Upload
jaack89
View
12
Download
5
Embed Size (px)
DESCRIPTION
EWAN Student Lab Skills Based Assessme
Citation preview
Procedural Lab Template, Student Version, Required Components
CCNA ExplorationAccessing the WAN: Skills Based Assessment
Student Skills Based Assessment Answer Key
CCNA Exploration: Accessing the WAN Student Skills Based Assessment Lab (Answer Key)Topology Diagram
Addressing Table
DeviceInterfaceIP AddressSubnet MaskDefault Gateway
R1Fa0/110.0.0.1255.255.255.128N/A
S0/0/0172.16.0.1255.255.255.252N/A
S0/0/1172.16.0.9255.255.255.252N/A
R2Lo0209.165.200.161255.255.255.224N/A
S0/0/0172.16.0.2255.255.255.252N/A
S0/0/1172.16.0.5255.255.255.252N/A
R3Fa0/110.0.0.129255.255.255.128N/A
S0/0/0172.16.0.10255.255.255.252N/A
S0/0/1172.16.0.6255.255.255.252N/A
PC1NIC10.0.0.10255.255.255.12810.0.0.1
PC3NIC10.0.0.139255.255.255.12810.0.0.129
Learning ObjectivesTo complete this lab: Cable a network according to the topology diagram
Erase the startup configuration and reload a router to the default state Perform basic configuration tasks on a router Configure and activate interfaces Configure and activate serial interfaces (PPP with CHAP, HDLC, and Frame Relay)
Configure RIP on all the routers
Configure basic router security
Configure ACLs
Configure basic NATScenarioThis lab tests you on the skills and knowledge that you learned in Exploration 4. Use cisco for all passwords in this lab, except for the enable secret password, which is class.
Task 1: Prepare the Network
Step 1: Cable a network that is similar to the one in the topology diagram.
Step 2: Clear any existing configurations on the routers.
Task 2: Perform Basic Device Configurations
Configure the R1, R2, and R3 routers according to the following guidelines:
Configure the router hostname.
Disable DNS lookup.
Configure an EXEC mode password.
Configure a message-of-the-day banner.
Configure a password for console connections. Configure synchronous logging. Configure a password for vty connections.enableconfigure terminalno ip domain-lookupenable secret classbanner motd ^CUnauthorized access strictly prohibited and prosecuted to the full extent of the law^C!!line con 0 exec-timeout 0 0 logging synchronous password cisco login!line vty 0 4password ciscologinendcopy running-config starting-config
Task 3: Configure and Activate Serial and Ethernet Addresses
Step 1: Configure interfaces on R1, R2, and R3.R1:
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.128 no shutdown!
interface Serial0/0/0
ip address 172.16.0.1 255.255.255.252
clockrate 125000
no shutdown!
interface Serial0/0/1
ip address 172.16.0.9 255.255.255.252
no shutdown
!
R2:
interface Loopback0
ip address 209.165.200.161 255.255.255.224
!
interface Serial0/0/0
ip address 172.16.0.2 255.255.255.252
no shutdown!
interface Serial0/0/1
ip address 172.16.0.5 255.255.255.252
clockrate 125000 no shutdown!R3:
interface FastEthernet0/1
ip address 10.0.0.129 255.255.255.128
no shutdown!
interface Serial0/0/0
ip address 172.16.0.10 255.255.255.252
clockrate 125000
no shutdown
!
interface Serial0/0/1
ip address 172.16.0.6 255.255.255.252
no shutdown!
Step 2: Verify IP addressing and interfaces.R1:
R1#show ip interface briefInterface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 10.0.0.1 YES manual up up
Serial0/0/0 172.16.0.1 YES manual up up
Serial0/0/1 172.16.0.9 YES manual up up
Serial0/1/0 unassigned YES unset administratively down down
Serial0/1/1 unassigned YES unset administratively down down
R2:
R2#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
Serial0/0/0 172.16.0.2 YES manual up up
Serial0/0/1 172.16.0.5 YES manual up up
Serial0/1/0 unassigned YES unset administratively down down
Serial0/1/1 unassigned YES unset administratively down down
Loopback0 209.165.200.161 YES manual up upR3:
R3#show ip interface briefInterface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 10.0.0.129 YES manual up up
Serial0/0/0 172.16.0.10 YES manual up up
Serial0/0/1 172.16.0.6 YES manual up up
Step 3: Configure the PC1 and PC3 Ethernet interfaces.Step 4: Test connectivity between the PCs and routers.Task 4: Configure Serial Interfaces
Step 1: Configure and verify PPP encapsulation with CHAP authentication between R1 and R2. The password is cisco.R1:
username R2 password cisco!interface Serial0/0/0
encapsulation ppp
ppp authentication chap
!R2:
username R1 password 0 cisco
interface Serial0/0/0
encapsulation ppp
ppp authentication chap
!R1:
R1#show interfaces S0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.1/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Listen: CDPCP
Open: IPCP, loopback not set
Keepalive set (10 sec)
R2:
R2#show interfaces S0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.2/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, loopback not set
Keepalive set (10 sec)
Step 2: Configure and verify HDLC encapsulation between R2 and R3.
!no extra configuration is needed, The default encapsulation is HDLC
R2:
R2#show interfaces S0/0/1Serial0/0/1 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.5/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
R3:
R3#show interfaces S0/0/1
Serial0/0/1 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.6/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Step 3: Configure Frame Relay between R1 and R3.
R1:
interface Serial0/0/1
encapsulation frame-relay
frame-relay map ip 172.16.0.9 103
frame-relay map ip 172.16.0.10 103 broadcast!
R3:
frame-relay switching
interface Serial0/0/0
encapsulation frame-relay
clockrate 125000
frame-relay map ip 172.16.0.9 103 broadcast
frame-relay map ip 172.16.0.10 103
frame-relay intf-type dce
!
R1:
R1#show interfaces S0/0/1Serial0/0/1 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.9/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation FRAME-RELAY, loopback not set
Keepalive set (10 sec)
!
R3:
R3#show interfaces S0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Internet address is 172.16.0.10/30
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation FRAME-RELAY, loopback not set
Keepalive set (10 sec)
!Task 5: Configure RIP
Step 1: Configure RIP on R1, R2, and R3.
RIP updates should only be sent on the serial links between the routers. Prevent all other RIP updates on all networks.R1:
router rip
version 2
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 10.0.0.0
network 172.16.0.0
no auto-summary!
R2:
router rip
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 172.16.0.0
network 209.165.200.0
no auto-summary!
R3:
router rip
version 2
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 10.0.0.0
network 172.16.0.0
no auto-summary!Step 2: Test connectivity with the ping command.
R1:
R1#ping 10.0.0.10Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
R1#ping 10.0.0.129Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R1#ping 10.0.0.139
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R1#ping 172.16.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R1#ping 172.16.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/22/24 ms
R1#ping 172.16.0.6Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R1#ping 172.16.0.10Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 msR2:
R2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R2#ping 10.0.0.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R2#ping 10.0.0.129Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R2#ping 10.0.0.139
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R2#ping 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R2#ping 172.16.0.6Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
R2#ping 172.16.0.9Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
R2#ping 172.16.0.10Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 msR3:
R3#ping 10.0.0.1Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R3#ping 10.0.0.10Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R3#ping 10.0.0.139
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.139, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
R3#ping 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
R3#ping 172.16.0.2Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms
R3#ping 172.16.0.5Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
R3#ping 172.16.0.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Step 3: Verify the routing table with the appropriate command.
R1:
R1#show ip route Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.0.8/30 is directly connected, Serial0/0/1
R 172.16.0.4/30 [120/1] via 172.16.0.10, 00:00:08, Serial0/0/1
C 172.16.0.0/30 is directly connected, Serial0/0/0
C 172.16.0.2/32 is directly connected, Serial0/0/0
10.0.0.0/25 is subnetted, 2 subnets
C 10.0.0.0 is directly connected, FastEthernet0/1
R 10.0.0.128 [120/1] via 172.16.0.10, 00:00:08, Serial0/0/1R2:
R2#show ip route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
R 172.16.0.8/30 [120/1] via 172.16.0.6, 00:00:27, Serial0/0/1
[120/1] via 172.16.0.1, 00:00:25, Serial0/0/0
C 172.16.0.4/30 is directly connected, Serial0/0/1
C 172.16.0.0/30 is directly connected, Serial0/0/0
C 172.16.0.1/32 is directly connected, Serial0/0/0
209.165.200.0/27 is subnetted, 1 subnets
C 209.165.200.160 is directly connected, Loopback0
10.0.0.0/25 is subnetted, 2 subnets
R 10.0.0.0 [120/1] via 172.16.0.1, 00:00:25, Serial0/0/0
R 10.0.0.128 [120/1] via 172.16.0.6, 00:00:27, Serial0/0/1R3:
R3#show ip route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.0.8/30 is directly connected, Serial0/0/0
C 172.16.0.4/30 is directly connected, Serial0/0/1
R 172.16.0.0/30 [120/1] via 172.16.0.9, 00:00:03, Serial0/0/0
R 172.16.0.2/32 [120/1] via 172.16.0.9, 00:00:03, Serial0/0/0
10.0.0.0/25 is subnetted, 2 subnets
R 10.0.0.0 [120/1] via 172.16.0.9, 00:00:03, Serial0/0/0
C 10.0.0.128 is directly connected, FastEthernet0/1
Task 6: Configure Basic Router Security
Step 1: Enable a secure Telnet login using a local database on R2.
aaa new-model
!
aaa authentication login Auth_Local local
!
line con 0 login authentication Auth_Local
logging synchronous
line vty 0 4
login authentication Auth_Local
Step 2: Disable unused services and interfaces on R2.
no service padno service finger
no service tcp-small-server
no service udp-small-server
no ip http serverno ip bootp server
no ip finger
no ip source-route
no ip gratuitous-arpsinterface FastEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast shutdown
!
interface FastEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast shutdown
!
interface Serial0/0/0
no ip redirects
no ip unreachables
no ip proxy-arp
no ip directed-broadcast!
interface Serial0/0/1
no ip redirects
no ip unreachables
no ip proxy-arp
no ip directed-broadcast!Step 3: Confirm that R2 is secured.
R1#telnet 172.16.0.2
Trying 172.16.0.2 ... Open
User Access Verification
Username: R1
Password: cisco% Authentication failed
Username: R1
Password: cisco
R2#Task 7: Configure Access Control Lists
Step 1: Allow telnet to R1 and R3 from R2 only.R1:
ip access-list standard telnet
permit 172.16.0.5
permit 172.16.0.1
permit 172.16.0.2
! line vty 0 4
access-class telnet in
!
R3:
ip access-list standard telnet
permit 172.16.0.5
permit 172.16.0.1
permit 172.16.0.2
! line vty 0 4
access-class telnet in
!Step 2: Do not allow HTTP, Telnet, and FTP traffic from the Internet to PC1.
!Students should recognize that an extended access list is needed and that it should be placed on the Internet facing interface.
R2:
ip access-list extended PC1-in
deny tcp any host 10.0.0.10 eq ftp
deny tcp any host 10.0.0.10 eq ftp-data
deny tcp any host 10.0.0.10 eq telnet
deny tcp any host 10.0.0.10 eq www
permit ip any any
!interface Loopback0
ip access-group PC1-in in
!
Step 3: Do not allow PC1 to receive traffic from the 10.0.0.128 /25 network.R1:
ip access-list extended pc3-out
deny ip 10.0.0.128 0.0.0.127 any
permit ip any any
!interface FastEthernet0/1
ip access-group pc3-out out!
Step 4: Verify that PC3 cannot ping PC1, but can ping 10.0.0.1.
C:\ >ping 10.0.0.10
Pinging 10.10.10.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.10.10.1:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),C:\ >ping 10.0.0.1
Pinging 10.0.0.1 with 32 bytes of data:
Reply from 10.0.0.1: bytes=32 time=1ms TTL=255
Reply from 10.0.0.1: bytes=32 time=2ms TTL=255
Reply from 10.0.0.1: bytes=32 time=1ms TTL=255
Reply from 10.0.0.1: bytes=32 time=1ms TTL=255
Ping statistics for 10.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
Task 8: Configure NAT.
Step 1: Configure NAT to allow PC3 to ping PC1.
R3:
ip nat inside source list NAT interface Serial0/0/1 overload
!
ip access-list standard NAT
permit 10.0.0.128 0.0.0.127!
interface FastEthernet0/1
ip nat inside
interface Serial0/0/0
ip nat outside
!
interface Serial0/0/1
ip nat outside
!
Step 2: Verify that PC3 can reach PC1.
C:\ >ping 10.0.0.10Pinging 10.0.0.10 with 32 bytes of data:
Reply from 10.0.0.10: bytes=32 time=1ms TTL=255
Reply from 10.0.0.10: bytes=32 time=2ms TTL=255
Reply from 10.0.0.10: bytes=32 time=1ms TTL=255
Reply from 10.0.0.10: bytes=32 time=1ms TTL=255
Ping statistics for 10.0.0.10:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
Task 9: Document the Router ConfigurationsR1:
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret class!
ip cef
!
no ip domain lookup
!
username R2 password 0 cisco
!
interface FastEthernet0/0
no ip address
shutdown
!
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.128
ip access-group PC3-out out
!
interface Serial0/0/0
ip address 172.16.0.1 255.255.255.252
encapsulation ppp
clockrate 125000
ppp authentication chap
!
interface Serial0/0/1
ip address 172.16.0.9 255.255.255.252
encapsulation frame-relay
frame-relay map ip 172.16.0.9 103
frame-relay map ip 172.16.0.10 103 broadcast
!
router rip
version 2
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip access-list standard telnet
permit 172.16.0.5
permit 172.16.0.2
!
ip access-list extended pc3-out
deny ip 10.0.0.128 0.0.0.127 any
permit ip any any
!
line con 0
exec-timeout 5 0
password cisco logging synchronous
line aux 0
line vty 0 4
access-class telnet in
password cisco!
endR2:
no service pad
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret class!
aaa new-model
!
!
aaa authentication login Auth_Local local
!
aaa session-id common
!
no ip source-route
no ip gratuitous-arps
ip cef
!
no ip bootp server
no ip domain lookup
!
username R1 password 0 cisco
username ccna password 0 cisco
!
interface Loopback0
ip address 209.165.200.161 255.255.255.224
ip access-group PC1-in in
!
interface FastEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast
shutdown!
interface FastEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast
shutdown
!
interface Serial0/0/0
ip address 172.16.0.2 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast
encapsulation ppp
ppp authentication chap
!
interface Serial0/0/1
ip address 172.16.0.5 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp no ip directed-broadcast
clockrate 125000
!
router rip
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 172.16.0.0
network 209.165.200.0
no auto-summary
!
no ip http server
!
ip access-list extended PC1-in
deny tcp any host 10.0.0.10 eq ftp
deny tcp any host 10.0.0.10 eq ftp-data
deny tcp any host 10.0.0.10 eq telnet
deny tcp any host 10.0.0.10 eq www
permit ip any any
!
no cdp run
!
line con 0
exec-timeout 5 0
logging synchronous
line aux 0
line vty 0 4 exec-timeout 5 0
login authentication Auth_Local
!
endR3:
hostname R3
!
no ip domain lookup
frame-relay switching
!
interface FastEthernet0/0
no ip address
shutdown
!
interface FastEthernet0/1
ip address 10.0.0.129 255.255.255.128
ip nat inside
!
interface Serial0/0/0
ip address 172.16.0.10 255.255.255.252
ip nat outside
encapsulation frame-relay
clockrate 125000
frame-relay map ip 172.16.0.9 103 broadcast
frame-relay map ip 172.16.0.10 103
no frame-relay inverse-arp
frame-relay intf-type dce
!
interface Serial0/0/1
ip address 172.16.0.6 255.255.255.252
ip nat outside
!
router rip
version 2
passive-interface default
no passive-interface Serial0/0/0
no passive-interface Serial0/0/1
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip nat inside source list NAT interface Serial0/0/1 overload
!
ip access-list standard NAT
permit 10.0.0.128 0.0.0.127
ip access-list standard telnet
permit 172.16.0.5
permit 172.16.0.2
!
line con 0
exec-timeout 5 0
password cisco logging synchronous
line aux 0
line vty 0 4
access-class telnet in
password cisco!
end
Task 10: Clean Up
Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that are normally connected to other networks, such as the school LAN or to the Internet, reconnect the appropriate cabling and restore the TCP/IP settings.
All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.Page 1 of 18All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.Page 2 of 18