Analyze the requirements for
integrating a router into an existing network
Practice configuring routers given
specific requirements
Help prepare for the Semester 3 / 4
Skills Based Assessment (SBA) practical final exam
Background:
With this lab you are a network
administrator for one of your companies remote sites which is
connected to the central corporate offices though a Wide Area Network
(WAN) T1 link. Your assignment is to configure your router from
scratch based on some specific requirements and corporate guidelines.
Your site must connect to the Corporate router which is already
configured and must adapt to the IP addressing scheme and protocols
being used at the corporate location since you will have no control
over the Corporate router. You will also create an Access Control List
(ACL) to prevent a certain type of access from your remote site to the
corporate location. This lab will help to prepare you for the hands-on
Semester 4 Skill Based Assessment final exam. You will work in teams
with one team setting up the Corporate router and the other team
configuring the Remote router to connect to it.
Tools / Preparation:
Prior to starting the lab, the teacher or lab
assistant should have 2 routers available with a WAN link such as
routers Lab-A and Lab-B (one for the Remote Site and one for the
Corporate Site). Your team should be able to configure your router
from scratch using the setup config utility or preferably from the
command line. You should try to do this lab without looking at your
notes and using only the command line help facility.
Before beginning this lab you should review the
Networking Academy Companion Guide chapters on basic router EXEC
mode IOS configuration commands, subnet masking, WAN encapsulation
and Extended ACLs. You should also review the corresponding on-line
chapters. Work in teams of 3 or more. One team is responsible for
the configuring the Corporate router and the other team is
responsible for configuring the Remote router. The Corporate router
team members can look at the answers to ensure that it is configured
properly. The Remote router team members can ask questions of the
corporate team members but should not see the actual configuration
of the Corporate router. They can only use the information given for
the Corporate router in the worksheet section of the lab. The
following is a list of resources required.
2 routers with a IOS 11.2 or later
("Remote" router and "Corporate" router)
WAN cable link between them with the Corporate
router providing the DCE clocking
Remote router should be connected to an
Ethernet LAN
Workstation connected to the Remote router's
console port and the Ethernet LAN
Corporate router should not be accessible
except thru the WAN link
Step 1:
Verify the WAN physical connection between the routers.
Verify that the DCE cable is attached to the Corporate
router and the DTE cable is attached to Remote router. Check
the physical cables, each of which should be labeled as either DCE
or DTE.
Step 2:
Erase the startup configuration file for the Remote router.
The router startup config file may have
already been erased but it is useful to go through the process for
practice. If the Remote router configuration file has been erased, you
should see a message saying "Notice: NVRAM invalid, possibly
due to write erase." when the router is powered on. If the
router is already on and the prompt is: Router> then the
startup config file has probably been erased. Verify this by entering
privileged EXEC mode with the enable
command. If the config is blank you will not be prompted for a
password. If you issue the show run
command, none of the interfaces will be configured.
Erase the NVRAM startup configuration file as
follows:
Router>enable
(since there is no config, you will not be prompted for a password)
Router# erase start
Erasing the nvram filesystem will remove all files! Continue?
[confirm]
[OK]
Erase of nvram: complete
Router# reload
Proceed with reload? [confirm]
00:09:30: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 6144 Kbytes of main memory
Notice: NVRAM invalid, possibly due to write erase.
System configuration has been
modified. Save? [yes/no]: NO
---- System Configuration Dialog
----
Would you like to enter the initial configuration dialog? [yes/no]: NO
Notes: You may run the config (setup) dialog but you
will be prompted for configuration parameters. You should be able to
configure the router using only the command line to demonstrate your
understanding of router IOS commands and help build your confidence.
In practice, you will store the config files on a workstation with a
console connection and HyperTerminal or on a TFTP server.
Would you like to terminate
autoinstall? [yes]: YES
(Do not allow autoinstall to run and do not enter management
configuration mode if prompted)
Step 3:
Verify / Configure the Corporate router.
The Corporate router config team or lab assistant /
instructor should use the startup configuration file shown in the
answers section to verify that it is configured correctly before the
Remote router team tries to configure the Remote router. NOTE: The
remote team should also review this section carefully since it gives
information which will be needed to configure the Remote router later.
The Corporate router should be configured as follows:
The router hostname is Corporate
Configure the enable secret password to be
"class".
Configure the password to be "cisco"
when someone tries to log in from the console port.
Configure the password to be "cisco"
when someone tries to telnet into the router.
Configure WAN interface S1:
The WAN subnetwork address is one subnet of a class B
network address.
The S1 interface address is: 172.16.1.1 (this is
already set).
What is the S1 interface subnet mask is? (There are
512 subnets total)
The S1 interface is providing the DCE clocking at
56000.
Add a description to the S1 interface describing the
link:
Configure a static hostname mapping for the Remote
router.
Add IGRP routing and appropriate network numbers to the router. The
AS number is 287.
Between the Corporate router and Remote router, use PPP
encapsulation.
Step 4: Configure
the Remote router
The Remote router config team should configure
the Remote router as follows:
The router hostname is Remote
Configure the enable secret password to be "class".
Configure the password to be "cisco" when someone
tries to log in from the console port.
Configure the password to be "cisco" when someone
tries to telnet into the router.
Configure WAN interface S0:
The WAN subnetwork address is one subnet of a class B network address.
What is the S0 interface address? (must be compatible with
Corporate router)
What is the S0 interface subnet mask? (There are 512 subnets
total)
Add a description to the S0 interface describing the link:
Configure LAN interface E0:
Must be on a valid subnet of the class B corporate network
address.
What is the subnet address for the LAN?
What is the E0 interface address?
What is the E0 interface subnet mask?
Add a description to the E0 interface describing the link:
Configure a static hostname mapping for the Corporate router.
Add IGRP routing and appropriate network numbers to the router.
The AS number is 287
Between the Corporate router and Remote router, use PPP
encapsulation.
Add an Access Control List (ACL) that will prevent telnet from
workstations on the LAN attached to the Remote router from getting
to the corporate network. All other traffic is permitted.
Enter the command here to apply the ACL to the correct interface
and in the correct direction:
Step 5:
Configure the LAN workstation.
The Remote config team should configure the workstation that
is attached to the LAN as follows:
Configure the workstation IP address:
(The workstation IP address must be compatible with the E0
interface of the Remote router.)
Configure the workstation subnet mask:
(Must be compatible with the E0 interface of the Remote router.)
Configure the workstation default gateway:
(Reboot the workstation necessary after making TCP/IP
configuration changes)
Step 6:
Ping from the Remote router to the Corporate router.
Ping from the Remote router to the S1 interface of
the Corporate router.
Was the ping successful?
Why or why not?
Step 7:
Ping from the Workstation to the Corporate router.
Ping from the LAN workstation (from
the DOS prompt) to the S1 interface of the Corporate router.
Was the ping successful?
Why or why not?
Step 8:
Telnet from the Remote router to the Corporate router using IP
address.
Telnet from the Remote router to the
S1 interface of the Corporate router.
Was the telnet successful?
Why or why not?
Step
9: Telnet from the Remote router to the
Corporate router using host name
Telnet from the Remote router to the
host name of the Corporate router
Was the telnet successful?
Why or why not?
Step
10: Telnet from the Workstation to the Corporate router.
Telnet from the LAN workstation (from
the DOS prompt) to the S1 interface of the Corporate router.