Check Point 1-4

I.
Global Configuration
1. Assign the appropriate names to each of the devices based on the Layer 2 diagram
Router>enable
Router#conf t
Router(config)#hostname R1_ISP
2. Disable the DNS lookup feature on all devices
R1_ISP(config)#no ip domain-lookup
3. Assign "s" as the secret password
R1_ISP(config)#enable secret s
4. Direct the Cisco IOS to encrypt any passwords stored in clear-text.
R1_ISP(config)#service password-encryption
Console Port
1. Enter line console configuration mode
R1_ISP(config)#line console 0
2. Configure the console port on all devices to log input synchronously
R1_ISP(config-line)#logging synchronous
3. Set the password to "c"
R1_ISP(config-line)#password c
4. Configure idling timeout to No timeout

R1_ISP(config-line)#exec-timeout ?
<0-35791> Timeout in minutes
R1_ISP(config-line)#exec-timeout 0 ?
<0-2147483> Timeout in seconds
<cr>
R1_ISP(config-line)#exec-timeout 0 0
VTY Ports
1. Allow 5 concurrent sessions of remote access to all devices. /Allow 5 telnet sessions at one
time.
R1_ISP(config-line)#exit
R1_ISP(config)#line vty 0 4
2. Configure the vty ports to log input synchronously
R1_ISP(config-line)#logging synchronous
3. Set the password to "v"
R1_ISP(config-line)#password v
4. Configure idling timeout to 40 minutes 20 seconds
R1_ISP(config-line)#exec-timeout 40 20
R1_ISP(config-line)#end
Verify and Save Configs
1. Verify the previous steps using proper "show" command

R1_ISP#show run
2. Save the configuration on R1
R1_ISP#copy running-config startup-config
II.
VTP Configuration
1. Configure RSW1 to VTP Server mode.
RSW1#configure terminal
RSW1(config)#vtp mode server
2. Configure RSW2 and RSW3 to VTP Client mode.
RSW2#conf t
RSW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
RSW3#conf t
RSW3(config)#vtp mode client
Setting device to VTP CLIENT mode.
3. Configure examA for the vtp domain name and passA as the vtp password on all switches.
RSW1(config)#vtp domain examA
Changing VTP domain name from NULL to examA
RSW1(config)#vtp password passA
Setting device VLAN database password to passA
RSW1(config)#exit
RSW2(config)#vtp dom examA

RSW2(config)#vtp pass passA
RSW2(config)#exit
RSW3(config)#vtp dom examA
RSW3(config)#vtp pass passA
RSW3(config)#exit
4. Verify previous steps using proper "show" commands.
RSW1#show vtp status
RSW1#sh vtp password
RSW2#show vtp status
RSW2#sh vtp password
RSW3#sh vtp status
RSW3#sh vtp pass

VLAN Trunking
1. Shutdown the following ports:

1. RSW1 Fa1/1
2. RSW2 Fa1/11-12
3. RSW3 Fa1/11-12
RSW1#conf t
RSW1(config)#int f1/1
RSW1(config-if)#shutdown
RSW1(config-if)#end
RSW2#conf t
RSW2(config)#int range f1/11 12
RSW2(config-if-range)#shutdown
RSW2(config-if-range)#end
RSW3#conf t
RSW3(config-if-range)#shut
2. Verify prior step using the proper "show" command.
RSW1#show ip interface brief

3. Configure VLAN trunking using 802.1q on the following ports:
0. RSW1 Fa1/3, Fa1/9-10, Fa1/13-14
1. RSW2 Fa1/9-10
2. RSW3 Fa1/13-14
RSW1#conf t
RSW1(config)#interface range f1/3 , f1/9 10 , f1/13 14
RSW1(config-if-range)#switchport trunk encapsulation dot1q
RSW1(config-if-range)#switchport mode trunk
RSW2#conf t
RSW3#conf t
4. Verify prior step using the proper "show" commands.
RSW1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa1/3 on 802.1q trunking 1
<output omitted>
<output omitted>
<output omitted>
III.
VLAN Configuration
1. Create VLANs according to the Layer 2/3 Diagram

2. Name some of the VLANs as follows
1. VLAN 5 = SalesDept
2. VLAN15 = WebServers
3. VLAN25 = FTPServers
RSW1#conf t
RSW1(config)#vlan 5
RSW1(config-vlan)#name SalesDept
RSW1(config-vlan)#vlan 15
RSW1(config-vlan)#name WebServers
RSW1(config-vlan)#vlan 25
RSW1(config-vlan)#name FTPServers
RSW1(config-vlan)#vlan 10,20,30,35,40,45,50,55
RSW1(config-vlan)#end
RSW1#sh vlan-switch
3. Assign VLANs to appropriate switch ports according to the Physical Diagram and Layer 2/3
Diagram
RSW3#conf t
RSW3(config-if)#switchport mode access
RSW3(config-if)#switchport access vlan 40
RSW3(config-if)#end
RSW1#conf t
RSW1(config-if)#switch mode access
RSW1(config-if)#switch access vlan 10

RSW1(config-if)#int f1/3
RSW1(config-if)#switch trunk encap dot1q
RSW1(config-if)#switch mode trunk
RSW1(config-if)#end
(the f1/3 configuration above should have been configured in the

Checkpoint 2 lab,
but it doesn't hurt to re-enter it)
RSW2#conf t
RSW2(config-if)#switchport mode access
RSW2(config-if)#switchport access vlan 45
RSW2(config-if)#end
4. Verify VLAN and port assignments
RSW1#sh vlan-s
RSW2#sh vlan-s
RSW3#sh vlan-s
5. Assign IPv4 addresses for each FastEthernet interface, Switch Virtual Interface (SVI) and
loopback.
Verification
6. Ensure the appropriate devices can ping.
Spanning Tree
7. Configure portfast on the following edge ports

1. RSW1 Fa1/2
2. RSW2 Fa1/2
3. RSW3 Fa1/3
RSW1#conf t
RSW1(config-if)#spanning-tree portfast
RSW1(config-if)#end
%Warning: portfast should only be enabled on ports connected to a single

host.
Connecting hubs, concentrators, switches, bridges, and other devices

connecting to
this interface when portfast is enabled, can cause temporary spanning tree
loops.
Use with CAUTION
%Portfast has been configured on FastEthernet1/2 but will only
have effect when the interface is in a non-trunking mode.
RSW2#conf t
RSW2(config-if)#span portfast
RSW2(config-if)#end

host.

connecting to
loops.
Use with CAUTION
RSW3#conf t
RSW3(config-if)#span portf
RSW3(config-if)#end

host.

connecting to
loops.
Use with CAUTION
8. Use the show spanning-tree interface <interface> command at Privilege EXEC mode to verify that the
ports are in the portfast mode.
RSW1#show spanning-tree interface f1/2
Port 43 (FastEthernet1/2) of VLAN10 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.43.
Designated root has priority 32768, address c298.7929.0004
Designated bridge has priority 32768, address c298.7929.0004
Designated port id is 128.43, designated path cost 0

Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
BPDU: sent 98, received 0
The port is in the portfast mode
RSW2#show span int f1/2
Designated bridge has priority 32768, address c299.0ab4.0009
RSW3#show span int f1/3
Designated bridge has priority 32768, address c29a.0aaa.0008

IV.
LAN Interface Configuration
1. Assign IPv4 addresses for each FastEthernet interface, Switch Virtual Interface (SVI) and
loopbacks.
On R2_Gateway
R2_Gateway#conf t
R2_Gateway(config)#int f1/0
R2_Gateway(config-if)#ip add 10.1.1.2 255.255.255.0
R2_Gateway(config-if)#no shut
R2_Gateway(config-if)#int f3/0
R2_Gateway(config-if)#end
R2_Gateway#show ip int brief
On R3_DMZ
R3_DMZ#conf t
R3_DMZ(config)#int loopback 1
R3_DMZ(config-if)#ip add 3.3.3.33 255.255.255.255

R3_DMZ(config-if)#int loop2
R3_DMZ(config-if)#int lo3
R3_DMZ(config-if)#int lo4
Let's try this out on R3's F1/0 interface and sub-interfaces. First, bring up the main interface,
F1/0.
R3_DMZ(config-if)#int f1/0
R3_DMZ(config-if)#no shut
Next, create the subinterface f1/0.30
R3_DMZ config-if)#int f1/0.30
R3_DMZ(config-subif)#encapsulation dot1q 30
R3_DMZ(config-subif)#ip add 30.1.1.3 255.255.255.0
Next, create the subinterface f1/0.2
R3_DMZ(config-subif)#int f1/0.20
R3_DMZ(config-subif)#encap dot 20
R3_DMZ(config-subif)#ip add 20.1.1.3 255.255.255.0
Navigate to the configuration mode for R3s F3/0 interface
R3_DMZ(config-subif)#int f3/0
R3_DMZ(config-if)#no shut
R3_DMZ(config-if)#end
R3_DMZ#show ip int brief
on RSW1
RSW1#conf t
RSW1(config)#int vlan 5
RSW1(config-if)#ip add 5.1.1.11 255.255.255.0
RSW1(config-if)#int vlan 10
RSW1(config-if)#end
RSW1#sh ip int br
Continue with RSW2.
RSW2#conf t
RSW2(config-if)#end
RSW2#sh ip int br
Interface IP-Address OK? Method Status Protocol
<output omitted for brevity>
Vlan1 unassigned YES NVRAM up up
Vlan30 30.1.1.12 YES manual up up

On to RSW3.
RSW3#conf t
RSW3(config-if)#end
RSW3#sh ip int br
Interface IP-Address OK? Method Status Protocol
<output omitted for brevity>
Vlan1 unassigned YES NVRAM up up
Vlan40 40.1.1.13 YES unset up up
2. Ensure the appropriate devices can ping.
RSW1#ping 20.1.1.3
RSW1#ping 10.1.1.2
R2_Gateway#ping 45.1.1.12
RSW2#ping 30.1.1.3
R3_DMZ#ping 40.1.1.13
Frame-Relay
1. Enable frame encapsulation on serial 0/0 of R1 and R2
R2_Gateway#conf t
R2_Gateway(config)#int s0/0
R2_Gateway(config-if)#encapsulation frame-relay
2. Configure point-to-point network (Frame-Relay point-to-point subinterfaces)

between R1 and R2
R2_Gateway(config-if)#int s0/0.1 p
R2_Gateway(config-subif)#ip add 12.1.1.2 255.255.255.252
R2_Gateway(config-subif)#frame-relay interface-dlci 201
R2_Gateway(config-fr-dlci)#end
3. Enable frame encapsulation on the main interface of serial 0/0 on R2 and bring the interface up.
R2_Gateway#conf t
R2_Gateway(config)#int s0/0
R2_Gateway(config-if)#encapsulation frame-relay
4. Configure point-to-point network (Frame-Relay point-to-point subinterface) on R2 and assign

the appropriate IP address and DLCI number for the interface.
R2_Gateway(config-if)#int s0/0.1 p
R2_Gateway(config-subif)#ip add 12.1.1.2 255.255.255.252
R2_Gateway(config-subif)#frame-relay interface-dlci 201
R2_Gateway(config-fr-dlci)#end
5. Verify connectivity.
R1_ISP#ping 12.1.1.2
!!!!!
!!!!!
Point-to-Point Protocol (PPP)
1. Enable PPP encapsulation on serial 0/2 of R1 and R2
R1_ISP#conf t
R1_ISP(config)#interface serial 0/2
R1_ISP(config-if)#encapsulation ppp
2. Assign IP addresses for each PPP encapsulated interface.
R1_ISP(config-if)#ip add 21.1.2.1 255.255.255.252
3. Enable PPP authentication using Challenge-Handshake Authentication Protocol (CHAP)
R1_ISP(config-if)#ppp authentication chap
4. Bring up the serial 0/2 interface on R1 and R2.
R1_ISP(config-if)#no shut
R1_ISP(config-if)#exit
5. Configure username and password for authentication on R1 and R2. Use LWP as the password.
R1_ISP(config)#username R2_Gateway password LWP

R1_ISP(config)#end
On R2
Enable Point-to-Point Protocol encapsulation on serial 0/2 of R2.
R2_Gateway#conf t
R2_Gateway(config)#interface serial 0/2
R2_Gateway(config-if)#encapsulation ppp
Assign IP addresse for R2s PPP encapsulated interface.
Enable PPP authentication using Challenge-Handshake Authentication Protocol (CHAP)
R2_Gateway(config-if)#ppp authentication chap
Bring up the serial 0/2 interface.
R2_Gateway(config-if)#exit
Configure username and password for authentication on R2. Use LWP as the password.
R2_Gateway(config)#username R1_ISP password LWP
R2_Gateway(config)#end
6. Verify connectivity
R1_ISP#ping 21.1.2.2
!!!!!
!!!!!
V.

Check Point 1-4

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Check Point 1-4

Загружено:

Авторское право:

Доступные форматы

I.

2. Disable the DNS lookup feature on all devices

3. Assign "s" as the secret password

4. Direct the Cisco IOS to encrypt any passwords stored in clear-text.

1. Enter line console configuration mode

2. Configure the console port on all devices to log input synchronously

3. Set the password to "c"

4. Configure idling timeout to No timeout

<0-35791> Timeout in minutes

<0-2147483> Timeout in seconds

2. Configure the vty ports to log input synchronously

3. Set the password to "v"

4. Configure idling timeout to 40 minutes 20 seconds

Verify and Save Configs

1. Verify the previous steps using proper "show" command

2. Save the configuration on R1

R1_ISP#copy running-config startup-config

1. Configure RSW1 to VTP Server mode.

RSW1(config)#vtp mode server

2. Configure RSW2 and RSW3 to VTP Client mode.

RSW2(config)#vtp mode client

Setting device to VTP CLIENT mode.

RSW3(config)#vtp mode client

Setting device to VTP CLIENT mode.

RSW1(config)#vtp domain examA

Changing VTP domain name from NULL to examA

RSW1(config)#vtp password passA

Setting device VLAN database password to passA

RSW2(config)#vtp dom examA

RSW2(config)#vtp pass passA

Setting device VLAN database password to passA

RSW3(config)#vtp dom examA

Changing VTP domain name from NULL to examA

RSW3(config)#vtp pass passA

Setting device VLAN database password to passA

4. Verify previous steps using proper "show" commands.

RSW1#show vtp status

RSW1#sh vtp password

RSW2#show vtp status

RSW2#sh vtp password

RSW3#sh vtp status

RSW3#sh vtp pass

1. Shutdown the following ports:

RSW2(config)#int range f1/11 12

RSW3(config)#int range f1/11 12

2. Verify prior step using the proper "show" command.

RSW1#show ip interface brief

RSW2#show ip interface brief

RSW3#show ip interface brief

RSW1(config)#interface range f1/3 , f1/9 10 , f1/13 14

RSW1(config-if-range)#switchport trunk encapsulation dot1q

RSW1(config-if-range)#switchport mode trunk

RSW2(config)#int range f1/9 10

RSW2(config-if-range)#switchport trunk encapsulation dot1q

RSW2(config-if-range)#switchport mode trunk

RSW3(config)#int range f1/13 14

RSW3(config-if-range)#switchport trunk encapsulation dot1q

RSW3(config-if-range)#switchport mode trunk

RSW1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa1/3 on 802.1q trunking 1

Fa1/9 on 802.1q trunking 1