Lab Activity 9.10.1.1: Skills-Based Exam #1

Objectives

  • Analyze the requirements for integrating a router into an existing network

  • Practice configuring routers given specific requirements

  • Help prepare for the Semester 3 / 4 Skills Based Assessment (SBA) practical final exam

Background:

With this lab you are a network administrator for one of your companies remote sites which is connected to the central corporate offices though a Wide Area Network (WAN) T1 link. Your assignment is to configure your router from scratch based on some specific requirements and corporate guidelines. Your site must connect to the Corporate router which is already configured and must adapt to the IP addressing scheme and protocols being used at the corporate location since you will have no control over the Corporate router. You will also create an Access Control List (ACL) to prevent a certain type of access from your remote site to the corporate location. This lab will help to prepare you for the hands-on Semester 4 Skill Based Assessment final exam. You will work in teams with one team setting up the Corporate router and the other team configuring the Remote router to connect to it.

Tools / Preparation:

Prior to starting the lab, the teacher or lab assistant should have 2 routers available with a WAN link such as routers Lab-A and Lab-B (one for the Remote Site and one for the Corporate Site). Your team should be able to configure your router from scratch using the setup config utility or preferably from the command line. You should try to do this lab without looking at your notes and using only the command line help facility.

Before beginning this lab you should review the Networking Academy Companion Guide chapters on basic router EXEC mode IOS configuration commands, subnet masking, WAN encapsulation and Extended ACLs. You should also review the corresponding on-line chapters. Work in teams of 3 or more. One team is responsible for the configuring the Corporate router and the other team is responsible for configuring the Remote router. The Corporate router team members can look at the answers to ensure that it is configured properly. The Remote router team members can ask questions of the corporate team members but should not see the actual configuration of the Corporate router. They can only use the information given for the Corporate router in the worksheet section of the lab. The following is a list of resources required.

  • 2 routers with a IOS 11.2 or later ("Remote" router and "Corporate" router)
  • WAN cable link between them with the Corporate router providing the DCE clocking
  • Remote router should be connected to an Ethernet LAN
  • Workstation connected to the Remote router's console port and the Ethernet LAN
  • Corporate router should not be accessible except thru the WAN link

Web Site Resources:

Step 1: Verify the WAN physical connection between the routers.

Verify that the DCE cable is attached to the Corporate router and the DTE cable is attached to Remote router. Check the physical cables, each of which should be labeled as either DCE or DTE.

Step 2: Erase the startup configuration file for the Remote router.

The router startup config file may have already been erased but it is useful to go through the process for practice. If the Remote router configuration file has been erased, you should see a message saying "Notice: NVRAM invalid, possibly due to write erase." when the router is powered on. If the router is already on and the prompt is: Router> then the startup config file has probably been erased. Verify this by entering privileged EXEC mode with the enable command. If the config is blank you will not be prompted for a password. If you issue the show run command, none of the interfaces will be configured.

Erase the NVRAM startup configuration file as follows:

Router>enable (since there is no config, you will not be prompted for a password)

Router# erase start
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete

Router# reload
Proceed with reload? [confirm]
00:09:30: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 6144 Kbytes of main memory
Notice: NVRAM invalid, possibly due to write erase.

System configuration has been modified. Save? [yes/no]: NO
---- System Configuration Dialog ----
Would you like to enter the initial configuration dialog? [yes/no]: NO

Notes: You may run the config (setup) dialog but you will be prompted for configuration parameters. You should be able to configure the router using only the command line to demonstrate your understanding of router IOS commands and help build your confidence. In practice, you will store the config files on a workstation with a console connection and HyperTerminal or on a TFTP server.

Would you like to terminate autoinstall? [yes]: YES
(Do not allow autoinstall to run and do not enter management configuration mode if prompted)

Step 3: Verify / Configure the Corporate router.

The Corporate router config team or lab assistant / instructor should use the startup configuration file shown in the answers section to verify that it is configured correctly before the Remote router team tries to configure the Remote router. NOTE: The remote team should also review this section carefully since it gives information which will be needed to configure the Remote router later. The Corporate router should be configured as follows:

  1. The router hostname is Corporate

  2. Configure the enable secret password to be "class".

  3. Configure the password to be "cisco" when someone tries to log in from the console port.

  4. Configure the password to be "cisco" when someone tries to telnet into the router.

  5. Configure WAN interface S1:

  1. The WAN subnetwork address is one subnet of a class B network address.
  2. The S1 interface address is: 172.16.1.1 (this is already set).
  3. What is the S1 interface subnet mask is? (There are 512 subnets total)

  1. The S1 interface is providing the DCE clocking at 56000.
  2. Add a description to the S1 interface describing the link:

  1. Configure a static hostname mapping for the Remote router.

  2. Add IGRP routing and appropriate network numbers to the router. The AS number is 287.

  3. Between the Corporate router and Remote router, use PPP encapsulation.

Step 4: Configure the Remote router

The Remote router config team should configure the Remote router as follows:

  1. The router hostname is Remote
  2. Configure the enable secret password to be "class".
  3. Configure the password to be "cisco" when someone tries to log in from the console port.
  4. Configure the password to be "cisco" when someone tries to telnet into the router.
  5. Configure WAN interface S0:
  1. The WAN subnetwork address is one subnet of a class B network address.
  2. What is the S0 interface address? (must be compatible with Corporate router)

  1. What is the S0 interface subnet mask? (There are 512 subnets total)

  1. Add a description to the S0 interface describing the link:

  1. Configure LAN interface E0:
  1. Must be on a valid subnet of the class B corporate network address.
  2. What is the subnet address for the LAN?

  1. What is the E0 interface address?

  1. What is the E0 interface subnet mask?

  1. Add a description to the E0 interface describing the link:

  1. Configure a static hostname mapping for the Corporate router.
  2. Add IGRP routing and appropriate network numbers to the router. The AS number is 287
  3. Between the Corporate router and Remote router, use PPP encapsulation.
  4. Add an Access Control List (ACL) that will prevent telnet from workstations on the LAN attached to the Remote router from getting to the corporate network. All other traffic is permitted.
  5. Enter the command here to apply the ACL to the correct interface and in the correct direction:

Step 5: Configure the LAN workstation.

The Remote config team should configure the workstation that is attached to the LAN as follows:

  1. Configure the workstation IP address:

(The workstation IP address must be compatible with the E0 interface of the Remote router.)

  1. Configure the workstation subnet mask:

(Must be compatible with the E0 interface of the Remote router.)

  1. Configure the workstation default gateway: 

(Reboot the workstation necessary after making TCP/IP configuration changes)

Step 6: Ping from the Remote router to the Corporate router.

Ping from the Remote router to the S1 interface of the Corporate router.

  1. Was the ping successful?

  1. Why or why not?

Step 7: Ping from the Workstation to the Corporate router.

Ping from the LAN workstation (from the DOS prompt) to the S1 interface of the Corporate router.

  1. Was the ping successful?

  1. Why or why not?

Step 8: Telnet from the Remote router to the Corporate router using IP address.

Telnet from the Remote router to the S1 interface of the Corporate router.

  1. Was the telnet successful?

  1. Why or why not?

Step 9: Telnet from the Remote router to the Corporate router using host name

Telnet from the Remote router to the host name of the Corporate router

  1. Was the telnet successful?

  1. Why or why not?

Step 10: Telnet from the Workstation to the Corporate router.

Telnet from the LAN workstation (from the DOS prompt) to the S1 interface of the Corporate router.

  1. Was the telnet successful?

  1. Why or why not?