Guaranteed Higher Grade!
Free Quote
1. Why do you need to configure 0.0.0.1 for R1 and 0.0.0.2 for R2 when setting the router ids for OSPF?
2. What happens if you include the R2 Lo0 network in the OSPF process?
3. What is the purpose of using NAT on R1 instead of R2?
4. Why is TFTP used to backup and restore configurations as opposed to FTP or SSH?
5. Why is it a good idea to backup the running configuration and not the stored configuration on the routers and switches?
Another Moscovium Network Consulting project has come your way. This project will require you to configure six devices in a small-medium network. Specifically, you must configure two routers, two switches, and two PCs. You will also have to implement secure management, Single-Area OSPFv2 routing, Network Address Translation, and some access-control lists. Finally, you will implement a TFTP backup process for the device configurations.
Part 1: Initialize, Reload and Configure Basic Device Settings
Part 2: Configure and Single Area OSPFv2
Part 3: Optimize Single Area OSPFv2
Part 4: Configure Access Control, NAT, and perform configuration backup
Pacet Tracer Required Resources
|
Device |
Interface |
IP Address |
Subnet Mask |
Default Gateway |
|
R1 |
G0/0/0 |
10.67.254.2 |
255.255.255.252 |
N/A |
|
R1 |
G0/0/1 |
192.168.1.1 |
255.255.255.0 |
N/A |
|
R1 |
Lo0 |
10.52.0.1 |
255.255.255.248 |
N/A |
|
R2 |
G0/0/0 |
10.67.254.1 |
255.255.255.252 |
N/A |
|
|
G0/0/1 |
10.67.1.1 |
255.255.255.0 |
N/A |
|
|
Lo0 |
209.165.201.1 |
255.255.255.224 |
N/A |
|
S1 |
VLAN 1 |
192.168.1.2 |
255.255.255.0 |
192.168.1.1 |
|
S2 |
VLAN 1 |
10.67.1.2 |
255.255.255.0 |
10.67.1.1 |
Configuration tasks for R1 and R2 include the following:
|
Task |
Specification |
|
Disable DNS lookup |
|
|
Router name |
R1 or R2, as appropriate |
|
Domain name |
ccna-lab.com |
|
Encrypted privileged EXEC password |
ciscoenpass |
|
Console access password |
ciscoconpass |
|
Set the minimum length for passwords |
10 characters |
|
Create an administrative user in the local database |
Username: admin Password: admin1pass |
|
Set login on VTY lines to use local database |
|
|
Set VTY lines to accept SSH connections only |
|
|
Encrypt the clear text passwords |
|
|
Configure an MOTD Banner |
|
|
Configure interface G0/0/1 |
Set the description Set the Layer 3 IPv4 address Activate Interface |
|
Configure interface G0/0/0 |
Set the description Set the Layer 3 IPv4 address Activate Interface |
|
Configure interface Lo0 |
Configure IPv4 address |
|
Generate an RSA crypto key |
1024 bits modulus |
Step 3: Configure S1 and S2.
Configuration tasks for the switches include the following:
|
Task |
Specification |
|
Disable DNS lookup |
|
|
Switch name |
S1 or S2, as appropriate |
|
Domain name |
ccna-lab.com |
|
Encrypted privileged EXEC password |
ciscoenpass |
|
Console access password |
ciscoconpass |
|
Shutdown all unused interfaces |
|
|
Create an administrative user in the local database |
Username: admin Password: admin1pass |
|
Set login on VTY lines to use local database |
|
|
Set VTY lines to accept SSH connections only |
|
|
Encrypt the clear text passwords |
|
|
Configure an MOTD Banner |
|
|
Generate an RSA crypto key |
1024 bits modulus |
|
Configure Management Interface (SVI) for VLAN 1 (the Management VLAN) |
Set the Layer 3 IPv4 address |
|
Configure Default Gateway |
|
Task |
Specification |
|
Configure the OSPF routing process |
Use process id 1 |
|
Manually configure the router id |
Use 0.0.0.1 for R1 and 0.0.0.2 for R2 |
|
Configure network statements |
Configure a network statement for each locally attached network using a wild card mask that matches each network’s subnet mask Note: R2 Lo0 network should not be included in the OSPF process. |
Step 1: Configure R1.
Configuration Tasks for R1 include the following:
|
Task |
Specification |
|
Configure passive interfaces |
Configure all interfaces that are not directly connected to an OSPF neighbor to be passive |
|
Configure the reference bandwidth |
Adjust the reference bandwidth to 1 Gigabit |
|
Configure Loopback 0 to report the mask it is configured with instead of a host mask |
Configure Loopback0 as a point-to-point network for OSPF |
|
Tune the timers for your network |
Configure the hello time for 30 seconds |
Configuration tasks for R2 include the following:
|
Task |
Specification |
|
Configure passive interfaces |
Configure all interfaces that are not directly connected to an OSPF neighbor to be passive |
|
Configure the reference bandwidth |
Adjust the reference bandwidth to 1 Gigabit |
|
Provide default routing for the OSPF domain |
Configure a static default route with loopback 0 as the exit interface, then share the default information with other OSPF speakers |
|
Tune the timers for your network |
Configure the hello time for 30 seconds |
|
Tune the DR/BDR election to favor R2 |
Set the OSPF priority for R2 to a value of 50 |
Step 1: Configure host computers.
Configure the host computers PC-A and PC-B with IPv4 addresses. (4 points)
|
Description |
PC-A |
PC-B |
|
IP Address |
192.168.1.50 |
10.67.1.50 |
|
Subnet Mask |
255.255.255.0 |
255.255.255.0 |
|
Default Gateway |
192.168.1.1 |
10.67.1.1 |
After configuring each host computer, perform the following tests: (4 points)
|
Source |
Target |
Protocol |
Expected Result |
|
PC-A |
PC-B |
Ping |
Success |
|
PC-A |
https://209.165.201.1 |
HTTPS |
Success |
|
PC-A |
209.165.201.1 |
SSH |
Success |
|
PC-B |
209.165.201.1 |
SSH |
Success |
If you get different results, troubleshoot your OSPF and host configurations.
Note: If you are unable to access 209.165.201.1 via https, enter ip http secure-server at R2 CLI. R2(config)# ip http secure-server
Step 2: Configure Access Control on R2.Create and apply an access control list on R2 named R2-SECURITY to do the following:
|
Task |
Specification |
|
Create an access control list |
R2-SECURITY |
|
Control HTTP and HTTPS traffic |
Only hosts from the 10.0.0.0/8 network are allowed to reach the web server at 209.165.201.1 |
|
Control SSH traffic |
SSH is not allowed to the address 209.165.201.1 |
|
Permit traffic |
All other traffic, regardless of protocol, is allowed |
|
Apply the ACL |
Filter traffic originating from R1 |
After configuring and applying the ACL, perform the following tests: (2 points)
|
Source |
Target |
Protocol |
Expected Result |
|
PC-A |
PC-B |
Ping |
Success |
|
PC-A |
https://209.165.201.1 |
HTTPS |
Failure |
|
PC-A |
209.165.201.1 |
SSH |
Failure |
|
PC-B |
209.165.201.1 |
SSH |
Success |
If you get different results, double check your ACL configuration and application.
Step 3: Configure NAT.The decision has been made that the entire organization should be using addresses in the 10.0.0.0/8 network space. R1’s LAN is out of compliance. There are applications and services running in the R1 LAN that cannot have their IP address changed without the entire system being rebuilt, so NAT is in order. Here are the configuration tasks at R1:
|
Task |
Specification |
|
Remove 192.168.1.0/24 from OSPF |
Remove the appropriate network statement at R1 |
|
Create an ACL to identify hosts allowed to be translated |
Create an ACL that matches the 192.168.1.0 network |
|
Configure Port Address Translation on the outside interface of R1 |
Configure the NAT association between the ACL and the interface g0/0/0 so that it uses port address translation |
|
Identify the interfaces involved in NAT |
Specify inside or outside on the appropriate interfaces |
Step 4: Backup all device configurations.
|
Task |
Specification |
|
Using the TFTP server on PC-B, backup the running configuration of all of your devices to PC-B using the TFTP protocol |
Psychology Degrees in Singapore: Your Guide to a Bright Future
With the growing focus on mental health concerns and the increase in mental healthcare, psychology
Understanding the SUSS Grading System in Singapore: A Comprehensive Guide
One of Singapore’s leading autonomous educational institutions, the Singapore University of Socia
GPA Grading System in Singapore: A Complete Guide for Students
The Grade Point Average (GPA) system plays a critical role in the academic evaluation of students a
Understanding the SMU Grading System: A Comprehensive Guide for Students
Singapore Management University (SMU) is a premier university situated in the heart of Singapore, a
