Lab Activity 9.10.1.2: Skills-Based Exam #2

NOTE: You will only be configuring the Headquarters and MainOffice routers. Assume all other routers have been configured. Because the RemoteOffice and Satellite routers are not physically present, the Headquarters and MainOffice routers will not show any connectivity to these routers and their networks.

The Basics: On both MainOffice and Headquarters Routers

  • Configure the hostnames
  • Configure proper IP addresses including any other parameters. Configure all interfaces shown in the diagram above for both routers.
  • Configure the enable secret password to be "class"

On the MainOffice Router Only

  • Add descriptions to the interfaces describing the appropriate links.
  • Configure the password to be "cisco" when someone tries to log in from the console port.
  • Configure the password to be "cisco" when someone tries to telnet into the router.
  • Configure a static hostname mapping for the Satellite router.
  • Configure the router to use the domain name server at 172.50.2.10
  • Set the clock on the router to show the current date and time
  • Add a message of "Authorized access only!" for anyone to see if when they log into the router.

IP Routing and Encapsulation

  • Add IGRP routing to all routers in the 172.50.0.0 network.
  • Configure a single static route from Headquarters to the 172.50.0.0 network.
  • Configure a default route so that all traffic leaving the 172.50.0.0 network will travel to the Headquarters router.
  • Between Headquarters and MainOffice, use PPP encapsulation with CHAP authentication.

WAN Encapsulation: Headquarters

  • Configure the Serial 1 interface with an IP address and for Frame Relay encapsulation
  • The remote router has an IP address of 172.16.1.99. Assume Inverse-ARP is disabled and add a statement that will allow Headquarters to be mapped to the remote router's IP address.

Access Lists

  • Add an access list to the MainOffice Router that will deny telnets from outside the 172.50.0.0 network, into the 172.50.3.0 subnet. All other traffic is permitted.

Testing

  • Headquarters and MainOffice routers should be able to ping each other.

Headquarters Config:

hostname Headquarters
!
enable secret 5 $1$AdZW$dgJ0fygeiRZcgkkSrZPyR0
!
username MainOffice password 7 0822404F1A0A
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
ip address 192.168.10.66 255.255.255.252
encapsulation ppp
no fair-queue
clockrate 56000
ppp authentication chap
!
interface Serial1
ip address 172.16.1.88 255.255.255.0
encapsulation frame-relay
frame-relay map ip 172.16.1.99 101
!
interface BRI0
no ip address
shutdown
!
no ip classless
ip route 172.50.0.0 255.255.0.0 192.168.10.65
!
!
line con 0
line aux 0
line vty 0 4
login
!
end

MainOffice Config

hostname MainOffice
!
enable secret 5 $1$6td8$9Ne7T32hEOI9DT4HGm3RJ1
!
username Headquarters password 7 01100A054818
!
interface Ethernet0
description LAN interface
ip address 172.50.2.1 255.255.255.0
!
interface Serial0
description Link to Headquarters
ip address 192.168.10.65 255.255.255.252
ip access-group 101 in
encapsulation ppp
no fair-queue
ppp authentication chap
!
interface Serial1
description Link to Satellite
ip address 172.50.1.1 255.255.255.0
!
interface BRI0
no ip address
shutdown
!
router igrp 10
network 172.50.0.0
!
ip host Satellite 172.50.1.2
ip name-server 172.50.2.10
no ip classless
ip route 0.0.0.0 0.0.0.0 192.168.10.66
access-list 101 deny tcp any 172.50.3.0 0.0.0.255 eq telnet
access-list 101 permit ip any any
!
banner motd ^C Authorized acess only! ^C
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
!
end

 

NOTE: You will only be configuring the Headquarters router. Assume all other routers have been configured. Because the MainOffice, RemoteOffice and SalesOffice routers are not physically present, the Headquarters router will not show any connectivity to these routers and their networks.

The Basics:

  • Configure the hostname.
  • Configure proper IP addresses including any other parameters. Configure all interfaces shown in the diagram above for the Headquarters router.
  • Configure the enable secret password to be "class"
  • Add descriptions to the interfaces describing the appropriate links.
  • Configure the password to be "cisco" when someone tries to log in from the console port.
  • Configure the password to be "cisco" when someone tries to telnet into the router.
  • Configure a static hostname mapping for the SalesOffice router.
  • Configure the router to use the domain name server at 172.50.1.10
  • Set the clock on the router to show the current date and time.
  • Add a message of "Authorized access only!" for anyone to see if when they log into the router.

IP Routing and Encapsulation

  • Add IGRP routing for the 172.50.0.0 network.
  • Configure a single static route from Headquarters to the 172.16.0.0 network.
  • Configure a default route so that all traffic leaving the 172.50.0.0 network will travel to the MainOffice router.
  • Between Headquarters and MainOffice, use PPP encapsulation with CHAP authentication.

WAN Encapsulation

  • Configure the Serial 1 interface with an IP address and for Frame Relay encapsulation
  • The remote router has an IP address of 172.16.1.99. Assume Inverse-ARP is disabled and add a statement that will allow Headquarters to be mapped to the remote router's IP address.

Access Lists

  • Add an access list to the Headquarters router that will allow only telnets from the 172.16.0.0 network to enter the 172.50.0.0 network. All other telnets are not permitted, but all other traffic is permitted.

Additional Options and Scenarios

Depending upon the amount of time given to the students, the instructor may wish to include the additional options below or use the options below to replace some of the configurations in the scenario.

ISDN Options


  • Configure the Headquarters for ISDN using the BRI 0 port (use Serial 1 if there is no BRI 0 port on your router).
  • The type of ISDN switch you are connected to is an NT DMS-100 and your SPID is 0143239999.
  • Create a dialer map to access the RemoteOffice router.

Headquarters

Headquarters (config)# isdn switch-type basic-dms100
Headquarters (config)# dialer-list 1 protocol ip list 101

Headquarters (config)# interface bri 0
Headquarters (config-if)# ip add 172.16.1.88 255.255.255.0
Headquarters (config-if)# dialer-group 1
Headquarters (config-if)# dialer map ip 172.16.1.99 name ISP 8315551234
Headquarters (config-if)# isdn spid1 0143239999


Routing IPX Options:

  • Scenario 1: On Ethernet 0, configure the MainOffice router to include IPX routing for the IPX network 4a9. The layer 2 encapsulation used is sap.
  • Scenario 1: On Ethernet 0, configure the MainOffice router to include IPX routing for the IPX network 4a9 and 3e. The layer 2 encapsulation used is for the 4a9 network is sap, whereas the encapsulation for the 3e network is novell-ether.
  • Scenario 2: On Ethernet 0, configure the Headquarters router to include IPX routing for the IPX network 4a9. The layer 2 encapsulation used is sap.
  • Scenario 2: On Ethernet 0, configure the Headquarters router to include IPX routing for the IPX network 4a9 and 3e. The layer 2 encapsulation used is for the 4a9 network is sap, whereas the encapsulation for the 3e network is novell-ether.

Single Encapsulation Options:

Router(config)# ipx routing

Router (config)# inter e 0
Router (config-if)# ipx network 4a9 encapsulation sap

Multiple Encapsulation Options:

Router(config)# ipx routing

Router (config)# inter e 0.1
Router (config-subif)# ipx network 4a9 encapsulation sap

Router (config)# inter e 0.2
Router (config-subif)# ipx network 3e encapsulation novell-ether