Вы находитесь на странице: 1из 3

DRSEnt OSPF/ACL PT Practice SBA

DRSEnt OSPF/ACL PT Practice SBA


A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any exam windows during the exam. 2. Do not close Packet Tracer when you are done. It will close automatically. 3. Click the Submit Assessment button to submit your work.

Introduction
In this practice Packet Tracer Skills Exam, you will do as follows: finish the configuration of a partially configured network establish connectivity within the enterprise and to the Internet implement access control lists based on a set of security policies

Addressing Table
Device Interface Fa0/0 S0/0/0 Main S0/1/0 S0/0/1 Lo0 Fa0/0 Fa0/1 Admin S0/0/0 Lo0 Fa0/0 Fa0/1 BldgA S0/0/0 Lo0 Teacher Student Staff XYZ Uni Server NIC NIC NIC NIC 10.10.10.253 192.168.1.2 10.10.10.4 10.10.10.5 10.10.10.190 10.10.10.200 192.31.7.53 255.255.255.252 255.255.255.255 255.255.255.128 255.255.255.128 255.255.255.192 255.255.255.224 n/a n/a 10.10.10.1 10.10.10.1 10.10.10.129 10.10.10.193 10.10.10.250 192.168.1.1 10.10.10.1 10.10.10.238 255.255.255.252 255.255.255.255 255.255.255.128 255.255.255.240 n/a n/a n/a n/a Address 10.10.10.193 10.10.10.249 10.10.10.253 198.133.219.18 192.168.1.3 10.10.10.129 10.10.10.225 Subnet Mask 255.255.255.224 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.255 255.255.255.192 255.255.255.240 Default Gateway n/a n/a n/a n/a n/a n/a n/a

NOTE: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

Step 1: Configure the Device Basics.


Use the IP addresses in the Addressing Table and your subnetting skills to determine the missing IP addresses according to the following guidelines: a. Configure Fa0/1 interface on BldgA with the highest (last) host IP address in the subnet. b. Configure Staff with the highest (last) host IP address in the subnet c. Verify connectivity.

Step 2: Configure OSPF.


a. Use the following requirements to configure OSPF on Main, Admin, and BldgA. Use the process ID 5. Advertise each subnet individually in area 0 with its corresponding wildcard mask. (Main should not advertise the link to the Internet.) Verify OSPF convergence.

b. Configure OSPF authentication on the links between BldgA and Admin, Admin and Main, and Main and BldgA. Encrypt the updates using MD5 authentication. Authentication should be enabled for the entire area 0. On the appropriate interfaces, use a key ID of 10 and the password xyzunipass. Verify OSPF convergence.

c. Modify the OSPF configuration. Modify both sides of the link between Main and BldgA to reflect the actual bandwidth of 768 Kb/s. Change the priority on Admin so that it is the preferred DR for the LAN it shares with BldgA.

d. Propagate a default route in the OSPF updates. Configure a default route on Main and point it to the Internet. Use the outbound interface argument. Configure OSPF to advertise the default route to neighbors.

e. Verify connectivity.

Step 3: Configure Access Control Lists.


a. Filter inbound traffic from the Internet. Configure and apply a single ACL numbered 150 on the correct router that will implement the following policy in order: Allow only HTTP access to the XYZ Uni Server at its public address 192.31.7.53. Allow all established TCP connections. Allow all ICMP replies and unreachable messages.

b. Verify that the policy is successfully implemented. c. Filter traffic from the BldgA LAN. Configure and apply on the router a single ACL numbered 175 that will limit network traffic and will implement the following policy: Hosts from the LAN connected to the Fa0/0 interface of BldgA are blocked from accessing hosts on the Admin Staff LAN. All other traffic is allowed anywhere.

d. Verify that the policy is successfully implemented.

Step 4: Verify Connectivity.

Using tools such as ping and show commands, verify connectivity in the network.