ZOOM TECHNOLOGIES CCNA LAB GUIDEZoom Technologies® 1 INITIAL ROUTER CONFIGURATION User mode: Router > Router > enable Privilege mode: Router # Router # configure terminal Global configuration mode: Router(config) # Assigning ip address to Ethernet interface: Router(config) # interface <interface type> <interface no> Router(config-if) # ip address <ip address> <subnet mask> Router(config-if) # no shut Assigning Telnet password: Router(config) # line vty 0 4 Router(config-line) #login Router(config-line) #password <password> Router(config-line) #exit Router(config) #exit Assigning console password: Router(config) # line con 0 Router(config-line) # login Router(config-line) # password <password> Router(config-line) # exit Router(config) # exit Assigning Auxiliary password: Router(config) # line aux 0 Router(config-line) # login Router(config-line) # password <password> Router(config-line) # exit Router(config) # exit Assigning enable password: Router(config) # enable secret <password> Router(config) # enable password <password> (Interface mode) (line mode) (line mode) (line mode) (To encrypt the password) Zoom Technologies® 2 Password protection on the Console session 5. Command line editing 10.Show commands: Router Router Router Router # # # # show show show show running-config startup-config version flash Commands to save the configuration: Router # copy running-config startup-config ( OR ) Router # write memory ( OR ) Router # wr Enabling password authentication against the local database Router(config)#line vty 0 4 Router(config-line)#login local Router(config-line)#exit 1.Display the contents of Startup-configuration 13. 7.Display the contents of Running-Configuration 12. Enabling password authentication against the local database 8. Establishing a console session to the Router 2.Context sensitive help 11. Please feel free to drop your complaints/suggestions in the suggestions box Zoom Technologies® 3 . Configuring Ethernet interface of the Router 3. Setting Enable Password. Establish Telnet session to the Router 4. Password protection on the Telnet session 6. Configuring of the hostname 9.Saving the Configuration Important Note Please don’t forget to fill in the Lab Completion Report after the lab and take the signature of the lab coordinator as Course completion certificate will not be issued otherwise. 2 255.3.2/8 E0/0 192.0 (config-if) # no shutdown (config-if) # clock rate 64000 (config-if) # encapsulation hdlc (config-if) # ^z # configure terminal (config) # interface serial 0 (config-if) # ip address 11.168.1 255.0.192.0.168.0.0.2.0.150/24 LAN .2/8 CHE E0/0 192.0.1/8 S0/0 HYD E0/0 192.0.168.0.0 (config-if) # no shutdown (config-if) # encapsulation hdlc (config-if) # clock rate 64000 (config-if) # ^z ON BAN: BAN # configure terminal BAN (config)#interface serial BAN(config-if)#ip address 11.0.0 BAN (config-if) # no shutdown BAN (config-if) # encapsulation hdlc BAN (config-if) # ^z Zoom Technologies® 4 .0.150/24 BAN S0/1 11.0/24 LAN .WAN INTERFACE CONFIGURATION: 10.0.0.1.1 255.192.2.0/24 LAN .150/24 S0/1 10.2 255.168.0.0.0.1/8 S0/0 11.0.0.0.3.0.168.0 HYD (config-if)# no shutdown HYD (config-if)# encapsulation hdlc HYD (config-if)# exit HYD (config)# exit ON CHE: CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE # configure terminal (config) # interface serial 0/1 (config-if) # ip address 10.0.1.0/24 ON HYD: HYD# configure terminal HYD (config)# interface serial 0/0 HYD (config-if)# ip address 10.0.0.192.0.0.168. Zoom Technologies® 5 . 4. Serial 0/0 is up .Show commands: Router # show interfaces s 0/0 1. 3. line protocol is down (Encapsulation mismatch or clock rate has to be given on dce) Serial 0/0 is down. 2. line protocol is down (No Shutdown has to be given on the local router serial interface) Serial 0/0 is up. line protocol is down (Serial interface on the remote router has to be configure) Router # show controllers s0/0 (To know whether the cable connected to the serial interface is DCE or DTE) Zoom Technologies® 6 . line protocol is up (connectivity is fine) Serial 0/0 is administratively down. STATIC ROUTING 10.0 255.0.1 BAN(config) # ip route 192.0.2/8 E0/0 192.0.1.0.168.1.255.2/8 CHE E0/0 192.168.2.2 ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # ip route 192.168.0.0/24 LAN .2.2 HYD(config) # ip route 192.1.2 AREA 0 ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # ip route 192.2.0.3.0.3.0.0/24 LAN .0.0.255.3.0 11.0 10.0.0.0 11.192.1 BAN(config) # ip route 10.1/8 S0/0 11.168.255.1 Show commands: ROUTER # show ip route Zoom Technologies® 7 .255.0.2 HYD(config) # ip route 11.255.1/24 LAN .0 10.0 255.255.1/24 S0/1 10.255.0.255.0.168.0.0.168.0.255.0.0 10.0.1/24 BAN S0/1 11.0 255.2.192.255.0 10.0.0.168.1.0 255.168.0 11.0.0 255.255.0.0 255.0/24 ON HYD : HYD # config terminal HYD(config) # ip routing HYD(config) # ip route 192.0.168.0.0.0 255.0.1/8 S0/0 HYD E0/0 192.0.192.168.0.0 11.255.0 255.3.168.0.168.1 CHE(config) # ip route 192.0. 5. 12. Understanding the importance of debug IP packet command. Understanding the routing table. 4. Understanding the • • • • • Sending Unrouteable Encapsulation failed Forward Sending. Understanding the importance of debug ARP command. 13. 10.1. 11. Understanding the importance of keepalives.Monitoring the routing table changes by debugging. Understanding the importance of extended ping command.Adding a static route by defining the exit interface. 8. received. 6. 7.Adding a static route by defining the next hop address. Importance of clock rate command. 3. Assign the ipaddress IP addresses and making the interface administratively up. Zoom Technologies® 8 . 9. 2.Adding a default route. Understanding the importance of debug ip icmp command. 168.RIP: 10.0 HYD(config-router) # network 10.2/8 E0/0 192.0.0/24 ON HYD : HYD#config terminal HYD(config)#ip routing HYD(config)#router rip HYD(config-router)# network 192.192.1/24 BAN S0/1 11.0.168.168.0.192.0.0.192.3.0.0.0.0.0 HYD(config-router) #^z AREA 0 HYD# ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # router rip CHE(config-router) # network 192.0 0 CHE(config-router) # ^z CHE# ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router rip BAN(config-router) # network 192.2/8 CHE E0/0 192.168.0 BAN(config-router) # network 11.2.0 0 CHE(config-router) # network 11.0 0 BAN(config-router) # ^z BAN# Show commands: HYD # show ip route HYD # show ip protocols HYD # debug ip rip HYD# terminal monitor Zoom Technologies® 9 .1/8 S0/0 HYD E0/0 192.1.2.0.0.1/8 S0/0 11.0/24 LAN .0.168.168.1/24 LAN .0.168.0/24 LAN .3.0.2.3.168.0.1.1/24 S0/1 10.1.168.0.0 CHE(config-router) # network 10. Adding a static route with different administrative distance. Split horizon 6. Hold-Down timer 9.1. Understanding the RIP updates using debug IP RIP command 4. Effect of passive-interface command 7.Flash Updates 13. Changing the basic timers 5. Route poison 10.Poison reverse 11.Flush Interval 12. Zoom Technologies® 10 . Invalid Timer 8. Enabling RIP Protocol process on the respective networks 2. Understanding the RIP protocol routes in the routing table 3. 255.0/24 LAN .255 area 0 HYD(config-router) #^z HYD# ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # router ospf 3 CHE(config-router) # network 192.0.2.1.255.255.168.168.0.0.168.0.255 area 0 BAN(config-router)#network 11.255 area 0 CHE(config-router) # ^z CHE# ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router ospf 3 BAN(config-router)#network 192.168.0 0.0 0.0.3.168.0.255.0.0 0.255.0 0.1.0.0 0.0/24 LAN .0.255.168.1/24 S0/1 10.168.2/8 E0/0 192.AREA 0 10.1/24 BAN S0/1 11.0.0.255 area 0 CHE(config-router) # network 11.0.255 area 0 BAN(config-router)#^z BAN# AREA 0 Show commands: HYD # show ip route HYD # show ip ospf database HYD # show ip ospf neighbors Zoom Technologies® 11 .3.255 area 0 HYD(config-router)#network 10.192.0.0.255.168.1.2/8 CHE E0/0 192.2.1/8 S0/0 11.1/24 LAN .0 0.2.0.168.192.1/8 S0/0 HYD E0/0 192.255 area 0 CHE(config-router) # network 10.0/24 ON HYD : HYD # config terminal HYD(config) # ip routing HYD(config) # router ospf 5 HYD(config-router)#network 192.192.0 0.0.3.0.0.255.0.0.0.0. Verification of OSPF database 9. 7. Automatic selection process of router-id 3. 10. Zoom Technologies® 12 . Verification of OSPF Neighbor table. Debugging and understanding the functioning of hello protocol 6.Election of DR/BDR 11. Debugging and understanding the adjacency formation.1.Configuration of OSPF in Multiple Areas. Configuration of OSPF 2. Understanding the different neighbor states 8. Manual selection of router-id 4. Manipulation of hello-interval 5. 2/8 CHE E0/0 192.1/24 BAN S0/1 11.2.2.0 CHE(config-router)#network 10.168.0.EIGRP: 10.0 BAN(config-router)#exit BAN(config)#exit Show commands: HYD # show ip route HYD # show ip protocols debug commands: HYD # debug ip eigrp events HYD # debug ip eigrp transaction HYD # debug eigrp packets Zoom Technologies® 13 .0 CHE(config-router)#network 11.1.168.1/8 S0/0 11.168.1.1/24 LAN .0.0.0 HYD(config-router)# exit AREA 0 HYD(config) # exit ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # router eigrp 10 CHE(config-router)#network 192.0.0.168.3.192.2.0/24 LAN .168.0 HYD(config-router)# network 10.0.0.168.0.0 BAN(config-router)#network 11.2/8 E0/0 192.0.192.3.1/8 S0/0 HYD E0/0 192.1/24 S0/1 10.0.192.168.0/24 LAN .0.3.0.0.0 CHE(config-router)#exit CHE(config) # exit Show commands: HYD # show ip eigrp topology / all HYD # show ip eigrp neighbor HYD # show ip eigrp neighbor details ON BAN: BAN # config terminal BAN(config) # ip routing BAN(config) # router eigrp 10 BAN(config-router)#network 192.168.0.0.0/24 ON HYD: HYD # config terminal HYD(config) # ip routing HYD(config) # router eigrp 10 HYD(config-router)# network 192.0.1.168. Debugging and Understanding the Dual Concepts Zoom Technologies® 14 . Configuration of EIGRP 2.1. Calculation of the parameters of DUAL 4. Configuring delay for all the interfaces 3. Verification of DUAL parameters 5. 168.0.168.2/8 CHE E0/0 192.1/8 S0/0 HYD E0/0 192.0.0.168.1.0.0 0 BAN(config-router) # ^z BAN# Zoom Technologies® 15 .0.1/24 LAN .0 0 CHE(config-router) # ^z CHE# ON BAN: BAN # config terminal BAN(config)#ip routing BAN(config)#router rip BAN(config-router)#network 192.0/24 LAN .0.192.1.2.0.3.0.168.0.2/8 E0/0 192.0.168.1/24 BAN S0/1 11.0.2.3.168.0.0 0 CHE(config-router)#network 11.168.0/24 ON HYD : HYD # config terminal HYD(config) # ip routing HYD(config) 0 router rip AREA # HYD(config-router)#network 192.1.0.0.0.1/24 S0/1 10.0 HYD(config-router) #^z HYD# ON CHE : CHE # config terminal CHE(config) # ip routing CHE(config) # router rip CHE(config-router)#network 192.168.0 CHE(config-router)#network 10.1/8 S0/0 11.3.0.192.2.0 BAN(config-router)#network 11.0 HYD(config-router) # network 10.0/24 LAN .192.STANDARD ACCESSLIST: 10.168. 2.0 CHE (config)#access-list 1 permit any CHE (config)#interface Ethernet 0 CHE (config-if) # ip access-group 1 out CHE (config-if) # exit CHE (config) # exit Che # show ip access-list Note: Use the command prompt of a PC try to ping the filtered ip address Zoom Technologies® 16 .10 ON CHE: CHE #config terminal CHE (config) # access-list 1 permit 192.168.0.0.10 0.10 0.0.3.3.0 should communicate with 192.1.0 CHE (config) # line vty 0 4 CHE (config-line) # ip access-class in CHE (config-line) # exit CHE (config) # exit CHE # show ip access-list SCENARIO 3: Configuration of an standard access-list on Chennai Ethernet 0 in the outbound direction denying 192.0.168.168.168.SCENARIO 1: Only 192.255 HYD (config) # int e0 HYD (config-if) # ip access-group 1 out HYD (config-if) # exit HYD (config) # exit SCENARIO 2: Configuration of an access-list on Chennai that administrative access through Telnet is possible only from 192.168.10 ON CHE: CHE #config terminal CHE (config) # access-list 1 deny 192.2.3.168.168.0.0 0.0 ON HYD: HYD #config terminal HYD (config) # access-list 1 permit 192.3.0. 0.0.0.1.168.0.1/24 BAN S0/1 11.168. On Hyd: Hyd#configure terminal Hyd(config)#access-list 111 deny tcp 192.0 and permitting any other service.3.168.0 to 192.168.192.EXTENDED ACCESSLIST: 10.2.255 echo hyd(config)#access-list 110 permit ip any any hyd(config)#interface serial 0 hyd(config-if)#ip access-group 110 in hyd(config-if)^z Hyd # sh ip access-list hyd(config)#access-list 111 permit ip any any hyd(config)#interface serial 0 hyd(config-if)#ip access-group 111 in hyd(config-if)^z Hyd # sh ip access-list Zoom Technologies® 17 .255 192.0 and permitting and denying ping from any network to 192.1.0/24 LAN .0/24 SCENARIO :2 Configuration of an extended access-list on Hyd Serial 0 in inbound direction denying PING (Echo) from 192.0.168.0.2/8 E0/0 192.168.0.0 0.0 eq ftp chen(config)#interface ethernet 0 chen(config-if)#ip access-group 101 out chen(config-if)#exit chen(config)# CHE # sh ip access-list SCENARIO :3 Configuration of an extended access-list on Hyd serial 0 in inbound direction denying HTTP from 192.3.1/24 S0/1 10.255 eq 80 On Hyd: Hyd#configure terminal Hyd(config)#access-list 110 deny icmp 192.168.2.3.168.0.0 0.3.2.3.0.1/8 S0/0 11.0.168.0 0.168.0.0 to 192.192.2. SCENARIO :1 Configuration of an extended access-list on Chennai Ethernet 0 in the outbound direction permitting only FTP service from the network 192.192.168.168.168.0/24 LAN .168.1.168.2.0.10 0.1.10 On CHE: Chen#configure terminal Chen(config)#access-list 101 permit tcp 192.1.0.0.0.1/8 S0/0 HYD E0/0 192.1/24 LAN .168.0.0 0.2.0.1.168.0.3.1.2/8 CHE E0/0 192.255 192.0 to 192.0.0 0.0.0.168.168.255 192. Zoom Technologies® 18 . Zoom Technologies® 19 . Configuration of an extended access-list on Hyd Serial 0 in inbound direction denying PING (Echo) from 192. Configuration of an extended access-list on Hyd serial 0 in inbound direction denying HTTP from 192.2.168.0 and permitting and denying ping from any network to 192.0.168. Configuration of an access-list on Chennai that administrative access through Telnet is possible only from 192.168.3. Configuration of an extended access-list on Chennai Ethernet 0 in the outbound direction permitting only FTP service from the network 192.0 2.3.168.0 and permitting any other service.2.10 3. permitting only 192.168.168.0 to 192.168.10 5.3.0 to 192. Configuration of a Standard access-list on Hyd Ethernet 0 in the out bound direction.3.1. configuration of an standard access-list on Chennai Ethernet 0 in the outbound direction denying 192.1. 6.2.0 to 192.1.168.168.10 4.1.168. 1.2/8 S0/1 HYD E0/0 192.0.192.3.1/8 S0/0 FRAME-RELAY SWITCH S0/1 S0/0 10.1/24 DLCI NO : 100 CHE E0/0 192.1/24 BAN E0/0 192.0.1/24 DLCI NO : 200 LAN .2.168.1.0.168.168.3.168.FRAME-RELAY 10.0/24 LAN .0/24 Zoom Technologies® 20 .2.168.192.168.0/24 LAN .0.192. 0 (config-router) # network 10.168.0 (config-if) # no shut (config-if) # encapsulation frame-relay (config-if) # frame-relay lmi-type cisco (config-if) # frame-relay interface-dlci 200 (config-if) # exit (config) # ip routing (config) # router rip (config-router) # network 192.2 255.0.0.0.0.0.0 (config-router) # exit (config) # exit Show commands: ROUTER# show frame-relay pvc ROUTER# show frame-relay map ROUTER # show ip route Zoom Technologies® 21 .0.0 (config-router) # network 10.0.1 255.1.CONFIGURATION ON HYD : HYD HYD HYD HYD HYD HYD HYD HYD HYD HYD HYD HYD HYD # config terminal (config) # interface s 0/0 (config-if) # ip address 10.0.0.0 (config-if) # no shutdown (config-if) #encapsulation frame-relay (config-if) #frame-relay lmi-type cisco (config-if) #frame-relay interface–dlci 100 (config-if) #exit (config) # ip routing (config) # router rip (config-router) # network 192.0 (config-router) #^Z ON CHE : CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE CHE # config terminal (config) # frame-relay switching (config) # interface s 0/1 (config-if) # no ip address (config-if) # no shutdown (config-if) # encapsulation frame-relay (config-if) # clockrate 64000 (config-if) # frame-relay intf-type dce (config-if) # frame-relay lmi-type cisco (config-if) # frame-relay route 100 interface s0/0 200 (config-if) # exit (config) # interface s 0/0 (config-if) # no ip address (config-if) # no shutdown (config-if) # encapsulation frame-relay (config-if) # clockrate 64000 (config-if) # frame-relay intf-type dce (config-if) # frame-relay lmi-type cisco (config-if) # frame-relay route 200 interface s0/1 100 (config-if) # exit (config) # exit ON BAN: BAN BAN BAN BAN BAN BAN BAN BAN BAN BAN BAN BAN BAN BAN # config terminal (config) # interface s 0/1 (config-if) # ip add 10.168.3.0.0.0. Zoom Technologies® 22 . Verification of the routing tables. Configuration of the router as a frame-relay switch 2. 9. Verification of the frame relay map tables 7.1. Configurations of the static frame relay mappings 5. Zoom Technologies® 23 . Changing the encapsulation type to frame relay 3. Configuration of the head office and branch office routers with rip 8. Verification of the reachability. Creation of PVCs by defining DLCI numbers 4. Observation of the status of PVCS in a frame relay switch 6. Zoom Technologies® 24 . 168.168.5 2950(config)# switchport access vlan 20 TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit ON 192.50 VLAN CREATION: 2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt ASSIGNING MEMBERSHIP TO THE PORTS: 2950(config) # interface range fa0/1 -2 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/4 .ON 192.20.51 VLAN CREATION: 2950 # config terminal 2950(config) # vlan 10 2950(config-vlan) # name sales 2950(config) # vlan 20 2950(config-vlan) # name mkt ASSIGNING MEMBERSHIP TO THE PORTS: 2950(config) # interface range fa0/13 .17 2950(config)# switchport access vlan 20 TRUNKING: 2950 # config terminal 2950(config) #interface fa0/24 2950(config-if) # switchport mode trunk 2950(config-if) # switchport trunk allowed vlan all 2950(config-if) # exit Zoom Technologies® 25 .20.14 2950(config-if) # switchport mode access 2950(config-if) # switchport access vlan 10 2950(config-if) # exit 2950(config)#interface range fa0/16 . Creation of VLAN 3. 7. Understanding the concepts of address learning 2.1. Understanding the concepts of VTP modes • • • Server mode Client mode Transparent mode Zoom Technologies® 26 . Configuration of the Trunk link between the router and a switch 5. Inter-VLAN communication through an external router. Assigning the hosts to a particular VLAN 4. Configuration of encapsulation for the trunk link 6. 255.168.255.0 router(config-if)#exit router(config)#no ip routing router(config)#ip routing Zoom Technologies® 27 .2 router(config-if)#encapsulation dot1q 20 router(config-if)#ip address 192.1.1 router(config-if)#encapsulation dot1q 10 router(config-if)#ip address 192.2.1 255.Inter-VLAN Routing Configuration on Switch Switch#configure terminal Switch(config)#vlan 10 Switch(config-vlan)#name sales Switch(config-vlan)#exit Switch(config)#vlan 20 Switch(config-vlan)#name mkt Switch(config-vlan)#exit Switch(config)#interface range fa0/1 – 2 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 10 Switch(config-if-range)#exit Switch(config)#interface range fa0/5 – 6 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 20 Switch(config-if-range)#exit Switch(config)#interface fa0/10 Switch(config-if)#switchport mode trunk Switch(config-if)#exit Switch(config)# Configuration on Router router#configure terminal router(config)#interface Ethernet 0 router(config-if)#no ip address router(config-if)#no shut router(config-if)exit router(config)#interface Ethernet 0.0 router(config-if)#exit router(config)#interface Ethernet 0.1 255.168.255.255. Configuring port security Switch65(config-if)#Switchport Switch65(config-if)#Switchport Switch65(config-if)#Switchport Switch65(config-if)#Switchport port-security port-security maximum <vlalue> port-security mac-address <mac-address> port-security violation {protect|restrict|shutdown} Zoom Technologies® 28 . 0.0.255.0.0.1 255.1 Router(config-if)# Tunnel Destination 11.0.168.255.0.1 255.1 Router(config-if)# Tunnel Destination 12.0.1 Routing Protocol Configuration Router(config)#no ip routing Router(config)# ip routing Router(config)#router rip Router(config-router)# network 192.255.0 Router(config-if)# Tunnel Source 12.2 255.1 255.0.0.168.0 29 Zoom Technologies® .0 Router(config-if)#no shutdown Router(config-if)#encapsulation hdlc Router(config-if)#exit Configuring Tunnel Router(config)# interface tunnel 1 Router(config-if)# Ip address 192.1 Routing Protocol Configuration Router(config)#no ip routing Router(config)# ip routing Router(config)#router rip Router(config-router)# network 192.0.0.168.168.0.0 Router(config-router)# network 192.0.0 Interface serial 1 configuration Router#configure terminal Router(config)#interface serial 1 Router(config-if)#ip address 12.255.Interface serial 0 configuration Router#configure terminal Router(config)#interface serial 0 Router(config-if)#ip address 11.0 Router(config-router)# network 192.2.0.168.0.0.0 Router(config-if)#no shutdown Router(config-if)#encapsulation hdlc Router(config-if)#exit Configuring Tunnel Router(config)# interface tunnel 1 Router(config-if)# Ip address 192.0.0.0.1.0.168.0 Router(config-if)# Tunnel Source 11.