Scribd Logo
Upload

Welcome to Scribd!

  • ESwitching Basic Switching

    Uploaded by

    milenvd
    611 views9 pages
    ESwitching Basic Switching

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    ESwitching Basic Switching

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    611 views9 pages

    ESwitching Basic Switching

    Uploaded by

    milenvd
    ESwitching Basic Switching

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    ESwitching Basic Switching/Wireless PT PracticeSBA

    A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any exam windows during the exam. 2. Do not close Packet Tracer when you are done. It will close automatically. 3. Click the Submit Assessment button to submit your work.

    Introduction
    In this practice Packet Tracer Skills Exam, you will: configure VLANs using VTP configure inter-VLAN routing modify STP configure port security add a wireless LAN

    Addressing Table
    Device Interface Fa0/0.10 Fa0/0.20 Router1 Fa0/0.43 Fa0/0.67 Internet WRS SW_DS1 SW_AC2 SW_AC3 PC1 PC2 PC3 PC4 Wireless VLAN 43 VLAN 43 VLAN 43 NIC NIC NIC NIC Address 172.16.10.1 172.16.20.1 172.16.43.1 172.16.67.1 172.16.67.10 172.16.100.1 172.16.43.11 172.16.43.12 172.16.43.13 172.16.10.10 172.16.20.10 172.16.10.11 DHCP assigned Subnet Mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 Default Gateway n/a n/a n/a n/a 172.16.67.1 n/a 172.16.43.1 172.16.43.1 172.16.43.1 172.16.10.1 172.16.20.1 172.16.10.1 172.16.100.1

    Note: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

    Preparations: If you are setting up your network diagram from scratch, then you can do first basic router/switch configuration as follows: Switch(config)#hostname SW_DS1 SW_DS1(config)#enable secret class SW_DS1(config)#line console 0 SW_DS1(config-line)#password cisco SW_DS1(config-line)#login SW_DS1(config-line)#exit SW_DS1(config)#line vty 0 15 SW_DS1(config-line)#password cisco SW_DS1(config-line)#login SW_DS1(config-line)#exit SW_DS1(config)#banner motd #Autorized access only!#

    Switch(config)#hostname SW_AC2 SW_AC2(config)#enable secret class SW_AC2(config)#line console 0 SW_AC2(config-line)#password cisco SW_AC2(config-line)#login SW_AC2(config-line)#exit SW_AC2(config)#line vty 0 15 SW_AC2(config-line)#password cisco SW_AC2(config-line)#login SW_AC2(config-line)#exit SW_AC2(config)#banner motd #Authorized access only!#

    Switch(config)#hostname SW_AC3 SW_AC3(config)#enable secret class SW_AC3(config)#line console 0 SW_AC3(config-line)#password cisco SW_AC3(config-line)#login SW_AC3(config-line)#exit SW_AC3(config)#line vty 0 15 SW_AC3(config-line)#password cisco SW_AC3(config-line)#login SW_AC3(config-line)#exit SW_AC3(config)#banner motd #Authorized access only!#

    Router(config)#hostname Router1 Router1(config)#enable secret class Router1(config)#line console 0 Router1(config-line)#password cisco Router1(config-line)#login Router1(config-line)#loggin synchronous Router1(config-line)#exit Router1(config)#line vty 0 4 Router1(config-line)#password cisco Router1(config-line)#login Router1(config-line)#exit Router1(config)#banner motd #Authorized access onlt#

    Step 1: Configure the Switches for Remote Access.


    Create, enable, and address VLAN43 as the management interface on all three switches. Use the values found in the addressing table.

    SW_DS1(config)#interface vlan 43 SW_DS1(config-if)#ip address 172.16.43.11 255.255.255.0 SW_DS1(config-if)#no shutdown SW_DS1(config-if)#exit SW_DS1(config)#ip default-gateway 172.16.43.1 SW_AC2(config)#inteface vlan 43 SW_AC2(config-if)#ip address 172.16.43.12 255.255.255.0 SW_AC2(config-if)#no shutdown SW_AC2(config-if)#exit SW_AC2(config)#ip default-gateway 172.16.43.1 SW_AC3(config)#inteface vlan 43 SW_AC3(config-if)#ip address 172.16.43.13 255.255.255.0 SW_AC3(config-if)#no shutdown SW_AC3(config-if)#exit SW_AC3(config)#ip default-gateway 172.16.43.1

    Step 2: Configure Trunking.


    Note: Packet Tracer now supports the use of the range argument for the interface command. For interfaces FastEthernet 0/19 through FastEthernet 0/24 on all three switches: Configure static trunking. Assign VLAN 43 as the native VLAN.

    SW_DS1 trunk ports: Fa0/20,Fa 0/21,Fa0/22,Fa0/23,Fa0/24 SW_DS1(config)#interface range FastEthernet 0/20-24 SW_DS1(config-if-range)#switchport mode trunk SW_DS1(config-if-range)#switchport trunk native vlan 43 SW_DS1(config-if-range)#no shutdown SW_DS1(config-if-range)#end IMPORTANT !!! Do not forget to configure port Fa0/20 as s trunk port on SWDS1 and on the Router1. Otherwise InterVLAN routing wont work!!! SW_AC2 trunk ports: Fa 0/19,Fa0/20,Fa0/23,Fa0/24 SW_AC2(config)#interface range FastEthernet 0/19-20 SW_AC2(config-if-range)#switchport mode trunk SW_AC2(config-if-range)#switchport trunk native vlan 43 SW_AC2(config-if-range)#no shutdown SW_AC2(config-if-range)#exit SW_AC2(config)#interface range FastEthernet 0/23-24 SW_AC2(config-if-range)#switchport mode trunk SW_AC2(config-if-range)#switchport trunk native vlan 43 SW_AC2(config-if-range)#no shutdown SW_AC2(config-if-range)#exit SW_AC3 trunk ports: Fa 0/19,Fa0/20,Fa0/21,Fa0/22 SW_AC3(config)#interface range FastEthernet 0/19-22 SW_AC3(config-if-range)#switchport mode trunk SW_AC3(config-if-range)#switchport trunk native vlan 43 SW_AC3(config-if-range)#no shutdown SW_AC3(config-if-range)#exit

    Step 3: Configure VTP and VLANs.


    a. Configure SW_DS1 as VTP server and the following VTP parameters: SW_DS1 is the VTP server. VTP domain name: CCNA VTP password: cisco

    SW_DS1(config)#vtp mode server SW_DS1(config)#vtp domain CCNA SW_DS1(config)#vtp password cisco SW_DS1(config)#end

    b. Create and name the following VLANs on SW_DS1. VLAN 10: Student VLAN 20: Faculty VLAN 43: Management VLAN 67: Wireless

    SW_DS1(config)#vlan 10 SW_DS1(config-vlan)#name SW_DS1(config-vlan)#exit SW_DS1(config)#vlan 20 SW_DS1(config-vlan)#name SW_DS1(config-vlan)#exit SW_DS1(config)#vlan 43 SW_DS1(config-vlan)#name SW_DS1(config-vlan)#exit SW_DS1(config)#vlan 67 SW_DS1(config-vlan)#name SW_DS1(config-vlan)#exit SW_DS1(config)#end SW_DS1#show vlan brief SW_DS1#show vtp status

    Student

    Faculty

    Management

    Wireless

    c. Configure SW_AC2 and SW_AC3 as VTP clients to participate in the CCNA VTP domain. SW_AC2(config)#vtp mode client SW_AC2(config)#vtp domain CCNA SW_AC2(config)#vtp password cisco SW_AC3(config)#vtp mode client SW_AC3(config)#vtp domain CCNA SW_AC3(config)#vtp password cisco

    d. Verify that VTP is operational. SW_DS1#show vtp status SW_DS1#show vlan brief SW_DS1#show interface trunk

    SW_AC2#show vtp status SW_AC2#show vlan brief SW_AC2#show interface trunk SW_AC3#show vtp status SW_AC3#show vlan brief SW_AC3#show interface trunk

    Step 4: Configure Interfaces for VLAN Access


    VLAN port assignments on each switch are as follows: Device SW_AC2, SW_AC3 SW_AC2, SW_AC3 SW_AC3 Ports Fa0/1 0/10 Fa0/11 0/17 Fa0/18 Assignment 10 20 67

    a. Configure access ports on access layer switches. Configure the appropriate interfaces on SW_AC2 and SW_AC3 for access mode. Assign VLANs according to the port assignments table.

    SW_AC2(config)#interface range fastEthernet 0/1-10 SW_AC2(config-if-range)#switchport mode access SW_AC2(config-if-range)#switchport access vlan 10 SW_AC2(config-if-range)#no shutdown SW_AC2(config-if-range)#exit SW_AC2(config)#interface range fastEthernet 0/11-17 SW_AC2(config-if-range)#switchport mode access SW_AC2(config-if-range)#switchport access vlan 20 SW_AC2(config-if-range)#no shutdown SW_AC2(config-if-range)#exit SW_AC3(config)#interface range fastEthernet 0/1-10 SW_AC3(config-if-range)#switchport mode access SW_AC3(config-if-range)#switchport access vlan 10 SW_AC3(config-if-range)#no shutdown SW_AC3(config-if-range)#exit SW_AC3(config)#interface range fastEthernet 0/11-17 SW_AC3(config-if-range)#switchport mode access SW_AC3(config-if-range)#switchport access vlan 20 SW_AC3(config-if-range)#no shutdown SW_AC3(config-if-range)#exit SW_AC3(config)#interface range fastEthernet 0/18 SW_AC3(config-if-range)#switchport mode access SW_AC3(config-if-range)#switchport access vlan 67 SW_AC3(config-if-range)#no shutdown SW_AC3(config-if-range)#exit

    b. Verify trunking and VLAN assignments. SW_DS1#show vtp status SW_DS1#show vlan brief SW_DS1#show interface trunk SW_AC2#show vtp status SW_AC2#show vlan brief SW_AC2#show interface trunk SW_AC3#show vtp status SW_AC3#show vlan brief SW_AC3#show interface trunk

    Step 5: Configure Spanning Tree.


    a. Modify STP root bridge elections. Using a priority of 4096, set SW_DS1 as the root bridge for all VLANs. vlan vlan vlan vlan 10 20 43 67 priority priority priority priority 4096 4096 4096 4096

    SW_DS1#show spanning-tree SW_DS1(config)#spanning-tree SW_DS1(config)#spanning-tree SW_DS1(config)#spanning-tree SW_DS1(config)#spanning-tree SW_DS1#show spanning-tree

    Using a priority of 8192, set SW_AC2 so that it will become the root for all VLANs if SW_DS1 fails. vlan vlan vlan vlan 10 20 43 67 priority priority priority priority 8192 8192 8192 8192

    SW_AC2#show spanning-tree SW_AC2(config)#spanning-tree SW_AC2(config)#spanning-tree SW_AC2(config)#spanning-tree SW_AC2(config)#spanning-tree SW_AC2#show spanning-tree b. Verify the spanning tree election. SW_DS1#show spanning-tree SW_AC2#show spanning-tree

    Step 6: Configure Inter-VLAN Routing.


    Use the information in the Addressing Table to configure Router1 for inter-VLAN routing. Be sure to designate the native VLAN.

    Router1(config)#interface FastEthernet 0/0 Router1(config-if)#no shutdown Router1(config-if)#exit Router1(config)#interface FastEthernet 0/0.10 Router1(config-subif)#encapsulation dot1Q 10 Router1(config-subif)#ip address 172.16.10.1 255.255.255.0

    Router1(config-subif)#no shutdown Router1(config-subif)#exit Router1(config)#interface FastEthernet 0/0.20 Router1(config-subif)#encapsulation dot1Q 20 Router1(config-subif)#ip address 172.16.20.1 255.255.255.0 Router1(config-subif)#no shutdown Router1(config-subif)#exit Router1(config)#interface FastEthernet 0/0.43 Router1(config-subif)#encapsulation dot1Q 43 native Router1(config-subif)#ip address 172.16.43.1 255.255.255.0 Router1(config-subif)#no shutdown Router1(config-subif)#exit Router1(config)#interface FastEthernet 0/0.67 Router1(config-subif)#encapsulation dot1Q 67 Router1(config-subif)#ip address 172.16.67.1 255.255.255.0 Router1(config-subif)#no shutdown Router1(config-subif)#exit Verify inter-VLAN routing.

    From PC 1 ping the router - gateway PC>ping 172.16.10.1 PC>ping 172.16.20.1 PC>ping 172.16.43.1 PC>ping 172.16.67.1 PC>ping 172.16.67.1 From PC 1 ping PC and PC3 PC 4 cannot be reached since it is behind NAT/Firewall

    Step 7: Configure Port Security.


    Note: Best practice requires port security on all access ports. However, for this practice exercise you will only configure one port with security. a. Configure SW_AC3 with port security on FastEthernet 0/2. Enable port security. No more than two MAC addresses are allowed on the FastEthernet 0/2 port for SW_AC3. Once learned, MAC addresses should be automatically added to the running configuration. If this policy is violated, the port should be automatically disabled.

    SW_AC3(config)#interface fastEthernet 0/2 SW_AC3(config-if)#switchport port-security SW_AC3(config-if)#switchport port-security maximum 2 SW_AC3(config-if)#switchport port-security mac-address sticky SW_AC3(config-if)#switchport port-security violation shutdown

    b. Verify that port security is implemented. SW_AC3#show port-security interface fastEthernet 0/2 SW_AC3#show port-security address SW_AC3#show mac-address-table

    Step 8: Configure the Wireless LAN.


    Refer to the Addressing Table to configure the wireless LAN. a. Configure WRS. Use static addressing on the Internet interface. Set the router IP and subnet mask. Use the DHCP Server Settings to configure the router to provide wireless hosts with an IP address. The starting IP address in the wireless LAN subnet is 172.16.100.10. The maximum number of users is 25.

    b. Configure wireless security. Set the SSID to WRS_LAN. Enable WEP security and use 12345ABCDE as key1.

    c. Use cisco123 as the remote management password. d. Configure PC4 to access the wireless network that is provided by WRS. PC4 uses DHCP to obtain addressing information. Note: It will not be possible for devices to ping PC4 since PC4 is behind the WRS NAT firewall.

    Step 9: Verify Connectivity.


    Although these are not scored, the following connectivity tests should be successful. SW_DS1 can ping Router1. SW_AC2 can ping Router1. SW_AC3 can ping Router1. PC1 can ping PC2. PC2 can ping PC3. PC4 can ping PC1.

    Version 2.0 Created in Packet Tracer 5.3.2.0027 and Marvel 1.0.1 All contents are Copyright 1992 - 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    You might also like