CCNA Exploration: Semester 4 Skills Based Assessment Lab

Topology Diagram

172.16.20.254

Addressing Table
Device Interface S0/0/0 R1 Fa0/0 Fa0/1 S0/0/0 R2 S0/0/1 Fa0/0 ISP Server S0/0/1 Fa0/0 IP Address 172.16.0.1 172.16.10.1 172.16.11.1 172.16.0.2 209.165.201.1 172.16.20.1 209.165.201.2 172.16.20.254 Subnet Mask 255.255.255.252 255.255.255.0 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.0

Task 1: Cable a network that is similar to the topology diagram

Page 1 of 3

CCNA Exploration Accessing the WAN: Skills Based Assessment

Student Skills based Assessment Lab

Task 2: Perform Basic Router Configurations on R1, R2, and ISP routers (10 points) Configure the device hostname Disable DNS lookup Configure an encrypted privileged EXEC mode password of class Configure a message-of-the-day banner Configure a password of cisco for the console connections and for all vty connections.

Task 3: Configure and activate Serial and Ethernet Addresses (10 points) Configure IP addresses on all routers and on the server as given in the addressing table (PC1 and PC2 will have dynamic IPs later using DHCP).

Task 4: Configure Serial Interfaces (20 points) Configure and verify PPP encapsulation with CHAP authentication between R1 and R2. The password is cisco. Configure and verify PPP encapsulation with PAP authentication between R2 and ISP. The password is ccna.

Task 5: Enable RIPv2 (10 points) Configure RIPv2 on R1 with network command for 172.16.0.0 networks, and make R1s 2 LAN interfaces as passive interfaces. Configure RIPv2 on R2 with network command for 172.16.0.0 networks only, and make R1s LAN interface as passive interface. Configure a default route on R2 and propagate the route to R1 using these commands:
R2(config)#ip route 0.0.0.0 0.0.0.0 s0/0/1 R2(config)#router rip R2(config-router)#version 2 R2(config-router)#default-information originate

Task 6: Configure a DHCP Server (15 points) Configure R1 as the DHCP server for the two R1 LANs. Create 2 DHCP pools on R1. Name one of them R1_LAN10 for the 172.16.10.0/24 network, and name the other R1_LAN11 for the 172.16.11.0/24 network. Exclude the first three addresses from each pool. Configure each pool with a default gateway and a simulated DNS server at 172.16.20.254. Verify that PC1 and PC2 received dynamic IPs from the DHCP pool. Page 2 of 3

CCNA Exploration Accessing the WAN: Skills Based Assessment

Student Skills based Assessment Lab

Task 7: Configure Dynamic NAT with an interface address (15 points) R2 will translate the private addresses of the LANs attached to R1 and R2 into public addresses using its s0/0/1 interface address before sending traffic to ISP. Create a named access control list on R2 to identify which inside addresses are translated. Use the name NAT_ACL and allow all hosts attached to the two LANs on R1 and the LAN on R2 to be translated. Allow NAT/PAT. Verify the NAT configuration by making PC1, PC2 and the server ping the ISP router, and then use the show ip nat translations command on R2 to see NAT translations.

Task 8: Configure Named Access Control Lists with the names below (20 points) ACL X: Allow telnet to R2 from R1 only. ACL Y: Do not allow HTTP traffic from the Internet to LAN 172.16.10.0/24 unless originated from the LAN. ACL Z: Stop LAN 172.16.11.0/24 from replying to pings from LAN 172.16.10.0/24

To verify your configuration is working: 1. Show that PC1 and PC2 have dynamic IPs 2. Make pings from PC1, PC2, and the server to the ISP router to verify NAT, and show the NAT translations on R2. 3. To show ACL X, try to telnet R2 from R1, and it should succeed. Then try to telnet R2 from any other router or PC, and it should fail. 4. Using show run, show ACL Y. 5. To show ACL Z, use PC2 to ping PC1, and it should succeed. Then use PC1 to ping PC2, and it should fail because the reply from PC2 should not pass through.

Page 3 of 3