Tuesday, February 16, 2016

CCNAv2 RSE Skill Assessment PT/PKA

CCNAv2 (v5.0) Routing & Switching Essentials - Skills Assessment PT/PKA

Credits: http://www.ccna5.net/ccna-2-routing-and-switching-routing-protocols-skill-assessment-pt/1661

Routing Protocols OSPF Practice Skills Assessment – Packet Tracer

A few things to keep in mind while completing this activity:
1. Do not use the browser Back button or close or reload any exam windows during the exam.
2. Do not close Packet Tracer when you are done. It will close automatically.
3. Click the Submit Assessment button in the browser window to submit your work.
Introduction
In this practice skills assessment, you will configure the Our Town three-router network with multiarea OSPFv2. As part of this process, you will perform basic router configuration tasks, address router interfaces and hosts, and implement two ACLs.
All IOS device configurations should be completed from a direct terminal connection to the device console.
Some values that are required to complete the configurations have not been given to you. In those cases, create the values that you need to complete the requirements. These values may include certain IP addresses, passwords, interface descriptions, banner text, and other values.
You will practice and be assessed on the following skills:
Configuration of initial device settings
IPv4 address assignment
Configuration and addressing of router interfaces
Configuration of the multiarea OSPFv2 routing protocol
Configuration of a default route and a static summary route.
Configuration of ACL to limit device access
You are only required to configure the following devices. See the instructions for details.
Police:
Configuration of initial router settings
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Central:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Configuration of IPv4 route summarization
Configuration and propagation of a default route
Configuration of ACLs
Fire:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Internal PC hosts:
IPv4 full addressing
Addressing Table
Note: You are provided with the networks that interfaces should be configured on. Unless you are told to do differently in the detailed instructions below, you are free to choose the host addresses to assign.
DeviceInterfaceAddressing InformationComments
PoliceS0/0/0192.168.100.20/30any address in network
Gi0/0192.168.8.0/24first address in network
Gi0/1192.168.9.0/24first address in network
Loopback 0192.168.10.0/24first address in network
CentralS0/0/0192.168.100.20/30any address in network
S0/0/1192.168.100.36/30any address in network
S0/1/0203.0.113.16/29The first address is used by
the ISP router in the Internet cloud.
Assign any of the remaining addresses.
FireS0/0/1192.168.100.36/30any address in network
Gi0/0192.168.12.0/24first address in network
Gi0/1192.168.13.0/24first address in network
Loopback 0192.168.14.0/24first address in network
PC1NIC192.168.8.0/24any available address in network
PC2NIC192.168.9.0/24any available address in network
PC3NIC192.168.12.0/24any available address in network
PC4NIC192.168.13.0/24any available address in network
The following addresses have been preconfigured:
DeviceInterfaceAddress
Internet Cloud RouterS0/0/0203.0.113.17
CentralGi0/0192.168.200.1
Public ServerNIC209.165.200.100
NetAdmin HostNIC198.51.100.5
Outside HostNIC198.51.100.10
S3 HostNIC192.168.116.10
S6 HostNIC192.168.117.10
S5 HostNIC192.168.118.10
1779529_707396925960931_612706859_n
Instructions
Step 1: Determine the Addresses to Assign
Determine the IP addresses that you plan to use for the required interfaces on the three routers, and the four LAN hosts. Refer to the addressing table and follow the guidelines below:
  • The first IP addresses in the networks that are provided in the addressing table should be assigned to the LAN and loopback interfaces.
  • The first address in the Central subnet that is connected to the Internet has already been assigned to the ISP end of the connection in the Internet cloud.
  • Any valid host address in the networks that are provided in the addressing table can be assigned to the serial interfaces.
  • Any valid host addresses in the appropriate network can be assigned to the hosts.
Step 2: Configure Police
Configure Police with the following:
  • Configure the router with the hostname Police. Your entry must match this value exactly.
  • Prevent the router from attempting to resolve command line entries to IP addresses.
  • Protect device configurations from unauthorized access with the encrypted password.
  • Secure the router console and terminal lines.
  • Prevent all passwords from being viewed in clear text in device configuration files.
  • Configure a message-of-the-day banner.
Step 3: Configure the Router Interfaces
Configure the interfaces of all routers for full connectivity with the following:
  • Configure IP addresses.
  • Configure descriptions for all physical router interfaces.
  • Configure DCE settings where appropriate. Use a rate of 128000.
  • Use loopback 0 when required.
Step 4: Configure and Verify Host Addressing
Assign addresses to the hosts that are connected to the LAN interfaces of the Police and Fire routers.
Step 5: Configure Static and Default Routing
On Central, configure the following static routes:
  • A default route to the Internet. This route will be distributed to the other routers in the topology. Use the exit interface argument.
  • A summary route to the branch networks. Create a single summary route that will enable connectivity between the three branch networks and all other hosts within the Our Town network, and the appropriate external hosts. Use the exit interface argument.
Step 6: Configure OSPF Routing
a. On all routers:
  • Configure multiarea OSPFv2 to route between all internal networks. Use a process ID of 1.
  • Use the area numbers shown in the topology.
  • Use the correct inverse masks for all network statements.
  • Prevent routing updates from being sent to the LANs.
b. On the Central router:
  • Configure multiarea OSPFv2 to distribute the default route to Police and Fire.
Step 7: Customize Multiarea OSPFv2
Customize multiarea OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of the serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
  • Police: 1.1.1.1
  • Central: 2.2.2.2
  • Fire: 3.3.3.3
c. Configure the OSPF cost of the link between Police and Central to 7500.
Step 8: Configure OSPF MD5 Authentication on the Required Interfaces
Configure OSPF to authenticate routing updates with MD5 authentication on the OSPF interfaces.
  • Use a key value of 1.
  • Use xyz_OSPF as the password.
  • Apply MD5 authentication to the correct interfaces.
Step 9: Configure Access Control Lists
You will configure two access control lists on Central. You must use the any and host keywords in the ACL statements where required. The ACL specifications are as follows:
a. Restrict access to the vty lines on Central with a named standard ACL:
  • Create a named standard ACL using the name MANAGE. Be sure that you use this name exactly as it appears in these instructions (case and spelling).
  • Allow the NetAdmin Host to access the vty lines of Central.
  • No other Internet hosts (including Internet hosts not visible in the topology) should be able to access the vty lines of Central.
  • Your solution should consist of one ACL statement.
b. Control traffic from the Internet by creating an extended ACL:
  • Use access list number 101.
  • Allow the external NetAdmin Host full access to the Our Town network.
  • Allow hosts within the network to ping outside hosts by allowing responses to ping requests to enter the network.
  • Allow any other traffic that is in response to requests for data from the LANs. Use the any keyword.
  • All other traffic should be denied. Be sure that matches to this condition can be viewed using IOS show commands.
  • Your ACL should consist of four statements.
  • Your ACL should be placed in the most efficient location as possible to conserve network bandwidth and device processing resources.

 Shared by Gega Sxirtladze

_______HQ R2________
en
conf t
no ip domain-lookup
enable secret cisco
line con 0
logging synchronous
line console 0
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
int s0/0/0
ip addr 192.168.100.21 255.255.255.252
description HQ and Site1
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int s0/0/1
ip addr 192.168.100.37 255.255.255.252
description HQ and site2
clock rate 128000
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int s0/1/0
ip addr 203.0.113.18 255.255.255.248
description HQ and Internet
bandwidth 128
no shut
exit
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.116.0 255.255.252.0 gi0/0
router ospf 1
router-id 2.2.2.2
default-information originate
net 192.168.100.20 0.0.0.3 area 0
net 192.168.100.36 0.0.0.3 area 0
area 0 authentication message-digest
Router(config)#line vty 0 15
Router(config-line)#access-class MANAGE in
Router(config-line)#exit
Router(config)#int s0/1/0
Router(config-if)#ip access-group 101 in
Router(config-if)#exit
Router(config)#ip access-list standard MANAGE
Router(config-std-nacl)#permit host 198.51.100.5
Router(config-std-nacl)#access-list 101 permit ip host 198.51.100.5 any
Router(config)#access-list 101 permit icmp any any echo-reply
Router(config)#access-list 101 permit tcp any any established
Router(config)#access-list 101 deny ip any any
_________site1 R1___________
en
conf t
hostname Site-1
no ip domain-lookup
enable secret cisco
line con 0
logging synchronous
line console 0
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
banner motd % message-of-the-day %

int s0/0/0
ip addr 192.168.100.22 255.255.255.252
description Site1 and HQ
clock rate 128000
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int gi0/0
ip addr 192.168.8.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.9.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.10.1 255.255.255.0
exit
router ospf 1
router-id 1.1.1.1
net 192.168.100.20 0.0.0.3 area 0
net 192.168.8.0 0.0.0.255 area 3
net 192.168.9.0 0.0.0.255 area 3
passive-interface gi0/0
passive-interface gi0/1
area 3 authentication message-digest
_________Site 2 R3__________
en
conf t
int s0/0/1
ip addr 192.168.100.38 255.255.255.252
description Site2 and HQ
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int gi0/0
ip addr 192.168.12.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.13.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.14.1 255.255.255.0
exit
router ospf 1
router-id 3.3.3.3
net 192.168.100.36 0.0.0.3 area 0
net 192.168.12.0 0.0.0.255 area 4
net 192.168.13.0 0.0.0.255 area 4
passive-interface gi0/0
passive-interface gi0/1
area 4 authentication message-digest

No comments:

Post a Comment

Feel free to comment if you have a question, commendation, or concern. We love to hear your feedback!

Please do not share links to external websites if it not relevant to discussion. We reserve our right to remove any content we deem advertising.