Laboratórios CCNA
Laboratórios CCNA
Laboratórios CCNA
Tasks -All physical cabling between the two switches is installed. Configure the
network connectivity between the switches using the designated VLANs and
interfaces.
1. Configure VLAN 12 named Compute and VLAN 34 named Telephony where required
for each task.
SW2>enable
SW2#config t
SW2(config)#vlan 12
SW2(config-vlan)#name Compute
SW2(config)#vlan 34
SW2(config-vlan)#name Telephony
SW2(config)#interface ethernet0/0
SW2(config-if)#Switchport mode access
SW2(config-if)#Switchport access vlan 12
SW2(config)#cdp run
SW2(config)#interface ethernet0/1
SW2(config-if)#Switchport mode access
SW2(config-if)#switchport access vlan (Available-vlan-id)
SW2(config-if)#no cdp enable
SW2(config-if)#end
SW2#wr
Topology 2
Tasks -Configure IPv4 and IPv6 connectivity between two routers. For IPv4, use a /28
network from the 192.168.180.0/24 private range. For IPv6, use the first /64 subnet
from the 2001:0db8:acca::/48 subnet.
1. Using Ethernet0/1 on routers R1 and R2, configure the next usable /28 from the
192.168.180.0/24 range. The network 192.168.180.0/28 is unavailable.
2. For the IPv4 /28 subnet, router R1 must be configured with the first usable host
address.
3. For the IPv4 /28 subnet, router R2 must be configured with the last usable host
address.
4. For the IPv6 /64 subnet, configure the routers with the IP addressing provided from
the topology.
5. A ping must work between the routers on the IPv4 and IPv6 address ranges.
R1>enable
R1#config terminal
R1(config)#ipv6 unicast-routing
R1(config)#inter eth0/1
R1(config-if)#ip address 192.168.180.17 255.255.255.240
R1(config-if)#ipv6 addre 2001:db8:acca::1/64
R1(config-if)#not shut
R1(config-if)#end
R2>enable
R2#config terminal
R2(config)#ipv6 unicast-routing
R2(config)#inter eth0/1
R2(config-if)#ip address 192.168.1.30 255.255.255.240
R2(config-if)#ipv6 address 2001:db8:acca::2/64
R2(config-if)#not shut
R2(config-if)#end
R2#copy running start
R2#ping 192.168.180.17
R2#ping ipv6 2001:db8:acca::1
R2#
Topology 3
Tasks -Three switches must be configured for Layer 2 connectivity. The company
requires only the designated VLANs to be configured on their respective switches and
permitted across any links between switches for security purposes. Do not modify or
delete VTP configurations.
1. Configure the VLANs on the designated switches and assign them as access ports
to the interfaces connected to the PCs.
2. Configure the e0/2 interfaces on Sw1 and Sw2 as 802.1q trunks with only the
required VLANs permitted.
3. Configure the e0/3 interfaces on Sw2 and Sw3 as 802.1q trunks with only the
required VLANs permitted.
########## SW1 ##########
SW1>enable
SW1#configure terminal
SW1(config)#vlan 303
SW1(config-vlan)#name FINANCE
SW1(config-vlan)#exit
SW1(config)#interface e0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 303
SW1(config-if)#interface e0/2
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 303
SW1(config-if)#end
SW1#copy running-config startup-config
Topology 4
Tasks -Refer to the topology. All physical cabling is in place. Configure a local user
account, a Named ACL (NACL), and security.
Task 1 –
Configure a local account on Sw101 with telnet access only on virtual ports 0-4. Use
the following information:
• Username: support
• Password: max2learn
Task 2 -Configure and apply a single NACL on Sw101 using the following:
• Name: ENT_ACL
• Drop packets with unknown source addresses until the number of secure MAC
addresses drops below the configured maximum value. No notification action is
required.
Tasks -Refer to the topology. All physical cabling is in place. Configure local users
accounts, modify the Named ACL (NACL), and configure DHCP Snooping. The
current contents of the NACL must remain intact.
Task 1 -Configure a local account on Gw1 with telnet access only on virtual ports 0-4.
Use the following information:
• Username: wheel
• Password: lock3path
• Algorithm type: Scrypt
• Privilege level: Exec mode
Task 2 -Configure and apply a NACL on Gw1 to control network traffic from VLAN 10:
• Name: CORP_ACL
• Allow BOOTP and HTTPS
• Restrict all other traffic and log the ingress interface, source MAC address, the
packet’s source and destination IP addresses, and ports
Task 3 -Configure Sw1:
• Enable DNCP Snooping for VLAN 10
• Disable DHCP Option-82 data insertion
• Enable DHCP Snooping MAC address verification
• Enable trusted interfaces
Tasks -IP connectivity and OSPF are preconfigured on all devices where necessary. Do
not make any changes to the IP addressing or OSPF. The company policy uses
connected interfaces and next hops when configuring static routes except for load
balancing or redundancy without floating static. Connectivity must be established
between subnet 172.20.20.128/25 on the Internet and the LAN at 192.168.0.0/24
connected to SW1:
########## R2 ##########
R2>enable
R2#conf t
R2(config)#ip route 192.168.0.0.255.255.255.0 10.10.31.1
R2(config)#ip route 172.20.20.128 255.255.255.128 10.10.12.129
R2(config)#ip route 172.20.20.128 255.255.255.128 10.10.12.1
R2(config)#end
R2#wr
Topology 7
Tasks -IP connectivity between the three routers is configured. OSPF adjacencies
must be established.
1. Configure R1 and R2 Router IDs using the interface IP addresses from the link that is
shared between them.
2. Configure the R2 links with a max value facing R1 and R3. R2 must become the DR.
R1 and R3 links facing R2 must remain with the default OSPF configuration for DR
election. Verify the configuration after clearing the OSPF process.
3. Using a host wildcard mask, configure all three routers to advertise their respective
Loopback1 networks.
4. Configure the link between R1 and R3 to disable their ability to add other OSPF
routers.
########## R1 ##########
enable
conf t
interface loop 0
ip add 10.10.1.1 255.255.255.255
exit
int loop 1
ip add 192.168.1.1 255.255.255.0
exit
inter e0/1
ip add 10.10.13.1 255.255.255.0
no shut
inter e0/0
ip add 10.10.12.1 255.255.255.0
no shut
exit
router ospf 1
router-id 10.10.13.1
log-adjacency-changes
network 192.168.1.0 0.0.0.0 a 0
network 10.10.1.1 0.0.0.0 a 0
network 10.10.12.0 0.0.0.255 a 0
network 10.10.13.0 0.0.0.255 a 0
exit
interface e0/1
ip ospf 1 a 0
ip ospf network point-to-point
exit
interface e0/0
ip ospf 1 a 0
priority 0
end
wr
########## R3 ##########
enable
conf t
interface loop 0
ip add 10.10.3.3 255.255.255.255
exit
inter loop 1 192.168.3.3 255.255.255.0
exit
interface e0/2
ip add 10.10.23.3 255.255.255.0
no shut
interface e0/1
ip add 10.10.13.3 255.255.255.0
no shut
exit
router ospf 1
router-id 10.10.13.3
log-adjacency-changes
network 10.10.3.3 0.0.0.0 a 0
network 192.168.3.0 0.0.0.255 a 0
network 10.10.13.0 0.0.0.255 a 0
network 10.10.23.0 0.0.0.255 a 0
exit
interface e0/1
ip ospf 1 a 0
ip ospf network point-to-point
exit
interface e0/2
ip ospf 1 a 0
ip ospf priority 0
end
wr
########## R2 ##########
enable
conf t
interface loop 0
ip add 10.10.2.2 255.255.255.255
exit
interface loop 1
ip add 192.168.2.2 255.255.255.0
exit
interface e0/0
ip add 10.10.12.2 255.255.255.0
no shut
interface e0/2
ip add 10.10.23.2 255.255.255.0
no shut
exit
router ospf 1
router-id 10.10.2.2
log-adjacency-changes
network 10.10.2.2 0.0.0.0 a 0
network 192.168.2.0 0.0.0.255 a 0
network 10.10.23.0 0.0.0.255 a 0
network 10.10.12.0 0.0.0.255 a 0
exit
interface e0/0
ip ospf 1 a 0
ip ospf priority 255
exit
interface e0/2
ip ospf 1 a 0
ip ospf priority 255
end
wr
Topology 8
Tasks -R1 has been pre-configured with all the necessary commands. All physical cabling is
in place and verified. Connectivity from PC1, PC3, and the Server must be established to
the switches, and each port must only allow one VLAN.
1. Configure the VLAN connecting to the switch port for PC3 with the name "SALES"
2. Configure the switch port connecting to Server1
3. Configure the switch port connecting to PC3 4. Ensure R1 discovers SW-1 via the
Cisco proprietary neighbor discovery protocol and all other devices on the network
are unable to discover SW- 1
SW-2>enable
SW-2#conf t
SW-2(config)#vlan 20
SW-2(config-vlan)#name SERVER1
SW-2(config-vlan)#exit
SW-2(config)#vlan 30
SW-2(config-vlan)#name SALES
SW-2(config-vlan)#exit
SW-2(config)#interface ETH0/2
SW-2(config-if)#switchport mode access
SW-2(config-if)#switchport access vlan 20
SW-2(config-if)#no sh
SW-2(config-if)#exit
SW-2(config)#interface ETH0/3
SW-2(config-if)#SW-1port mode access
SW-2(config-if)#SW-1port access vlan 30
SW-2(config-if)#no sh
SW-2(config-if)#end
SW-2#wr
SW-1>enable
SW-1#configure t
SW-1(config)#cdp run
SW-1(config)#interface fastEthernet 0/1
SW-1(config-if)#cdp enable
SW-1(config-if)#no sh
SW-1(config)#interface fastEthernet 0/2
SW-1(config-if)#no cdp enable
SW-1(config-if)#no sh
SW-1(config-if)#end
SW-1#wr
Topology 9
Tasks -All physical cabling is in place. Routers R3 and R4 are fully configured and
inaccessible. Configure static routes for various connectivity to the ISP and the LAN
that resides on R4.
R1>enable
R1#conf t
R1(config)#ip route 10.0.41.10 255.255.255.255 e0/0
R1(config)#ip route 10.0.41.0 255.255.255.0 e0/0 201
R1(config)#ip route 10.0.41.0 255.255.255.0 e0/1
R1(config)#end
R1#wr
R2>enable
R2#conf t
R2(config)#ip route 0.0.0.0 0.0.0.0 209.165.200.225
R2(config)#end
R2#wr
Topology 10
Tasks -All physical cabling is in place. A company plans to deploy 16 new sites. The
sites will utilize both IPv4 and IPv6 networks.
1. Subnet 172.16.0.0/16 to meet the subnet requirements and maximize the number of
hosts
• Using the second subnet
- Assign the first usable IP address to e0/0 on Sw101
- Assign the last usable IP address to e0/0 on Sw102
2. Subnet 2001:DB8::/50 to meet the subnet requirements and maximize the number of
hosts
• Using the second subnet
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102
SW101>enable
SW101#conf t
SW101(config)#ipv6 unicast-routing
SW101(config)#int e0/0
SW101(config-if)#no switchport
SW101(config-if)#ip address 172.16.16.1 255.255.240.0
SW101(config-if)#ipv6 address 2001:db80:400::1/64
SW101(config-if)#no shutdown
SW101(config-if)#end
SW101#wr
SW102>enable
SW102#conf t
SW102(config)#ipv6 unicast-routing
SW102(config-if)#int e0/0
SW102(config-if)#no switchport
SW102(config-if)#ip address 172.16.31.254 255.255.240.0
SW102(config-if)#ipv6 address 2011:db8:0:400::2/64
SW102(config-if)#no shutdown
SW102(config-if)#end
SW102#wr
Topology 11
Tasks -Refer to the topology. All physical cabling is in place. Routers R3 and R4 are fully
configured and inaccessible. Configure static routes for various connectivity to the ISP and
the LAN, which resides on R4.
R2>enable
R2#conf t
R2(config)#ip route 0.0.0.0 0.0.0.0 e0/2
R2(config)#ip route 10.0.41.10 255.255.255.255 e0/0
R2(config)#end
R2#wr
Topology 12
Tasks -R1 and R2 are pre-configured with all the necessary commands. All physical cabling
is in place and verified. Connectivity for PC1 and PC2 must be established to the switches;
each port must only allow one VLAN and be operational.
SW1>enable
SW1#conf t
SW1(config)# vlan 15
SW1(config-vlan)#name OPS
SW1(config-vlan)#exit
SW1(config)#interface etherne0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 15
SW1(config-if)#no shut
SW1(config-if)#exit
SW1(config)#lldp run
SW1(config)#interface e0/0
SW1(config-if)#no lldp transmit
SW1(config-if)#no lldp receive
SW1(config-if)#cdp enable
SW1(config-if)#end
SW1#wr
SW2>enable
SW2#conf t
SW2(config)#vlan 66
SW2(config-vlan)#name ENGINEERING
SW2(config-vlan)#exit
SW2(config)#int e0/1
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 66
SW2(config-if)#no shut
SW2(config-if)#exit
SW2(config)#lldp run
SW2(config)#interface e0/0
SW2(config-if)#no lldp transmit
SW2(config-if)#no lldp receive
SW2(config-if)#cdp enable
SW2(config-if)#end
SW2#wr
Topology 13
Tasks -R1 has been pre-configured with all the necessary commands. All physical cabling is
in place and verified. Connectivity for PC1 and PC2 must be established to the switches,
and each port must only allow one VLAN.
SW1>enable
SW-1#conf t
SW-1(config)#vlan 35
SW-1(config-vlan)#name SALES
SW-1(config-vlan)#exit
SW-1(config)#interface gigabitEthernet 0/2
SW-1(config-if)#switchport mode access
SW-1(config-if)#switchport access vlan 35
SW-1(config-if)#no lldp receive
SW-1(config-if)#no lldp transmit
SW-1(config-if)#exit
SW-1(config)#lldp run
SW-1(config)#end
SW-1#wr
SW2>enable
SW2#conf t
SW-2(config)#vlan 39
SW-2(config-vlan)#name MARKETING
SW-2(config-vlan)#exit
SW-2(config)#interface gigabitEthernet 0/2
SW-2(config-if)#switchport mode access
SW-2(config-if)#switchport access vlan 39
SW-2(config-if)#exit
SW-2(config)#lldp run
SW-2(config)#end
SW-2#wr
Topology 14
Tasks -VLANS 35 and 45 have been configured in all three switches. All physical
connectivity has been installed and verified All inter-switch links must be operational.
1. Configure SW-1 and SW-2 switch ports e0/0 and e0/1 for 802.1q trunking allowing
all VLANS
2. Configure the inter-switch links on SW-1 e0/2, SW-2 e0/2, and SW-3 e0/0 and e0/1
to use native VLAN 35
3. Configure SW-1 and SW-2 switch ports e0/0 and e0/1 for link aggregation SW-1
should immediately negotiate LACP and SW-2 must only respond to LACP requests
SW1>enable
SW1#conf t
interface range e0/0 - 1
channel-group 12 mode active
shutdown
interface port-channel 12
no shutdown
switchport trunk encapsulation dotiq
switchport mode trunk
switchport trunk native vlan 35
end
wr
SW2>enable
SW2#conf t
interface range e0/0 – 1
shutdown
channel-group 12 mode passive
no shutdown
interface port-channel 12
switchport trunk encapsulation dotiq
switchport mode trunk
switchport trunk native vlan 35
interface e0/2
switchport trunk native vlan 35
end
wr
SW3>enable
SW3#conf t
interface range e0/0 – 1
shutdown
switchport mode trunk encapsulation dotiq
no shutdown
switchport mode trunk
switchport trunk native vlan 35
end
wr
Topology 15
Tasks -All physical cabling is in place and verified. Switch SW-1 is pre-configured
and inaccessible. SW-2 and SW-3 ports must be configured and operational to
complete the configuration.
1. Configure SW-2 and SW-3 ports E0/0 to use the industry standard encapsulation
method for trunking and only tag VLAN 10
2. Configure SW-2 and SW-3 ports E0/0 to send and receive untagged traffic over
VLAN 11
3. Configure SW-2 and SW-3 ports E0/2 and E0/3 to use the industry standard
encapsulation method for trunking and tag all VLANS
4. Configure SW-2 and SW-3 ports E0/2 and E0/3 for link aggregation using the
industry standard protocol with the following requirements: o SW-2 ports must not
initiate the negotiation for the aggregation protocol o SW-3 ports must
immediately negotiate the aggregation protocol o Use the designated number
assignment
Topology 16
Tasks -All physical cabling is in place. A company plans to deploy 16 new sites. The
sites will utilize both IPv4 and IPv6 networks.
1. Subnet 10.20.0.0/16 to meet the subnet requirements and maximize the number of
hosts
2. Subnet 2001:db8::/52 to meet the subnet requirements and maximize the number
of hosts
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102
SW101>enable
SW101#conf t
SW101(config)#ipv6 unicast-routing
SW101(config)#interface gigabitEthernet 0/0
SW101(config-if)#no switchport
SW101(config-if)#ip address 10.20.16.1 255.255.240.0
SW101(config-if)#ipv6 address 2001:DB8:0:100::1/64
SW101(config-if)#no shutdown
SW101(config-if)#end
SW101#wr
SW102>enable
Sw102#conf t
SW102(config)#ipv6 unicast-routing
SW102(config)#interface gigabitEthernet 0/0
SW102(config-if)#no switchport
SW102(config-if)#ip address 10.20.31.254 255.255.240.0
SW102(config-if)#ipv6 address 2001:DB8:0:100::2/64
SW102(config-if)#no shutdown
SW102(config-if)#end
SW102#wr
Topology 17
Tasks -All physical cabling is in place and verified. Router R1 is configured and passing
traffic for VLANs 5 and 6. All relevant ports are pre-configured as 802.1q trunks.
2. Configure both SW-1 and SW-2's E0/1 ports to send and receive untagged traffic
over VLAN 77
4. Configure both SW-3 and SW-4 ports e0/0 and e0/1 for link aggregation using the
industry standard protocol with the following requirements:
- SW-4 ports must not initiate the negotiation for the aggregation protocol
Tasks -Refer to the topology. All physical cabling is in place. Configure local users
accounts, modify the Named ACL (NACL), and configure DHCP Snooping. The current
contents of the NACL must remain intact.
1. Configure a local account on Sw103 with telnet access only on virtual ports 0-4. Use the
following information:
• Username: devnet
• Password: access8cli
• Algorithm type: SHA256
• Privilege level: Exec mode
2. Using the minimum number of ACEs, modify the existing NACL "INTERNET_ACL" to
control network traffic destined for the Internet, and apply the ACL on R1:
• Allow HTTPS from 172.16.0.0/16
• Allow Telnet only for VLAN 101
• Restrict all other traffic and log the ingress interface, source MAC address, the packet's
source and destination IP addresses, and ports
3. Configure Sw101:
• Enable DHCP Snooping for VLAN 101
• Disable DHCP Option-82 data insertion
• Enable DHCP Snooping MAC address verification
Topology 19
Tasks -All physical cabling is in place. A company plans to deploy 64 new sites. The sites
will utilize both IPv4 and IPv6 networks.
1. Subnet 10.30.64.0/19 to meet the subnet requirements and maximize the number of hosts
• Using the second subnet
- Assign the first usable IP address to e0/0 on Sw101
- Assign the last usable IP address to e0/0 on Sw102
2. Subnet 2001:db8::/56 to meet the subnet requirements and maximize the number of hosts
• Using the second subnet
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw101
- Assign an IPv6 GUA using a unique 64-Bit interface identifier on e0/0 on Sw102
Topology 20
Tasks -All physical cabling is in place. Configurations should ensure that connectivity is
established end-to-end.
1. Configure a route on R1 to ensure that R1 prefers R2 to reach the 2001:db8:41::/64
network
2. Configure a floating route on R1, and ensure that R1 uses R3 to reach the 2001
:db8:41::/64 network if the connection between R1 and R2 is down
3. Ping and traceroute should be working
Topology 21
R1 has been pre-configured with all the necessary commands. All physical cabling is in
place and verified. Connectivity to the end devices must be configured.
1. Configure SW-1 switch port 0/1 to carry traffic for the Cisco IP phone and PC
2. Configure SW-2 E0/1 to carry traffic for PC2
3. Configure VLAN 10 with the name “Engineering” on SW-1
4. Configure the link between SW-1 and SW-2 to use the vendor neutral neighbor discovery
protocol
5. Configure the link on SW-1 to R1 so that it does not allow the Cisco neighbor discovery
protocol to pass
SW1>enable
S1#conf t
S1(config)#vlan 10
S1(config-vlan)#name Engineering
exit
S1(config-if)#interface e0/1
S1(config-if)#switchport mode access
S1(config-if)#switchport voice vlan 11
S1(config-if)#switchport access vlan 10
exit
S1(config)#lldp run
S1(config-if)#interface e0/0
S1(config-if)#lldp transmit
S1(config-if)#lldp receive
S1(config-if)#exit
S1(config)#cdp run
S1(config)#interface e0/2
S1(config-if)#no cdp enable
S1(config-if)#end
S1#wr
SW2>enable
S2#conf t
S2(config)#vlan 30
S2(config-vlan)#exit
S2(config)#interface e0/1
S2(config-if)#switchport mode access
S2(config-if)#switchport access vlan 30
S2(config-if)#lldp run
S2(config-if)#interface e0/0
S2(config-if)#lldp transmit
S2(config-if)#lldp receive
S2(config-if)#end
S2#wr
Topology 22
Tasks -All physical cabling is in place and verified. Connectivity for the Switches on ports
E0/1, E0/2, and E0/3 must be configured and available for voice and data capabilities.
1. Configure Sw1 and Sw2 with both VLANS, naming them according to the VLAN Name
provided in the topology.
2. Configure the E0/1, E0/2, and E0/3 ports on both switches for both VLANS and ensure
that Cisco IP phones and PCs pass traffic.
3. Configure Sw1 and Sw2 to allow neighbor discovery via the vendor-neutral protocol on
e0/0.
SW1>enable
SW1#conf t
SW1(config)#vlan 77
SW1(config-vlan)#name User_VLAN
SW1(config-vlan)#exit
SW1(config)#vlan 177
SW1(config-vlan)#name Voice_VLAN
SW1(config-vlan)#exit
SW1(config)#interface range ethernet0/1-3
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 77
SW1(config-if)#switchport voice vlan 177
SW1(config-if)#exit
SW1(config)#lldp run
SW1(config)#interface ethernet0/0
SW1(config-if)#lldp transmit
SW1(config-if)#lldp receive
SW1(config-if)#end
S1#wr
SW2>enable
SW2#conf t
SW2(config)#vlan 77
SW2(config-vlan)#name User_VLAN
SW2(config)#exit
SW2(config)#vlan 177
SW2(config-vlan)#name Voice_VLAN
SW2(config-vlan)#exit
SW2(config)#interface range ethernet0/1-3
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 77
SW2(config-if)#switchport voice vlan 177
SW2(config-if)#end
SW2#wr
Topology 23
Tasks - All physical cabling is in place and verified. Connectivity between all four switches
must be established and operational. All ports are pre-configured as 802.1q trunks.
1. Configure both SW-1 and SW-2 ports e0/1 and e0/2 to permit only the allowed VLANs
2. Configure both SW-3 and SW-4 ports e0/2 to permit only the allowed VLANs
3. Configure both SW-1 and SW-2 e0/1 ports to send and receive untagged traffic over
VLAN 99
4. Configure both SW-3 and SW-4 ports e0/0 and e0/1 for link aggregation using the
industry standard protocol. All ports must immediately negotiate the link aggregation
5. Permit only the allowed VLANs on the new link
SW1>enable
S1#conf t
S1(config)#interface range e0/1-2
S1(config-if)#switchport trunk allowed vlan 56,77,99
S1(config-if)#switchport trunk native vlan 99
S1(config-if)#end
S1#wr
SW2>enable
S2#conf t
S2(config)#interface range e0/1-2
S2(config-if)#switchport trunk allowed vlan 56,77,99
S2(config-if)#switchport trunk native vlan 99
S2(config-if)#end
S2#wr
SW3>enable
SW3#conf t
SW3(config)#interface range 0/0-1
SW3(config-if)#shutdown
SW3(config-if)#channel-group 34 mode active
SW3(config-if)#no shutdown
SW3(config-if)#exit
SW3(config)#interface po34
SW3(config-if)#switchport trunk allowed vlan 56,77,99
SW3(config-if)#interface e0/2
S3(config-if)#switchport trunk native vlan 99
SW3(config-if)#switchport trunk allowed vlan 56,77,99
SW3(config-if)#end
SW3#wr
SW4>enable
SW4#conf t
SW4(config)#interface range e0/0-1
SW4(config-if)#shutdown
SW4(config-if)#channel-group 34 mode active
SW4(config-if)#no shutdown
SW4(config-if)#exit
SW4(config)#interface po34
SW4(config-if)#switchport trunk allowed vlan 56,77,99
SW4(config-if)#interface e0/2
SW4(config-if)#switchport trunk allowed vlan 56,77,99
SW4(config-if)#end
SW4#wr
Topology 24
Tasks -Physical connectivity is implemented between the two Layer 2 switches, and the
network connectivity between them must be configured.
SW2>enable
SW2#conf t
SW2(config)#interface range eth0/0-1
SW2(config-if)#shutdown
SW2(config-if)#channel-group 44 mode active
SW2(config-if)#no shut
SW2(config-if)#exit
SW2(config)#interface port-channel 44
SW2(config-if)#switchport mode trunk
SW2(config-if)#switchport trunk encapsulation dot1q
SW2(config-if)#switchport trunk native vlan 746
SW2(config-if)#end
SW2#wr
Topology 25
Tasks -Connectivity between four routers has been established. IP connectivity must be
configured in the order presented to complete the implementation. No dynamic routing
protocols are included.
1. Configure static routing using host routes to establish connectivity from router R3 to the
router R1 Loopback address using the source IP of 209.165.200.230.
2. Configure an IPv4 default route on router R2 destined for router R4.
3. Configure an IPv6 default router on router R2 destined for router R4.
R1>enable
R1#conf t
R1(config)#ip route 192.168.8.1 255.255.255.255 209.165.200.226
R1(config)#end
R1#wr
R3>enable
R3#conf t
R3(config)#ip route 192.168.1.1 255.255.255.255 209.168.200.229
R3(config)#end
R3#wr
R2>enable
R2#conf t
R2(config)#ipv6 unicast-routing
R2(config)#ip route 0.0.0.0 0.0.0.0 209.165.202.130
R2(config)#ipv6 route ::/0 2001:db8:abcd::2
R2(config)#end
R2#wr
Topology
Tasks -Connectivity between three routers has been established, and IP services must be
configured in the order presented to complete the implementation. Tasks assigned include
configuration of NAT, NTP, DHCP, and SSH services.
1. All traffic sent from R3 to the R1 Loopback address must be configured for NAT on R2.
All source addresses must be translated from R3 to the IP address of Ethernet0/0 on R2,
while using only a standard access list named PUBNET. To verify, a ping must be
successful to the R1 Loopback address sourced from R3. Do not use NVI NAT
configuration.
2. Configure R1 as an NTP server and R2 as a client, not as a peer, using the IP address of
the R1 Ethernet0/2 interface. Set the clock on the NTP server for midnight on May 1, 2018.
3. Configure R1 as a DHCP server for the network 10.1.3.0/24 in a pool named NETPOOL.
Using a single command, exclude addresses 1 - 10 from the range. Interface Ethernet0/2 on
R3 must be issued the IP address of 10.1.3.11 via DHCP.
4. Configure SSH connectivity from R1 to R3, while excluding access via other remote
connection protocols. Access for user netadmin and password N3t4ccess must be set on
router R3 using RSA and 1024 bits. Verify connectivity using an SSH session from router R1
using a destination address of 10.1.3.11. Do NOT modify console
R2>enable
R2#conf t
R2(config)# ntp server 10.1.3.1
R2(config)# ip access list standard PUBNET
R2(config-std-nacl)# permit 10.2.3.3
R2(config-std-nacl)# permit 10.1.3.11
R2(config-std-nacl)# permit 192.168.3.1
R2(config-std-nacl)# exit
R2(config)# interface e0/1
R2(config-if)# ip nat inside
R2(config)# interface e0/0
R2(config-if)# ip nat outside
R2(config)# ip nat inside source list PUBNET interface e0/0 overload
R2(config)#end
R2# wr
R1>enable
R1# clock set 00:00:00 jan 1 2019
R1#conf t
R1(config)# ntp master 1
R1(config)# ip dhcp pool NETPOOL
R1(dhcp-config)# network 10.1.3.0 255.255.255.0
R1(config)# exit
R1(config)# ip dhcp excluded-address 10.1. 3.1 10.1.3.10
R1(config)#end
R1#wr