CCNA LAB - 4.9 DHCP (Dynamic Host Configuration Protocol)

Download

LAB 4-9: Dynamic Host Configuration Protocol (DHCP)

You are the network administrator at Ranet, and have to configure the router Ranet-GW to connect
between LAN and Internet, and to do as DHCP server for LAN as below:
(via Console)
1. Enable and set IP address on LAN interface to be the first IP of the subnet 10.0.0.128/28
2. Enable and set IP address on serial interface to be the last IP of the subnet 77.8.210.0/30
3. Set the default route to let the connection out to the internet.
4. Configure to let this router translate between the addresses in this LAN and the addresses
ISP gave us (19.5.39.129 – 19.5.39.130)

Remark: use ACL no.1 and pool named“Ranet” only!

5. Configure to let this router do as DHCP server for the hosts in LAN. You have to supply all
information that is necessary for hosts to connect to the internet, and do not forget to
exclude addresses of the gateway and the switch.

Remark: use pool named “Ranet” also!

If everything is correct, all hosts have to be able to open website http://www.ranet.co.th

Solution:

Read more »

Read more »

CCNA LAB - 4.8 Virtual Private Network (VPN) - IPsec (Site-to-Site)

Download

LAB 4-8: Virtual Private Network (VPN) – IPsec (Site-to-Site)

You are the Network Administrator at Ranet Branch Office, and have to newly configure the Ranet-Br router to let your own host connect to the internet and connect to the hosts in Headquarter (192.168.0.0/24) via Site-to-Site IPsec VPN as below:
(configure via console terminal for Ranet-BR router)

1. Enable LAN interface on Ranet-BR and set IP address to be the first assignable IP of 192.168.1.0/28 network.

2. Enable WAN interface on Ranet-BR and set IP address to be the last assignable IP of 202.170.100.28/30 network.

3. Set IP address on Host-BR to be the last assignable IP of 192.169.1.0/28 network, and set IP of Gateway and DNS server (202.170.100.54) also.

4. Config the route and NAT on Ranet-BR to let the Hosts in LAN connect to the internet (do not forget to exclude the VPN traffic).
(for NAT, use access-list no.100 and pool name “Ranet” that contain the global IP received from ISP as 202.170.100.9 – 202.170.100.14)

5. Config the Site-to-Site IPsec VPN by using the properties as below:

- For IKE phase I:- Policy Priority 101; Encryption Alg. AES-128 bit; Hash Alg. Secure HAsh standard; Authen method. Pre-Shared Key; Diffie-Hellman group #5 and lifetime at 86,400 sec. Use “ranetvpnpass” as key. Please note that IP address of WAN interface of Ranet-HQ is 202.170.100.130.
- For IKE phase II: Use Transform-set name “Ranet” and ESP transform using AES with HMAC-SHA as authentication Alg.
- Use crypto map name “Site-to-Site” with sequence no.101 and access-list no.101 to be the VPN traffic.

If everything is correct, Host-BR should be able to open website www.ranet.co.th, and test ping with Server-HQ 192.168.0.7 in Headquarter network.

Solution:
Read more »

Read more »

CCNA LAB - 4.7 NAT

Download

LAB 4-7: Network Address Translation (NAT)
You are the network administrator at Ranet, and have to config the Ranet-GW router via Console Terminal to let hosts in our LAN that have IP address: 192.168.0.193 - 192.168.0.206 can connect to the internet.
Your ISP has given global IP for 6 IP as 25.5.5.65 - 25.5.5.70.

Remark:

1. Use ACL no.1 for Local IP list.
2. Use pool name “Ranet” for Global IP list.

Solution:

Read more »

Read more »

CCNA LAB - 4.6 Access List

Download

LAB 4-6: Access Control List (ACL)

You are the network administrator at Ranet, and have to config router Ranet-HQ to connect its LAN
to Branch network and Internet, and to config Access-List to control traffic as below:
(via its console)
1. Enable and set IP address on LAN interface to be the first assignable IP of this subnet.

2. Enable and set IP address on each serial interface to be the last assignable IP of its own subnet.

3. Set RIPv2 to be the router protocol on this router to exchange route with Ranet-BR

4. Set default route to allow the connection with internet.

5. Set access-list to prevent the connection from hosts in LAN as:
- allow only Admin-Host to telnet to Ranet-CoreSW (password: ranetpass)
- Not permit only User-Host1 to connect to any site in the internet.
- Any traffic beside these should be allow.

Remark: Use ACL no.100 only!, and use as short as possible to gain %Completion

Solution:
Read more »

Read more »

CCNA LAB - 4.5 Port Security

Download

LAB 4-5: Port Security

You are the network administrator at Ranet,and would like to enable Port-Security on the access ports of Ranet-SW to prevent the use of another switch connected that let multiple hosts connect through the same port at the same time, and to prevent the unauthorized host connect via some port.

So all you have to do are: (Config via Console)

1. Enable Port-Security on all access ports (except Gig1/1, Gig1/2), and set parameter to allow only 1 MAC Address per port and the action when violation happened is shutdown port.

2. On port Fa0/1, now there is the authorized host connected (Host1), set the allow MAC Address on this port by “SecureSticky” method.

3. On port Fa0/3, now there is the unauthorized host connected (Rogue3),set the allow MAC Address to be 0030.F295.15C6.

If everything is correct, you will see ports Fa0/2 and Fa0/3 change status to down (err-disabled) when there is the attempt to connect from unauthorized hosts, and Host1 will not be able to connect with the unauthorized hosts (192.168.0.58 – 192.168.0.60) .

---------------------- End -----------------------------

Solution:

Read more »

Read more »

CCNA LAB - 4.4 IP Routing – EIGRP

Download

LAB 4-4: IP Routing – EIGRP
You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet.

So all you have to do are:
(Config via console of each router.)

1. Enable and set IP address on LAN interface of each router to be the last assignable IP of each subnet.
2. Enable serial interface on each router and set IP address on each interface as:
- s0/0/0 on Ranet-BR: last IP of 5.88.192.56/29
- s0/0/0 on Ranet-HQ: first IP of 5.88.192.56/29
- s0/1/0 on Ranet-HQ: last IP of 5.88.192.224/30
all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side.
3. Set EIGRP as routing protocol on each router to let Host1 connect to Host2 in the condition that:
- Use AS no.10110
- Not permit EIGRP on interface that is not within Ranet Network.
4. Set default route on each router to let both Host1and Host2 be able to connect to the Online Server
(177.87.0.39) in the internet.

Solution:

Read more »

Read more »

CCNA LAB - 4.3 IP Routing – OSPF

Download

LAB 4-3: IP Routing – OSPF


You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet.
So all you have to do are:
(Config via console of each router.)

1. Enable and set IP address on LAN interface of each router to be the last assignable IP of each subnet.

2. Enable serial interface on each router and set IP address on each interface as:

- s0/0/0 on Ranet-BR: last IP of 128.0.6.156/30
- s0/0/0 on Ranet-HQ: first IP of 128.0.6.156/30
- s0/1/0 on Ranet-HQ: last IP of 128.0.6.92/30
all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side.

3. Set OSPF as routing protocol on each router to let Host1 connect to Host2 in the condition that:

- Use Process ID: 1 for Ranet-HQ and Process ID: 100 for Ranet-BR
- Set RouterID of Ranet-HQ to be 1.1.0.1, and set to be 1.1.1.1 for Ranet-BR

4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server
(203.87.129.95) in the internet.

------------------------------------- End ----------------------------------

Solution:

Read more »

Read more »

CCNA LAB - 4.2 IP Routing - RIP

Download

LAB 4-2: IP Routing - RIP

You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet. So all you have to do are:
(Config via console of each router.)

1. Enable and set IP address on LAN interface of each router to be the first assignable IP of each subnet.

2. Enable serial interface on each router and set IP address on each interface as:
- s0/0/0 on Ranet-BR: first IP of 98.83.165.72/30
- s0/0/0 on Ranet-HQ: last IP of 98.83.165.72/30
- s0/1/0 on Ranet-HQ: last IP of 52.9.236.20/30

all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side.

3. Set RIPv2 as routing protocol on each router to let Host1 connect to Host2.

4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server (55.8.92.3) in the internet.

-------------------------------- The End -----------------------------------

Solution:

Read more »

Read more »

CCNA LAB - 4.1 IP Routing - Static and Default Route

Download

LAB 4-1: IP Routing – Static and Default Route

You are the network administrator at Ranet, and have to config the routers both Ranet-HQ and Ranet-BR to make the connection throughout Ranet network and with the Internet. So all you have to do are:

(Config via console of each router.)

1. Enable and set IP address on LAN interface of each router to be the last assignable IP of each subnet.

2. Enable serial interface on each router and set IP address on each interface as:

- s0/0/0 on Ranet-BR: last IP of 52.7.9.220/30
- s0/0/0 on Ranet-HQ: first IP of 52.7.9.220/30
- s0/1/0 on Ranet-HQ: last IP of 77.7.7.252/30
all serial interface use HDLC as encapsulation protocol and do not forget to set clock rate at 64 kbps on Ranet-BR side.

3. Set static route of each LAN on each router to let Host1 connect to Host2. (Use destination interface
instead of IP next hop.)

4. Set default route on each router to let both Host1 and Host2 be able to connect to the Online Server
(72.76.5.3) in the internet.

-------------------------------------- The End ----------------------------------------

Solution:

Read more »

Read more »

CCNA LAB- 3.4 Frame Relay - Point to Point

Download

LAB 3-4: Frame Relay – Point-to-Point (Subinterface)

You are the network administrator at Ranet Headquater, and have to configure the router “Ranet-HQ” to let Host1 connect with Host2, Host3 and Host4 as below:
(Use console to config this router.)

1. Enable and set IP address on LAN interface to be the first IP of this subnet.

2. Enable serial interface, and create subinterface with Frame-Relay setting as below:

- s0/0/0.2 for connect with Ranet-BR2, via DLCI 902
- s0/0/0.3 for connect with Ranet-BR3, via DLCI 903
- s0/0/0.4 for connect with Ranet-BR4, via DLCI 904

All subinterfaces use CISCO standard for both encapsulation and LMI, and set IP address to use the first IP in each subnet.

If everything is correct, Host1 should be able to connect
with Host2, Host3, and Host4.

Solution:

Read more »

Read more »

CCNA LAB - 3.3 Frame Relay – Multipoint

Download

LAB 3-3: Frame Relay – Multipoint

You are the network administrator at Ranet Headquater, and have to configure the router “Ranet-HQ” to let Host1connect with Host2, Host3 and Host4 as below:
(Use console to config this router.)

1. Enable and set IP address on LAN interface to be the first IP of this subnet.

2. Enable and set IP address on serial interface to be the first IP of its subnet, and then set the parameter about frame-relay as:
- Use IETF Frame-Relay as encapsulation protocol
- Use LMI ANSI type then try to ping with others node in this subnet, and use command to gather information about DLCI per each destination that came from Inverse-ARP then shutdown this interface and set frame-relay map in static, after that, re-enable the interface and check the
connections between node again.

If success, Host1 should be able to connect with other Hosts.

------------------------- The End ------------------------------

Solution

Read more »

Read more »

CCNA LAB - 3.2 Point-to-Point Protocol (PPP) – CHAP

Download


LAB 3-2: Point-to-Point Protocol (PPP) – CHAP

You are the Network Administrator at Ranet, and have to config both router Ranet-BR1 and
Ranet-BR2 to allow the connection between Host1 and Host2 via PPP link as below:
(Use Console for config each router)

1. Enable and set IP address on Lan interface for each router to be the last assignable
IP address in its own subnet.

2. Enable and set IP address on interface s0/0/0 on Ranet-BR1 to be the first
assignable IP in network 172.20.1.232/29

3. Enable and set IP address on interface s0/0/0 on Ranet-BR2 to be the last
assignable IP in the same network. Don’t forget to set clock rate at 64 kbps due
to this is the DCE.

4. Set encapsulation on this link to be PPP and use username as the device’s hostname (no
need for password) by using CHAP as authentication protocol

If everything is done, Host1 has to be able to
connect with Host2.
----------------------- The End -------------------

Solution
Read more »

Read more »

CCNA LAB - 3.1 Point-to-Point Protocol (PPP) – PAP

Download

LAB 3-1: Point-to-Point Protocol (PPP) - PAP

You are the Network Administrator at Ranet, and have to config both router Ranet-BR1 and
Ranet-BR2 to allow the connection between Host1 and Host2 via PPP link as below:
(Use Console for config each router)

1. Enable and set IP address on Lan interface for each router to be the last assignable IP address in its own subnet.

2. Enable and set IP address on interface s0/0/0 on Ranet-BR1 to be the first assignable IP in network 192.168.0.224/30

3. Enable and set IP address on interface s0/0/0 on Ranet-BR2 to be the last assignable IP in the same network.
Don’t forget to set clock rate at 64 kbps due to this is the DCE.

4. Set encapsulation on this link to be PPP and use username and password as:
user: ranetpapuser
pass: ranetpappass
by using PAP as authentication protocol

If everything is done, Host1 has to be able to
connect with Host2.

------------------------- The End ------------------------------

Solution
Read more »

Read more »

CCNA LAB - 2.3 Spanning Tree Protocol (STP)

Download


LAB 2-3: Spanning Tree Protocol (STP)

You are the Network Administrator of Ranet, and
would like:
- Ranet-CoreSW to be the Root Bridge
- Port Fa0/2 of Ranet-SW2 to be in the blocking state
Please config spanning-tree parameter on both
Ranet-CoreSW and Ranet-SW2 via its console to be
as the requirement above.

Remark: Use command to set priority as lowest/highest
as possible to gain the point (%Completion) for this
question.

---------------------------- The End ---------------------------

Solution

Read more »

Read more »

CCNA LAB - 2.2 Virtual Trunking Protocol (VTP)

Download


LAB 2-2: Virtual Trunking Protocol (VTP)


You are the Network Administration at Ranet, and have to config to let Ranet-SW3 seperate VLAN
according to the VLAN database from Ranet-SW1 via VTP (use Console for each switch) as below:

1. Gather information about VTP configuration in Ranet-SW1 by using "show" command in
USER mode only. (You do not have right to config anything on this switch.)


2. On switch Ranet-SW2, you have to config to let the VTP information send from Ranet-SW1
via itself to Ranet-SW3 without any change in VLAN database of Ranet-SW2


3. On switch Ranet-SW3, you have to config to receive VTP information from Ranet-SW1 and
use the received VLAN database to set members of each VLAN as:
VLAN 10: Fa0/1
VLAN 20: Fa0/2




-------------- The End --------------

Solution

Read more »

Read more »

CCNA LAB - 2.1 InterVLAN Routing

Download

LAB 2-1: InterVLAN Routing

You are the Network Administrator at Ranet, and have to config both switch "Ranet-SW" and router
"Ranet-GW" via its console terminal as below:

1. Set Ranet-SW to seperate VLAN to be VLAN 10 and VLAN 20 and set its member as:
VLAN 10: Fa0/1, Fa0/2
VLAN 20: Fa0/3, Fa0/4

2. Enable feature "Portfast" on all access ports.

3. Set both Ranet-SW and Ranet-GW to route between VLAN 10 and VLAN 20:

- Use interface Fa0/0.1 and Fa0/0.2 on Ranet-GW as sub-interface for VLAN 10 and
VLAN 20 respectively.
- Please note that all hosts in each VLAN set IP Default Gateway to be the last IP of its
own subnet.

If everything is correct, All hosts will be able to connect with each other.

-------------- End -------------------

Solution

Read more »

Read more »

CCNA Lab -1.3 IPv6 addressing

Download

LAB 1-3: IPv6 Addressing

You are the network administrator at Ranet, and
have to config Ranet-HQ (via Console Terminal) for
connection t use IPv6 as below:
1. set IPv6 address on interface Se0/0/0 to be
FEC0:78:0:1::2/64
2. set IPv6 address on interface Se0/1/0 to be
2001:21::2/48
3. Set IPv6 address on interface Fa0/0 to be the
gateway for Hosts in LAN as:
3.1 Set IPv6 Local address in EUI-64 that
has prefix to be FEC0:78:0:2::/64
3.2 Set IPv6 Global address in EUI-64 that
has prefix to be 2001:22::/48

If the configuration above is done,
- Host1 will be able to connect with Ranet-BR.
- Host2 will be able to connect with ISP-Router.


Solution:
Read more »

Read more »

CCNA Lab -1.2 IPv4 addressing

Download

LAB 1-2: IPv4 Addressing

You are the network administrator at Ranet, and
have to config the router “Ranet-BR” via Console
Terminal as below:

1. enable interface Se0/0/0 and set IP address
/Subnet Mask that can connect with router
“Ranter-HQ” at 192.168.0.254/30

2. enable interface Se0/1/0 and set IP address
/Subnet Mask that can connect with router
“Ranter-BR1-1″ at 192.168.0.30/30

3. The Headquater has given IP address
range 192.168.0.0/27 for the network
behind our router, then you have to:

3.1 enable interface Fa0/0 and set
IP address/Subnet Mask to be the
last IP of this subnet that has
10 host as members.

3.2 enable interface Fa0/1 and set
IP address/Subnet Mask to be the
last IP of this subnet that has
5 host as members.

3.3 Set IP address/Subnet Mark of Host1
in each LAN to be the first IP of its
own subnet, and set IP of gateway also

If the configuration is correct, Host1 in each subnet
must be able to ping to Ranet Server at 192.168.0.33

============= The End ===================

Solution:

Read more »

Read more »

CCNA Lab – 1.1- Basic Config

LAB 1-1: Basic Configuration

You are the Network Administrator at Ranet.
We have just installed new router to be our gateway.
You have to do the basic configuration via Console Terminal
(PC-PT) as below:
1. Set hostname to be "RanetA"
2. Set enable secret to be "ranetenablepass"
3. Set console password to be "ranetconsolepass"
4. Set telnet password to be "ranettelnetpass"
5. Set IP address of interface Fastethernet 0/0 to
be the first address of network 10.0.0.0/30
6. Set IP address of interface Fastethernet 0/1 to
be 192.168.0.254/26
7. Both interface Fastethernet 0/0 and 0/1 must
be enable.

After these configuration, you should be able to
1. Ping to 10.0.0.2 from Ranet A
2. Telnet from Ranet PC to Ranet A by using IP
address 192.168.0.254 and telnet password
as above.

=========== The End ===================


Solution:

Read more »

Read more »