+1 862 207 3288 Assessment Descriptions
Section One
1. Write a short report of no more than 500 words to compare and contrast Distance Vector and Link-state routing protocols.
2. Design an addressing scheme based on IPv4 that supports different subnets based on the scenario described below. The proposed
addressing scheme should be presented in atable, with column headings: name; subnet ID; usable IPv4 addresses range; broadcastaddress.
A growing start-up company, Epple, with offices based in the London, Cambridge and Edinburgh, would like to connect its 3 offices together
via a common network platform and implement different improvements, such as reliable network connectivity and security, to the Local Area
Networks. The company has approached ARU for advice and help. Based on the requirements, ARU has recommended using the expertise of its
students to develop a networking solution and to conduct necessary network implementation/configurations. In addition to the documentation
that captures the process of design and implementation, a justification for the proposed solution will help the company to understand better
for its needs and help achieving the long-term business goals.
The IPv4 addressing scheme should be based on 192.168.50.0 /24, with the following requirements:
• London office requires 100 hosts
• Cambridge office requires 50 hosts
• Edinburgh office requires 30 hosts
• To cater network services such as web server, file server, backup server and email server
Section Two
Topology
Assessment Objectives
Part 1: Initialize Devices
Part 2: Configure Device Basic Settings
Part 3: Configure Switch Security, VLANs, and Inter-VLAN Routing
Part 4: Configure OSPFv2 Dynamic Routing Protocol
Part 5: Implement DHCP and NAT
Part 6: Configure and Verify Access Control Lists (ACLs)
Required Resources
• 3 Routers (Cisco 1941)
• 2 Switches (Cisco 2960)
• 3 PCs (Windows 7, Vista, or XP with terminal emulation program, such as Tera Term)
• Console cable to configure the Cisco IOS devices via the console ports
• Ethernet and Serial cables as shown in the topology
Part 1: Initialize Devices
Step 1: Initialize and reload the routers and switches.
Erase the startup configurations and reload the devices.
Task IOS Command Evidence
Erase the startup-config file on all routers.
Reload all routers.
Erase the startup-config file on all switches and remove the old VLAN database.
Reload both switches.
Verify VLAN database is absent from flash on both switches.
Part 2: Configure Device Basic Settings
Step 1: Configure the Internet PC.
Configuration tasks for the Internet PC include the following (Refer to Topology for IP address information):
Configuration Item or Task Specification Evidence
IP Address
Subnet Mask
Default Gateway 209.165.200.225
Step 2: Configure R1.
Configuration tasks for R1 include the following:
Configuration Item or Task Specification Evidence
Disable DNS lookup
Router name R1
Encrypted privileged exec password class
Console access password cisco
Telnet access password cisco
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Interface S0/0/0 Set the description
Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Set the clocking rate to 128000
Activate Interface
Default route Configure a default route out S0/0/0.
Note:Do not configure G0/1 at this time.
Step 3: Configure R2.
Configuration tasks for R2 include the following:
Configuration Item or Task Specification Evidence
Disable DNS lookup
Router name R2
Encrypted privileged exec password class
Console access password cisco
Telnet access password cisco
Encrypt the clear text passwords
Enable HTTP server
MOTD banner Unauthorized Access is Prohibited!
Interface S0/0/0 Set the description
Set the Layer 3 IPv4 address. Use the next available address in the subnet.
Activate Interface
Interface S0/0/1 Set the description
Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Set clocking rate to 128000
Activate Interface
Interface G0/0 (Simulated Internet) Set the Description
Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Activate Interface
Interface Loopback 0
(Simulated Web Server) Set the description.
Set the Layer 3 IPv4 address.
Default route Configure a default route out G0/0.
Step 4: Configure R3.
Configuration tasks for R3 include the following:
Configuration Item or Task Specification Evidence
Disable DNS lookup
Router name R3
Encrypted privileged exec password class
Console access password cisco
Telnet access password cisco
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Interface S0/0/1 Set the description
Set the Layer 3 IPv4 address. Use the next available address in the subnet. Activate Interface
Interface Loopback 4 Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Interface Loopback 5 Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Interface Loopback 6 Set the Layer 3 IPv4 address. Use the first available address in the subnet.
Default route Configure a default route out S0/0/1.
Step 5: Configure S1.
Configuration tasks for S1 include the following:
Configuration Item or Task Specification Evidence
Disable DNS lookup
Switch name S1
Encrypted privileged exec password class
Console access password cisco
Telnet access password cisco
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Step 6: Configure S3
Configuration tasks for S3 include the following:
Configuration Item or Task Specification Evidence
Disable DNS lookup
Switch name S3
Encrypted privileged exec password class
Console access password cisco
Telnet access password cisco
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Step 7: Verify network connectivity.
Use the ping command to test connectivity between network devices.
Use the following table to methodically verify connectivity with each network device. Take corrective action to establish connectivity if a
test fails:
From To IP Address Ping Results
R1 R2, S0/0/0
R2 R3, S0/0/1
Internet PC Default Gateway
Note: It may be necessary to disable the PC firewall for pings to be successful.
Paste your evidence below:
Part 3: Configure Switch Security, VLANS, and Inter VLAN Routing
Total points: 14
Step 1: Configure S1.
Configuration tasks for S1 include the following:
Configuration Item or Task Specification Evidence
Create the VLAN database Use Topology VLAN Key table to create and name each of the listed VLANS.
Assign the management IP address. Assign the Layer 3 IPv4 address to the Management VLAN. Use the IP address assigned to S1 in the
Topology diagram.
Assign the default-gateway Assign the first IP address in the subnet as the default-gateway.
Force trunking on Interface F0/3 Use VLAN 1 as the native VLAN.
Force trunking on Interface F0/5 Use VLAN 1 as the native VLAN.
Configure all other ports as access ports Use the interface range command.
Assign F0/6 to VLAN 31
Shutdown all unused ports.
Step 2: Configure S3.
Configuration tasks for S3 include the following:
Configuration Item or Task Specification Evidence
Create the VLAN database Use Topology VLAN Key Table to create each of the listed VLANS. Name each VLAN.
Assign the management IP address. Assign the Layer 3 IPv4 address to the Management VLAN. Use the IP address assigned to S3 in the
Topology diagram.
Assign the default-gateway Assign the first IP address in the subnet as the default-gateway
Force trunking on Interface F0/3 Use VLAN 1 as the native VLAN.
Configure all other ports as access ports Use the interface range command.
Assign F0/18 to VLAN 33
Shutdown all unused ports.
Step 3: Configure R1.
Configuration tasks for R1 include the following:
Configuration Item or Task Specification Evidence
Configure 802.1Q subinterface .31 on G0/1 Description Accounting LAN Assign VLAN 31.
Assign the first available address to this interface.
Configure 802.1Q subinterface .33 on G0/1 Description Engineering LAN Assign VLAN 33.
Assign the first available address to this interface.
Configure 802.1Q subinterface .99 on G0/1 Description Management LAN Assign VLAN 99.
Assign the first available address to this interface.
Activate Interface G0/1
Step 4: Verify network connectivity.
Use the ping command to test connectivity between the switches and R1.
Use the following table to methodically verify connectivity with each network device. Take corrective action to establish connectivity if a
test fails:
From To IP Address Ping Results
S1 R1, VLAN 99 address
S3 R1, VLAN 99 address
S1 R1, VLAN 31 address
S3 R1, VLAN 33 address
Please provide evidence of the ping results below:
Part 4: Configure OSPFv2 Dynamic Routing Protocol
Total points: 24
Step 1: Configure OSPFv2 on R1.
Configuration tasks for R1 include the following:
Configuration Item or Task Specification Evidence
OSPF Process ID 1
Router ID 1.1.1.1
Advertise directly connected Networks Use classless network addresses
Assign all directly connected networks to Area 0
Set all LAN interfaces as passive
Change the default cost reference bandwidth to support Gigabit interface calculations 1000
Set the serial interface bandwidth 128 Kb/s
Adjust the metric cost of S0/0/0 Cost: 7500
Step 2: Configure OSPFv2 on R2.
Configuration tasks for R2 include the following:
Configuration Item or Task Specification Evidence
OSPF Process ID 1
Router ID 2.2.2.2
Advertise directly connected Networks Use classless network addresses
Note: Omit the G0/0 network.
Set the LAN (Loopback) interface as passive
Change the default cost reference bandwidth to allow for Gigabit interfaces 1000
Set the bandwidth on all serial interfaces 128 Kb/s
Adjust the metric cost of S0/0/0 Cost: 7500
Step 3:Configure OSPFv2 on R3.
Configuration tasks for R3 include the following:
Configuration Item or Task Specification Evidence
OSPF Process ID 1
Router ID 3.3.3.3
Advertise directly connected Networks Use classless network addresses
Assign interfaces to Area 0
Use a single summary address
for the LAN (loopback) interfaces.
Set all LAN (Loopback) interfaces as passive
Change the default cost reference bandwidth to support Gigabit interface calculations 1000
Set the serial interface bandwidth 128 Kb/s
Step 4:Verify OSPF information.
Verify that OSPF is functioning as expected. Enter the appropriate CLI command to discover the following information:
Question Response
What command will display all connected OSPFv2 routers?
What command displays a summary list of OSPF interfaces that includes a column for the cost of each interface?
What command displays the OSPF Process ID, Router ID, Address summarizations, Routing Networks, and passive interfaces configured on a
router?
What command displays only OSPF routes?
What command displays detail information about the OSPF interfaces, including the authentication method?
What command displays the OSPF section of the runningconfiguration?
Please provide evidence of the response below:
Part 5: Implement DHCP and NAT for IPv4
Step 1: Configure R1 as the DHCP server for VLANs 31 and 33.
Configuration tasks for R1 include the following:
Configuration Item or Task Specification Evidence
Reserve the first 20 IP addresses in VLAN 31 for static configurations
Reserve the first 20 IP addresses in VLAN 33 for static configurations
Create a DHCP pool for VLAN 31 Name: ACCT
DNS-Server: 10.10.10.11
Domain-Name: ccna-sba.com Set the default gateway.
Create a DHCP pool for VLAN 33 Name: ENGNR
DNS-Server: 10.10.10.11
Domain-Name: ccna-sba.com Set the default gateway.
Step 2: Configure Static and Dynamic NAT on R2.
Configuration tasks for R2 include the following:
Configuration Item or Task Specification Evidence
Create a local database with 1 user account Username: webuser
Password: cisco12345
Privilege level: 15
Enable HTTP server service
Configure the HTTP server to use the local database for authentication
Create a static NAT to the Web Server Inside Global Address: 209.165.200.229
Assign the inside and outside interface for the static NAT
Configure the dynamic NAT inside private ACL Access List: 1
Allow the Accounting and Engineering networks on R1 to be translated. Allow a summary of the LANs (loopback) networks on R3 to be translated.
Define the pool of usable public IP addresses Pool Name: INTERNET
Pool of addresses include:
209.165.200.225 – 209.165.200.228
Define the dynamic NAT translation
Step 3: Verify DHCP and Static NAT.
Use the following tasks to verify that DHCP and Static NAT settings are functioning correctly. It may be necessary to disable the PC firewall
for pings to be successful:
Test Results and Evidence
Verify that PC-A acquired IP information from the DHCP server
Verify that PC-C acquired IP information from the DHCP server
Verify that PC-A can ping PC-C. Note: It may be necessary to disable the PC firewall
Use a Web browser on the Internet PC to access the Web server (209.165.200.229). Login with Username: webuser, Password: cisco12345
Note: Verification of dynamic NAT will be performed in Part 6.
Part 6: Configure and Verify Access Control Lists (ACLs)
Step 1: Restrict access to VTY lines on R2.
Configuration Item orTask Specification
Configure a named access list to only allow R1 to telnet to R2. ACL Name: ADMIN-MGT
Apply the named ACL to the VTY lines
Verify ACL is working as expected,
Please provide evidence below:
Step 2: Secure the network from Internet traffic.
Configuration Item or Task Specification
Configure an Extended ACL to:
• Allow Internet hosts WWW access to the simulated web server on R2 by accessing the static NAT address (209.165.200.229) that you
configured in Part 3.
• Prevent traffic from the Internet from pinging internal networks, while continuing to allow LAN interfaces to ping the Internet PC.
ACL No.: 101
Apply ACL to the appropriate interface(s)
Verify ACL is working as expected From the Internet PC:
• Ping PC-A (Pings should be unreachable.)
• Ping PC-C (Pings should be unreachable.)
From R1, Ping the Internet PC
(Pings should be successful.)
Note: It may be necessary to disable the PC firewall for pings to be successful.
Please provide evidence below:
Step 3: Enter the appropriate CLI command needed to display the following:
Command Description Student Input (command)
Display the matches an access-list has received since the last reset.
Reset access-list counters.
What command is used to display what ACL is applied to an interface and the direction that it is applied
What command displays the NAT translations?
Note: The translations for PC-A and PC-C were added to the table when the Internet PC attempted to ping these PCs in Step 2. Pinging the
Internet PC from PC-A or PCC will not add the translations to the table because of the way the Internet is being simulated on the network.
What command is used to clear dynamic NAT translations?
Please provide evidence below:
