ENARSI Skills Assessment - Troubleshooting

Topology

Addressing Table

Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

R1 G0/0/0 209.165.200.1/24 2001:db8:200::1/64 f e80::1:1

R1
G0/0/1 10.165.249.1/24 2001:db8:249::1/64 f e80::1:2

R1
Loopback 0 10.0.0.1/24 2001:db8:10::1/64 f e80::1:3

R1
Loopback 1 10.165.248.1/24 2001:db8:248::1/64 f e80::1:4

R2 G0/0/0 209.165.200.2/24 2001:db8:200::2/64 f e80::2:1

R2
G0/0/1 209.165.201.2/24 2001:db8:201::2/64 f e80::2:2

R2
Loopback 0 172.16.0.1/24 2001:db8:172::1/64 f e80::2:3

R2
Loopback 1 209.165.224.1/24 2001:db8:224::1/64 f e80::2:4

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 4 www.netacad.com
ENARSI Skills Assessment - Troubleshooting

Device Interface IPv4 Address/Mask IPv6 Address/Prefix Length Link-Local Address

R3 G0/0/0 209.165.201.1/24 2001:db8:201::1/64 f e80::3:1

R3
G0/0/1 192.168.241.1/24 2001:db8:241::1/64 f e80::3:2

R3
Loopback 0 192.168.0.1/24 2001:db8:192::1/64 f e80::3:3

R3
Loopback 1 192.168.240.1/24 2001:db8:240::1/64 f e80::3:4

D1 G1/0/11 10.165.249.2/25 2001:db8:249::2/64 f e80::d1:1

D1
VLAN 250 10.165.250.1/24 2001:db8:24a::1/64 f e80::d1:2

D1
VLAN 251 10.165.251.1/24 2001:db8:24b::1/64 f e80::d1:3

D2 G1/0/11 192.168.241.2/24 2001:db8:241::2/64 f e80::d2:1

D2
VLAN 242 192.168.242.1/24 2001:db8:242::1/64 f e80::d2:2

D2
VLAN 243 192.168.243.1/24 2001:db8:243::1/64 f e80::d2:3
A1 VLAN 250 10.165.250.2/24 2001:db8:24a::2/64 f e80::a1:1

PC1 NIC DHCP SLAAC EUI-64/CGA

PC2 NIC 10.165.251.5/24 2001:db8:24b::5/64 EUI-64/CGA

PC3 NIC DHCP SLAAC EUI-64/CGA

PC4 NIC DHCP SLAAC EUI-64/CGA

Objectives
Troubleshoot network issues related to the conf iguration and operation of routing protocols.

Background / Scenario
This is the same topology that you built in Part 1 of the ENARSI SA. In this topology, R1 and D1 are EIGRP
neighbors and R3 and D2 are OSPF neighbors. R1, R2, and R3 are all speaking BGP f or their respective
ASNs. Switch A1 is supporting host access f or a AAA server. You will be loading conf igurations with
intentional errors onto the network. Your tasks are to FIND the error(s), document your f indings and the
command(s) or method(s) used to f ix them, FIX the issue(s) presented here and then test the network to
ensure both of the f ollowing conditions are met:
1) the complaint received in the ticket is resolved
2) f ull reachability is restored
Note: The routers used with CCNP hands-on labs are Cisco 4221 with Cisco IOS XE Release 16.9.4
(universalk9 image). The switches used in the labs are Cisco Catalyst 3650 with Cisco IOS XE Release
16.9.4 (universalk9 image) and Cisco Catalyst 2960 with Cisco IOS Release 15.2(2) (lanbasek9 image).
Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS
version, the commands available and the output produced might vary f rom what is shown in the labs. Ref er to
the Router Interf ace Summary Table at the end of the lab f or the correct interf ace identif iers.
Note: Make sure that the devices have been erased and have no startup conf igurations. If you are unsure,
contact your instructor.
Note: The def ault Switch Database Manager (SDM) template on a Catalyst 2960 does not support IPv6. You
must change the def ault SDM template to the dual-ipv4-and-ipv6 def ault template using the sdm prefer dual-
ipv4-and-ipv6 default global conf iguration command. Changing the template will require a reboot.

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 4 www.netacad.com
ENARSI Skills Assessment - Troubleshooting

Required Resources
• 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 2 Switches (Cisco 3650 with Cisco IOS XE Release 16.9.4 universal image or comparable)
• 1 Switch (Cisco 2960 with Cisco IOS Release 15.2(2) lanbasek9 image or comparable)
• 3 PCs (Choice of operating system with terminal emulation program installed)
• 1 PC (Choice of operating system with a server running conf igured RADIUS (Optional))
• Console cables to conf igure the Cisco IOS devices via the console ports
• Ethernet and serial cables as shown in the topology

Scenario
You had the network working to specif ications and took a week of f . While you were gone, a junior
administrator and a security engineer were tasked to improve the network. The opposite occurred. Now you
are tasked with f ixing the network.
The instructions the junior administrator and security engineer were given were as f ollows:
1. Reduce the number of TCP sessions between R1 and R3.
2. Apply IPv4 and IPv6 f ilters to the outward -f acing interf aces on R1 and R3 to ensure that inbound
traf f ic sourced f rom their local networks is dropped.
3. Reduce the size of the EIGRP routing table on R1.
4. Reduce the number of route entries R1 is sending to R2.
5. Incorporate AAA using the AAA server at 209.165.251.5 to secure remote access to all devices in the
AS 10 and AS 192 networks.
They did not document things as they were supposed to, so all you have been told is things are not working
as they should be. You need to f ix all of this as soon as possible!
Use the commands listed below to load the conf iguration f iles f or this skills assessment:

Device Command

R1 copy flash:/enarsi/sa-tshoot-r1-config.txt run

R2 copy flash:/enarsi/sa-tshoot-r2-config.txt run

R3 copy flash:/enarsi/sa-tshoot-r3-config.txt run

D1 copy flash:/enarsi/sa-tshoot-d1-config.txt run

D2 copy flash:/enarsi/sa-tshoot-d2-config.txt run

A1 copy flash:/enarsi/sa-tshoot-a1-config.txt run

• Console Passwords on all devices are cisco12345. If a username is required, use admin.
• Remote access should be available using the username raduser and password upass123.
• PC2 must be conf igured with static addresses as shown in the topology diagram/addressing table.
PC1, PC3, and PC4 will dynamically acquire IPv4 and IPv6 addresses.
• When you have f ixed the ticket, change the MOTD on EACH DEVICE using the f ollowing command:
banner motd # This is $(hostname) FIXED Skills Assessment #

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 4 www.netacad.com
ENARSI Skills Assessment - Troubleshooting

• Save the conf iguration by issuing the wri command (on each device).
• Inf orm your instructor that you are f inished.
• Af ter the instructor approves your solution, issue the reset.now privileged EXEC command. This
script will clear your conf igurations and reload the devices.

Router Interface Summary Table

Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2

Fast Ethernet 0/0 Fast Ethernet 0/1

1800 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
1900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2801 (F0/0) (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Fast Ethernet 0/0 Fast Ethernet 0/1
2811 (F0/0) (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0 Gigabit Ethernet 0/1
2900 (G0/0) (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4221 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
Gigabit Ethernet 0/0/0 Gigabit Ethernet 0/0/1
4300 (G0/0/0) (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)

Note: To f ind out how the router is conf igured, look at the interf aces to identif y the type of router and how many
interf aces the router has. There is no way to ef f ectively list all the combinations of conf igurations f or each router
class. This table includes identif iers f or the possible combinations of Ethernet and Serial interf aces in the device.
The table does not include any other type of interf ace, even though a specif ic router may contain one. An
example of this might be an ISDN BRI interf ace. The string in parenthesis is the legal abbreviation that can be
used in Cisco IOS commands to represent the interf ace.
End of document

© 2020 - 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 4 www.netacad.com