Scribd Logo
Upload

Welcome to Scribd!

  • 165 views

    Ewan Nat/Acl PT Practice Sba: Device Interface Address Subnet Mask Default Gateway

    Uploaded by

    nhotoi
    This document provides instructions for completing a Packet Tracer skills exam. Students are expected to: 1. Design an IP addressing scheme and implement it on the network. 2. Configure and verify a DHCP server and WAN technologies like PPP and HDLC. 3. Configure EIGRP routing and NAT to enable communication. 4. Implement access control lists according to a security policy.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd

    Ewan Nat/Acl PT Practice Sba: Device Interface Address Subnet Mask Default Gateway

    Uploaded by

    nhotoi
    165 views6 pages
    This document provides instructions for completing a Packet Tracer skills exam. Students are expected to: 1. Design an IP addressing scheme and implement it on the network. 2. Configure and verify a DHCP server and WAN technologies like PPP and HDLC. 3. Configure EIGRP routing and NAT to enable communication. 4. Implement access control lists according to a security policy.

    Original Title

    yeucau

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides instructions for completing a Packet Tracer skills exam. Students are expected to: 1. Design an IP addressing scheme and implement it on the network. 2. Configure and verify a DHCP server and WAN technologies like PPP and HDLC. 3. Configure EIGRP routing and NAT to enable communication. 4. Implement access control lists according to a security policy.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Download as doc, pdf, or txt
    165 views6 pages

    Ewan Nat/Acl PT Practice Sba: Device Interface Address Subnet Mask Default Gateway

    Uploaded by

    nhotoi
    This document provides instructions for completing a Packet Tracer skills exam. Students are expected to: 1. Design an IP addressing scheme and implement it on the network. 2. Configure and verify a DHCP server and WAN technologies like PPP and HDLC. 3. Configure EIGRP routing and NAT to enable communication. 4. Implement access control lists according to a security policy.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOC, PDF, TXT or read online from Scribd
    Download as doc, pdf, or txt
    of 6

    EWAN NAT/ACL PT Practice SBA

    A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any Exam windows during the exam. 2. Do not close Packet Tracer when you are done, it will close automatically. 3. Click the Submit Assessment button to submit your work.

    Introduction
    In this practice Packet Tracer Skills Exam, you are expected to: Finish designing the IP addressing scheme. Implement the addressing in the network to meet the stated requirements. Configure and verify a DHCP server implementation. Configure and verify WAN technologies. Configure EIGRP to enable communication with the rest of the network. Configure NAT to translate addresses for traffic destined to the Internet. Implement access control lists as part of a security policy.

    Addressing Table
    Device R1 Interface Fa0/0 S0/0/0 S0/0/1.101 R2 S0/0/0 S0/0/1.201 S0/1/0 R3 Fa0/0 S0/0/0 S0/0/1 PC1 PC3 NIC NIC Address 172.16.1.193 172.30.1.1 10.10.10.1 172.30.1.6 10.10.10.2 209.165.201.2 172.16.1.129 172.30.1.2 172.30.1.5 172.16.1.222 DHCP Assigned Subnet Mask 255.255.255.224 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.192 255.255.255.252 255.255.255.252 255.255.255.224 DHCP Assigned Default Gateway 172.16.1.128/27 n/a n/a n/a n/a n/a 172.16.1.128/26 n/a n/a 172.16.1.128/27 DHCP Assigned

    NOTE: Use a printed version of these instructions to fill in the missing address information in the table during Step 1 to aid in configuring, verifying and troubleshooting the devices. NOTE: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

    Step 1: Finish the IP Addressing Design and Implementation.


    Design an addressing scheme and fill in the Addressing Table based on the following requirements: a. b. Subnet the address space 172.16.1.128/25 to provide 50 host addresses for the R3 LAN while wasting the fewest addresses. Assign the first available subnet to the R3 LAN.

    c. d. e. f. g. h.

    Assign the first (lowest) address in this subnet to the Fa0/0 interface on R3. Subnet the remaining address space to provide 30 host addresses for the R1 LAN while wasting the fewest addresses. Assign the next available subnet to the R1 LAN. Assign the first (lowest) address in this subnet to the Fa0/0 interface on R1. Assign the last (highest) host address in this subnet to PC1. Finish the IP addressing configuration: Configure R1 and R3 LAN interfaces with IP addressing. Configure PC1 with IP addressing. PC3 will get its address from the DHCP server on R3 in the next step.

    Step 2: Configure and Verify R3 as the DHCP Server.


    a. b. Configure R3 as the DHCP server for the LAN attached to Fa0/0 using the following guidelines: Use the case-sensitive DHCP pool name of R3_LAN. Exclude the first three host addresses in the subnet. Verify that PC3 now has full IP addressing. It may be necessary to toggle between Static and DHCP on the IP Configuration screen for PC3 before PC3 will send a DHCP request. PC3 should be able to ping the default gateway.

    Step 3: Configure WAN Technologies.


    a. b. c. The link between R3 and R2 uses PPP with CHAP. The password is ciscochap. Verify that R3 and R2 can ping each other. The link between R3 and R1 uses HDLC. R3 should be able to ping the other side of the link. Verify that R3 and R1 can ping each other. The link between R1 and R2 uses point-to-point Frame Relay subinterfaces. Verify that R1 and R2 can ping each other.

    Step 4: Configure and Verify EIGRP Routing.


    a. b. c. Configure EIGRP routing on R1, R2, and R3. Use AS number 100. Do not use the wildcard mask argument. Do not advertise the network between R2 and the Internet. Configure R2 with a default route using the outbound interface argument. Use one command to propagate the default route into the EIGRP routing process. Verify PC1 and PC3 can ping each other as well as R1, R2 and R3. You will not be able to ping Internet hosts yet.

    Step 5: Configure R2 with a NAT.


    a. b. Configure NAT on R2 using the following guidelines: Only addresses in the 172.16.1.128/25 address space will be translated. Use the number 1 for the access list. Configure PAT on the R2 S0/1/0 interface. Verify that PC1 and PC3 can ping the Internet hosts.

    Step 6: Configure Access Control Lists to Satisfy a Security Policy.


    a. b. c. d. Configure and apply an ACL with the number 50 that implements the following policy: Deny any host from the R3 LAN from accessing hosts on the R1 LAN. Hosts on the R3 LAN should be able to ping any other destination. Verify that ACL 50 is operating as intended. Configure and apply a named ACL with the case-sensitive name FIREWALL that implements the following policy: Deny ping requests sourced from the Internet. Deny Telnet and HTTP traffic sourced from the Internet. Allow all other traffic. Verify the FIREWALL ACL is operating as intended.

    EWAN NAT / ACL PT Thc hnh SBA Mt s iu cn lu khi hon tt hot ng ny: 1. Khng s dng nt Back ca trnh duyt hoc ng ca hoc ti li bt k ca s thi trong k thi. 2. ng ng Packet Tracer khi bn lm xong, n s t ng ng. 3. Nhp vo nt Gi gi nh gi cng vic ca bn. Gii thiu Trong Packet Tracer thc hnh k nng thi, bn s: Hon tt thit k cc chng trnh a ch IP. Thc hin cc gii trong h thng mng p ng cc yu cu nu. Cu hnh v kim tra mt my ch DHCP thc hin. Cu hnh v xc minh cc cng ngh WAN. Cu hnh EIGRP cho php giao tip vi phn cn li ca mng. Cu hnh NAT phin dch a ch cho giao thng i n vi Internet. Thc hin kim sot truy cp danh sch nh l mt phn ca mt chnh sch an ninh. Bng biu Giao din thit b a ch Subnet Mask Default Gateway R1 Fa0 / 0 n / a

    S0/0/0 172.30.1.1 255.255.255.252 n / a S0/0/1.101 10.10.10.1 255.255.255.252 n / a R2 S0/0/0 172.30.1.6 255.255.255.252 n / a S0/0/1.201 10.10.10.2 255.255.255.252 n / a S0/1/0 209.165.201.2 255.255.255.252 n / a R3 Fa0 / 0 n / a S0/0/0 172.30.1.2 255.255.255.252 n / a S0/0/1 172.30.1.5 255.255.255.252 n / a PC1 NIC PC3 NIC DHCP DHCP DHCP c ch nh c ch nh c ch nh Ch : S dng mt phin bn in ca cc hng dn in vo cc thng tin a ch thiu trong bng trong bc 1 h tr trong cu hnh, xc minh, x l s c cc thit b. Ch : Cc mt khu cho ch ngi dng EXEC l cisco. Cc mt khu cho ch EXEC c quyn l lp. Bc 1: Kt thc a ch IP Thit k v thc hin. Thit k mt chng trnh gii quyt v in vo cc bng biu da trn cc yu cu sau: a. Subnet a ch 172.16.1.128/25 khng gian cung cp cho 50 a ch host cho LAN R3 trong khi cc a ch lng ph t nht. b. Ch nh ngi u tin sn subnet vi LAN R3. c. Giao (thp nht) u tin a ch trong mng con ny n giao din / 0 Fa0 trn R3. d. Subnet khng gian a ch cn li cung cp 30 a ch host cho LAN R1, trong khi cc a ch lng ph t nht. e. Giao tip c sn subnet vi LAN R1. f. Giao (thp nht) u tin a ch trong mng con ny cho Fa0 / 0 giao din trn R1. g. Giao (cao nht) qua a ch host trong mng con ny n PC1. h. Kt thc cu hnh a ch IP:

    Cu hnh giao din mng LAN R1 v R3 vi a ch IP. Cu hnh PC1 vi a ch IP. PC3 s nhn c a ch ca n t my ch DHCP trn R3 trong bc tip theo. Bc 2: Cu hnh v Xc minh R3 nh DHCP Server. a. Cu hnh R3 nh l my ch DHCP cho LAN thuc Fa0 / 0 bng cch s dng cc hng dn sau y: S dng tn DHCP h bi trng hp nhy cm ca R3_LAN. Loi tr ba a ch my ch u tin trong mng con ngi. b. Xc minh rng PC3 nay c y a ch IP. N c th l cn thit chuyn i gia "tnh" v "DHCP" trn mn hnh cu hnh IP cho PC3 trc khi PC3 s gi mt yu cu DHCP. PC3 s c th ping gateway mc nh. Bc 3: Cu hnh cc cng ngh WAN. a. S lin kt gia R3 v R2 s dng PPP vi CHAP. Mt khu c ciscochap. Xc minh rng R3 v R2 c th ping nhau. b. Mi lin h gia s dng R3 v R1 HDLC. R3 c th ping pha bn kia ca lin kt. Xc minh rng R3 v R1 c th ping nhau. c. S lin kt gia R1 v R2 s dng point-to-point subinterfaces Frame Relay. Xc minh rng R1 v R2 c th ping nhau. Bc 4: Cu hnh v Xc minh nh tuyn EIGRP. a. Cu hnh nh tuyn EIGRP trn R1, R2, v R3. S dng s AS 100. Khng dng tham s mt n k t i din. Khng qung co mng gia R2 v Internet. b. Cu hnh R2 vi mt tuyn ng mc nh bng cch s dng cc tham s giao din i. S dng mt lnh tuyn truyn cc tuyn ng mc nh vo qu trnh nh tuyn EIGRP. c. Xc minh PC1 v PC3 c th ping nhau cng nh R2, R1 v R3. Bn s khng th ping cc my ch Internet no. Bc 5: Cu hnh R2 vi NAT mt.

    a. Cu hnh NAT trn R2 bng cch s dng cc hng dn sau y: Ch c a ch trong khng gian a ch 172.16.1.128/25 s c dch. S dng s 1 trong danh sch truy cp. Cu hnh PAT trn giao din S0/1/0 R2. b. Xc minh rng PC1 v PC3 c th ping cc my ch Internet. Bc 6: Cu hnh Access Control Lists p ng mt chnh sch an ninh. a. Cu hnh v p dng mt ACL vi s 50 m thc hin cc chnh sch sau y: T chi bt k my ch t R3 LAN truy cp vo my ch trn mng LAN R1. Thnh trn mng LAN R3 c th ping n cc im n khc. b. Xc minh rng ACL 50 l iu hnh nh d nh. c. Cu hnh v p dng mt ACL t tn vi tn FIREWALL trng hp nhy cm m thc hin cc chnh sch sau y: T chi cc yu cu ping c ngun gc t Internet. T chi v Telnet

    You might also like