CCNA LAB - Cisco Packet Tracer MUCLUC CHUONG 1: STAND ALONE LABS. LABI: KET NOI VA DANG NHAP VAO CISCO ROUTER. LAB 2: Introduction to the Basic User Interface Lab 3: Introduction to Basic Show Commands. LAB 4: CDP. LAB 5: CAC LENH CO BAN MO RONG 14 LAB 6: THIET LAP BANNER MOTD... LAB 7: LENH COPY LAB 8: GIGI THIEU VE CAU HINH INTERFACE .. LAB 9: GIO THIEU VE IP (INTERNET PROTOCOL) 2 Lab 12: Static Routes. Lab 13: RIP..... Lab 14: Troubleshooting RIP. Lab 28: Standard Access Lists.. Lab 29: Verify Standard Access Lists... Lab 30: Extended Access List 4 Lab 31: Verify Extended Access Lists... seems A Lab 32: Named Access Control Lists Lab 33: Advanced Extended Access Lists. LAB 35: GIGI THIEU VE VLAN. 57 LAB 36: VLAN TRUNKING PROTOCOL (VTP). 63 CHUONG 2: SEQUENTIAL LABS... Lab 1: Cau hinh Router co ban... wk ww Lab 2: Cu hinh Router nang cao "4 Lab 4: Telnet. Lab 5: TFT! Lab 6: RIP 82 Tab 4p A cpm Nicaea ceca cesceraceracensescaescarescarescmescimsscacr AS Lab 15- NAT/PAT. Ovhttp://hocmang.net Page 1CCNA LAB - Cisco Packet Tracer CHUONG 3: SCENARIO LABS LAB 4: STATIC ROUTES. LAB 5: DEFAULT ROUTES... LAB 6: RIP ROUTES ‘Lab 22 2950 Vian Lab 23 ~ 2950 Deleting VLAN 100 Lab 24 ~ 2950 VTP... 102 Lab 25 ~ 2950VTP w-client.. 103 ‘Lab: KHOI PHUC MAT KHAU CHO ROUTER CISCO. 105 LAB BONUS: THIET KE HE THONG MANG TOA NHA. 109 Obhttp://nocmang.net Page 2CCNA LAB - Cisco Packet Tracer CHU’O'NG 1: STAND ALONE LABS LAB1: KET NOI VA DANG NHAP VAO CISCO ROUTER A. Giéi thigu vé Ciseo Router. B. Chuan bj cho bai lab: C. Cie bude thyc hig 1. Tit giao dién cia Packet Tracer ban kéo vao Router 2811 2. Double-click vio Router 2811 va chuyén sang tab CLI dé cu hinh bang dong Iénh. Bay gic ban dang 6 user mode. Dau nhac duge chia ra thanh hai phan: phan tén (hostname) ca Router va phan mode. “Router” la tén cita Router, con dau ‘> nghia I ban dang ¢ user mode. Press RETURN to get started! Routervensbie 3. Tiép theo ban sé ding Iénh enable dé vao privileged mode Press RETURN to get starved! Rowrer>enable Boutert 4. Dé quay Iai user mode, ban sé ding Iénh disable. Tit user mode ban dung Ignh logout hodc exit dé ra khéi router Rourertdisable Rourerrexte Router cond is now avatiabie Press RETURN to get started. Ovhttp://hocmang.net Page 3CCNA LAB - Cisco Packet Tracer LAB 2: Introduction to the Basic User Interface GiGi thigu céc Iénh co ban A. Mye tiéu ciia bai lab: GiGi thigu vé giao dign dong Iénh (CLI); 2 ché a6 1A user mode va privileged mode; eo ban vé 2 1gnh help va show. B. Chudn bj cho bai lab: Ching ta sé tiép tue str dung Router! C. Cée bude thye hign 1. Double-click vao Router 2811 va chuyén sang tab CLI dé cau hinh bang dong 1énh 2. Bay gid ban dang 6 user mode. Ban sé ding lénh ? dé xem tit ca cae cfu lénh 6 thé str dung tai mode nay Router>? Exec comands) <1-98> Session number to resume e Open « terminal connection Gisele Turn off privileged comands iaconnect Disconnect an existing network connection enable Turn on privileged commands exse Exit from the EXEC legout = Exit from the EXEC ping ‘Send echo messages resume «Resume an active network connection show Show running system information = Open @ secure shell client connection velnet Open a telnet connecticn rerninal Set terminal line parameters Eraceroute Trace roure co destination 3. Ding Iénh enable dé vio privileged mode Routervenable Rourert Obhttp://nocmang.net Page 4CCNA LAB - Cisco Packet ‘Tracer 4. Xem tit ca céic cau énh c6 thé ding tai privileged mode bing Ignh ? Routert? Exec commands: «1-98 clear cisce configure op aerag delete aux disapie dtaconnest enable exit ogous kas Ping relosd More Session number to resume Exec level Automation Reser functions Manage the sysvam clock Enver configuration mode ‘Open @ terminal connection ‘Copy from one file to ancther Debugging functions (see also ‘undebug") Delere @ file Liat files on « fileayaten Turn off privileged comands Disconnect an existing network connection Turn on privileged commands Erase 8 filesystem Exit from the EXEC Exit from the EXEC Create new directory Display the concants of a file Disable debugging informations Send echo messages Halt and perform a cold restart 5. Ding lénh show ? dé xem tit cd cae cau lénh show Routertshow 2 ap cep class-map eleck controllers exypte seDugging Exane-zelay history hosts snterfaces ap pve legging login tere asses Last ace: Show AAA values asece Arp table COP information Show QoS Class Map Display the system clock Inverface controllers status Encryption module Stave of each debugging option Dynamic Host Configuration Protocol srarus IEEE 802.11 show information Show all oF one ephone status Show filesystem information display information abour flash: file systen Feane-Relay information Display the session command history IP domain-name, lookup style, nameservers, and host table Interface status and configuration IP information IPvé information Show the contents of logging buffers Display Secure Login Configurations and Stace Obhttp://nocmang.net Page 5CCNA LAB - Cisco Packet Tracer 6. Ding lénh show running-config dé xem c4u hinh hign tai (running-config) naieentanes seams csrie Biiding configuration... Current configuration : 450 bytes version 12.4 no service timestamps log datetime msec no service timestamps debug datetine msec no service password-encryption nostname Reuter —tore— 7. Dé xem thém théng tin tir cau Iénh show, ban ding phim Space Bar 8. Ding Ignh exit hode disable dé ra khéi router. Router#exit Obhttp://nocmang.net Page 6CCNA LAB - Cisco Packet Tracer Lab 3: Introduction to Basic Show Commands Gidi thigu cdc Ignh show co ban ue tidu cita bai lab Lam quen v6i ce cu 1gnh show co ban B. Chuan bj cho bai lab: Ching ta tigp tuc sir dung Routerl. C. Cie bie thye hign: 1. Vao user mode Router> 2. Vio privileged mode Router>enable Router 3. Xem cau hinh hién tai cia router. Cau hinh nay duge goi | running-config trén giao dign dong Ignh cua router. Cha ¥ phai vao privileged mode méi xem duge. Cau hinh nay khéng duge ty dng luu trén Cisco router, va sé bi mat di néu nhur router bj mat nguén. running-config phai duge liu that cng bing énh copy (s@ néi trong eae bai lab sau). Routertshov running-config Building configuration piguestion : 460 bytes version 12.4 no service timestamps log datetine msec no service timestamps debug daterine msec ne service passvord-encryption hostname Router ato 4. Bé nho Flash 1a mét loai b6 nhé dc bigt trén router diing dé chifa file anh cia hé diu hinh (operating system image file). Khéng nhwr cae bo nhé thong thuéng cua router, b6 nhé Flash van duy tri file anh tham chi sau khi router bi imi ngudn. Ovhttp://hocmang.net Page 7CCNA LAB - Cisco Packet Tracer BO nha Flash 1a mét loai b> nhé dc bigt trén router diing dé chia file anh ciia hé digu hanh (operating system image file), Khng nhu céc b6 nhé thong thudng cua router, bO nhé Flash vin duy tr file anh thm chf sau khi router bi mit ngudn. 5. Giao dign dong lénh cua router mic dinh lu gitr trong bd nhé 10 cau lénh ma ban da g6 vio. Ding show history dé xem cae lénh nay. Routertahow histor ensble 7 show runaing-config thow flash show flash shou bistory 6, Hai clu Ignh gidp ban goi lai Kean ma ban da gO trude dé 1d phim mii ten Ken (up arrow) hode Ctrl+P 7. Hai ciu Ignh gidip ban goi lénh tiép theo trong history butfer 1 phim mii tén xudng (down arrow) hoac Ctrl+N. 8. Ding lénh show protocols dé xem trang thai hign tai cia ede giao thie dinh tuyén Layer 3 dang chay wén router, Routertshow protocols Global values: Internet Provocel routing is enabled FastEthernat0/0 ia administeatively down, line protocol 4s dow FestEthernet0/1 is edministratively dows, line protocol is dow Vieni is adminietsatavely down, line protocol is dow 9, Ding [énh show version dé xem céc thOng tin quan trong ca router nhu: platform, hé diéu hanh, théi diém boot lin cudi, dung hrong b6 nhé, s6 lung interface va thanh ghi céu hinh. Bout Cisco 105 Software, 2800 Softw 1, RELEASE SOFSWARE (£02) Technical Support: hetp://mor. cinco. com/techaupport Copyright (e) 1986-2007 by Cisco Systems, Ine Conpaied Hea 18-Jul-07 06:21 by pr_rel_cem ¢ (C2800NM-ADVIPSERVICESKS-M), Version 12.4(15)T ROM: System Bootstrap, Version 12.1(3¢)T2, RELEASE SOFTWARE (£21) Copyright (©) 2000 by ciaco Systems, Inc. Symtem returned to ROM by powez-on System image file is "c2800nm-advipserviceskS-mz.124-15.T1bin™ cisco 2611 (490860) processor (revision 01200) with €0416K/S120K bytes of menory Processce board ID JADOSI9OMTZ (4252091495) €MBE0 processcr: part nunber 0, mask 43 2 FastEchernet/IEEE 802.3 interface (s) 239K bytes of NVRAM. 2720K byes of processcr board System flesh (Reag/Wrize) Configuration register is 0x2102 Obhttp://nocmang.net Page 8CCNA LAB - Cisco Packet Tracer 10. Ding lénh show clock dé xem déng hé ciia router Routertahow clock +0:26:87.128 UTC Mon Mar 1 1999 11, Dig lénh show hosts dé xem danh sich cae host va tat ca dia chi ip cde cong cua host. Rowterssnow hosts Default Domsin is not set Wane/address lockup uses domein Codes: UN - unknown, EX - expired, OK - OK, 77 ~ revalidare temp - cempozary, perm - permanent MA - Mot Applicable None - Wot defined Hose Bore Flags Age Type Address(es) 12. Ding lénh show users dé xem tat ca cdc user két néi Routertenow users router Tine User Host ts) rate Location 13. Ding lénh show interfaces dé xem théng tin chi tiét cita m6i interface Routertahow interfaces FastEthernet0/0 is administratively down, line protocol is down (disabled) Hardvare is Lance, address i2 00e0.b0S5.4401 (bia 00e0.b085. 4401) MIU 1500 bytes, Bi 100000 Kbit, DLY 100 usec, elisbility 255/255, txload 1/255, zxload 1/255 Encapsulation ARPA, Loopback not set ARB type: ARPA, ARP Timeout 04:00:00, Last input 00:00:08, output 00:00:05, output hang never Last clearing of “show interface" counters never Input queue: 0/75/0 (size/max/aropa): Total ouput drops: 0 Queueing scravegy: fifo Cuspur queue :0/40 (size/max) S minute input rate 0 bits/sec, 0 packets/sec 5 minute cutpur rate 0 birs/aec, 0 packers: 0 packets input, 0 bytes, 0 no buffer Received 0 Broadcasts, 0 cunts, 0 giants, 0 throtel © input errors, 0 CAC, 0 frame, 0 overrun, 0 ignored, 0 abort © input packets with dribble condition detected © packers ouput, 0 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface renee ° pabbles, 0 date collision, 0 deferred menpen tnt lbe.Sulteren/ 0 ouepit leidiace sovapped — 14, Dig lénh show protocols dé xem trang thai chung va trang thdi cy thé cua bat cit giao thite no eiia Layer 3 Routertshow protocols Tatars’ Protscsl outing ds /enistled FagtEthernet0/0 is administratively dewn, line protocol is down FastEchernet0/1 is administratively down, line protocol is down Vieni is administratively down, line protocol is down Obhttp://nocmang.net Page 9CCNA LAB - Cisco Packet Tracer LAB 4: CDP A, Mue dich: Higu cach hoat dng cita Cisco Discovery Protocol Ching ta str dung Router 2620XM va Router 2811 1. Trén Router 2620XM, vao global configuration mode. aoucermanable Saurartoont © Enter configuration commands, one per line. End with CNIL/Z Rourer {config # 2. Trén Router 2620XM, di tén router thinh R2620 Router (config) thostname 22620 22620 (config) 3. Trén Router 2811, d6i tén router thanh R2811 Rourer>enabie Reutertconf © Enver configuration commands, one per line. End with CNIL/Z Router (config) fhoatname 52811 2811 (config) # Chi y: Mac dinh tat ca cdc inferface 1a shutdown (disabled), 4. Enable Serial 1/0 uén R2620 22620 (config) #int 21/0 22620 (config-if)$ne shutdown S. Enable Serial 1/0 én R2811 R211 (config) #int 21/0 RZ€11 (eonfig-if)$ne shutdown 6. Enable FastEthernet 0/0 én R2620 22620 (config) #ine 20/0 22620 (config-if)$no shutdown CDP cho phép céc thiét bi chia sé théng tin cu hinh co bin. CDP sé hoat déng ma khOng can phai cu hinh bat ky giao thite nto. CDP mie dinh duge enable wén tit ca cdc interface. CDP 1a giao thitc data link dién ra tai Layer 2 iia m6 hinh OSI. Dieu nay quan trong vi giip cho ta higu CDP khéng thé dinh tuyén duge. N6 chi c6 thé di dén céc thiét bi két néi trac tigp Obhttp://nocmang.net Page 10CCNA LAB - Cisco Packet Tracer 7. Trén R2620, diing lénh show edp interface dé xem trang thai tat ca cae interface dang chay CDP 2620¢shaw edp interface FastEchernet0/0 4 Sending COP pack! Holdeime is 180 fing COP pack Holdtime i= 180 ‘Theo hinh trén ta thay Serial 1/0 dang 6 trang thai up-up va dang giti cae gi CDP. Bay gid router da cé interface quang bé va nhin CDP updates nén ta 06 thé ding CDP dé tim théng tin vé cdc hang x6m (neighbors) két ndi truc tiép. B2620¢show cdp neighbors Capabiticy Codes: 2 - Rouver, T - Trans Bridge, B - Source Rouve Bridge 8 - Svitch, H- Host, I - IGM, x - Repeater, P - Phone Device ID Local Intrfce Holdtme | Capability Platform Port 1D Rze11 Ser 1/0 177 R cze00 Ser 1/0 ‘Thiét bj dau tién duge tim thay trong danh séch cia R2620 fa R2811 thong qua dudng Serial 1/0. R2620 dang nhan updates ti R281, g6i tin update cho R2620 biét 8 gidt cdc thong tin trong mot khoang thé gian xée dinh, Vao thoi diém Iénh nay duge g6 thi thai gian hold time cn lai ca R2620 1a 177 gidy. Néu khoang thoi nay két thic true khi nhjin duge g6i update méi thi thong tin vé R2811 s& duge x6a Khoi bang. R2811 1A router series 2800, duge hién thi 6 c6t Platform. Cét cudi cing, Port ID, la port trén router 2811 ma né dig dé giti g6i update. ian 8 Trén R2620, ding lénh show edp neighbors detail dé xem thong tin chi hang xm két néi tye tiép dén né. Osshow cdp neighbors detail Device ID: R261 Encry address(es) Platform: cisee C2600, Capabilities: Router Interface: Serisli/0, Port ID (outgoing port): Seriali/o Roldtime: 167 Version = Cisco 10S Software, 2800 Software (C2800NM-ADVIPSERVICESKS-M), Version 12.4(15)T 1, RELEASE SOFTWARE (fe2) Technical Support: hrtp: //snincisco.com/techsupport Copyright (©) 1986-2007 by Cisco , Tne Compiled Wad 1€-Jul-07 06:21 by pt_rel_team advertisement version: 2 Duplex: £11 Obhttp://nocmang.net Page 11CCNA LAB - Cisco Packet Tracer Lénh nay ding dé hién thj théng tin dja chi tang Network. Hign tai thi chura 6 dia chi IP, IPX hay AppleTalk nao due cau hinh cho nén field nay vin con trong. Lénh nay ciing hién thi thong tin IOS version. Chi § ring ede thiét bj duge ligt ke theo thir ty, Néu mu6n xem théng tin ciia cdc thiét bj khac trong danh séch, ban chi can nhan phim Space bar. 9, Trén R2620, go lénh show edp entry R2811 dé xem rigng thing tin vé R281 1 n2620¢show edp entry R2011 Device ID: Rze11 Petry address(es) Platform: cisco C2600, Capsbilicies: Roucer Inverface: Seriali/0, Pert ID (outgoing port): Seriali/0 Holdtine: 184 co TOS Software, 2800 Software (C2600MM-ADVIPSERVICESKS-M), Version 12.4(15)T 1, RELEASE SOFTWARE (£02) Technical Support: netp://ww_cisco.com/techsupport Copyright (©) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 06:21 by pt_rel_team advertisement version: 2 Duplex: full Lénh nay cho ta biét cde théng tin giéng nhur lénh show edp neighbors detail, nhung né chi hign thi thong tin cia mot thiét bi cu thé 1a R2811. Cha ¥ ring day la cfu lénh phan biét chit hoa - chit thurong. 10. Trén R2620, g6 Iénh show cdp dé xem sau bao lu thi céc g6i CDP updates durge giti di va bén nh§n sé gitt g6i update trong bao lau. a2620¢ahew edp Gicbel COP informasicn Sending COP packets every 60 seconds jing 2 holdime value of 160 11. Trén R2620, 26 lénh edp timer 45 dé diéu chinh thé gian gitta ede goi CDP. updates thanh 45 gidy (ctr sau 45 gidy s@ giri CDP updates). Ngoai thoi gian giri update, ta ciing c6 thé diéu chinh gid trj holdtime. Gid tri nay cho bén nhn biét sé gitt thong tin vé CDP update nay trong bao lau. 12. Trén R2620, 26 lénh cdp holdtime 60 dé diéu chinh thi gian holdtime thanh 60 giy. 13. Trén R2620, g6 Ignh show edp dé dam bio ring céc gid wi cdp timer va cdp holdtime da durgc thay déi. Ovhttp://hocmang.net Page 12CCNA LAB - Cisco Packet Tracer Néu khéng c6 thiét bj Cisco nao két néi tryc tiép trong mang, hoac don gian chi dé tiét kiém bang thong thi CDP c6 thé duge disabled. 14, Trén R2620, 96 lénh no edp run dé disable CDP tren toan router. R2620¢cont © Enter configuration commands, ons per line. End with CNTL/2 #2620 (config) tno edp run 15. Trén R2620, 26 lénh edp run dé enable CDP trén toan router. R2e20tcont = Enter configuration commands, one per line. nd with CNTL/Z 52620 (config) tedp run 16. Trén R2620, 26 lénh no edlp enable trén céng FastEthemet 0/0 dé disable CDP chi riéng trén cng nay. 22620 (config) #int £0/0 22620 (config-if)#no cdp enable 17. Trén R2620, £6 Ignh show cdp interface dé xéc nhdn ring céng FastBthernet 0/0 khong cin giri céic g6i CDP updates nifa (vi trong thong tin hién thi khéng 6 entry mo ita FastEthernet 0/0) R2620tshow edp interface Seriali/0 is up, line protecel is up Sending CDP packers every 60 seconds Heldcime as 120 seconds Obhttp://nocmang.net Page 13CCNA LAB - Cisco Packet Tracer LAB 5: CAC L! A. Mue dich: Biét cach xem va cdu hinh ning phan co ban cua router. B. Thiét bi lab: Ching ta s@ sir dung Router 2811. 1. Vao user mode Router> 2. Xem tit ca ede Ignh c6 thé dimg trong user mode bang lénh ? 3. Vao privileged mode bang |énh enable. Tai mode nay ban sé diéu khién hoan toin router. Router>enable Router 4. Xem cdc lénh c6 thé ding tai privileged mode bing Ignh ? 5. Dé cé thé cu hinh cho router, ban go Iénh configure terminal dé vio mode config NH CO BAN MO RONG Routerteonfiguee terminal Enver configuration comands, one per line. End with CHTL/Z Router (config) # 6. Ding lénh hostname dé doi tén cho router (néu nhu trong mang cé nhiéu router thi 1énh nay gitip ban nhan biét cdc router), Router (config) thostname Keang Keangicontigi? 7. Lénh enable password diéu khién vige truy cp vio privileged mode, Day 1a password rit quan trong vi é privileged mode ban c6 thé thay ddi cac eau hinh cita router, Ban sé dit password i boson Keang (config) tenable password boson 8 Bay gid hay thir password. Ban thoat khoi router va sau dé vao privileged mode. Ban sé thiy router hién ra dau nhac yéu ciu nhip password. Keangrenabie Password: 9. Van dé duy nhat déi v6i enable password 12 né hién thi password dui dang plain text (khéng mii héa) trong file cdu hinh cua router. Néu ban v6 tinh dé cho ai dé nhin thay password nay thi st gay nguy hiém cho hé théng mang ctia ban. Dé vita Ovhttp://hocmang.net Page 14CCNA LAB - Cisco Packet Tracer thiét Lap password vira ma héa password, ban sé ding Iénh enable secret. 6 day ban dat password li cisco Krang(config) tenable secret cisco 10. Bay gid ban c6 thé thir password bing cach thoat khoi router va sau dé gd Kenh enable. Password mi ban vita thiét Kip bang cfu Iénh enable secret cisco sé ghi d& én password cii la boson, Nghia Ia néu ban thiét lap ca hai password thi enable seeret sé Li password ban diing dé yao privileged mode. Password enable password van tn tai nhumg né da bi v6 higu ha. Ovhttp://hocmang.net Page 15CCNA LAB - Cisco Packet Tracer LAB 6: THIET LAP BANNER MOTD A. Muc dich: ‘Thiét lap banner MOTD (Message of the Day). MOTD dug hién thi khi ¢6 ai d6 dang nhip vao router. Banner cing e6 thé duge ding dé hién thi thong tin ve router va cdc thong tin bio mat. B. Thiét bj lab: Chting ta sé sir dung Router 2811. 1. Két ndi vao Router 2811 va vao privileged mode. Rowrersenabie Rowrert 2. Vio configuration mode. Rourerteont © Enter configuration commands, one per line. End with CNTL/Z Router (contag)® 3. Tai configuration mode, ban g6 Iénh banner motd, theo sau la ky ty phén cach Router sé ding ky tw ny dé biét khi ndo thi ta két thie viée thiét lap banner. Cach dé nha 1a ding ky wee Router (config) banner motd = Enter TEXT message. End with the character ‘2. 4. Bay gid ban g6 vao banner, va muén két thtic banner thi g6 z. Vi dy ban g5 You do not have permission to be here. This router eats hackers for lunch! z. va nhan enter thi ciu You do not have permission to be here. This router eats hackers for lunch! sé durge ding lam banner. Router (config) #banner nord 2 Encer TEXT message. od vith che character ‘2'. Yoni do ot have permission to be bare. Tile toupee ‘eats hecheve for iuuch!. © Router (config) # 5, Dé xem banner thi ban hiy thodt khoi configuration mode va sau 46 thoat khoi router, sau d6 nhan return thi ban s¢ thay banner. You de not have permission to be here. This router eats hackers for lunch! Rouver> Ovhttp://hocmang.net Page 16CCNA LAB - Cisco Packet Tracer LAB 7:1 H COPY A. Mye dich: ‘Trong bai lab nay chting ta sé lam quen voi cau hinh Router efing nhu duge gidi thigu cho each lénh copy c6 trong Cisco IOS B. Thiét bi lal Chting ta sé sit dung Router 2811 CC. Cae bude thye hign 1. Vao diu nhc Router 2. Vo privileged mode 3. Hién thi ciiu hinh dang sir dung (active) trong bd nho bing lénh show running-config. Cau hinh hign tai dang chay trén router duge goi la running-config trén giao dién dong lénh cua router. Chui ¥ ring can phai vao privileged mode mai xem duge ndi dung cia running-config, va running-config khong duye ty d6ng liu trén router ~ né sé bi mit khi router bj mat ngudn, Running-config cin phai duge Iuu thu cng bang 1énh copy Routertah running-config Building configuration Current configuration : 450 bytes version 12.4 fo service timestamps debug datetine msec ne service passvord-encryption 1 hostname Router 4. Hién thi cau hinh duge luu trong NVRAM bang lénh show startup-config, Cau hinh nay duge goi 1A startup-config. Cho dén Ive nay chting ta vin chua luu cdu hinh nén khi ding Iénh show startup-config ta st khong thiy ai. Routerten startup-contig scartup-config is not present $. Ta sé copy céu hinh hign tai vao trong NVRAM bing Iénh copy running- config startup-config. Cau hinh hign tai cua ta duge luu trong RAM va ta cn phai ru né lai dé phong khi router bi mat nguén thi ta van cdn gidt lai durge cau hinh trade 46. Ovhttp://hocmang.net Page 17CCNA LAB - Cisco Packet Tracer Routerteopy running-config startup-config Destination filename (atartup-contsg]? Building configuration. toR 6. Bay gid ta xem lai cu hinh trong NVRAM. Rourertsh starvup-config Using 450 bytes version 12.4 no service timestamps log datetine msec no service timestamps debug datetine msec no service passvord-encryprion hostname Router ' ' 7. Néu ta muén bit dau céu hinh router ngay ti dau, thi ta sé ding Iénh erase startup-config va reload Iai router. Lénh nay st gidp ta x6a hodn todn edu hinh trong router va cdu hinh lai router tir dau. Routerter etup-contig Erasing the ovram filesystem will remove all configuration files! Contimse? (con time! tox) Erase of nvram: complete SSYS~7-HV_BLOCK_INTT: Initieiized the geomerry of avran 8. Sau khi da x6a cau hinh thi ta sé reload lai router. Router sé hoi ta cé muon lu lai cu hinh trudc khi reload khdng, va ta chon no. Poutertreload Broceed with reload? [confizel SSYS-S-RELOAD: Reload requested by conscle. Reload Reason: Reload Command System Boctatrap, Version 12.1(3z)T2, RELEASE SOFTWARE (fot) Copysight (2) 2000 by cisco Systems, Inc cisco 2811 (MPCEEO) processor (revision 0XZ00) with GOS16K/SIZ0K Bytes cf memory Self decompressing the smage sestersesersesesessrersessssestsesssersesesesereesesesssersesesesesstses#® (OKI Restricted Rights Legend 9, Sau khi router reload xong, ta xem lai startup-config, va s¢ thay khong con gi Gtrong dé. Routexteh startup-config seartup-contig is not present Obhttp://nocmang.net Page 18CCNA LAB - Cisco Packet Tracer 10. Bay gid ta sé di tén ca router thanh Boson. Rourerteont © Enver configuration commands, one per line. Router (config) #ho Router (config) #hostname Boson End with ONTL/Z. 11. Sau khi déi tén cua router, chting ta s@ reload lai router, va khi router hoi ta 6 mudn lu lai cdu hinh khéng thi ta s@ chon lun, Bosontreload 12. Sau khi reload router, tn ciia router 1a Boson sé xuat hién 6 dau nhac. Obhttp://nocmang.net Page 19CCNA LAB - Cisco Packet Tracer LAB 8: GIOL THIEU VE CAU HINH INTERFACE A. Muc dich: Higu cach kich hoat mt cdng (interface) trén router dé dura né lén trang thai up B. Thiét bi lab: Ta sé str dung hai router 2811 1. Trén Router dau tién, vio global configuration mode va cu hinh tén cla Router la RL. Rowter> Rouver>en Routerenable Rourertcont © Enver configuration commands, one per line. End with CNTL/2, Router (config) #hox Router (config) hostname AL AL (contig 2. Ta vio tiép interface configuration mode dé céu hinh cho interface £0/0 cua R1. RI (config)#int (0/0 3. Ding lénh ? dé xem tat ca cdc Iénh o6 thé ding tai mode nay. Bi (contig~if)#? =p Set arp type (azpe, probe, snap) or timeout banawiech Set Eandwideh informational paremeter cap CDP interface subcomanda exypte Enezyption/Decryption comands custom-queue-list Assign a custom queue list to an interface deiey Specity interface throughput delay description Interface specific description cuplex Configure duplex operation exit Exit from interface configuration mode Fair-queue Enable Fair Queuing on an Interface hold-queue Set hold queue depth op Interface Internet Protocol config commands apve IPvé interface subcommunds accaddress Manually set interface MAC addzers 4. Trong s6 cdc lénh hign ra, ta sé thay od 1énh shutdown 5. Ching ta e6 thé g6 Iénh nguge véi mét lénh, bing cdch ding no phia trude 1énh 46. Do d6 muén kich hoat mét cong thi ta st g6 Iénh no shutdown Ricontig-if)#no shutdoun SLINK-S-CHANGED: Interface Fastithernet0/0, changed state to up 6. Bay gid thém mot mé ta vao cho cong nay bing lénh description Al (config-if) #descriprion FastEchernet interface on Al Obhttp://nocmang.net Page 20CCNA LAB - Cisco Packet Tracer 7. Dé xem m6 td ma ta da thém vao céng, ta vé Iai privileged mode va dimg lénh show interfaces Rigsh inverfaces FastEthernet0/0 is up, line protocol is down (disabled) Hardware iz Lance, address is 0001.c7Sd.2d01 (bia 0001-c78d-8402) Description: Fastthernet interface on Rt & Bay gid vio Router thit hai va vao cong £/0 Rowrer> Rouver>en Routervenable Rourerteont © Enver configuration commands, one per line. End with CHTL/2, Router (config) #how Router (config) ¢hostname RZ Bz (contig) sine 10/0 9. Bay gid hay kich hoat céng f0/0 22 leonfig-if) tne shutdown SLINK-5-CHANGED: Interface FastEthernet0/0, changed state co up SLIREDZOTO-E-UPDOWN: Line protocol on Interface FastEthernet0/0, changed stave t oop 10. Bay gid ca hai cng FastEthemet 0/0 trén hai Router déu da duge kich hoat. Ban c6 thé ding lénh show dp neighbors dé xem théng tin cita tat ca cdc Router két néi trire tiép véi nhau. Rigsh cap neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Suitch, H- Host, I - IGMP, x - Repeater, P - Phone Device ID Local Intrfce ‘Holdtme | Capability Platform Port ID 2 Fas 0/0 170 R 2600 Fas 0/0 Obhttp://nocmang.net Page 21CCNA LAB - Cisco Packet Tracer LAB 9: GIOL THIEU V A. Mue dich: Ching ta sé céu hinh Router 1, 2 va 4 véi cae dia chi IP va ping gitta chang dé kiém tra két néi B. Thiét bi lab: ‘Chting ta sé sit dung ba router 2811 IP (INTERNET PROTOCOL) 1, Ta véo Router du tién va d6i tén cho n6 thanh RI aowter> Routeren Routervenable Rourerteont © Enver configuration commands, one per line. End vith CWIL/Z Router (config) thos Router (config) ¢nsatnans Ri AL (eontig) € 2. Vao interface {0/0 dé cau hinh dia chi LP cho céng nay. Ai (contigitine £070 3. Ding lénh ip address 10.1.1.1 255.255.255.0 dé thiét lap dia chi IP cho céng nay Ta 1O.1.1.1/24 Ri (config-if) #ip address 10.1.1.1 255.285.255.0 4. Tiép theo ta can phai g6 Iénh no shutdown dé kich hoat céng nay. i (contig-it) #no shutdown SLINK-S-CHANGED: Interface Fastithernet/0, changed stave to up 5. Bay gids ta dat dia chi IP cho cong s1/0 trén RI 1a 172.16.10.1 255.255.255.0 Ri config-if)sine 31/0 Bi (eonfig-if)#2p add 17216.10.1 256.265.265.0 Ri (config-if)#no ah SLINK-5-CHANGED: Interface Seriai1/0, changed stare to down Bi (config~if) #clock Ri lconfig-if}#clock rate 64900 Obhttp://nocmang.net Page 22CCNA LAB - Cisco Packet Tracer 6. Chon Router thir hai 7. Doi tén cha Router thir hai nay thinh R2. Rouver> Rourer> Rourer>en Rourer>enable Routerteonf © Enter configuration commands, one per line. End with CNIL/Z Router (config) #host Router (config) #hostname R2 RP (contig) ® 8 Dat dia chi IP cho céng f0/0 cha R2 1a 10.1.1.2 255.255.255.0 Ba eantig-s#veip add 10.1.1.7 266.266.268.0 9. Kich hoat céng. 22 (config-it) tno shutdown 10. Bay gid click chon Router thir ba trén man hinh. 11. Dat tén Router nay la R4 va gan dia chi IP 18 172.16.10.2 255.255.255.0 én céng sl/0 Roucer> Rourer>en Routerenable Routerscont = Encer configuration commands, one per line. End with CNTL/Z. Router (config) #ho Router (config) #hostname 24 Ra (contig) tint 21/0 Ra (contig~it) #ip add 172.16.10.2 286.288.285.0 12. Dam bao ring ban di kich hoat céng. RE (confignif) tuo shutdown SLINK-S-CHANGED: Interface Seria1i/0, changed state to up 13. Vio lai RI 14. Thit ping dén céng £0/0 cita R2 Rigping 10.2.1.2 Type escape sequence to abort Senaing 5, 100-byte ICMP Eenos to 10.1.1.2, timeout ss 2 seconds: rite Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/6 ms Obhttp://nocmang.net Page 23CCNA LAB - Cisco Packet Tracer 15. Thir ping dén céng s1/0 chia R4 Rigping 172.16.10.2 ‘Type escape sequence to abort. Sending §, 100-byte ICMP Echos to 172.26.10.2, timeout is 2 seconds: Success rate is 100 percent (6/5), round-trip min/avg/max = 1/2/6 ms 16. Ding Ignh show ip interface brief dé xem dja chi IP va trang thai cita cc céng. Ritshow ip interface brief Interface Tp-Address OK? Method Status Brotocel FastEtherneto/0 40.2.4.2 YES manual up » FastEthernet0/1 unassigned «YES unset administratively down dun Seriali/0 472.26.10.4 YES manual up wp 17. Xem running-config va xdc nhan ring dja chi IP ma ta da cdu hinh cé trong running-config Anverface FastEthernet0/0 4p address 10.1.1.1 258.255.255.0 Guplex aute speed auto interface Fastithernet0/1 no 4p addr duplex auto speed auto abutdovn, interface Serial1/0 ap address 172.16.10.1 265.285.265.0 eleck rate 64000 18. Ding lénh show ip interface dé xem thong tin chi tiét vé IP cia mdi céng. Bish ip invertace FastZthernet0/0 is up, line protocol is up (connected) Internet address is 10.1.1.1/24 Broadcast address 12 255.265.255.255 Address determined by setup comand MIU is 2500 Obhttp://nocmang.net Page 24CCNA LAB - Cisco Packet Tracer Lab 12: Static Routes A. Mue Ching ta sé cu hinh trén Router 1,2, 4 va thém cau hinh static route cho tit ci router B. Cae bude thye hign Bang IP address: 1. C4u hinh cdc router voi dia chi IP nh bang trén: - Routerd: Moucer (contig) snostname routers ouvert (config) #int 20/0/0 rourerg (config-if)#ip add 12.§.10.2 265.258.255.0 router¢ (config~if)#no ah SLINK-5-CHANGED: Interface Serisl0/0/0, changed state to down router¢(config-if)#elock rave 64000 oureré (config-if)# SLINK-5-CHANGED: Interface Serial0/0/0, changed state to up SLINEROTO-S-UPDOW: Line protecol on Interface Serial0/0/0, changed # - Router 1: Router (config) thostname router! routerl (config) sint £0/1 router! (config-if) ip add 10.1.1.1 265.255.255.0 router! (config-if)#no sh SLIWR-5-CHANGED: Interface FastEthernet0/1, changed state to up ouvert (config-if) #int £0/0/0 routeri (config-if) ip add 12.8.10.1 288.288.268.0 rouverl (config-if) #no ah ALIMK-S-CHANGED: Interface Sezia10/0/0, changed state to up /hocmang.net Page 25CCNA LAB - Cisco Packet Tracer - Router 2: Router (config) shostname router? router? (config) int £0/0 router? (config-if) #ip add 10.1.1.2 255.255.265.0 Fouter2 (config-if) no sh SLIME-S-CHANGED: Interface FastEtherne:0/0, changed stare to up SLIWEPROTO-S-UPDONN: Line protocol on Interface FastEtherner/0, changed stave © ew router? (contig-s#) 4] 2. Sau khi cu hinh dia chi IP chiing ta ping kiém tra trén cdc router king giéng. Nghia li tir router! chting ta c6 thé ping (6i router 2 va router 4 routeritping 10.2.2.2 Type escape sequence to abort. Sending , 100-byte ICMP Echos to 10.1.1. Tit Suee wimsour i2 2 seconds 2 rate is 80 percent (4/5), round-trip min/avg/max = 1/2/6 m= routeritping 12.5.10.2 Type escape sequence to abort. Sending ©, 100-byte ICMP Echos to 12.5.10.2, timeout is 2 seconds: Suecess rate is 100 percent (6/8), round-trip min/avg/max = 4/4/S ms 3. Sau khi cdu hinh dia chi IP. Ching ta bat dau cau hinh static route. Dau tién 1a ké&t ndi dén router], Chting ta cin cau hinh static route cho cdc router khong c6 két ndi tryc tiép voi nhau. Router! két ndi trye tiép ti cdc router? va 4 nén chting ta khdng cin cdu hinh static route. 4, Clu hinh static route cho routers 0 42.5.10.1 20.1.1.0 255.255 routers (config) 5. Kiém tra ping thir ti router 4 ti céic serial0 va fasternet0 ca router! va fasternet0 cia router2 | on //hocmang.net Page 26CCNA LAB - Cisco Packet Tracer outeré#ping 12.5.10.1 Type escape sequence to abort. Sending 5, 100-byte IOMP Echos to 12.5.10.1, timeout is 2 seconds: success = fe is 100 percent (5/5), round-trip min/avg/max = 3/5/7 ms routerdgping 10.1.1.1 Type escape sequence to abort. Sending §, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 yoonds Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/€ me routert¢ping 10.1.1.2 Type es Sending §, 100-byte ICMP Echos to 10.1.1.2, timeout ia 2 Success rave is 0 percent (0/5) 6. Tai sao ching ta kh6ng thé ping thanh cOng t6i dia chi router2(10. 1.1.2). Khi chting ta ping t6i 10.1.1.2 router sé nhin trong bang routing table va biét duting di t6i mang 10.1.1.0 va giti gi tin di, Router2 nhan duge g6i tin va mudn tra 16i, Router2 nhin vio Source IP thay 12.5.10.2( céng serial router4). Nhung khi né giti di thi géi tin sé bi hiy vi n6 khéng biét dudng di téi mang 12.5.10.2. Vi vay ma chdng ta khOng nhin duye !!! 7. Hién thj théng tin static route. routerdtshow ip route Codes: C - connected, S - static, I - GRP, R- RIP, M- mobile, B - BGP D- EIGRP, EX- EIGAP externa, O - OSPF, IA ~ OSPF ancer area Mi ~ OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 EL ~ OSPF external type 1, £2 ~ OSPF external type 2, F - 2G 4 - IS-IS, Ll - IS-IS level-2, 12 - 18-18 level-2, a - I6-IS inver ares + - candidate defautt, 9 - per-user static route, 0 - OD B ~ periodic downloaded aratic route Gecevay of lest resort is not ser 10.0.0.0/24 42 subnetted, 1 subnecs s 10.2.1.0 (1/0) via 12.8.10.2 12.0.0.0/24 is subnerted, 1 subners c 25.100 is divectly connected, Serial0/0/0 routers] 8 Cau hinh static route trén router? 5.10.0 255.255.255.0 10 Page 27CCNA LAB - Cisco Packet Tracer 9. Kiém tra lai ket ndi ping tir router4 téi router 2 routerdtping 10.1.2.2 Type escape sequence to abore. Sending §, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds: rH Suecess rate is 100 percent (5/5), round-trip min/avg/max = 5/7/9 me zourerd 10. Nhin vao bang routing table trén router2 routeritanow 2p route Codes: C - connected, 5 - static, I - IGRP, R- RIP, M- mobile, B - BOP D- EIGRP, EX - EIGRP external, 0 - OSPF, IA ~ OSPF inter ares Mi ~ OSPF NSEA external type 1, N2 ~ OSPF NSSA external type 7 El - OSPF external type 1, £2 ~ OSPF external type 2, E - EGP 4 IS-IS, Li ~ IS-IS level-1, 12 - ISIS level-z, ia - IS-IS inter area + ~ candidace defauit, U- permuser static route, © - ODR B ~ pericdic downloaded atic route Gaceway of last resort is not ser 10.0.0.0/24 is subnetted, 1 subnets © Abt. de divectiy connected, FastEcherne:s/0 £2.0.0.0/26 ds subnetted, 1 subnets S 32.6,20.0 (1/0) via 10.2.2.2 rourer24] Nhin vao bang routing ta thay chit “S” 1a Static route di qua mang 12.5.10.0 [1/0] c6 id next-hop bang 1 phai di qua céng f0/1 ciia router! 6 dia chi IP 1a 10.1.1.1 Ont //hocmang.net Page 28CCNA LAB - Cisco Packet Tracer Lab 13: RIP ‘A. Muc tigu: Ching ta cdu hinh dja chi IP trén Router 12,4 va sir dung phirong thite RIP routing. B. Cac burée thuc Bang IP address 1. Cfu hinh dia chi IP nhu mé hinh mang nay: —--- 2811 Routers 2611 2514 Router Router2 2. Sau khi cau hinh IP address trén méi cong. Ban kiém tra chic chin la da ping thinh céng trén mdi router King giéng, rouveri#ping 172.16.10.2 Type escape sequence to abort Sending 6, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 secands: tit Success rate iz 100 percent (5/5), round-trip min/avg/nax = 2/3/7 me outeri¢ping 10.1.1.2 ‘Type escape sequence to abort. Sending §, 100-byte ICMP Eehos vo 10.1.1.2, timeout is 2 seconds vite succes: rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 me Ovhttp://hocmang.net Page 29CCNA LAB - Cisco Packet Tracer router! (config) rower ip router! (config-router) tnetwork 10.0.0.0 router! (config-router) tnetwork 172.16.0.0 zouterl (config-raurer) # 4. Router2 ourertconf ter configuration commands, one per line. End with CHTL/2 2 (config) #router rip router? (config-router) tnetwark 19.0.9.0 router? (config-router) i 5. Router4 rourerd (config) #rourer rip routerd (config-router) fnetwork 172.16.0.¢ routerd (con! al 6. Giao thitc RIP da hoat dong trén 3 router, Kiém tra két ndi bang cach ping tir Router2 dén Router4 va nguge lai rouverzeping 172.16.10.2 Type escape sequence to abort. Sending S, 100-byte ICMP Echos to 172.16.10.2, timeout is 2 seconds Success rate is 100 percent (6/8), round-trip min/avg/max 47/10 ms rouverstping 10.1.1.2 Type escape sequence to abort Sending 5, 100-byte IMP Echos to 10.1.1.2, timeout is 2 seconds 100 percent (5/8), round-trip min/avg/max = 7/11/18 me 7. Néu ping t6i cc router thanh cong, thi ban da Routin thanh cong. Néu két néi khong thanh céng. Ban kiém tra Iai theo ting bude da hudng dn 6 trén, & Nhin thong tin vé IP routing Obhttp://nocmang.net Page 30CCNA LAB - Cisco Packet Tracer router! (config-router) de show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next dus an 0 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Ourgoing update filter list for all interfaces is not ser Incoming update filter list for all interfaces is not set Redisersibuting: rip Default version control: send version 1, receive any version Interface Send Recy Triggered RIP Key-chain Fastzcnerneto/2 2 #4 ‘Seriaio/0/0 2 oak Automatic network sumari Maximum path: 4 Routing for Network: 10.0.0.0 172.16.0.0 Passive Invertace (2): Routing Information Sources Gaveway Distance Last Update Distance: (default is 120) stion is in effect Obhttp://nocmang.net Page 31CCNA LAB - Cisco Packet Tracer Lab 14: Troubleshooting RIP A. Mue dich: Ching ta cai dat IP address trén Router! 2 4 va sir dung phuong thie RIP. Chiing sé quan sat hoat dng cia Router thong qua qui trinh debug ip rip. B. Cae bude thue hign 1. Thiét lap cdu hinh nhu bang dudi: 2. Céu hinh RIP routing protocol routeri (config-if) $40 show 2p int brief Inverface TP-address OK? Method status Provossl FastEthernet0/0 unassigned «YES unset administratively down down FastStherneto/1 192,268.11 YES manual up ca Seristo/0/o 192.268.2.1 YES manual up wp vient unassigned YES unser administratively down doun router? (config-if)¢do show ip int brief Interface TPeAddcess | O87 Method Seatun Protocct FastEcherne:0/0 192.168.2.2 YES manual up oe Feoteonernes0/2 unssignes YES unset admintotestively down doen vant inesdip sdatnioceansenty dom don routeré (config-if) #éo show ip int brief Interface TPAddress OK? Method Status Brotecel Faseteherneto/0 unassigned YES unser administratively down down FastEchernet0/1 unassigned YES unset administratively down down Seria10/0/0 as2.268.2.2 YES manual up > vant unsssigned «YES unset adniniatratively down down Ovhttp://hocmang.net Page 32CCNA LAB - Cisco Packet Tracer 3. Kiém tra viée nhfn théng tin dinh tuyén trén tat ca router routeré (config-router) #de show ip route [codes: ¢ - connected, S - static, I - IGAP, R- RIP, M- mobile, B- BGP D- EIGRD, EX - EXGRP extern, O - OSPF, IA ~ OSPF inver ar Mi ~ OSPF MSSA excernal type 1, N2 - OSPF NSSA external type 2 EL - OSPF excernai ctype 1, £2 - OSPF external type 2, © - EGP 47 ISIS, Li - IS-I5 levei-1, 12 - IS-I5 level-2, 18 - 18-T5 inter + ~ candidate default, U- per-user static route, o - ODR P ~ periodic downloaded static rouve JGarevay of last resort is not set R 192.268.1.0/24 t120/11 via 192.168.2.1, 00:00:16, Sertai0/0/0 Je 192.468.2.0/24 ds dizectiy connected, Seriei0/0/0 router? (config-router)tde show ip route Codes: C - connected, 5 - static, I - IGRP, R- RIP, M- mobile, B- BOP D- EIGRP, EX'- EIGAP externel, O - OSPF, IA ~ OSPF inver are: Mi ~ OSPF NSSA external type 1, NZ - OSPF NSSA external type 2 EL - OSPF exvernal type 1, £2 ~ OSPF external type 2, E - EGP 2 - IS-IS, Li - IS-IS level-1, 12 - IS-IS level-2, ia - I5-I5 inter area + ~ candidate default, U - per-user static route, © - CDR B ~ periodic dounloaded static rouce Gaveway of last resort is not set © 182.168.1.0/24 is dizectiy connected, FastEthernet0/0 R «-182.168.2.0/24 [120/1] vis 192.168.1-2, 00:00:01, FastEchernet0/o routerl (config-zouter) #do show ip route Jcodes: C= connected, 5 - static, I - IGRP, R- RIP, M- mobile, B - EGP D- EIGAP, EX - EIGRP excernai, O ~ OSPF, IA - OSPF inter area Mi OSPF NSSA external type 1, NZ - OSPF NSSA external type 2 EL ~ OSPF external type 1, #2 ~ OSPF external type 2, © - EGP i - ISIS, Li - ISIS level-i, 12 - IS-I5 level-2, ia - IS-IS inter area + ~ candidate default, 0 - per-user static route, 0 - COR P ~ periodic dovnleaded static route Jcavevay of lest resort 4a not ser Jc 192.268.1.0/24 is directiy connected, FastEthernet0/1 Jc 192.268.2.0/24 i directly connected, Seriai0/0/0 4. Kiém tra viée nbn thong tin dinh tuyén thong qua Iénh debug ip rip wi mode privilege wén Router! Obhttp://nocmang.net Page 33CCNA LAB - Cisco Packet Tracer xouterlédebug 3p rip RIP protocol debugging is cn outerl#RIP: sending vi update to 255.255.255.265 via FestEthernet0/2 (192.168 aay RIP: build updace entri network 192.168.2.0 metric 1 RIP: sending vi update to 255.285.255.255 via Serial0/0/0 (152.168.2.1) RIP: build updace entries network 192.168.1.0 metric 1 5. Quan sit RIP : build update entries s@ duge giti 608 1 Hin. 6. Tit debug bing cach g6 “no debug ip rip” hod “undebug all” hoe “u all” RIP: busta update enceies network 192.168.2.0 metric 2 RIP: sending vi update to 256.255.255.255 via £ RIP: build update entries network 192.168.1.0 metric t wait ALL possible debugging has been vurned off 7. Xem bing routing trén Router? va Router4. Chai § t6i AD va metres routersishow ip route JCodes: C - connected, 5 - static, I~ IGRP, R- RIP, M- mobile, 5 - BGP D- EIGAP, EX - EIGRP excernal, O - OSPF, IA - OSPF inter area Wi ~ OSPF NSSA external type 1, N2 - OSPF NSSA externa type 2 Ei - OSPF external type 1, £2 — OSDF external type 2, E- EGP i = ISIS, Li - I-18 level-1, U2 - I5-I5 level-2, ia - I5-15 inter area + = candidate defeuit, U~ per-user static route, 0 - COR P ~ periodic downloaded static route Jcavevay of Last resort is not ser R —192.168.1.0/26 [120/1) via 192.168-2.1, 00:00:21, Seriai0/o/0 Jc 192-168.2.0/24 4 aireceiy connected, Seriai0/o/0 Obhttp://nocmang.net Page 34CCNA LAB - Cisco Packet Tracer rourer2eshow ip route Codes: C - connected, S- steric, I - IGRP, R- RIP, M- mobile, B- BGP D = EXGAR, EX - EIGAP external, O - OSPF, IA - OSPF inter ares Wi - OSPF NSSA exvernal type 1, NZ - OSPF NSEA external type 7 EL - OSPF externa type 1, £2 ~ OSPF external type 2, E - ECP 2 - ISIS, Li - IS-IS level-1, 12 - IS-18 ievel-2, is - 15-T8 inter ares + ~ candidate default, U - per-user static route, © - OD P ~ periodic downloaded stazic route Gateway of last resort is not set fo 292.268.1.0/24 2 dizectty connected, FastEchernet0/0 R-182_168.2.0/24 [120/1] via 192.169.1.1, 00:00:28, Fi eEchernet0/0 8. Chae chan la ban cae thé ping tat ca thiét bi trong mang. Néu khong thé ping thanh cOng ban cin troubleshoot cu hinh router to chée chéc la chting hoat déng ding, routerétping 192.168.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 152.16! -1.2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 6/8/13 ms Obhttp://nocmang.net Page 35CCNA LAB - Cisco Packet Tracer Lab 28: Standard Access Lists Access List co ban A. Mue tidu eta bai ‘Tim hiéu va thy hanh cae danh sich kiém sodt truy cp chuan (Standard ACL). B. Chuan bj cho bai lab: Ching ta s@ sit dung Router 1, 2 va 4 vai c md inh nhur sau: 24.172.2/28 24.172.1128, 17.2.17/28 24.17.2.18/28 @------— i os 2811 2811 2811 Router? Routert Routers ong duge ket ndi va dat dja chi IP theo C. Cée burde thye hign: 1, Trén Router!, dat dia chi_IP cho cdc céng Fa0/0 va Ser2/0 nhu sau: Router! (config )#im (0/0 Router! (config-ipip address 24.17.2.1 255.255.255.240 Router! (confic-ifi#no shut RouterI(config-if#exit Routerl(config)fint 80/30 Router! (config-if# ip address 24.17.2.17 255.255.255.240 Router! (config-ipi#no shut Routerl(config-ipjitexit 2. Trén Router?2, dit dia chi IP cho cong Fa0/0 nhw sau: Router2(config)#int fO/0 Router2(comfig-ipptip auldress 24.17.2.2 255.255.255.240 Router2(config-ifno shut Router2(config-iptexit 3. Ti Router?, ping ti dia chi IP cia céng Fa0/0 cia Router! © route ee | Physical | Config | CLI Rourer?tping 24.17.2.2 IOS Command Line Interface Type escape sequence to abors. Ping thanh cong Sending §, 100-byce ICMP Eches to 24.17.2.2, timout is 2 seconds YOO percent (8/8), round-trip min/avg/nax = 1/2/¢ me 4. Trén Routers, dat dia chi IP cho cdng Ser0/3/0 nhw sau: Obhttp://nocmang.net Page 36CCNA LAB - Cisco Packet Tracer Routerdconfig Hint s0/3/0 Routerd(config-ifi# ip address 24.17.2.18 255.255.255.240 Routerd{config-ifino shut Routerd{config-ifytexit ‘Sau d6 ping thir ti dja chia IP cia cong Ser2/0 ctia Router! 1s 100 paxeent (6/8), rousd-erip min/ave/max = 3/2/4 m8 5. Cau hinh RIP cho Router! va thém network dinh cho cac céng Fa0 va Ser0/3/0, | RouterI(config)#router rip Router! (config-router }#network 24.0.0.0 Router} (config-router)#exit 6. Cau hinh RIP cho Router? va thém network dinh cho cong Fa/0 Router2(config)#router rip Router2(config-router network 24.0.0.0 Router2(config-router exit 7. Cau hinh RIP cho Router4 va thém network danh cho cong Ser0/3/0 Routerd{ config #rowier rip Routerd{config-router)#network 24.0.0.0 Routerd(config-router}#exit 8. Routerd ping cing fa0/0 cia Router2: Routerd¢ping 24.17.2.2 Type escape sequence to abort. ping thanh céng Sending 5, 100-byte ICMP Echos to 24.17.2.2, timeout is 2 seconds: fuccesa reve Te G00 percent (6767), round-trip min/ava/max = 4/8/10 ma Rourerse| 9. Gid ta sé cau hinh ACL trén Router dé chan kha nang Router ping ti Router2. ‘Vao che d6 Configuration. Sau dé, tao m9t access-list | chi dé chin dia chi IP 24.17.2.18 (cong Ser0/3/0 cia Router4) theo sau dé la 1énh access-list permit any dé cho phép tat ca cdc dia chi IP khac duge giti g6i tin ti céng Fa0/0 cia Router2. Router2(config)#access-list 1 deny host 24.17.2.18 Hote Rower2(config)Haccess-list 1 deny 24.17.2.18 0.0.0.0 Hoje Rowter2(config)Haccess-list I deny host 24.17.2.18 ‘Sau dé thém: Router2(config)#access-list 1 permitany — 10, Sau khi tao xong access-list. 6 trén, ta cin gin né cho cing Fa0/0 cia Router? ding thoi chi ra hucmg di ella g6i tin ma access-list nay sé kiém soat (di vao hay i ra ti Obhttp://nocmang.net Page 37CCNA LAB - Cisco Packet Tracer céng Fa0/0 cia Router2). “in” c6 nghia la cdc géi tin dén tix mang va sé di vao router va Sout” c6 nghia ring cic goi tin di ra khoi router va di vio mang Router2(config)#im (a0 Router2(config-ipitip access-group 1 in MM. Kiem tra lai rang bay gid’ Router Khong thé ping toi cong Fa0/0 caa Router2 ni A Routers Physical | Config | CLI | IOS Command Line Interface aoutersoen Pouterdtping 24.17.2.2 ping khOng than cong ‘Type escape sequence to abort. sar acness Ket host. Gong) We Sending 6, 100-byte ICMP Echos to 24.17.2.2, timeout is 2 seconds | Onur: //hocmang.net Page 38CCNA LAB - Cisco Packet Tracer Lab 29: Verify Standard Access Lists Kiém tra lai ciu hinh Standard ACL A. Mue tiéu cita bai lab: Kiém tra xem access: B. Chuan bi cho bai lab: - Yéu cu: da hoan thinh xong lab 28 (Standard Access List) ~ Ching ta sé tigp tye lam vige voi mo hinh cia tab 28, Cae bude thye hign: 1. GO birde dau tién nay ta sé xem xét xem c6 thé ping téi Router? tr Router4 khéng. Két ndi tei Router4 va thir ping ti cong Fa0/0 céia Router? (c6 dja chi TP 1 24.17.2.2). Néu ban nhin duge 5 déu chim nhw hinh sau thi access-list ma ta di tao lab 28 dai lim viée ding. Shoes RES s —W__aas | Physical | Config | CLt fa duge cau hinh dang hay chura. 10S Command Line Interface Routerd>en Rowrertsping 24.17. 2 ping khéng thanh céng _ => access list hoat déng tét Type escape sequence to abort Sending §, 100-byre XCHP Echos co 24.17.2.2, timeout is 2 seconde l 2. Truy cp vao Router? va thim tra xem ede access-list cua ta dang chay trén cde interface nao, xem ngi dung ctia running-config, jeEcherneto/o 4.37.2.2 288.255.255.240 auplex auto speed sure 3. Taciing e6 thé xem eae access-list duge ap dung cho cae interface nao bing Ignh show ip interface RESETS TI: socket iv ww toomestedl pen ecsinat ht oon aan s2 isebied Obhttp://nocmang.net Page 39CCNA LAB - Cisco Packet Tracer 4, Lénh show access-lists s® cho ta biét cdc access-list ndo ma ta da tao trén router. NO ceding sé cho ta biét cdc entry nao trong access-list da duge strdung va sé long g6i tin ma router cho phép hoje bj chan. oseer24[suer secere-tases ] seen noutezz® Obhttp://nocmang.net Page 40CCNA LAB - Cisco Packet Tracer Lab 30: Extended Access List Danh sch kiém sodt truy cp mé rong A. Myc tiéu ciia bai lab: ‘Tim hiéu va thye hanb céu hinh céc danh sich kiém sodt tray cp mé réng (Extended ACL). B. Chuan bj cho bai lab: ‘Str dung lai m6 hinh cing nhw céc bude cau hinh dia chi IP cho cdc interface va RIP trén ede router tugng ty bai lab 28. Luu y: Néu ban da thyc hign cau hinh Standard ACL 6 lab 28 thi trude khi di vao cae ‘burde ctta lab 29 nay, ban cin thyc hign Iénh no ip access-group 1 wén céng Fa0/0 ctia Router? (hode sir dung Ignh no ip access-tist standard 1 trong ché 4} Configuration etia Router2) C. Cite buée thye hign: (tir bude | -> 8, thyc hign giéng lab 28) 9, Hai extended access list ma ta sé tgo ra sau diy 66 2 tae dung khée nhau. Dau tién, ta sé chi cho phép subnet ndi tryc tiép vai céng s0/3/0 cia Router! duge telnet tei cong $0/3/0 cia Router!, Dé lam diéu nay ta chay Iénh sau trong ché 4 Configuration cia Routerl. Router (configaccess-list 101 permit tep 24.17.2.16 0.0.0.15 any eq telnet 10. Tiép dén ta sé cho phép bat ky g6i tin ndo tir subnet 24.17.2.0 bing Lénh sau Routerl(configtaccess-list 102 permit ip 24.17.2.0 0.0.0.15 any 11. Gid ta cin gin céc access-list niy cho cae interface. Dudi diy li cde lénh ding dé gan access-list 101 cho céng $0/3/0 ciia Router! theo huréng inbound (cac géi tin di vao céng nay sé chiu sy kiém soat). Router! (config #int SO/3/0 Router! (config-if}tip access-group 101 in Router! (conjig-iftexit 12, Voi cong Fa0/0 thi fa can ga access-list 102 hutng inbound, Router config Mint FOO Router1(config-ifi#ip access-group 102 in Router I(config-ifexit 13. Nhu vay 1a ta di hoan thanh xong cde yéu cdu ciia bai lab nly. G bai lab ké tiép ta s& thuc hign cac bute dé thim dinh ring céc access-list trong bai nay durgc cu hinh chuan Ovhttp://hocmang.net Page 41CCNA LAB - Cisco Packet Tracer Lab 31: Verify Extended Access Lists Kiém tra Extended Access Lists A. Myc tiéu ciia bai lab: Kiém tra lai cdc cau hinh access-list 6 bai lab 30. B. Chudin bj cho bai lab: ~ Sit dung lai mé hinh cing nh ce burbe trén cde router trong ty bai lab 28, - PA hodn thinh edu hinh extended access list trong bai lab 30. Cie burée thye hign: 1. Gid ta sf kiém tra xem céic access-list 6 lab 30 cé duge cau hinh ding chua. Két néi t6i Router4 va thir ping téi cong $2/0 cua Router!. Neu ping khéng thanh céng thi access-list 101 dang lam vie diing. 2. Tiép dén ta cin kiém ta xem tir Routerd e6 duge phép telnet téi Router! chua. Ki ‘di t6i Router! va cho phép truy cap bing telnet, sau dé thiét lip mat khau cho két ndi telnet 1a mmt03. ooae ee elaacnan ere Reg RAT cand ww hinh dja chi IP cho cac interface va RIP [type escape sequence co abort. Sending §, 100-byte IMP Echos to 24.17.2.27, timeout is 2 seconds Guscess rave is 0 percent (075) Rouerdecane End with CHTL/2 fRourers(conesgi#iine vey 0 = lRoucerd (confiq-line) tiogin ‘Login disabled on line €€, unts2 se see § Login disabled on Line 67, nts ie see S Login disables on line 62, unesi ss see § Login disabled on Line 68, unti se ser S Login atzabies se see Routers (contig 3. Gio ket noi ro lai Router4 va thir telnet téi Router! Routerd#telnet 24.17.2.17 4. Néu thy diu nic lénh cia router déi thinh Router! thi tite Ia ta di telnet thinh céng. téi Router!. Gier chay Iénh exit hoje nhan git 16 hop phim control+shift+6+x dé tro lai Router4. Sau 46, gd tigp Ignh disconnect 1 dé dong két ndi telnet ti Router! Nhu vay, ta di cau hinh dung cho access-list. Obhttp://nocmang.net Page 42CCNA LAB - Cisco Packet Tracer a Routers a es Physical | Config | CLE IOS Command Line Interface telnet khong thanh cong do cha dat password telnet telnet thanh cong déng két néi teinet Routers nok " See a SNS = ove Router cl Routeres i ti Router? va igri tra xem ta 06 thé ping tdi cong S0/3/0 hay khéng. WR Router? Physical | Config CLI 10S Command Line Interface Towerteping TIT Ee FS type escape sequence to abort Sending §, 100-byte ICMP Echos to 24.17.2.18, timeout is 2 seconda: | ping khdng thanh cong 6. Keét qua cho thay ta khong thé Ignh ping 6 bude 5 khéng thanh céng, tai s: vay? Hay mung twong ra qué trinh ma goi tin lu chuyén trong mang. Ge dau tai Router2, di qua Router! va duoc chuyén téi Router4. Sau d6, tai Router4, g6i tin duge déng 263 Iai va giti tra vé cho Router!, Khi Router4 déng goi lai goi tin, IP nguén cua géi tin tré thinh IP dich va IP dich tré thanh IP ngudn. Khi g6i tin gip phai access-list trén céng $0/3/0 ctia Router! thi n6 bi chan Iai béi vi IP ngudn ctia g6i tin la dia chi cia céng $0/3/0 ciia Routert. Onur: //hocmang.net Page 43CCNA LAB - Cisco Packet Tracer 7. Gio ta kiém tra xem tir Router? cé thé ping téi cong Fa0/0 cia Router! (24.17.21) hay khéng AR Router? =) esa IOS Command Line Interface Boaverstping 20-07-21 ping thanh cong eimeour is 2 ss) 8. Néu ping duge thi ta c6 thé kiém ta thém kha ning telnet téi Router! nhu sau: a router? ar) Physical [config |< | 10S Command Line Interface Trying 2427-2. Gpen telnet thanh cong Roarerzedie Bourerztasacon dong két néi telnet Gioring GouneUtiSe ES ¥4.47-2-1 ceontizm 9, Dé tham tra access-list nio duge gan cho interface nao, ta sé xem ndi dung cua running-config aR Router Physical | config) ctr | IOS Command Line Interface ica 11 yap ana $0/3/0 theo chiéu in Obhttp://nocmang.net Page 44CCNA LAB - Cisco Packet Tracer 10, Ngoai ra, ta ciing 6 thé strdung lénh show ip interface dé dat duge myc dich nhuy bute 9 “ag Routert 10S Command Line Interface FaseEthernet0/0 is up, Line pretocel is up (connected) Interne: address $2.2¢.17.2.1/28 Broadcast address is 265.755.256.255 ddress derernined by setup comand MIU i 100 Helper address is not set Directed broadcast forverding is disabled | Roweritan ip ine [| tnbound access list is 102 Proxy AAP is enabled Security level is default Split horizon is enabled ICMP reasrects are alvs 11. Lénh show access-lists sé cho biét cdc access-list nao duge tao trén router. No cing cho ta biét cdc entry nio ctia access-list d4 duoc sur dung va cé bao nhiéu géi tin duge phép hoje bj ttr choi bai access-list. Routerltsh access-list Extended IP access List 101 permit top 24.17-2.16 0.0.0.8 any eq telner (12 matchies)) Extended IP access List 102 Permit Sp 24.17.2.0 0.0.0.8 any Onur: //hocmang.net Page 45CCNA LAB - Cisco Packet Tracer Lab 32: Named Access Control Lists Named Access Control Lists A. Myc tiéu ciia bai lab: ‘Tao mét ACL duge gin tén (thay vi due nhin dang béi con s6 nhur trong céc bai lab trude) dé cém tit ca céc g6i ping ti PC téi Router! nhung cho phép truy cp tir Routers toi Routerl. Tas edu hinh edie ACL nay trén Router! B. Chuan bi cho bai Xfy dung mé hinh két ndi gita PC va céc router va ciu hinh IP cho ede thiét 46 nh hin dus da 1. Cau hinh giao thite dinh tuyén RIP trén ca 2 router sir dung cdc 1énh_network thich hyp (xem Igi lab 13) 1B: 192.168.1.18/28 9268338 panna seseeirhs Basa aR Sas ge ---- LE) eit zeit nor Routert Routers ead 2. Chay lénh show ip route dé dim bio céc tuyén dudng trong bang dinh tuyén cia cde router la day di va chinh xac. Sau dé kiém tra két n6i gitta cdc thiét bi bang lénh ping ~ Trén Router!: SS _ a ee Physical | Config | CLI IOS Command Line Interface Roweerisah ‘C- connected, § - static, I - IcRP, R- AIP, M- mobile, 8 - BCP D- BTGRD, EX- EIGAP external, 0 - OSPF, IA ~ OSPF inter area Ni ~ OSPF NSEA exzernel type 1, NZ - OSPF NSSA external type 2 Ei - OSPF external cype 1, £2 ~ OSPF external type 2, E - EGP i > ISIS, 11 - IS-T5 levei-t, 12 - IS-I8 level-2, i: - IS-I5 inter ares * - candidate default, 0 ~ pei P - periodic dovnloaded static roure Weic route, © - O08 Caravay of ast x - Trén Routert, Obhttp://nocmang.net Page 46CCNA LAB - Cisco Packet Tracer WR Foutert 7 lee Physical | Config | CLI 10S Command Line Interface Rourertsen ip zoure Codes! C= connected, S - static, I - GRP, Q- RIP, M-mebile, B - RGD D~ EIGRD, EX - EIGRP exvernsi, © - OS0F, IA\- OSPF anver area Bi ~ OSPF NSSA excernal ype 1, 2 - OSPF NSSA external type 2 EL ~ OSPF exrernal type i, £2 ~ OSPY external cype 2, E - EGP i = ISIS, Li ISIS level-1, 12 - T5-15 level-Z, ig - IS-I5 inter ares + = candidece default, 0 - per-user static route, 0 - OD F ~ periodic dovnicaded static rou: Gateuay of last resore is nor ser 3. Gié ta sf ngin chin tit ca cac liu lgng ping xuat phat tir PC va duge giti cho Routerl. Access list nay c thé nim trén Router4 hode Router! Thudng thi ta sé co access list duge dat trén router ma nam gin nguén (gir g6i tin) nhat 6 thé vi diéu nay gitip loai bo nguy co cée uu lugng khéng can thiét di chuyén tong mang, Nhung 6 vidy may, ta s€ dat access list tien Router! véi hung inbound nhur sau: Routerl (config)#ip access-list extended deny_ping Router! (config-ext-nacl)#deny icmp host 192.168.1.18 192.168.1.1 0.0.0.0 Router! (config-ext-nacl)#permit ip any any. Router! (config-ext-nacl)#exit ~ Cau Ignh dau tién chi rd kiéu cia access fist 1h extended. - Dong lénh thir hai cé téc dung wr chéi bat ky g6i ICMP nao dug gui tir host cé IP la 192.168.1.1 va dich dén ld host co IP 1a 192.168.1.1. Dé ¥ ring ta di ding tham sé Iénh host cho phan dau (source address) cia access list va ding wildcard 0.0.0.0 cho phan hai (destination address) cia access list. Ca host va wildeard 6 day déu cé tae dyng gidng nhau la xac djnh dja chi IP cia mot host cu thé (chit khong phai mot tip cdc IP). ~ Lénh thir ba cho biét ring tat ca cae lm hrgng khae déu khOng bi chin boi access list. 4, Ké tiép ta sé gan access list vita tao 6 trén cho cong $2/0 cia Router! va access list nay sé danh cho huéng inbound. Router! (config)#int s0/3/0 Router! (config-if#ip ac roup deny_ping in 5. Gid ket noi toi PC va thir ping ti céng $0/3/0 cua Router! nhu sau Obhttp://nocmang.net Page 47CCNA LAB - Cisco Packet Tracer erat = Physical | Config Desktop Trwéc khi thém ACL Par Ta thay, PC c6 IP Ta 192. 168.1.18 list cia ta da lam viée ding theo yéu cau. Xie nhfin ring tt Routerd c6 thé ping th thé ping (i IP 192.168. 1.1, Nhu vay, access inh cOng téi Router! nhur sau Page 48CCNA LAB - Cisco Packet Tracer Lab Advanced Extended Access Lists Nang cao vé Extended Access Lists A. Mue tiéu bai lab: ‘Cau hinh Extended Access List dé loc nhiéu loai Iwu long mang (traffic) khéc nhau nhu: - Loc cic traffic giri tir network nay t6i network kia, - Loc cde traffic gui tir host téi network. ~ Loe cic traffic giti tir network t6i host. ‘Chun bj cho bai lab: 1. Xfy dung so dé mang va cdu hinh IP cho céc thiét bi nhw hinh sau: 152.682.2704 ree een ba ‘outer? sez yga% ss ya ie f Foor Pet ‘1P:192.166.3.2 PC-PT PC: 4 z5s.58 2850 re Pes Peer evi2.iee 3 Wi192.168.1130—1p:392,168.1.131 $:255.255,255.128 syass,755.255.198 F192 168.12 P1192.168.1.3 Sores See Seoecais pemecn ee (DG:192. 166.11 DG: 192.168.1.1 Obhttp://nocmang.net Page 49CCNA LAB - Cisco Packet Tracer 2. Cé4u hinh RIP cho tat ca cc router sir dung cau lénh network thich hop. ~ Cau hinh Router!: Bice om Physical | Config CLI IOS Command Line Interface Gnterface Serini0/0/0 4p address 192.160.1.1 266.265.286.240 ip access-group deny_ping in Anverfsce Vieni ‘no ip address shutdown router rip network 192.168.1.0 ' ip class! 1 Ap accen-iise exvended deny_ping ‘deny temp host 182.168.1.18 hose 192.168.1.2 permit ip any any + Cau hinh Router? © Routers 10S Command Line Interface [invertuce Faatteherneco/o Ap address 192.163.1.17 255.255.255.240 duptex auto speed auto interface Fastithernet0/1 no ip address duplex auto speed auto shutdown, sntexface Seria10/0/0 ip address 152.168.1.2 268.256.265.240 clock rate 64000 anterface Vienl no ip address shotdoim, router sip. ‘network 192-168.1.0 Onur: //hocmang.net Page 50CCNA LAB - Cisco Packet Tracer 3. Dam bao ring cdc route trong bang dinh tuyén ciia cdc router durge tao ra day di vA chinh efic v6i Ignh show ip route. ~ IP route Router! et Physical | Config, CLL 10S Command Line Interface Rourariean ap route Codes: €'~ connected, § - static, I - 2633, 2 - RID, M- acbite, - ROP D~ HIGAD, EX ~ ZIGAP extomnai, O ~ OSPY, IA\- OSDF anter ar NL O59F NEGA external type 1, 12 - O97 NOEA external type? 21 = O59 excexnal type 1, #2 ~ OSE excernal type 2, E - EGP | 1 2e-18, Li - 15-15 leveled, 12 - I5-3S level-2, is - 25-79 incr + = canaiiate default, U - par-user aazic roure, 0 - OO8 2 = periodie diwniondad avarie rosea Gateway of tase x ort is not er 492.168.2.0/24 (220/2) vie 192.168.2.2, 00:00 4192-168.2-0/24 is directly connected, Serial2/0 © 92-168.3.0/24 8 airecciy connected, FastEthernec0/0 = IP route Router2: @ Router? ib lo © ita Physical | Config | CLI 2 4, Sexia22/0 c IOS Command Line Interface Router? (config)#do sh ip route Codes: C - connected, S - static, I - IGRP, R- RIP, M- mobile, B- BGP D - EIGRP, EX - EIGRP excernai, O - OSPF, IA - OSPF sneer area Mi ~ OSPF NSSA external type 1, W2 - OSPF NESA external rype 7 21 ~ OSPF external type 1, £2 ~ OSPF external type 2, E - EGP 4 = IS-I8, Li - 16-78 ievel-1, 22 - I8-T8 level-2, ie - 28-18 inver ares * - candidate default, U - per-user static route, 0 - ODR P ~ periodic dovnloaded static route Gateway of last resort is not ser 192.169.1.0/25 2 sunnested, 2 subnece 152.162.1.0 is directiy connected, FastEthernet0/0 192-168.1.128 is directly connected, FastEtherneti/0 192,168.2.0/24 is directiy connected, Seriel2/0 1921688 _0/24 (120/1] via 182.168.2-1, 00:00:28, Seriai2/0 Onur: //hocmang.net Page 51CCNA LAB - Cisco Packet Tracer 4. Kiém tra két ndi gitta cac thiét bj bing lénh ping. PCL Physical | Config | Desktop C. Cie bude thye hign: Kiém soat traffic giri tir network nay téi network ki 1. Access list dau tién ta tao ra sé chi__ cho phép cae traffic (str dung protocol bat ky) tir mang Administration (gdm PC4 va PCS) giti ti mang Corporate HQ (gdm PC1). Dé ss list nhur sau: lam didu nay ta s@ strdyng extended ac [WR Routert Physical | Config | CLI IOS Command Line Interface list nay Ién céng s2/0 ctia Router! dé kiém tra cdc traffic giti dén céng nay(huéng inbound). Router2(config)# access-list 100 permit ip 192.168.1.0 0.0.0.127 192.168.3.0 0.0.0.255 Router2(config)# access-list 100 permit ip host 192.168.2.0 any Router2(config)#int s2/0 Router2(contig ip access-group 100 in /hocmang.net Page 52CCNA LAB - Cisco Packet Tracer 2. Dé kiémira cess list nay. thir ping PCI tir PC2, PC3, PC4 va PCS. Néu PC2 va PC3 khdng thé ping téi PCI nhung PC4 va PCS thi eé thé thi ta di access list dl Lim vide diing theo yéu cau + Trén PC WR C2 ss Physical = Trén PC3: wR Pc3 Physical | Config | Desktop Page 53CCNA LAB - Cisco Packet Tracer Trén PC4: we Pc a Physical | Config Desktop i Physical | Config | Desktop n Soat traffic giri tir host nay téi host kia Phan tiép theo, ta s® khéa vige truy cép dén PCS dén PC2. Dé thye hign digu nay, sé tao mét access list trén Router2 c6 tac dung chan tat ca cdc traffic gui tir PC2 dén PCS, Sau dé gan access list nay cho cdng fal/0 cua Router 2. Router2(config)# access-list 101 deny ip host 192.168.1.130 192.168.1.3 0.0.0.0 Router2(config)#access-list 101 per ip any any Router2(contig)#int f1/0 Router2(config)fip access-group 101 in Page 54CCNA LAB - Cisco Packet Tracer Gio kiém tra PC3 tsi PCS, - Tren PC2: [ae rce 5 list 101 6 hoat ding kh6ng ta thyc hign ping tir PC2 toi Pt Physical | Config - Trén PC3! WR Pcs = 2 saa) Physical | Config | Desktop Page 55CCNA LAB - Cisco Packet Tracer + Kidm sodt traffic giii tir network cho host 1, Trude khi bat diu cau hinh cho access list méi nay, ta céin loai bé eéie access list tren Router! va Router2 vita tgo 6 trén nhur sau: - _Trén Router! | Rouwterl (config )#im s2/0 Router! (config-if}#no ip access-group 100 in Routerl(config-if exit ~ Trén Router? Router2(config im [170 Rowter2(config-ifino ip access-group 101 in Router2(config-ifitexit 2. O access list nay tas so dé man ‘han tat ca cde tr {én PCI ti ving network User nur & bt extended access list nbur sau: a Dé thye hign diéu nay, ta viet n Router2(config access-list 102 deny ip 192.168.1.128 0.0.0.127 host 192.168.3.2 Router2(config access-list 102 permit ip any any Rowter2(config int s2/0 Router2(config-ipi#ip access-group 102 out 3. Kiém tra hoat déng ctia access list bang cach ping tix PC2 dén PC 1. Néu ping khong OL. thanh cOng thi access list hoat dén Physical | Config Desktop et Page 56CCNA LAB - Cisco Packet Tracer LAB 35: GIOL THIEU VE VLAN A. Muc dich: Lam quen vi cdc wu diém cia VLAN trong mang LAN. Ching ta ir dung Router 2811, Switch 2960, PCL va PC2 Ching ta sé ciu hinh router va switch dé hd trg vlan, Muc dich cta bai lab 1a dé thiét lap cho céc PC ciia ban c6 thé ping thay nhau théng qua switch. Sau d6 ching, ta sé thay doi cdc vlan trén switch va thay rang cdc thiét bi khOng thé ping thay nhau durge nia, Cudi cing ta sé gan cho tit ca eée céng wen switch thude cing mét vlan va thay cdc thiét bj lai cé thé ping thay nhau. C. Cie buvée thye hign 1. Hay bat dau bang viéc cau hinh dia chi IP cho céng FastEthemet 0/0 trén Routerl. Két ndi vao céng [0/0 cia Router va dat dia chi IP 14 24.17.2.1 255,255.255.0 Routersenable Rouver>enable Routerteont © Enter configuration commands, one per line. End with CHTL/Z Router (config) #hostname Reuter? Router! (config) #int £0/0 Router] (config-s£)#2p add 24.17.21 268.256.255.0 Routerl (config-if)#ne 2h SLINK-S-CHANGED: Interface Fas eheznet0/0, changed state to up SLINEPROTO-S-UPDOM: Line protocol on Interface FastEtherner0/0, changed state © 2 ep 2. Vao PC1 va dat dia chi IP 1a 24.17.2.3 255.255.255.0 voi default gateway la 24.17.21 Obhttp://nocmang.net Page 57CCNA LAB - Cisco Packet Tracer 3. Vao PC2 va dat dia chi IP 1a 24.17.2.4 255.255.255.0 voi default gateway 1a 24.17.21 DHCP @ Static IP Address 24.17.24 Subnet Mask 255.255.255.0 Default Gateway 24.17.21 DNS Server 4. Bay gicrta c6 thé tir PC2 ping thay Router! va PCL | Obttp://hocmangnet Page 58CCNA LAB - Cisco Packet Tracer g)tvian 22 /hocmang.net Page 59CCNA LAB - Cisco Packet Tracer Ly do ta ping khéng thanh cng PC1 vita di gin cng f0/2 (ndi vai PCI) vao vlan 22, cin cong {0/3 (néi véi PC2) van thu ICMP echo request di tir PC2 dén PCI sé duge gin the la vlan 1, didu 46 c6 nghia 1a g6i tin nay chi cé thé di ra cng nao duge gn thé la vlan 1, do dé khi goi tin dén cdng 10/2 (durge gin thé 1a vlan 22) thi géi tin sé bi drop. Goi tin 8. Ta vio lai Switch va gan cdng [0/3 thude VLAN 22 9. Vao lai PC2 va ping lai Router! va PCL, Ta thay bay gid PC2 ping thinh cong PCI nhung lai ping khdng thinh cng Router! Perey Obttp://hocmangnet Page 60CCNA LAB - Cisco Packet Tracer Ly do PC2 ping thanh cong PCI 1a vi céng f0/3 ndi vai PC2 da duge gan vao vlan 22, do dé thuge cing vlan voi céng f0/2 (ndi vei PCI). Con PC2 ping Router! khéng thanh céng 1a vi cong £0/1 cia Switch | (ndi vei Routerl) van thude vlan 1, trong khi cng £0/3 bay gid da thude vlan 22 10.T: ring hai cng 10/2 va {0/3 di duge gan cho vlan 22 ding cau Iénh show vlan brief trén Switch! dé xem ic vlan, chii ¥ ing~de: 11. Ping kiém tra gidta cde thidt bi, tdt cd déu thanh cOng. Obttp://hocmangnet Page 61CCNA LAB - Cisco Packet Tracer Obttp://hocmangnet Page 62CCNA LAB - Cisco Packet Tracer LAB 36: VLAN TRUNKING PROTOCOL (VTP) A. . rmee ‘Mue dich: Cf hinh ede vlan én Catalyst 2950 Switch Gan cde vlan cho nhiéu céng. Cau hinh giao thite VTP dé thiét lap mét két n6i gitta client va server. ‘Tao mot dudng trunk giia cde switch dé mang cae vlan Kiém tra cu hinh. . Cae bude thye hign Bat dau bang viée gin dia chi IP va hostname cho ca Switch3 va Switch4 theo bring bén dud, + Switch3: Swstenrenable Switchfconf t Enter configuration comands, one per line. End with CNTL/Z Switch (contig) hostname Switch3 Switeh3 (config) #int vient SwitehS (config-if)#ip add 10.1.1. 255.255.255.0 Switeh3 (config-if)éno sh SLINK-5-CHANGED: Interface Vianl, changed state to up SLINEPROTO-5-UPDOMI: Line protocol on Interface Viant, changed state to up + Switch4: Swicch>enable Switchteont © Enver configuration comands, one per line. End with CHTL/Z Sviteh (config) thostname Suitché Switeh¢ (config) $int vient Switehé (config-if)#ip add 10.1.1.2 285.255.255.0 Suiten$ (config-if)tno sh SLINK-5-CHANGED: Interface Vianl, changed state to up SLINEPROTO-S-UPDOWH: Line protocol on Inverfa: Viant, changed state to up Ovhttp://hocmang.net Page 63CCNA LAB - Cisco Packet Tracer 2. Kiém tra ring Switch3 va Switch4 da két ndi duge véi nhau bang cach ping tr Switch3 dén Switch4 Suitch3#ping 10.1.1.2 Type escape sequence to abort, Sending §, 100-byte ICMP Echos to 10.1.2.2, timeout is 2 seconds: suce! a rate is 100 percent (5/5), round-trip min/avg/max = 3/3/4 ma 3. Thém vlan 8 va vlan 14 vao Switch3 va gn cong £0/2 dén f0/5 cho vlan 8 va céng 10/6 dén £0/10 cho vlan 14 Suitch3 (config) tvian & Switch3 {config-vian) #int range £0/2 - 5 Switch3 (config-if-range) #switehpare access vian 3 Suitchs (eonfig-if-range) texic SuitchS (config) tvian 14 Suitens (eanfig-vian)#int range £0/6 Switchs (config-if-range) sewitenpore: Switch3 (config-if-range) texte Switch3 (config) # 4. Ding cau lénh show vlan brief dé xac nhn rang ta da cu hinh dang. SvixchStahow vien brief VIAN Nene Starus Porte default active Fa0/1, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/18, Fa0/16, Fe0/17 ¥a0/18, ¥a0/19, Fa0/20, Fa0/2. 40/22, ¥a0/23, Fa0/24 2 vianooo8 active Fa0/2, Fa0/3, a0/4, Fao/s a6 vuamoois active Fa0/€, Fa0/7, ¥00/8, Fa0/3 Fa0/10 002 f4as-sefauie active 1003 token-zing-defaule active 1004 fddinec—defaule active 1008 tenet-defaule active 5. Mic dinh Catalyst switch da duge cdu hinh 1a VTP server. Chiing ta mudn thiét Jap Switch3 lam VTP server va Switch4 am VTP client. Ta sé ddi VIP domain thanh Boson va VTP password thanh rules Switeh3 (configi#vep mode server Device mode alzeady VIP SERVER. | on //hocmang.net Page 64CCNA LAB - Cisco Packet Tracer SuitchS (config) tvtp domain Boson Gnanging VIP domain name from NULL to Boson Suitchs (config) tvep pai Switch3 (config) tvep pat Setting device VIAN databa: Vao Switch va thiét lap céu hinh VTP: Switchd (config) fvep mode client Setting device to VIP CLIENT mode ‘Svitchd (config) #vep domain Boson Changing VIP domsin name from client to Boson Suitché (config) #vep pasevord rules Secting device VIAN database password to rules 6. Tyo duémg trunk dé c6 thé mang cau hinh vlan tir Switch3 sang Switch4. Dé lam vige may ta s@ kich hoat dung trunk trén duéng 4p ndi gitta hai switch. Ta sé dong g6i voi chudn la 802.1q vi dé la chun déng goi duy nhdt ma switch 2950 hd 119. Svivah? (contig) tint £0/2 Suitch3 (config-if) #switeh Switchs (config-if) #switenpart made trunk Suizehs (contig)sine £0/2 Suitché (config-if) tewitech Suitch$ (config-if) #ewitchport mode trunk 7. Ding hai cau lénh show vlan brief va show vip status trén Switch4 dé xc nhan rang cau hinh vlan tir Switch3 di duge cap nhat sang Switch4 (chi ¥ ring VIP server chi cp nhit tén ctia cde vlan cho VTP client chit khong cap nhat cde céng duge gan cho vlan nao). Suitchdgshow vian brie VLAN Name Status Parts 2 defeute active Fa0/1, ¥20/3, Fa0/4, 7a0/s Fa0/6, Fa0/7, Fe0/8, Fe0/3 Fa0/10, Fa0/i1, Fa0/12, Fa0/13 ¥a0/14, Fa0/18, ¥a0/16, ¥20/17 ¥a0/18, Fa0/19, Fa0/20, ¥a0/21 Fa0/22, Fa0/23, Fa0/24 8 vtawooos active a4 viawoon4 active 1002 f4ai-defaute active 1003 token-ring-defauit acesve 1004 fadiner-cefaule active 1008 tener~defaulz active Obhttp://nocmang.net Page 65CCNA LAB - Cisco Packet Tracer Suitchitshow vep status ‘VIP Version Configuration Revision ‘Maximum VLANE supported locally Number of existing VINE VIP Operating Mode 5 Client VIP Domain Name Boson VIP Pruning Mode Disabled VIP v2 Mode Disabled VIP Traps Generation Disabled MOS digest: (x80 OBA OxE9 OXOF OxZC OXSS 0X39 OXAA Configuration last modified by 10.1.1.1 ac 3-1-33 00: Obhttp://nocmang.net Page 66CCNA LAB - Cisco Packet Tracer CHU’O'NG 2: SEQUENTIAL LABS Lab 1: CAu hinh Router co ban A. Cie bude thye hign 1, Nhdn Enter dé vio user prompt Router> 2. GO? dé thay danh séch cdc Iénh trong user promt Router> ? Exec commands: <1-99> — Session number to resume connect Open a terminal connection disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn an privileged commands exit. Exit from the EXEC logout Exit from the EXEC ping Send echo messages resume —_ Resume an active network connection show Show running system information| ssh Open a secure shell client connection telnet. Open a telnet connection terminal Set terminal fine parameters traceroute Trace route to destination 3. Go Enable dé vao Privileged mode Router> enable Router# 4. Go ? dé thay danh sch cac Ignh trong Privileged mode Router? Exee commands: <1-99> Session number to resume auto Exec level Automation clear Reset functions clock Manage the system clock configure Enter configuration mode connect Open a terminal connection copy Copy from one file to another debug Debugging functions (see also 'undebug') delete Delete a file dir List files om a filesystem disable Turn off privileged commands Ovhttp://hocmang.net Page 67CCNA LAB - Cisco Packet Tracer 5. 6. % 10. Ci hinh dja cl disconnect Disconnect an existing network connection, enable — Turn on privileged commands erise Erase a filesystem exit Exit from the EXEC logout Exit from the EXEC mkdir — Create new directory more Display the contents of a file no Disable debugging informations ping Send echo messages reload — Halt and perform a cold restart ‘Thodt khoi Privileged mode ‘Dé ciu hinh trong mode Privileged mode g6 configure terminal Routeri#cont ter Enter configuration commands, one per line. End with CNTLIZ. Router(config)# Dat tén cho Router Router(config)#hostname RL Ri (config)# A (Ciw hin dja chi IP ten Router. - Hién tai céng dang 6 ché 46 Shutdown, dé kich hoat céng g6 - Sit dung phim tab dé hign thi diy du dong lénh cau hinh. Ri(contig)#int Ri (config)finterface £0/0 Ri (config-if#ip add 160.10.1.1 255.255.255.0 Ri (contig-if}#no sh Ri(config-i# %LINK-5-CHANGED: Interface FastEthernet()/1, changed state to up P trén Router RI vii cong serial SO/0/0 Ri(configyi#int s0/0/0 Ri (config-if)#ip add 175.10.1.1 255.255.255.0 RI (config-if}#no sh S¢LINK-5-CHANGED: Interface Serial0/0/), changed state to down Ri(config-if# 11.- Madn quay v8 mode Privileged mode e6 thé ding 18 hop phimn tit Curl +Z. = Muén quay vé | mode true dé ta c6 thé ding cau Iénh exit. Ri(contig-if exit RI (config)# Ovhttp://hocmang.net Page 68CCNA LAB - Cisco Packet Tracer - Muén thot kinoi dong Iénh interfae go logout Aelogout A cond is now available Prans RETURN to get started. 12. Dit secret password cho router Ri>enable Rl#conf ter Enter configuration commands, one per line. End with CNTL/Z. Ri(configyitenable secret cisco Ri (config}# 13, Hign th tit ca céc interfaces Rl#show ip int brief Interface Ip-Address OK? Method Status Protocol FastEthemet0/ —160.10.1.1 YES manual up down FastBtheme(Q/1 unassigned YES unset administratively down down Serial0/0/0 175.10.1.1 YES manual down down Vianl unassigned YES unset administratively down down: Rit 14, Hign thi chi tiét théng tin mdi cdng interface Ri#show int FastEthernet0/0 is up, line protocol is down (disabled) Hardware is Lance, address is 0090.2b46.9001 (bia 090.246.9001) Internet address is 160.10.1.1/24 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Ovhttp://hocmang.net Page 69CCNA LAB - Cisco Packet Tracer ARP type: ARPA, ARP Timeout 04:00:00, Last input 00:00:08, output 00:00:05, output hang never Last clearing of "show interface” counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts. 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort O input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, | interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier ~More~ 15. Hién thi nhiing gi da ciu hinh trong DRAM Riishow run Building configuration... Current configuration : 592 bytes version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption hostname RI ‘enable secret 5 $18mERrShxSrV(7rPNoS4wqbX KX7m0 enable password cenalab Ovhttp://hocmang.net Page 70CCNA LAB - Cisco Packet Tracer ~More-- 16. Hién thj cau hinh da duge lu trong NVRAM. - Hign tai trong NVRAM con tréng. Riiishow startup-config startup-config is not present Rit 17. Lamu edu hinh vao NVRAM Ri#copy run Rl#copy running-config start R lifcopy running-config startup-config Destination filename [startup-config]? Building configuration. {Ok} 18. Lite nay da cé cau hinh trong NVRAM, Riiéshow start Using 592 bytes version 12.4 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption hostname RL ‘enable secret 5 SISmERrShxSrVt71PNoS4wgbXKX7m0 enable password cenalab_ ~More~ Ovhttp://hocmang.net Page 71CCNA LAB - Cisco Packet Tracer 19, Hien thj version cia router Riiishow version Cisco Intemetwork Operating System Software IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) ‘Technical Support: htip://www.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang Image text-base: Ox8000808C, data-base: Ox80A 1FECC ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fel) Copyright (c) 2000 by cisco Systems, Inc. ROM: C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fe5) System returned to ROM by reload System image file is "flash:c2600-i-mz.122-28.bin" cisco 2621 (MPC860) processor (revision 0x200) with 604 16K/5120K bytes of memory Processor board ID JADO5 190MTZ (4292891495) ‘M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 2 FastEthernev IEEE 802.3 interface(s) 32K hytes of non-volatile configuration memory. 63488K bytes of ATA CompactFlash (Read/Write) ~More— 20, Hién th Protocols trén router Rl#show proto Global values: Internet Protocol routing is enabled FastEthemet(/0) is up, line protocol is down Internet address is 160.10.1.1/24 FastEtherne((/1 is administratively down, line protocol is down, Serial0/0/0 is down, line protocol is down Internet address is 175.10.1.1/24 Vian! is administratively down, line protocol is down Rl# 21. Tuomg ty: Kim router R2 nhur router RI véi dja chi ip 14. 160.10.1.2 Router>enable Router#cont ter Ovhttp://hocmang.net Page 72CCNA LAB - Cisco Packet Tracer Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname R2 R2(configyitenable secret cisco R2¢config)#int £0/0 R2config-if)#ip add 160.10.1.2 255.255.255.0 R2config-if}tno sh YeLINK-5-CHANGED: Interface FastEthernet(/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet(/0, changed state toup 22, Show ip int brief trén R2 R2#show ip int brief Interface IP-Address OK? Method Status Protocol FastEthemet/0—160.10.1.2. YES manual up up FastEthemet0/I unassigned YES unset administratively down down, Viant unassigned YES unset administratively down down 23. Kiém tra két ndi gitta 2 router R2Aconfig-if#do ping 160.10.1.1 ‘Type escape sequence to abort Sending 5, 100-byte ICMP Echos to 160.10. 1.1, timeout is 2 seconds: 1% Success rate is 80 percent (4/5), round-trip min/avg/max = 5/16/48 ms, - Néu két ndi khéng thanh céng ta ding cau lénh show ip interface brief dé kiém tra xem day c6 tét khng, rOi cng ching ta da no shutdown hay chu. Ovhttp://hocmang.net Page 73CCNA LAB - Cisco Packet Tracer Lab 2: Cau hinh Router nang cao A. Cie bude thie hign 1, Trén router! cu hinh password console. Password console li password ching ta nhap ‘rude khi vao mode prompt Router! (config)#line con 0 Router! (config-line)#logi % Login disabled on line 0, until ‘password’ is set Router! (config-line)#pass boson Ciu hin cau chao Router! (config)#banner motd # Welcom to Routerl- Authorized Users Only# 3. Kiém tra qua trinh ding nhép va banner mot. Welcom to Routerl- Authorized Users Only User Access Verifi Password: Routerl>enable Password: Routerl# 4, Ciu hinh Password telnet trén router? Router2(config)#line vty 04 Router2(config-line)#login % Login disabled on line 66, until ‘password’ is set % Login disabled on Line 67, until ‘password! is set % Login disabled on line 68, until ‘password’ is set % Login disabled on line 69, until ‘password’ is set % Login disabled on line 70, until 'password' is set Router2(config-line)#pass cisco Tir RI ping t6i R2 thong qua tén ciia R2. Rl (config}ip host Router? 160.10.1.2 6. Hién thi bing host duge lin tri trén RI Router! (config)#do show hosts Default Domain is not set Name/address lookup uses domain service Name servers are 255.255.255.255 Codes: UN - unknown, EX - expired, OK - OK, ??- revalidate temp - temporary, perm - permanent NA - Not Applicable None - Not defined Ovhttp://hocmang.net Page 74CCNA LAB - Cisco Packet Tracer Host Port Flags Age Type Address(es) Router? None (perm, OK) 0 IP 160.10.1.2 7, Tir Router! ping téi Router? théng qua host name Router! #ping Router2 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 160.10. 1.2, timeout is 2 seconds: ant Success rate is 80 percent (4/5), round-trip min/avg/max = 31/31/31 ms 8. Hin thi ni dung trong Mash trén Router2 Router2(config)#do show flash System flash directory: File Length Name/status 3. 50938004 c2800nm-advipservicesk9-mz. 124-157 L.bin 2 28282 sigdef-category.xml 1 227537. sigdef-default xml [51193823 bytes used, 12822561 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) 9. Hien thj qué trinh da gé trén RI Router! (config)#do show history int £0/0 ip add 160.10.1.1 255.255.255.0 no sh. do ping Router2 do ping 160.10.1.2 do ping Router2 exit ip host Router2 160.10.1.2 do ping Router2 do show history ~ _ Goi lai cau enh true dé Ctrl ~ P 10. Cu hinh Banwidth la 64kb show interfaces Ban dau: Router! (config)#do show int s0/0/0 Serial0/0/0 is administratively down, line protocol is down (disabled) Hardware is HD64570 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, twload 1/255, reload 1/255 Ovhttp://hocmang.net Page 75