ICND 1 LAB 1

Change Name and Router/Switch Password LAB Topology 1

Lab requirements: 1. Router Name:Router 2. Set Password to cisco, secret to cisco and vty to cisco 3. All the passwords are to be encrypted Lab Process: Router>en Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname ACE1_Router SET ROUTERS NAME ACE1_Router(config)#enable password cisco SET ROUTER PASSWORD ACE1_Router(config)#enable secret cisco SET ROUTER ENCRYPTION PASSWORD ACE1_Router(config)#line vty 0 4 ENABLE TELNET ACE1_Router(config-line)#password cisco REQUIRE PASSWORD AUTHENTICATION ACE1_Router(config-line)#login ACE1_Router(config-line)#exit ACE1_Router(config)#service password-encryption SET GLOBAL PASSWORD ENCRYPTION ACE1_Router(config)#exit ACE1_Router#sh run VIEW THE CONFIGURATION FILE

ICND 1 LAB 2
Set Route Port Address/Label and Save Settings LAB Topology 2

Lab requirements: 1. On the route ports set IP addresses on each port: A. Fastethernet 0/0 192.168.1.0 255.255.255.0 B. Serial 0/0 10.10.10.1 255.255.255.252 2. Set the router prompt message/banner to Welcome to ACE1_Router CCNAlab 3. Set the router serial port prompt message to ***Connected to ACE1_Router2*** 4. Save the Settings Lab Process: Router>en Router#config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#int fastEthernet 0/0 ENABLING THE FASTETHERNET PORT Router(config-if)#ip address 192.168.1.1 255.255.255.0 SET IP ADDRESS OF THE FASTETHERNET PORT Router(config-if)#no shutdown ACTIVATE THE INTERFACE *Mar 1 00:08:14.393: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up Router(config)#interface serial 0/0 ENABLING THE SERIAL PORT Router(config-if)#ip address 10.10.10.1 255.255.255.252 SET IP ADDRESS OF THE SERIAL PORT Router(config-if)#description ***Connected to ACE1_Router2*** SET PORT DESCRIPTION Router(config-if)#no shutdown ACTIVATE THE INTERFACE Router(config-if)#exit Router(config)#exit Router(config)#banner motd @ Welcome to ACE1_Router CCNAlab @ SET THE LOGIN GREETING Router#copy running-config startup-config SAVE THE SETTINGS Destination filename [startup-config]? Building configuration... [OK] Router#wr SAVE THE SETTINGS Building configuration... Router#

ICND 1 LAB 3
Basic Switch Command 1 LAB Topology 3

Lab Tips: The layer 2 switch has no ip address.If you want to manage the switch remotely, you must specify an ip address for it.The switch learns MAC addresses dynamically. It builds the MAC address table by listening to the incoming frames and examining the source MAC address in the frame. For network security, you can create MAC address mapping on the switch. Lab requirements: 1. Rename the switch to ACE1_Switch 2. The IP address of the switch is 192.168.1.2 /24 and the gateway is 192.168.1.1/24. 3. The MAC address is bound. The address of the computers connected the switch. Lab Process: Switch>en Switch #configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#hostname ACE1_Switch SET SWITCHS NAME ACE1_Switch(config)#interface vlan 1 ACE1_Switch(config-if)#ip address 192.168.1.2 255.255.255.0 SPECIFY AN IP ADDRESS FOR THE REMOTE MANAGEMENT OF THE SWITCH ACE1_Switch(config-if)#exit ACE1_Switch(config)#ip default-gateway 192.168.1.1 SPECIFY THE DEFAULT GATEWAY OF THE SWITCH ACE1_Switch(config)#mac-address-table static 0000.1111.2222 vlan 1 interface f0/5 MAP MAC ADDRESS OF THE COMPUTER/HOST TO A SPECIFIC FASTETHERNET PORT. ACE1_Switch(config)#exit ACE1_Switch# %SYS-5-CONFIG_I: Configured from console by console ACE1_Switch#wr Building configuration...

ICND 1 LAB 4
Basic Switch Command 2 LAB Topology 4

Lab requirements: 1. 2. 3. 4. Use port security. Set the maximum number of access to fa0/10 to 3 Port security includes: protect, restrict and shutdown. Common switch commands.

Lab Process: ACE1_Switch#config t Enter configuration commands, one per line. End with CNTL/Z. ACE1_Switch(config)#int fastEthernet 0/10 ACE1_Switch(config-if)#switchport mode access SET PORT TO ACCESS MODE ACE1_Switch(config-if)#switchport port-security ENABLE PORT SECURITY ACE1_Switch(config-if)#switchport port-security maximum 3 SET THE NUMBER OF MAXIMUM ACCESS TO THE PORT ACE1_Switch(config-if)#switchport port-security violation ? DEFINE PORT SECURITY IN ORDER OF PROTECT MODE, RESTRICT MODE OR SHUTDOWN MODE protect Security violation protect mode restrict Security violation restrict mode shutdown Security violation shutdown mode ACE1_Switch(config-if)#switchport port-security violation protect ACE1_Switch(config-if)#exit ACE1_Switch#sh run VIEW THE CONFIGURATION FILE ACE1_Switch#sh interface f0/1 VIEW THE INFORMATION ABOUT THE INTERFACE PORT ACE1_Switch#sh mac-address-table VIEW THE MAC ADDRESS TABLE ACE1_Switch#sh vlan VIEW THE VLAN INFORMATION ACE1_Switch#sh version CHECK THE SWITCH VERSION ACE1_Switch#erase startup-config DELETE CONFIGURATION FILES THAT HAS BEEN SAVED

ICND 1 LAB 5 Revert Router Password

LAB Topology 5

Lab requirements: 1. The router name is ACE1_Router.The console port of the router is connected to the COM Port of the PC through a rollover cable. 2. Set the password of the router to cisco and save the settings. 3. Restart the router and decrypt the password. Lab Process : Router>en Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname ACE1_Router SET ROUTERS NAME ACE1_Router(config)#enable password cisco SET ROUTER PASSWORD ACE1_Router(config)#enable secret cisco SET ROUTER ENCRYPTION PASSWORD ACE1_Router(config)#service password-encryption SET GLOBAL PASSWORD ENCRYPTION ACE1_Router(config)#exit ACE1_Router#copy running-config startup-config SAVE THE SETTINGS ACE1_Router(config)#reload When restarting the router, press CTRL+BREAK to enter rommon mode. >o/r 0x2142 or >confreg 0x2142 It depends on the Cisco Router Model CHANGE THE VALUE OF THE CONFIGURATION REGISTRY SO THAT YOU CAN ENTER THE SESSION MODE AFTER THE ROUTER IS RESTARTED >i or >boot RESTART THE ROUTER When you enter the session mode after the router is started, do not perform any configuration and enter IOS mode. Router>en Router#copy startup-config running-config LOAD THE CONFIGURATION TO THE RAM Destination filename [running-config]? PRESS ENTER %SYS-5-CONFIG_I: Configured from console by console 557 bytes copied in 0.416 secs (1338 bytes/sec)

ACE1_Router#config t Enter configuration commands, one per line. End with CNTL/Z. ACE1_Router(config)#no enable password DELETE THE PASSWORD ACE1_Router(config)#no enable secret DELETE THE PASSWORD ACE1_Router(config)#config-register 0x2102 RESET THE VALUE OF THE REGISTRY ACE1_Router(config)#exit ACE1_Router# ACE1_Router#copy running-config startup-config SAVE THE SETTINGS Destination filename [startup-config]? Building configuration... [OK] ACE1_Router#reload After the router is re started, you enter the privilege mode without a password.

ICND 1 LAB 6
CDP Command Operations/Configure Telnet Remote Access/ Create & Use of Loopback Interface LAB Topology 6

Lab requirements: 1. Router Name: ACE1_Router1, ACE1_Router2 and ACE1_Router3 2. Set to password to cisco, secret to cisco, and vty to cisco. All the passwords are required to be encrypted. 3. Configure all the routers. Lab Process: Configure Router 1 Router>en Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname ACE1_Router1 SET ROUTERS NAME ACE1_Router1(config)#enable password cisco SET ROUTER PASSWORD ACE1_Router1(config)#enable secret cisco SET ROUTER ENCRYPTION PASSWORD ACE1_Router1(config)#line vty 0 4 ENABLE TELNET ACE1_Router1(config-line)#password cisco REQUIRE PASSWORD AUTHENTICATION ACE1_Router1(config-line)#login ACE1_Router1(config-line)#exit ACE1_Router1(config)#service password-encryption SET GLOBAL PASSWORD ENCRYPTION ACE1_Router1(config)#exit ACE1_Router1(config)#interface serial 0/0 ENABLING THE SERIAL PORT ACE1_Router1(config-if)#ip address 10.10.2.1 255.255.255.252 SET IP ADDRESS OF THE SERIAL PORT ACE1_Router1 (config-if)#clock rate 64000 CONFIGURE CLOCK RATE IF SERIAL PORT IS DCE ACE1_Router1(config-if)#description ***Connected to ACE1_Router2*** SET PORT DESCRIPTION ACE1_Router1 (config-if)#no shutdown ACTIVATE THE INTERFACE Configure Router 2 and Router 3 the similar way the Router 1 is configured. The IP addresses of the interfaces are different. Set the clock rate of the DCE end on every MAN link. After all the routers are configured, you can view the information by using the following commands on router 2. ACE1_Router2#Show cdp DISPLAY CDP INFORMATION

ACE1_Router2#Show cdp neighbors DISPLAY SUMMARY INFORMATION ABOUT CDP NEIGHBORS ACE1_Router2#Show cdp neighbors detail DISPLAY DETAILED INFORMATION ABOUT CDP NEIGHBORS ACE1_Router2#Show cdp traffic DISPLAY INFORMATION ABOUT CDP DATA PACKETS ACE1_Router2#Show cdp entry* DISPLAY ALL THE INFORMATION ABOUT ADJACENT ROUTERS ACE1_Router2#Show cdp entry ACE1_Router1 DISPLAY DETAILED THE INFORMATION ABOUT ADJACENT ACE1_Router1 Commands for Telneting from ACE1_Router1 to ACE1_Router2: ACE1_Router1#telnet 10.10.2.2 Trying 10.10.2.2 open User Access Verification Password:cisco PASSWORD CONFIGURED ON THE VTY LOGIN ACE1_Router2>enable ACE1_Router2# Lab Requirements: 1. Router Name: ACE1_Router1, ACE1_Router2 and ACE1_Router3 2. Create a loopback interface on either of the routers and specify an IP address to every loopback interface. Lab Process: 1. The loopback interface is a logical virtual interface on the router. A router has no loopback interfaces by default, but they can be created on it. In normal cases, a router has fewer interfaces than a switch; therefore you need to create a loopback interface when doing a lab. A loopback interface is treated on the router like a physical interface. It can be assigned an IP address. Loopback interfaces are widely used. They are enabled by default. To disable a loopback interface, run the shutdown command. ACE1_Router2r#config t ACE1_Router2 (config)#int loopback ? <0-2147483647> Loopback interface number ACE1_Router2 (config)#int loopback 0 ENABLING THE LOOPBACK INTERFACE PORT ACE1_Router2 (config-if)#ip address 192.168.3.1 255.255.255.255 ACE1_Router2 (config-if)#exit ACE1_Router2#wr

ICND 1 LAB 7
Configuring Default Route and Static Route LAB Topology 6

Lab requirements: 1. Router Name: ACE1_Router1, ACE1_Router2 and ACE1_Router3 2. Configure Default Routes on router ACE1_Router1 and ACE1_Router3 3. Configure a Static Route on router ACE1_Router2. 4. Configure the security features (telnet, console port, enable secret) on all the routers and switch. 5. Encrypt all the password settings. 6. Configure the IP addresses on the following ports(Serial, Fastethernet and Loopback) as required. 7. Perform PING and Traceroute operations from PC 1 to PC 2 Lab Process: 1. Configure ACE1_Router1 ACE1_Router1#config t Enter configuration commands, one per line. End with CNTL/Z. ACE1_Router1(config)#ip route 0.0.0.0 0.0.0.0 10.10.2.2

2. Configure ACE1_Router3 ACE1_Router3#config t Enter configuration commands, one per line. End with CNTL/Z. ACE1_Router3(config)#ip route 0.0.0.0 0.0.0.0 10.10.1.2 3. Configure ACE1_Router2 ACE1_Router3#config t ACE1_Router2(config)#ip route 192.168.1.0 255.255.255.0 10.10.1.1 ACE1_Router2(config)#ip route 192.168.3.3 255.255.255.255 10.10.1.1 ACE1_Router2(config)#ip route 192.168.2.0 255.255.255.0 10.10.2.1