW(dhcp-config)#network 10.0.0.128 255.255.255.240 Ranet-GW(dhcp-config)#default-router 10.0.0.129 Ranet-GW(dhcp-config)#dns-server 77.8.209.5 Ranet-GW(dhcp-config)#exit Ranet-GW(config)#ip dhcp excluded-address 10.0.0.129 10.0.0.130 Ranet-GW(config)# Ranet-GW# %SYS-5-CONFIG_I: Configured from console by console Ranet-GW#copy run start Destination filename [startup-config]? Building configuration... [OK] Ranet-GW# [On Host1, Host2, Host3] : (Go to Desktop Tab > IP Configuration) <If host is not received address properly, try to refresh by switch between Static-DHCP> (Go to Desktop Tab > Web Browser) URL: www.ranet.co.th Output: Ranet Co.,Ltd. - Welcome to Ranet Co,,Ltd. Congratulations! you have finished this LAB.

    Вам также может понравиться