You are on page 1of 316

Cisco Networking Academy Program

WAN Technologies
CCNA 4 Labs and Study Guide
Instructor Edition
John Rullan

The only authorized Labs and Study Guide for the Cisco Networking Academy Program

ii

WAN Technologies CCNA 4 Labs and Study Guide

WAN Technologies
CCNA 4 Labs and Study Guide Instructor Edition John Rullan Copyright 2007 Cisco Systems, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 First Printing August 2006 ISBN: 1-58713-184-6

Publisher Paul Boger Cisco Representative Anthony Wolfenden Cisco Press Program Manager Jeff Brady Executive Editor Mary Beth Ray Managing Editor Patrick Kanouse Senior Development Editor Christopher A. Cleveland Senior Project Editor San Dee Phillips Copy Editor Keith Cline Technical Editor Scott Empson Team Coordinator Vanessa Evans Book and Cover Designer Louisa Adair

Warning and Disclaimer


This book is designed to provide information about the labs for WAN Technologies CCNA 4 course of the Cisco Networking Academy Program. Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information is provided on an as is basis. The author, Cisco Press, and Cisco Systems, Inc. shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accompany it. The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc.

Composition Mark Shirar

Corporate and Government Sales


Cisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales. For more information please contact: U.S. Corporate and Government Sales 1-800-382-3419 corpsales@pearsontechgroup.com For sales outside the U.S. please contact: International Sales international@pearsoned.com

iii

Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community. Readers feedback is a natural continuation of this process. If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at feedback@ciscopress.com. Please make sure to include the book title and ISBN in your message. We greatly appreciate your assistance.

Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.

iv

WAN Technologies CCNA 4 Labs and Study Guide

About the Author


John Rullan has been a teacher at Thomas Edison High School in Jamaica, New York, for the past 10 years and has been a Cisco instructor since 1998. He is the New York City Department of Education citywide Cisco trainer and is the regional manager for Queens, New York, high schools. John also has taught CCNA, CCNP, and network security at the Borough of Manhattan Community College since 2000. He provides support to the academy community, working with the CCNA/CCNP Instructional Support team, too. John holds the Network+, CCNA, CCNP, and CCAI certifications.

About the Contributer


Jim Lorenz is a curriculum developer for the Cisco Networking Academy Program who co-authored the third editions of the Lab Companions for the CCNA courses. He has more than 20 years experience in information systems and has held various IT positions in several Fortune 500 companies, including AlliedSignal, Honeywell, and Motorola. Jim has developed and taught computer and networking courses for both public and private institutions for more than 15 years.

About the Technical Reviewer


Scott Empson, CCDA, CCNP, CCAI, Network+, is an instructor in the telecommunications department at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada. He teaches Cisco routing, switching, and network design courses to students at the post-secondary level. Scott holds three undergraduate degrees: a bachelor of arts, with a major in English; a bachelor of education, with a major in English/language arts; and a bachelor of applied information systems technology, with a major in network management.

vi

WAN Technologies CCNA 4 Labs and Study Guide

Dedication
To my daughters, Brianna and Gabriella.

vii

Acknowledgments
This book could not have been completed without hard work and dedication from my students at Thomas Edison High School. Their input and assistance in designing the challenge labs are what makes this book so special to be a part of. I want to give special thanks to Lourdes Luna, Charish Patel, Charles Chen, Alvar Lam, Nader Khandaker, Tulin Ravienthira, and Johanna Iniguez.

viii

WAN Technologies CCNA 4 Labs and Study Guide

Contents at a Glance
Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5 Chapter 6 Appendix A Appendix B Appendix C Appendix D Appendix E Scaling IP Addresses WAN Technologies PPP 81 129 169 237 245 1 75

ISDN and DDR Frame Relay

Introduction to Network Administration

Troubleshooting Questions and Lab Exercise Adtran Configuration Lab 281 291 293 295

Router Interface Summary Chart Erasing and Reloading the Switch Erasing and Reloading the Router

ix

Contents
Chapter 1 Scaling IP Addresses Study Guide 2
2

Scaling Networks with NAT and PAT Concept Questions 2 Research Assignment 3 Matching Terms 7 DHCP 8 Concept Questions 8 Matching Terms 9

Lab Exercises

10

Curriculum Lab 1-1: Configuring NAT (1.1.4a) 10 Task 1: Configure the Routers 11 Task 2: Save the Configuration 11 Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway 11 Task 4: Verify That the Network Is Functioning 11 Task 5: Create a Static Route 11 Task 6: Create a Default Route 12 Task 7: Define the Pool of Usable Public IP Addresses 13 Task 8: Define an Access List That Matches the Inside Private IP Addresses 13 Task 9: Define the NAT Translation from Inside the List to Outside the Pool 13 Task 10: Specify the Interfaces 13 Task 11: Test the Configuration 13 Curriculum Lab 1-2: Configuring PAT (1.1.4b) 15 Task 1: Configure the Routers 16 Task 2: Save the Configurations 16 Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway 16 Task 4: Verify That the Network Is Functioning 16 Task 5: Create a Default Route 16 Task 6: Define an Access List That Matches the Inside Private IP Addresses 17 Task 7: Define the PAT Translation from Inside the List to Outside the Address 17 Task 8: Specify the Interfaces 17 Task 9: Test the Configuration 17 Curriculum Lab 1-3: Configuring Static NAT Addresses (1.1.4c) 19 Task 1: Configure the Routers 20 Task 2: Save the Configurations 20 Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway 20 Task 4: Verify That the Network Is Functioning 20 Task 5: Create a Static Route 21 Task 6: Create a Default Route 21 Task 7: Define the Pool of Usable Public IP Addresses 21

WAN Technologies CCNA 4 Labs and Study Guide

Task 8: Define an Access List That Matches the Inside Private IP Addresses Task 9: Define the NAT Translation from Inside the List to Outside the Pool Task 10: Specify the Interfaces 22 Task 11: Configure Static Mapping 22 Task 12: Test the Configuration 22 Curriculum Lab 1-4: Verifying NAT and PAT Configuration (1.1.5) Task 1: Configure the Routers 25 Task 2: Save the Configurations 25 Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway 25 Task 4: Verify That the Network Is Functioning 25 Task 5: Create a Static Route 25 Task 6: Create a Default Route 26 Task 7: Define the Pool of Usable Public IP Addresses 26 Task 8: Define an Access List That Matches the Inside Private IP Addresses

21 22

24

26

Task 9: Define the NAT Translation from Inside the List to Outside the Pool 27 Task 10: Specify the Interfaces 27 Task 11: Test the Configuration 27 Task 12: Verify NAT/PAT Statistics 27 Curriculum Lab 1-5: Troubleshooting NAT and PAT (1.1.6) 29 Task 1: Configure the Routers 30 Task 2: Save the Configurations 30 Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway 30 Task 4: Verify That the Network Is Functioning 30 Task 5: Create a Static Route 30 Task 6: Create a Default Route 31 Task 7: Define the Pool of Usable Public IP Addresses 31 Task 8: Define an Access List That Matches the Inside Private IP Addresses 31 Task 9: Define the NAT Translation from Inside the List to Outside the Pool 31 Task 10: Specify the Interfaces 32 Task 11: Test the Configuration 32 Curriculum Lab 1-6: Configuring DHCP (1.2.6) 34 Task 1: Configure the Routers 35 Task 2: Save the Configurations 35 Task 3: Create a Static Route 35 Task 4: Create a Default Route 35 Task 5: Create the DHCP Address Pool 36 Task 6: Exclude Addresses from the Pool 36 Task 7: Verify DHCP Operation 36 Task 8: View DHCP Bindings 37 Curriculum Lab 1-7: Configuring DHCP Relay (1.2.8) 37 Task 1: Configure the Routers 38 Task 2: Configure Routing on the Remote Router 38 Task 3: Configure Routing on the Campus Router 38 Task 4: Save the Configurations 39

xi

Task 5: Create the Campus DHCP Address Pool on the Campus Router 39 Task 6: Create the Remote DHCP Address Pool on the Campus Router 40 Task 7: Exclude Addresses from the Pool 40 Task 8. Verify DHCP Operation on the Campus Router 40 Task 9: Verify DHCP Operation on the Remote Router 41 Task 10: Configure DHCP Relay 41 Task 11: Verify DHCP Operation on the Remote Router 41 Task 12: View DHCP Bindings 41 Comprehensive Lab 1-8: Configuring NAT, PAT, and Static NAT 42 Challenge Lab 1-9: NAT, PAT, DHCP 49 Challenge Lab 1-10: Double NAT Configuration 57 Task 1: Cabling and Configuration 57 Task 2: IP Addressing 57 Task 3: Inter-VLAN Communication 58 Task 4: Configure VLANs, VLAN Ports, and the HTTP Server 58 Task 5: Configure and Verify RIPv2 Operation 58 Task 6: Configure DHCP 58 Task 7: Configure NAT and PAT 58 Task 8: Verify Configurations 58 Optional Lab 1-11: Using a Linksys Router to Simulate a Home Network 70

Chapter 2

WAN Technologies Study Guide 76

75
76

WAN Technologies Overview Concept Questions 76 WAN Technologies 77 Matching Terms 77 WAN Design 78 Concept Questions 78

Lab Exercises Chapter 3 PPP 81

80

Study Guide

82
82

Serial Point-to-Point Links Concept Questions 82 PPP Authentication 83 Concept Questions 83 Configuring PPP 84 Concept Questions 84 Chapter Review Questions

84

xii

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises

88

Curriculum Lab 3-1: Troubleshooting a Serial Interface (3.1.7) 88 Task 1: Configure the Routers 88 Task 2: Configure the Paris Interface 89 Task 3: Configure the London Interface 89 Task 4: Save the Configuration 89 Task 5: Enter the Command show interface serial 0 (See Appendix C) on London 89 Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris 90 Task 7: Correct the Clock Location 91 Task 8: Enter the Command show interface serial 0 on Paris 91 Task 9: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router 92 Curriculum Lab 3-2: Configuring PPP Encapsulation (3.3.2) 94 Task 1: Configure the Routers 94 Task 2: Configure the Dublin Interface 95 Task 3: Configure the Washington Interface 95 Task 4: Save the Configuration 95 Task 5: Enter the Command show interface serial 0 (See Appendix C) on Washington 95 Task 6: Enter the Command show interface serial 0 (See Appendix C) on Dublin 96 Task 7: Change the Encapsulation Type 97 Task 8: Enter the Command show interface serial 0 on Washington 97 Task 9: Enter the Command show interface serial 0 on Dublin 97 Task 10: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router 98 Curriculum Lab 3-3: Configuring PPP Authentication (3.3.3) 100 Task 1: Configure the Routers 101 Task 2: Configure the Tokyo Interface 101 Task 3: Configure the Madrid Interface 101 Task 4: Save the Configuration 101 Task 5: Enter the Command show interface serial 0 on Madrid 101 Task 6: Enter the Command show interface serial 0 on Tokyo 102 Task 7: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router 103 Task 8: Configure PPP Authentication 103 Task 9: Verify That the Serial Connection Is Functioning 103 Task 10: Configure PPP Authentication 103 Task 11: Verify That the Serial Connection Is Functioning 103 Curriculum Lab 3-4: Verifying PPP Configuration (3.3.4) 105 Task 1: Configure the Routers 106 Task 2: Configure the Warsaw 106 Task 3: Configure the Brasilia Interface 106 Task 4: Save the Configuration 106

xiii

Task 5: Enter the Command show interface serial 0 (See Appendix C) on Brasilia 106 Task 6: Enter the Command show interface serial 0 (See Appendix C) on Warsaw 107 Task 7: Turn on PPP Debugging 107 Task 8: Change the Encapsulation Type 107 Task 9: Enter the Command show interface serial 0 on Brasilia 107 Task 10: Enter the Command show interface serial 0 on Warsaw 108 Task 11: Verify That the Serial Connection Is Functioning 109 Curriculum Lab 3-5: Troubleshooting PPP Configuration (3.3.5) Task 1: Configure the Routers 111 Task 2: Configure the Paris Interface 111 Task 3: Configure the London Interface 111 Task 4: Save the Configuration 111 Task 5: Enter the Command show interface serial 0 (See Appendix C) on London 112 Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris 112

110

Task 7: Correct the Clock Location 113 Task 8: Enter the Command show cdp neighbors on London 114 Task 9: Enter the Command debug ppp negotiation on London 114 Task 10: Enter the command debug ppp negotiation on Paris 115 Task 11: Correct the Encapsulation Type 115 Task 12: Enter the command show interface serial 0 on Paris 116 Task 13: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router 116 Challenge Lab 3-6: Configuring PPP with NAT, DHCP, and VLANs 118 Task 1 118 Task 2 119 Task 3 121 Task 4 121 Task 5 122 Task 6 122 Task 7 122

Chapter 4

ISDN and DDR Study Guide

129

130

ISDN Concepts 130 Concept Questions 130 ISDN Configuration 131 Concept Questions 131 DDR Configuration 131 Concept Questions 132 Chapter Review Questions 132

xiv

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises

136
136

Curriculum Lab 4-1: Configuring ISDN BRI (U-Interface) (4.2.1) Task 1: Configure the Router 136 Task 2: Verify the ISDN BRI Switch Type 137 Task 3: Specify the Switch Type 137 Task 4: Verify the Switch Status 138 Task 5: Activate the BRI Connection 138 Task 6: Review the Switch Status 138 Task 7: Configure the ISDN SPIDs 139 Task 8: Review the Switch Status 139 Task 9: Reset the Interface 139 Task 10: Save the Configuration and Reboot 140 Curriculum Lab 4-2: Configuring Legacy DDR (4.3.2) 141 Task 1: Configure the Router 142 Task 2: Define the Switch Type and SPID Numbers 142 Task 3: Define the Static Routes for DDR 143 Task 4: Specify Interesting Traffic for DDR 143 Task 5: Configure the DDR Dialer Information for Router 1 143 Task 6: Configure the DDR Dialer Information for Router 2 144 Task 7: View the Tokyo Router Configuration 144 Task 8: Verify the DDR Configuration 144 Curriculum Lab 4-3: Configuring Dialer Profiles (4.3.7) 145 Task 1: Configure the Router 146 Task 2: Define the Switch Type and SPID Numbers 146 Task 3: Define the Static Routes for DDR 147 Task 4: Specify Interesting Traffic for DDR 147 Task 5: Configure the DDR Dialer Information 147 Task 6: Configure the Dialer Information 148 Task 7: Associate the Dialer Profiles 149 Task 8: Configure the Dialer Timeouts 149 Task 9: View the Tokyo Router Configuration 150 Task 10: Verify the DDR Configuration 152 Challenge Lab 4-4: Configuring Dialer Maps and Dialer Profiles Task 1: Physical 158 Task 2: Logical Mo 158 Task 3: Logical Larry 158 Task 4: Logical Curley 158 Task 5: Switches 159 Task 6: Verification 159

157

Chapter 5

Frame Relay Study Guide

169 170

Frame Relay Concepts 170 Concept Questions 170

xv

Configuring Frame Relay 170 Concept Questions 171 Chapter Review Questions 172

Lab Exercises

176

Curriculum Lab 5-1: Configuring Frame Relay (5.2.1) 176 Task 1: Configure the Routers 176 Task 2: Configure the Serial Interface 177 Task 3: Verify the Frame Relay Configuration 177 Task 4: Review Switch Assignments 178 Task 5: Check the Frame Relay Map 179 Curriculum Lab 5-2: Configuring Frame Relay PVC (5.2.2) 180 Task 1: Configure the Routers 180 Task 2: Configure the Washington Serial Interface 181 Task 3: Configure the Frame Relay Map on Washington 181 Task 4: Configure the DCE on Washington 181 Task 5: Configure the Dublin Router 181 Task 6: Verify the Frame Relay PVC 182 Task 7: Display the Frame Relay Map 182 Task 8: Verify Frame Relay Connectivity 182 Curriculum Lab 5-3: Configuring Frame Relay Subinterfaces (5.2.5) 184 Task 1: Configure the Routers 185 Task 2: Configure the Serial 0 Interfaces 185 Task 3: Create Subinterfaces on the Amsterdam Router 186 Task 4: Create Subinterfaces on the Paris Router 186 Task 5: Create Subinterfaces on the Berlin Router 186 Task 6: Configure IGRP Routing 187 Task 7: Verify the Frame Relay PVC 187 Task 8: Show the Frame Relay Maps 188 Task 9: Show the LMIs 189 Task 10: Check the Routing Protocol 189 Task 11: Verify Connectivity 190 Challenge Lab 5-4: Four-Interface Frame Relay Switch Task 1 194 Task 2 194 Task 3 194 Task 4 194 Task 5 194 Task 6 194 Task 7 195 Challenge Lab 5-5: Frame Relay Switch Challenge Lab 1 Task 1 198 Task 2 198 Task 3 198 Task 4 199

193

196

xvi

WAN Technologies CCNA 4 Labs and Study Guide

Task 5 199 Task 6 199 Task 7 200 Task 8 200 Task 9 200 Challenge Lab 5-6: Frame-Relay Challenge Lab 2 Task 1 220 Task 2 220 Task 3 220 Task 4 220 Task 5 221 Task 6 221 Task 7 221 Task 8 221 Task 9 221

219

Chapter 6

Introduction to Network Administration Study Guide 238


Workstations and Servers 238 Concept Questions 238 Network Management 238 Concept Questions 239 Chapter Review Questions 239

237

Lab Exercises Appendix A Appendix B Appendix C Appendix D Appendix E

243 245

Troubleshooting Questions and Lab Exercise Adtran Configuration Lab 281 291 293 295

Router Interface Summary Chart Erasing and Reloading the Switch Erasing and Reloading the Router

xvii

Icons Used in This Book

Communication Server Token Ring Token Ring

PC

PC with Software

Sun Workstation

Macintosh

Access Server

ISDN/Frame Relay Switch

Terminal

File Server

Web Server

Ciscoworks Workstation

ATM Switch

Modem

Printer

Laptop

IBM Mainframe

Front End Processor

Cluster Controller

Multilayer Switch

FDDI Gateway Router Bridge Hub DSU/CSU DSU/CSU Catalyst Switch

FDDI

Network Cloud

Line: Ethernet

Line: Serial

Line: Switched Serial

Command Syntax Conventions


The conventions used to present command syntax in this book are the same conventions used in the IOS Command Reference. The Command Reference describes these conventions as follows:

Bold indicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), bold indicates commands that are manually input by the user (such as a show command). Italic indicates arguments for which you supply actual values. Vertical bars (|) separate alternative, mutually exclusive elements. Square brackets ([ ]) indicate an optional element. Braces ({ }) indicate a required choice. Braces within brackets ([{ }]) indicate a required choice within an optional element.

xviii

WAN Technologies CCNA 4 Labs and Study Guide

Introduction
WAN Technologies CCNA 4 Labs and Study Guide is a supplement to your classroom and laboratory experience with the Cisco Networking Academy Program. Specifically, this book covers the fourth course of the CCNA curriculum. To succeed on the exam and achieve your CCNA certification, do everything in your power to arm yourself with a variety of tools and training materials to support your learning efforts. This Labs and Study Guide is just such a collection of tools. Used to its fullest extent, it will help you acquire the knowledge and practice the skills associated with the content area of v3.1.1 of the CCNA 4 WAN Technologies course. Specifically, this book helps you work on these main areas of CCNA 4:

Network Address Translation Dynamic Host Configuration Protocol ISDN dialer maps and profiles Frame Relay

Goals and Methods


One of the goals of this book is to help you prepare for either the CCNA exam (640-801) or the ICND exam (640-811). Whether you are studying for the full exam or the second part of your CCNA, passing either of these exams means not only that you have the required knowledge of the technologies covered by the exam, but also that you can plan, design, implement, operate, and troubleshoot these technologies. In other words, these exams are rigorously application-based. In fact, if you view the main objectives for the CCNA exam at http://www.cisco.com/go/certifications, you will see the following four categories of objectives:

Planning & Design Implementation & Operation Troubleshooting Technology

Although technology is listed last, a CCNA student cannot possibly plan, design, implement, operate, and troubleshoot networks without first fully grasping the technology. You should devote a significant amount of time and effort in the Study Guide section of each chapter to learning the concepts and theories before applying them in the Lab Exercises. The Study Guide section offers exercises that help you learn the concepts and configurations crucial to your success as a CCNA exam candidate. Each chapter differs slightly and includes some or all of the following types of exercises:

Vocabulary Matching and Completion Concept Questions Comprehensive Multiple-Choice Questions Internet Research

xix

The Lab Exercises section includes all the online curriculum labs plus new comprehensive labs and challenge labs. The curriculum labs typically walk you through the configuration tasks step by step. The comprehensive labs combine many, if not all, of the configuration tasks of the curriculum labs without actually providing you with the commands. The challenge labs take this a step further, often giving you only a general requirement that you must implement fully without the details of each small step. In other words, you must use the knowledge and skills you gained in the curriculum labs from all four courses to successfully complete the comprehensive and challenge labs. In fact, you should not attempt the comprehensive or challenge labs until you have worked through all the Study Guide activities and the curriculum labs. Avoid the temptation to work through the comprehensive and challenge labs by flipping back through the curriculum labs when you are not sure of a command. Do not try to short-circuit your CCNA training. You need a deep understanding of CCNA knowledge and skills to ultimately succeed on the CCNA exam.

Who Should Read This Book?


This book should be read by students completing the final course of the CCNA curriculum. The challenge labs are designed to test your knowledge of and ability to configure and troubleshoot routing protocols, switching concepts, and WAN protocols. Based on the authors experience in the classroom, extensive practical knowledge is necessary to pass the CCNA certification.

Strategies for Exam Preparation


A successful CCNA certification candidate is knowledgeable about network design, implementation, and troubleshooting. Knowledge of theoretical terms and hands-on experience are both vital to successfully pass the certification.

How This Book Is Organized


Work through the Study Guide and Lab Exercises in the sequence they are presented. The sequence is designed to take you from a basic understanding of the knowledge through the full application and implementation of skills. Specifically, Chapters 1 through 6 and Appendix A include exerises and labs covering the following knowledge and skills: Chapter 1, Scaling IP Addresses, describes how to conserve IP addresses and how to communicate across the Internet and wide-area networks (WANs) that span the globe. The chapter goes over Network Address Translation (NAT) and Port Address Translation (PAT), two translation protocols for IP addresses, and Dynamic Host Configuration Protocol (DHCP), a method of auto-assigning IP addresses. The labs in this chapter explain how IP addresses are translated with NAT and PAT and the process of DHCP. They also cover the commands to configure both. A challenge lab tests your comprehension of the chapter. Chapter 2, WAN Technologies, introduces much of the terminology and general concepts encountered in a WAN. It lays the groundwork for an understanding of some of the more advanced concepts presented in later chapters. This chapter contains no labs, just exercises to reinforce your understanding of the terminology and concepts. Chapter 3, PPP, goes over the communication of individual links within the WAN that use certain types of encapsulation protocols. This chapter describes the High-Level Data Link Control (HDLC) protocol and the Point-to-Point Protocol (PPP). The challenge lab in this chapter tests your ability to configure PPP and any previous concepts you have learned thus far in this book.

xx

WAN Technologies CCNA 4 Labs and Study Guide

Chapter 4, ISDN and DDR, covers ISDN, a cost-effective, need-basis WAN technology that may substitute for a T1 connection or as just a step above a phone line. Dial-on-Demand Routing (DDR) is a method described in this chapter that makes ISDN cost-effective based on call setup and termination. The labs in this chapter test your knowledge of configuring dialer maps and dialer profiles. Chapter 5, Frame Relay, explains how Frame Relay, a packet-switched technology, connects local-area networks (LANs) across a cloud by using virtual circuits. The labs in this chapter give you a chance to configure basic Frame Relay, and two challenge labs test all the skills you have learned up to this point. Chapter 6, Introduction to Network Administration, describes basic network administration concepts. It also explains how to manage a network using different tools such as Simple Network Management Protocol (SNMP). Upon completion of the exercises in this chapter, students should better understand the different devices found on a LAN and the tools used to manage, test, and troubleshoot simple networks. Appendix A, WAN Troubleshooting, Questions and Lab Exercise, contains a practice challenge lab that tests your knowledge of all four courses of the CCNA curriculum. The lab exercise consists of a scenario that requires knowledge of troubleshooting methodologies. Appendix B, Adtran Configuration Lab, contains a step-by-step guide to configuring the Adtran Atlas 550. Appendixes C, D, and E come into play within the curriculum labs. Where applicable, the curriculum lab tells you when to refer to these appendixes.

CHAPTER 1

Scaling IP Addresses

The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice, and open-ended question exercises to test your knowledge of the theory of Network Address Translation (NAT), Port Address Translation (PAT), and Dynamic Host Configuration Protocol (DHCP). The Lab Exercises portion of this chapter includes all the online curriculum labs and comprehensive labs and a challenge lab to ensure that you have mastered the practical, hands-on skills needed to configure NAT, Static NAT, PAT, and DHCP.

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
Scaling Networks with NAT and PAT
When connecting to the Internet, you must use a registered public IP address. When users connect to the Internet through a cable provider (such as Time Warner or Cablevision), the IP address assigned is registered and gives the user access to the Internet through the carriers network. This arrangement actually makes the users computer part of the cable providers network. When you have more than one computer at home and each needs access to the Internet simultaneously, a router such as a Linksys usually does the trick. This device uses the single IP address assigned to you by your carrier and performs Port Address Translation (PAT), which allows multiple devices to access the Internet using a single unique address. When it comes to a company, things are a little more complicated. Most companies require an entire network address for all their devices to access the Internet. Companies acquire these addresses from the American Registry of Internet Numbers (ARIN) or any Internet service provider (ISP) in their area. As the network grows, however, it might find that it no longer has enough addresses for all the devices. Instead of purchasing another network address (if even possible), another solution is to use Network Address Translation (NAT). Network administrators use private addresses put aside by RFC 1918 on the inside of their network. The router translates the devices inside private address into a registered global address each time the company needs to access the outside world. The use of NAT along with private addresses provides security by hiding a devices internal address from the outside world, thus making it difficult for outsiders to know exactly who is behind the device. Because not all devices inside a network need access to the Internet, NAT pools are created to determine who has access and who does not. Thus, NAT enables network administrators to allow multiple users to access the outside world dynamically; it also enables them to statically map an outside address to an internal device.

Concept Questions
1. Discuss the advantages of NAT. NAT allows unregistered IP addresses inside a network to access the Internet or the outside world. This process helps conserve registered numbers by using private addresses. Another advantage is that it is difficult for someone on the outside to determine which internal host is responsible for what traffic. Without careful monitoring, this could become a disadvantage, too. 2. RFC 1918 put aside three addresses and classified them as private. Explain the difference between a public and private address. Private addresses are used inside a network and are not routable on the public domain or Internet. These addresses can be used by anyone, but they cannot be used to access the Internet. Public addresses are legitimate, registered numbers that only one organization can use at a given time. They are obtained through an ISP or from ARIN. 3. When is it necessary to assign a static NAT address to a device inside your network? Give an example of a device, and explain the reason for doing so. A device such as a web server might need to be accessed from the outside world at a specific location (IP address). NAT allows the server to be assigned a private address but still be reachable from the Internet. The router translates the outside global address to an inside local address where the server resides.

Chapter 1: Scaling IP Addresses

4.

How many networks in total did RFC 1918 put aside? 273 total addresses 1 Class A: 10.0.0.010.255.255.255 16 Class B: 172.16.0.0172.31.255.255 256 Class C: 192.168.0.0192.168.255.255

5. Under what circumstances would you use NAT? PAT? You should use NAT when you are using private addresses inside your network but not all the devices need to access the Internet. NAT enables you to have more devices on your network than registered addresses permit. Use PAT when most, if not all, of the devices need access to the outside world and you do not have not enough registered addresses to go around. PAT enables you to support scores of devices while having fewer registered addresses at your disposal.

Research Assignment
This chapter discussed the difference between private and public addresses and their use within a network. Go to http://www.arin.net and research the following: 1. The American Registry for Internet Numbers (ARIN) allocates Internet number resources for the United States, Canada, and islands in the Caribbean and North Atlantic. What organization provides these same services in the following? On the home page, on the right side, click the Network Abuse link. a. Africa AfriNIC b. Asia APNIC c. Latin America LACNIC d. Europe, the Middle East, and Central Asia RIPE NCC 2. How do you obtain a registered network number through ARIN? On the home page, click the Education link. Under Process Flowcharts, click Request for IPv4 Assignment from ARIN (End-user). You must fill out and submit an End-user Request Template. 3. List at least five items found on the IPv4 Network Request template provided by ARIN. ________________________________________________________________________________ ________________________________________________________________________________ ________________________________________________________________________________ ________________________________________________________________________________ ________________________________________________________________________________ On the home page, click Registration Services, IPv4 Resources on the left. Under the IPv4 Templates section, click IPv4 Network Request. ARIN Network Request Template Template: ARIN-NET-ISP-3.2.3 ********************************************************************** ** ** As of June 2005 ** **

WAN Technologies CCNA 4 Labs and Study Guide

** ** ** **

Enter all information to the right of the colon (:). **

**

DO NOT modify the format of this template in any way. **

**

*********************** JUSTIFICATION SECTION ************************ ** CONNECTIVITY SUBSECTION -**

1. ** List any peering or exchange points to which your network ** directly connects. Peering Points:

2. ** List ISPs providing your connectivity. Internet Connectivity:

**- UTILIZATION SUBSECTION -** ** If necessary, repeat lines 3 through 8. **

****

3. ** List all IP addresses issued to your organization. Existing IP Networks:

4. ** Enter the amount of address space issued to customers. Assigned:

5. ** Provide internal utilization information. Internal:

6. ** Enter the amount of unassigned or available address space. Unassigned:

7. ** If using RWhois, provide the hostname and port number of the RWhois server. Reassignment Option (SWIP/RWhois):

8. ** List the number of IP addresses that utilize each type of service listed below. Type of Service: Dial-up: Cable: Web Hosting:

Chapter 1: Scaling IP Addresses

Leased Line: xDSL: Co-location: Wireless: Other (please specify):

## 3, 6 AND 12-MONTH PROJECTION SUBSECTION -**

9. ** List the number of IP addresses in /24s that will be needed for ** each type of service for the next 3 months, 6 months, and 12 ** months. Host Projections: 3-Month Dial-up: Cable: Web Hosting: Leased Line: xDSL: Co-location: Wireless: Other (please specify): 6-Month 12-Month

10. ** Provide any additional information you would like ARIN to ** consider for this ISP network registration request. Additional Information:

************************ REGISTRATION SECTION ************************

11. ** REQUIRED. Allocations are made based upon the 3-month ** projection. However, subscribers who have been members of ARIN ** for over 1 year may request a 6 month supply of addresses. ** Enter the prefix length of the network requested, e.g. /19, ** /20. Prefix Length Requested:

12. ** REQUIRED. Enter the Org ID currently registered in ARINs WHOIS ** database.

WAN Technologies CCNA 4 Labs and Study Guide

Org ID:

13. ** REQUIRED. Provide the organization name currently registered to ** your Org ID. Org Name:

14. ** REQUIRED. Choose a name for the network, using no more than 50 ** characters. It may contain letters, numbers and/or dashes (-). Network Name:

15. ** If the network has in-addr.arpa servers, list the hostnames of ** at least two name servers. Do not provide IP addresses. ** Duplicate field name to specify additional servers. IN-ADDR Name Server: IN-ADDR Name Server:

********************* CONTACT SECTION (Optional) ********************* ** ** ** The person or role in this section serves as a supplemental contact to the organization POC(s). To specify multiple contacts, duplicate lines 16 and 17. ** ** **

**********************************************************************

16. ** Specify T for Technical, AB for Abuse or N for Network ** Operations Center. POC Type:

17. ** Provide a POC handle currently registered in ARINs WHOIS ** database. POC Handle:

***************** PUBLIC COMMENTS SECTION (Optional) *****************

18. ** Comments listed here will appear in ARINs WHOIS database. Public Comments:

END OF TEMPLATE

Chapter 1: Scaling IP Addresses

4. What costs are associated with obtaining a 24-bit address from ARIN? A 24-bit address from ARIN requires a one-time registration fee of $2500 and an annual maintenance fee of $100. 5. On the home page, click the Who is link. Enter a legitimate address in the Search box. This could be any address other than those put aside by RFC 1918. List five pieces of information you can retrieve about the owner of that address space. Organization name, ID, company address, range of addresses, contact-person information. 6. Enter Cisco in the Who is Search box. Describe some of the information that appears. Different companies within Cisco have their own range of addresses. An example of this is the Cisco Learning Institute. Not all the links belong to Cisco Systems, but rather to different organizations that begin with the name Cisco.

Matching Terms
Match the definition on the left with the correct term on the right. Use each definition only one time. Definitions a. Uses a single IP address to support numerous inside local addresses b. An IP address that is routable on the Internet c. Addresses never to be assigned to an organization as a registered network number d. An IP address assigned to a host in a private network e. Identifies an interface that is on the private side of a network f. Allows unregistered addresses to access the Internet using legitimate or public addresses g. The IP address of a host on the outside of the network as it is known to the hosts on the inside network h. A legitimate registered address that represents an inside local address to the outside world i. Identifies an interface that is on the public side of the network j. A one-to-one mapping of a public and private address Terms __d__ inside local address __f__ NAT __i__ ip nat outside command __g__ outside local address __j__ static NAT __h__ inside global address __a__ Port Address Translation __b__ outside global address __e__ ip nat inside command __c__ RFC 1918

WAN Technologies CCNA 4 Labs and Study Guide

DHCP
Dynamic Host Configuration Protocol (DHCP) allows a device to dynamically receive network information upon boot. The basic information configured on a server includes network address, subnet mask, and default gateway. Domain Name System (DNS), NetBIOS, and Windows Internet Naming Service (WINS) server information are optional configurations if they exist on a network. As networks grow, DHCP deploys a plug-and-play design that allows new hosts to plug into the network without manual intervention. Designed by the Internet Engineering Task Force (IETF), it has become a standard component in network design and implementation.

Concept Questions
1. Explain the purpose of the DHCP excluded-address command. The excluded range of addresses is not assigned by the DHCP server. These addresses are usually assigned manually to servers, routers, and switches on the network. They can also act as a reserve depository for additional devices that require static addresses to be added to the network later. 2. Explain the advantages of DHCP over static allocation when a device such as a computer moves from one part of a network to another when multiple subnets exist. The DHCP server automatically assigns the device all the necessary information upon boot. Without DHCP, the network technician must manually configure the device with the correct IP address, subnet mask, default gateway, and other information before it can connect to the network. 3. Explain the difference between BOOTP and DHCP. BOOTP requires manual configuration of host information on a server, whereas DHCP allows for dynamic allocation of network addresses and additional configurations to newly attached devices to a network. DHCP allows for recovery and reallocation of network addresses through a leasing mechanism. 4. You are the network administrator of a company that uses DHCP on its network. Does DHCP provide a mechanism to prevent unauthorized users from plugging in and connecting to the network? Unfortunately, DHCP does not prevent unauthorized access. It cannot control the IP address used by a device on the network. A mechanism other than DHCP must be used.

Chapter 1: Scaling IP Addresses

Matching Terms
Match the definition on the left with the correct term on the right. Use each definition only one time. Definitions a. A proposed configuration, from a DHCP server, that may include IP addresses, DNS server addresses, and lease time b. A predecessor of DHCP (not dynamic) c. A broadcast sent by a client to locate a DHCP server d. Creates a pool with the specified name and puts the router in a specialized DHCP configuration mode e. Configures the router to prohibit an individual address or range of addresses from being used when assigning addresses to clients f. Verifies the operation of DHCP g. A security server h. Used to relay broadcast requests when the DHCP server resides on a different network than the host i. A protocol used for assigning IP addresses to devices on a network (client/server mode) j. DHCP assigning permanent IP addresses to the clients Terms __i__ DHCP __j__ automatic allocation __f__ show ip dhcp binding __g__ TACACS server __b__ BOOTP __e__ ip dhcp excluded-addresses __a__ DHCPOFFER __c__ DHCPDISCOVER __d__ ip dhcp pool word __h__ ip helper address

10

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises
Curriculum Lab 1-1: Configuring NAT (1.1.4a)
Figure 1-1 Topology for Lab 1-1

Table 1-1

Lab Equipment Configuration Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/ Subnet Mask Loopback 0 Address/Subnet Mask

Router Router Designation Name

Router 1 Router 2

Gateway ISP

10.10.10.1/24

DCE DTE

200.2.2.18/30 200.2.2.17/30

172.16.1.1/32

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco. Objective

Configure a router to use NAT to convert internal IP addresses, which are typically private addresses, into outside public addresses.

Background/Preparation The ISP has allocated the public classless interdomain routing (CIDR) IP address 199.99.9.32/27 to a company. This is equivalent to 30 public IP addresses. Because the company has an internal requirement for more than 30 addresses, the IT manager has decided to implement NAT. The company has decided to reserve the addresses 199.99.9.33 through 199.99.9.39 for static allocation and 199.99.9.40 through 199.99.9.62 for dynamic allocation. Routing between the ISP and the companys gateway router will be done using a static route from the ISP to the gateway and a default route from the gateway to the ISP. The ISPs connection to the Internet will be represented by a loopback address on the ISP router. Cable a network that is similar to the one in Figure 1-1. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the

Chapter 1: Scaling IP Addresses

11

information in Appendix C, Router Interface Summary Chart, to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See and implement the procedure documented in Appendix D, Erasing and Reloading the Switch, before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart.

Task 2: Save the Configuration


At the privileged EXEC mode prompt, on both routers, enter the command copy running-config startup-config.

Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Remember to assign a specific IP address and default gateway to the workstation. If you are running Windows 98, check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in a DOS window.

Task 4: Verify That the Network Is Functioning


Step 1.

From the attached hosts, ping the Fast Ethernet interface of the default gateway router. Did the ping from the first host succeed? Yes Did the ping from the second host succeed? Yes

Step 2.

If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then, ping again until they succeed.

Task 5: Create a Static Route


Create a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated for Internet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18

Is the static route in the routing table? Yes What command checks the routing table contents? The show ip route command checks the routing table contents. If the route was not in the routing table, give one reason why this might be so. The interface is down.
ISP#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP

12

WAN Technologies CCNA 4 Labs and Study Guide

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 199.99.9.0/27 is subnetted, 1 subnets S 199.99.9.32 [1/0] via 200.2.2.18 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 172.16.0.0/32 is subnetted, 1 subnets C 172.16.1.1 is directly connected, Loopback0

Task 6: Create a Default Route


Step 1.

Add a default route, using the ip route command, from the gateway router to the ISP router. This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Is the static route in the routing table? Yes


Step 2.

Try to ping from one of the workstations to the ISP serial interface IP address. Did the ping succeed? No Why? There is no return route to the 10.10.10.0 network.
Gateway#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 200.2.2.17 to network 0.0.0.0 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 10.0.0.0/24 is subnetted, 1 subnets C 10.10.10.0 is directly connected, FastEthernet0 S* 0.0.0.0/0 [1/0] via 200.2.2.17

Chapter 1: Scaling IP Addresses

13

Task 7: Define the Pool of Usable Public IP Addresses


To define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224

Task 8: Define an Access List That Matches the Inside Private IP Addresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

Task 9: Define the NAT Translation from Inside the List to Outside the Pool
To define the NAT, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access

Task 10: Specify the Interfaces


You must specify whether the active interfaces on the router are inside or outside interfaces with respect to NAT. To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip nat inside Gateway(config-if)#interface serial 0 Gateway(config-if)#ip nat outside Gateway#show ip nat translations Pro --Inside global 199.99.9.40 Inside local 10.10.10.10 Outside local --Outside global ---

Task 11: Test the Configuration


Configure a workstation on the internal LAN with the IP address 10.10.10.10/24 and a default gateway 10.10.10.1. From the PC, ping 172.16.1.1. If successful, look at the NAT translation on the gateway router by using the command show ip nat translations. What is the translation of the inside local host address? 10.10.10.10 = 199.99.9.40 How is the inside global address assigned? The router from the NAT pool How is the inside local address assigned? The workstation administrator After you complete the previous tasks, log off (by entering exit) and turn the router off. Then remove and store the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers. ISP Router#configure terminal Router(config)#hostname ISP

14

WAN Technologies CCNA 4 Labs and Study Guide

ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip add 172.16.1.1 255.255.255.255 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip add 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown ISP(config-if)#clockrate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config Destination filename [startup-config]?[Enter]

Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip add 10.10.10.1 Gateway(config-if)#no shutdown Gateway(config-if)#exit Gateway(config)#interface serial 0 Gateway(config-if)#ip add 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17 255.255.255.0

Chapter 1: Scaling IP Addresses

15

Curriculum Lab 1-2: Configuring PAT (1.1.4b)


Figure 1-2 Topology for Lab 1-2

Table 1-2

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/Subnet Mask Loopback 0 Address/Subnet Mask

Router Designation

Router 1 Router 2

Gateway ISP

10.10.10.1/24

DCE DTE

200.2.2.18/30 200.2.2.17/30

172.16.1.1/32

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco. Objective

Configure a router to use PAT to convert internal IP addresses, which are typically private addresses, into outside public addresses.

Background/Preparation Aidan McDonald has just received a Digital Subscriber Line (DSL) Internet connection in his home to a local ISP. The ISP has allocated only one IP address for use on the serial port of his remote-access device. Routing between the ISP and the home router will be achieved by using a static route between the ISP and gateway routers and a default route between the gateway and ISP routers. The ISP connection to the Internet is represented by a loopback address on the ISP router. Cable a network that is similar to the one in Figure 1-2. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise.

16

WAN Technologies CCNA 4 Labs and Study Guide

Start a HyperTerminal session. See and implement the procedure documented in Appendix E, Erasing and Reloading the Router, before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart. If you have trouble doing this, see Lab 1-1, Configuring NAT.

Task 2: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Remember to assign a specific IP address and default gateway to the workstation. If you are running Windows 98, check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in a DOS window.

Task 4: Verify That the Network Is Functioning


Step 1.

From the attached hosts, ping the Fast Ethernet interface of the default gateway router. Did the ping from the first host succeed? Yes Did the ping from the second host succeed? Yes

Step 2.

If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then, ping again until they succeed.

Task 5: Create a Default Route


Step 1.

Add a default route from the gateway to the ISP router. This forwards any unknown destination address traffic to the ISP. Use the ip route command to create the default route:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Is the route in the routing table? Yes


Step 2.

Try to ping from one of the workstations to the ISP serial interface IP address. Did the ping succeed? No Why? There is no return route to the 10.10.10.0 network. What command checks the routing table contents? show ip route
#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

Chapter 1: Scaling IP Addresses

17

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 200.2.2.17 to network 0.0.0.0 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 10.0.0.0/24 is subnetted, 1 subnets C 10.10.10.0 is directly connected, FastEthernet0 S* 0.0.0.0/0 [1/0] via 200.2.2.17

Task 6: Define an Access List That Matches the Inside Private IP Addresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

Task 7: Define the PAT Translation from Inside the List to Outside the Address
To define the PAT translation, use the ip nat inside source command. This command with the overload option creates PAT by using the serial 0 IP address as the base:
Gateway(config)#ip nat inside source list 1 interface serial 0 overload

Task 8: Specify the Interfaces


You must specify whether the active interfaces on the router are inside or outside interfaces with respect to PAT (NAT). To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip nat inside Gateway(config-if)#interface serial 0 Gateway(config-if)#ip nat outside

Task 9: Test the Configuration


Configure a PC on the internal LAN with the IP address 10.10.10.10/24 and a default gateway 10.10.10.1. From the PCs, ping the Internet address 172.16.1.1. If successful, telnet to the same IP address. Then, look at the PAT translation on the gateway router by using the command show ip nat translations:
Gateway#show ip nat translations Pro tcp icmp Inside global 200.2.2.18:1086 200.2.2.18:768 Inside local 10.10.10.10:1086 10.10.10.10:768 Outside local 172.16.1.1:23 172.16.1.1:768 Outside global 172.16.1.1:23 172.16.1.1:768

What is the translation of the inside local host addresses? Answers will vary.

18

WAN Technologies CCNA 4 Labs and Study Guide

10.10.10.10:1086 = 200.2.2.18: 1086 10.10.10.10:768 = 200.2.2.18: 768 What does the number after the colon represent? The port that NAT used Why do all the commands for PAT say NAT? PAT is an extension of NAT. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers. ISP Router#configure terminal Router(config)#hostname ISP ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip address 172.16.1.1 255.255.255.255 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown ISP(config-if)#clockrate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config

Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4

Chapter 1: Scaling IP Addresses

19

Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown Gateway(config-if)#exit Gateway(config)#interface serial 0 Gateway(config-if)#ip address 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Curriculum Lab 1-3: Configuring Static NAT Addresses (1.1.4c)


Figure 1-3 Topology for Lab 1-3

Table 1-3

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/Subnet Mask Loopback 0 Address/Subnet Mask

Router Designation

Router 1 Router 2

Gateway ISP

10.10.10.1/24

DCE DTE

200.2.2.18/30 200.2.2.17/30

172.16.1.1/32

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco.

20

WAN Technologies CCNA 4 Labs and Study Guide

Objectives

Configure a router to use NAT to convert internal IP addresses, which are typically private addresses, into outside public addresses. Configure static IP mapping to allow outside access to an internal PC.

Background/Preparation The ISP has allocated the public CIDR IP address 199.99.9.32/27 to a company. This is equivalent to 30 public IP addresses. Because the company has an internal requirement for more than 30 addresses, the IT manager has decided to use NAT. The company has decided to reserve the addresses 199.99.9.33 through 199.99.9.39 for static allocation and 199.99.9.40 through 199.99.9.62 for dynamic allocation. Routing between the ISP and the gateway router will be done using a static route between the ISP and the gateway and a default route between the gateway and the ISP. The ISP connection to the Internet is represented by a loopback address on the ISP router. Cable a network that is similar to the one in Figure 1-3. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See and implement the procedure documented in Appendix E before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart.

Task 2: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Remember to assign a specific IP address and default gateway to the workstation. If you are running Windows 98, check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in a DOS window.

Task 4: Verify That the Network Is Functioning


Step 1.

From the attached hosts, ping the Fast Ethernet interface of the default gateway router. Did the ping from the first host succeed? Yes Did the ping from the second host succeed? Yes

Step 2.

If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then, ping again until they succeed.

Chapter 1: Scaling IP Addresses

21

Task 5: Create a Static Route


Create a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated for Internet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18

Is the static route in the routing table? Yes What command checks the routing table contents? show ip route If the route was not in the routing table, give one reason why this might be so. Interface down
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 199.99.9.0/27 is subnetted, 1 subnets S 199.99.9.32 [1/0] via 200.2.2.18 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 172.16.0.0/32 is subnetted, 1 subnets C 172.16.1.1 is directly connected, Loopback0

Task 6: Create a Default Route


Step 1.

Add a default route, using the ip route command, from the gateway router to the ISP router. This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Is the route in the routing table? Yes


Step 2.

Try to ping from one of the workstations to the ISP serial interface IP address. Did the ping succeed? No Why? There is no return route to the 10.10.10.0 network.

Task 7: Define the Pool of Usable Public IP Addresses


To define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224

Task 8: Define an Access List That Matches the Inside Private IP Addresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

22

WAN Technologies CCNA 4 Labs and Study Guide

Task 9: Define the NAT Translation from Inside the List to Outside the Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access

Task 10: Specify the Interfaces


You must specify whether the active interfaces on the router are inside or outside interfaces with respect to NAT. To do this, use either the ip nat inside or ip nat outside command.

Task 11: Configure Static Mapping


Step 1.

You should use workstation 1, 10.10.10.10/24, as the public WWW server. This server needs a permanent public IP address. Define this mapping by using a static NAT mapping. Configure one of the PCs on the LAN with the IP address 10.10.10.10/24 and a default gateway 10.10.10.1. To configure a static IP NAT mapping, use the ip nat inside source static command at the privileged EXEC mode prompt:
Gateway(config)#ip nat inside source static 10.10.10.10 199.99.9.33

Step 2.

This permanently maps 199.99.9.33 to the inside address 10.10.10.10.


Step 3.

Look at the translation table:


Gateway#show ip nat translations

Does the mapping show up in the output of the show command? Yes

Task 12: Test the Configuration


Step 1.

From the 10.10.10.10 workstation, ping 172.16.1.1. Did the ping succeed? Yes Why? NAT is properly set up.

Step 2.

From the ISP router, ping the host with the static NAT translation by entering ping 10.10.10.10.
ISP#ping 10.10.10.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds: Success rate is 0 percent (0/5)

What were the results of the ping? Did it succeed? No Why? There is no route to 10.10.10.10.
Step 3.

From the ISP router, ping 199.99.9.33. If successful, look at the NAT translation on the gateway router by using the command show ip nat translations.
ISP#ping 199.99.9.33 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 199.99.9.33, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms ISP#

Chapter 1: Scaling IP Addresses

23

Gateway#show ip nat translations Pro --Inside global 199.99.9.33 Inside local 10.10.10.10 Outside local --Outside global ---

What is the translation of the inside local host address? 10.10.10.10 = 199.99.9.33 After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and Gateway routers. ISP Router#configure terminal Router(config)#hostname ISP ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip address 172.16.1.1 255.255.255.255 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown ISP(config-if)#clockrate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config

Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4 Gateway(config-line)#password cisco Gateway(config-line)#login

24

WAN Technologies CCNA 4 Labs and Study Guide

Gateway(config-line)#exit Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown Gateway(config-if)#exit Gateway(config)#interface serial 0 Gateway(config-if)#ip address 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Curriculum Lab 1-4: Verifying NAT and PAT Configuration (1.1.5)


Figure 1-4 Topology for Lab 1-4

Table 1-4

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/Subnet Mask Loopback 0 Address/Subnet Mask

Router Designation

Router 1 Router 2

Gateway ISP

10.10.10.1/24

DCE DTE

200.2.2.18/30 200.2.2.17/30

172.16.1.1/32

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. Objectives

Configure a router for NAT and PAT. Test the configuration and verify NAT/PAT statistics.

Chapter 1: Scaling IP Addresses

25

Background/Preparation The ISP has allocated the public CIDR IP address 199.99.9.32/30 to a company. This is equivalent to four public IP addresses. Because the company has an internal requirement for more than 30 addresses, the IT manager has decided to use NAT with PAT. Routing between the ISP and the gateway router will be done using a static route between the ISP and the gateway and a default route between the gateway and the ISP. The ISP connection to the Internet is represented by a loopback address on the ISP router. Cable a network that is similar to the one in Figure 1-4. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See and implement the procedure documented in Appendix E before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart. If you have trouble doing this, see Lab 1-1, Configuring NAT.

Task 2: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Remember to assign a specific IP address and default gateway to the workstation. If you are running Windows 98, check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in a DOS window.

Task 4: Verify That the Network Is Functioning


Step 1.

From the attached hosts, ping the Fast Ethernet interface of the default gateway router. Did the ping from the first host succeed? Yes Did the ping from the second host succeed? Yes

Step 2.

If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then, ping again until they succeed.

Task 5: Create a Static Route


Create a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated for Internet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.252 200.2.2.18

Is the static route in the routing table? Yes

26

WAN Technologies CCNA 4 Labs and Study Guide

What command checks the routing table contents? show ip route If the route was not in the routing table, give one reason why this might be so. The interface is down.
ISP#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 199.99.9.0/30 is subnetted, 1 subnets S 199.99.9.32 [1/0] via 200.2.2.18 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 172.16.0.0/32 is subnetted, 1 subnets C 172.16.1.1 is directly connected, Loopback0

Task 6: Create a Default Route


Step 1.

Add a default route, using the ip route command, from the gateway router to the ISP router. This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Is the route in the routing table? Yes


Step 2.

Try to ping from one of the workstations to the ISP serial interface IP address. Did the ping succeed? No Why? There is no return route to the 10.10.10.0 network.

Task 7: Define the Pool of Usable Public IP Addresses


To define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.32 199.99.9.35 netmask 255.255.255.252

Task 8: Define an Access List That Matches the Inside Private IP Addresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

Chapter 1: Scaling IP Addresses

27

Task 9: Define the NAT Translation from Inside the List to Outside the Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access overload

Task 10: Specify the Interfaces


You must specify whether the active interfaces on the router are inside or outside interfaces with respect to NAT. To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip nat inside Gateway(config-if)#interface serial 0 Gateway(config-if)#ip nat outside

Task 11: Test the Configuration


From the workstations, ping 172.16.1.1. Open multiple DOS windows on each workstation and telnet to the 172.16.1.1 address. Next, view the NAT translations on the gateway router with the command show ip nat trans.
Gateway#show ip nat trans Pro tcp tcp icmp Inside global 199.99.9.33:1091 199.99.9.33:1092 199.99.9.33:512 Inside local 10.10.10.10:1091 10.10.10.10:1092 10.10.10.10:512 Outside local 172.16.1.1:23 172.16.1.1:23 172.16.1.1:512 Outside global 172.16.1.1:23 172.16.1.1:23 172.16.1.1:512

What is the translation of the inside local host addresses? 10.10.10.10:1091 = 199.99.9.33:1091 10.10.10.10:1092 = 199.99.9.33:1092

Task 12: Verify NAT/PAT Statistics


To view the NAT and PAT statistics, enter the show ip nat statistics command at the privileged EXEC mode prompt.
Gateway#show ip nat statistics Total active translations: 2 (0 static, 2 dynamic; 2 extended) Outside interfaces: Serial0 Inside interfaces: FastEthernet0 Hits: 14 Misses: 2 Expired translations: 0 Dynamic mappings: -- Inside Source [Id: 1] access-list 1 pool public_access refcount 2 pool public_access: netmask 255.255.255.252 start 199.99.9.32 end 199.99.9.35 type generic, total addresses 4, allocated 1 (25%), misses 0

28

WAN Technologies CCNA 4 Labs and Study Guide

How many active translations have taken place? 2 How many addresses are in the pool? 4 How many addresses have been allocated so far? 1 After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers. ISP Router#configure terminal Router(config)#hostname ISP ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip address 172.16.1.1 255.255.255.255 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip address 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown ISP(config-if)#clockrate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config

Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#interface fastethernet 0

Chapter 1: Scaling IP Addresses

29

Gateway(config-if)#ip address 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown Gateway(config-if)#exit Gateway(config)#interface serial 0 Gateway(config-if)#ip address 2.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Curriculum Lab 1-5: Troubleshooting NAT and PAT (1.1.6)


Figure 1-5 Topology for Lab 1-5

Table 1-5

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/ Subnet Mask Loopback 0 Address/Subnet Mask

Router Designation

Router 1 Router 2

Gateway ISP

10.10.10.1/24

DCE DTE

200.2.2.18/30 200.2.2.17/30

172.16.1.1/32

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco. Objectives

Configure a router for NAT and PAT. Troubleshoot NAT and PAT by using debug.

Background/Preparation The ISP has allocated the public CIDR IP address 199.99.9.32/30 to a company. This is equivalent to four public IP addresses. Because the company has an internal requirement for more than 30 addresses, the IT manager has decided to use NAT and PAT. Routing between the ISP and the gateway router will be done using a static route between the ISP and the gateway and a default route between the gateway and the ISP. The ISPs connection to the Internet is represented by a loopback address on the ISP router.

30

WAN Technologies CCNA 4 Labs and Study Guide

Cable a network that is similar to the one in Figure 1-5. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See the erase and reload instructions in Appendix E. Perform those tasks on all routers in this lab assignment before you continue.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart. If you have trouble doing this, see Lab 1-1, Configuring NAT.

Task 2: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Remember to assign a specific IP address and default gateway to the workstation. If you are running Windows 98, check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in a DOS window.

Task 4: Verify That the Network Is Functioning


Step 1.

From the attached hosts, ping the Fast Ethernet interface of the default gateway router. Did the ping from the first host succeed? Yes Did the ping from the second host succeed? Yes

Step 2.

If the answer is no for either question, troubleshoot the router and host configurations to find the error. Then, ping again until they succeed.

Task 5: Create a Static Route


Create a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated for Internet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.252 200.2.2.18

Is the static route in the routing table? Yes What command checks the routing table contents? show ip route If the route was not in the routing table, give one reason why this might be so. The interface is down.
ISP#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP

Chapter 1: Scaling IP Addresses

31

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 199.99.9.0/27 is subnetted, 1 subnets S 199.99.9.32 [1/0] via 200.2.2.18 200.2.2.0/30 is subnetted, 1 subnets C 200.2.2.16 is directly connected, Serial0 172.16.0.0/32 is subnetted, 1 subnets C 172.16.1.1 is directly connected, Loopback0

Task 6: Create a Default Route


Step 1.

Add a default route, using the ip route command, from the gateway router to the ISP router. This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Is the route in the routing table? Yes


Step 2.

Try to ping from one of the workstations to the ISP serial interface IP address. Did the ping succeed? No Why? There is no return route to the 10.10.10.0 network.

Task 7: Define the Pool of Usable Public IP Addresses


To define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.32 199.99.9.35 netmask 255.255.255.252

Task 8: Define an Access List That Matches the Inside Private IP Addresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

Task 9: Define the NAT Translation from Inside the List to Outside the Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access overload

32

WAN Technologies CCNA 4 Labs and Study Guide

Task 10: Specify the Interfaces


You must specify whether the active interfaces on the router are inside or outside interfaces with respect to NAT. To do this, use the ip nat inside command:
Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip nat inside

Task 11: Test the Configuration


Step 1.

Turn on debugging for the NAT process by entering debug ip nat at the privileged EXEC mode prompt. Does the debug command show output? No

Step 2.

If translation were taking place, there would be output from the debug command. In reviewing the running configuration of the gateway router, you see that the ip nat outside statement has not been entered on the serial 0 interface. To configure this, enter the following:
Gateway(config)#interface serial 0 Gateway(config-if)#ip nat outside

Step 3.

From the workstations, ping 172.16.1.1. If you entered the ip nat outside statement correctly, there should be output from the debug ip nat command. What does NAT*: S=10.10.10.? -> 199.99.9 mean? Source and destination hosts

Step 4.

Stop the debug output by entering undebug all at the privileged EXEC mode prompt.
Gateway#debug ip nat IP NAT debugging is on Gateway#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Gateway(config)#interface serial 0 Gateway(config-if)#ip nat outside Gateway(config-if)# 00:07:53: ip_ifnat_modified: old_if 2, new_if 1 00:08:04: NAT: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11391] 00:08:04: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11391] 00:08:05: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11392] 00:08:05: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11392] 00:08:06: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11393] 00:08:06: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11393] 00:08:07: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11394] 00:08:07: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11394] Gateway(config-if)# Gateway(config-if)#exit Gateway#undebug all 00:08:50: %SYS-5-CONFIG_I: Configured from console by console all All possible debugging has been turned off

Chapter 1: Scaling IP Addresses

33

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers. ISP Router#configure terminal Router(config)#hostname ISP ISP(config)#enable password cisco ISP(config)#enable secret class ISP(config)#line console 0 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#interface loopback 0 ISP(config-if)#ip add 172.16.1.1 255.255.255.255 ISP(config-if)#no shutdown ISP(config-if)#exit ISP(config)#interface serial 0 ISP(config-if)#ip add 200.2.2.17 255.255.255.252 ISP(config-if)#no shutdown ISP(config-if)#clockrate 64000 ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18 ISP(config)#end ISP#copy running-config startup-config Destination filename [startup-config]?[Enter]

Gateway Router#configure terminal Router(config)#hostname Gateway Gateway(config)#enable password cisco Gateway(config)#enable secret class Gateway(config)#line console 0 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#line vty 0 4 Gateway(config-line)#password cisco Gateway(config-line)#login Gateway(config-line)#exit Gateway(config)#interface fastethernet 0 Gateway(config-if)#ip add 10.10.10.1 255.255.255.0 Gateway(config-if)#no shutdown Gateway(config-if)#exit

34

WAN Technologies CCNA 4 Labs and Study Guide

Gateway(config)#interface serial 0 Gateway(config-if)#ip add 200.2.2.18 255.255.255.252 Gateway(config-if)#no shutdown Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

Curriculum Lab 1-6: Configuring DHCP (1.2.6)


Figure 1-6 Topology for Lab 1-6

Table 1-6

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address/ Subnet Mask Loopback 0 Address/Subnet Mask

Router Designation

Router 1 Router 2

campus ISP

172.16.12.1/24

DCE DTE

172.16.1.6/30 172.16.1.5/30

172.16.13.1/32

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco. Objective

Configure a router for DHCP to dynamically assign addresses to attached hosts.

Background/Preparation Routing between the ISP and the campus router is by way of a static route between the ISP and the gateway and a default route between the gateway and the ISP. The ISP connection to the Internet is identified by a loopback address on the ISP router. Cable a network that is similar to the one in Figure 1-6. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might

Chapter 1: Scaling IP Addresses

35

produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See and implement the procedure documented in Appendix E before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart. If you have trouble doing this, see Lab 1-1, Configuring NAT.

Task 2: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 3: Create a Static Route


Addresses 172.16.12.0/24 have been allocated for Internet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 172.16.12.0 255.255.255.0 172.16.1.6

Is the static route in the routing table? Yes


Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks S 172.16.12.0/24 [1/0] via 172.16.1.6 C 172.16.13.0/24 is directly connected, Loopback0 C 172.16.1.4/30 is directly connected, Serial0

Task 4: Create a Default Route


Use the ip route command to add a default route from the campus router to the ISP router. This provides the mechanism to forward unknown destination address traffic to the ISP:
campus(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.5

Is the route in the routing table? Yes


campus#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR

36

WAN Technologies CCNA 4 Labs and Study Guide

P - periodic downloaded static route Gateway of last resort is 172.16.1.5 to network 0.0.0.0 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks C 172.16.12.0/24 is directly connected, FastEthernet0 C 172.16.1.4/30 is directly connected, Serial0 S* 0.0.0.0/0 [1/0] via 172.16.1.5

Task 5: Create the DHCP Address Pool


To configure the campus LAN pool, use the following commands:
campus(config)#ip dhcp pool campus campus(dhcp-config)#network 172.16.12.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.12.1 campus(dhcp-config)#dns-server 172.16.1.2 campus(dhcp-config)#domain-name foo.com campus(dhcp-config)#netbios-name-server 172.16.1.10

Task 6: Exclude Addresses from the Pool


To exclude addresses from the pool, use the following command:
campus(dhcp-config)#ip dhcp excluded-address 172.16.12.1 172.16.12.10

Task 7: Verify DHCP Operation


Step 1.

At each workstation on the directly connected subnet, configure the TCP/IP properties so that the workstation obtains an IP address and DNS server address from the DHCP server (see Figure 1-7). After you change and save the configuration, reboot the workstation.
TCP/IP Properties Dialog Box

Figure 1-7

Chapter 1: Scaling IP Addresses

37

Step 2.

To confirm the TCP/IP configuration information on each host, use Start > Run > winipcfg. If you are running Windows 2000, check using ipconfig in a DOS window. What IP address was assigned to the workstation? 172.16.12.11 What other information was assigned automatically? Domain name, DNS, NetBIOS, subnet mask, gateway When was the lease obtained? The student should have listed the time and date. When will the lease expire? The student should have listed the time and date.

Task 8: View DHCP Bindings


From the campus router, you can see the bindings for the hosts. To see the bindings, use the command show ip dhcp binding at the privileged EXEC mode prompt.
campus#show ip dhcp binding IP address 172.16.12.11 172.16.12.12 Client-ID/Hardware address 0100.10a4.188f.a4 0100.10b7.ce14.fb Lease expiration Mar 02 2005 01:25 AM Mar 02 2005 01:26 AM Type Automatic Automatic

What IP addresses were assigned? 172.16.12.11 and 172.16.12.12 What three other fields does the output list? Hardware (MAC) address, lease expiration, and lease type After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.

Curriculum Lab 1-7: Configuring DHCP Relay (1.2.8)


Figure 1-8 Topology for Lab 1-7

38

WAN Technologies CCNA 4 Labs and Study Guide

Table 1-7

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

campus remote

172.16.12.1/24 172.16.13.1/24

DCE DTE

172.16.1.6/30 172.16.1.5/30

The enable secret password for both routers is class. The enable, VTY, and console password for both routers is cisco. Objectives

Configure a router for DHCP. Add the capability for workstations to remotely obtain DHCP addresses and dynamically assign addresses to the attached hosts.

Background/Preparation A DHCP client uses IP broadcasts to find the DHCP server. However, routers do not forward these broadcasts, so in the case of the remote LAN, the workstations cannot locate the DHCP server. The router must be configured with the ip helper-address command to enable forwarding of these broadcasts, as unicast packets, to the specific server. Routing between the remote and the campus router is done by using a static route between remote and gateway and a default route between gateway and remote. Cable a network that is similar to the one in Figure 1-8. You can use any router that meets the interface requirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. See and implement the procedure documented in Appendix E before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, virtual terminal and enable passwords, and interfaces according to the chart. If you have a problem completing this, see Lab 1-1, Configuring NAT.

Task 2: Configure Routing on the Remote Router


Using Open Shortest Path First (OSPF) as the routing protocol, set up network as area 0 and the process ID as 1:
remote(config)#router ospf 1 remote(config-router)#network 172.16.1.0 0.0.0.255 area 0 remote(config-router)#network 172.16.13.0 0.0.0.255 area 0

Task 3: Configure Routing on the Campus Router


Using OSPF as the routing protocol, set up the network as area 0 and the process ID as 1:
campus(config)#router ospf 1

Chapter 1: Scaling IP Addresses

39

campus(config-router)#network 172.16.1.0 0.0.0.255 area 0 campus(config-router)#network 172.16.12.0 0.0.0.255 area 0

Do OSPF routes exist in the routing table? Yes


remote#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks O 172.16.12.0/24 [110/65] via 172.16.1.6, 00:00:12, Serial0 C 172.16.13.0/24 is directly connected, FastEthernet0 C 172.16.1.4/30 is directly connected, Serial0

campus#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks C 172.16.12.0/24 is directly connected, FastEthernet0 O 172.16.13.0/24 [110/65] via 172.16.1.5, 00:00:14, Serial0 C 172.16.1.4/30 is directly connected, Serial0

Task 4: Save the Configurations


At the privileged EXEC mode prompt on both routers, enter the command copy running-config startupconfig.

Task 5: Create the Campus DHCP Address Pool on the Campus Router
To configure the campus LAN pool, use the following commands:
campus(config)#ip dhcp pool campus campus(dhcp-config)#network 172.16.12.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.12.1

40

WAN Technologies CCNA 4 Labs and Study Guide

campus(dhcp-config)#dns-server 172.16.12.2 campus(dhcp-config)#domain-name foo.com campus(dhcp-config)#netbios-name-server 172.16.12.10

Task 6: Create the Remote DHCP Address Pool on the Campus Router
To configure the remote LAN pool, use the following commands:
campus(dhcp-config)#ip dhcp pool remote campus(dhcp-config)#network 172.16.13.0 255.255.255.0 campus(dhcp-config)#default-router 172.16.13.1 campus(dhcp-config)#dns-server 172.16.12.2 campus(dhcp-config)#domain-name foo.com campus(dhcp-config)#netbios-name-server 172.16.12.10

Task 7: Exclude Addresses from the Pool


To exclude addresses from the pool, use the following commands:
campus(dhcp-config)#ip dhcp excluded-address 172.16.12.1 172.16.12.10 campus(dhcp-config)#ip dhcp excluded-address 172.16.13.1 172.16.13.10

This defines the address range that the DHCP server excludes from dynamic issue. Why would addresses be excluded? Servers, routers, and so on

Task 8. Verify DHCP Operation on the Campus Router


Step 1.

From the workstation directly connected to the campus router, configure the TCP/IP properties for the workstation to obtain its IP properties automatically from DHCP. These properties include the IP and DNS server address (see Figure 1-9).
TCP/IP Properties Dialog Box

Figure 1-9

Chapter 1: Scaling IP Addresses

41

Step 2.

After you change the configuration, reboot the workstation. View the TCP/IP configuration information. If you are running Windows 98, go to Start > Run > winipcfg. With Windows 2000 or higher, use ipconfig in a DOS window. What IP address was assigned to the workstation? 172.16.12.11

Task 9: Verify DHCP Operation on the Remote Router


Repeat Task 8 using the workstation that is attached to the remote router. Is a valid address assigned from the DHCP pool? No What IP address was assigned to the workstation? Varies. It could be a 169.254.x.y IP address. What does this address (if any) represent? If it is 169.254.x.x, this is a DHCP address that was automatically assigned by Windows. This means that the DHCP client could not find a real DHCP server.

Task 10: Configure DHCP Relay


Configure the remote router with the ip helper-address command to enable forwarding of broadcasts, as unicast packets, to the specific server. You must configure this command on the LAN interface of the remote router for DHCP to function:
remote(config)#interface fastethernet 0 remote(config-if)#ip helper-address 172.16.12.1

Task 11: Verify DHCP Operation on the Remote Router


Step 1.

Reboot the workstation that is attached to the remote router. Is a valid address assigned from the DHCP pool? Yes What IP address was assigned to the workstation? 172.16.13.11

Step 2.

If there is no IP address, troubleshoot the workstation and router configurations and repeat Task 11.

Task 12: View DHCP Bindings


From the campus router, you can see the bindings for the hosts. To see the bindings, use the command show ip dhcp binding at the privileged EXEC mode prompt.
campus#show ip dhcp binding IP address Client-ID/Hardware address Lease expiration Type

172.16.12.11 172.16.13.11

0108.0046.06fb.b6 0542.0010.0a21.cb

Mar 02 2005 04:41 PM Mar 02 2005 04:45 PM

Automatic Automatic

Which IP addresses are assigned to the hosts? 172.16.12.11, 172.16.13.11 After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.

42

WAN Technologies CCNA 4 Labs and Study Guide

Comprehensive Lab 1-8: Configuring NAT, PAT, and Static NAT


You are the network administrator of ACME, a start-up marketing company with a limited number of users. Your company purchased a small range of public addresses from your ISP for global communication. Your companys IP address is 200.127.54.0/26which is the equivalent of 62 assignable addresses. Routing between ACME and the ISP is accomplished using a classless routing protocol. A loopback address represents the ISPs connection to the Internet. Figure 1-10 shows the network topology for this lab.
Figure 1-10 Network Topology for Lab 1-8
Lo0 192.168.1.1/30

ISP
DCE S0/0 162.23.218.165/30

DTE S0/0 162.23.218.166/30

ACME
Fa0/0

Fa0/1 Fa0/2

VLAN 10 (36)

VLAN 20 (710)

Web Server

Objective

Configure a router with multiple NAT pools to accommodate numerous VLANs within the network. To complete this lab, you can use 2620, 1721, and 1760 routers and 2950 switches.

Configuration Tasks

Cable and configure the equipment according to the topology diagram in Figure 1-10. Control access to the console port on all devices using cisco as the password. Use an encrypted password when accessing the privileged mode of all devices using class as the password. Restrict remote access to all devices using itsasecret as the password. Configure interface descriptions.

Addressing Scheme

As the network administrator of ACME, you decide to use the 192.168 100.0 /24 address for devices inside your network. You must create an addressing scheme that will support three subnets:

Department of Information Services (DIS) Department: 12 users Finance department: 13 users Marketing department: 30 users

Chapter 1: Scaling IP Addresses

43

VLANs

Create three VLANs and apply them to the following ports on the ALswitch:

VLAN 1: DIS. VLAN 10: Marketing department ports 36. VLAN 20: Finance department ports 710. All unassigned ports should be assigned to VLAN 1. If they are unused, they should be disabled for security purposes.

Configure trunk ports as indicated by the diagram. All trunk links should carry traffic for all VLANs. Configure the switch with an address from VLAN 1 with an appropriate default gateway. Configure inter-VLAN routing on the ACME router using IEEE 802.1q encapsulation.

Web Server

Configure the web server with an address from VLAN 1.

NAT Using the public addresses assigned to you by the ISP, configure three separate NAT pools for each of the following:

You are to allow all 30 users in the Marketing department to access the Internet by pulling an IP address dynamically (NAT). Users in the Finance department will communicate with the outside world using the same IP address (PAT). The companys web server is inside the private network and must be statically assigned a public address.

Routing

Use a classless routing protocol to route traffic between the ISP and ACME routers. Because you are the network administrator, you decide which protocol to use.

! ACME router configs ACME#show running-config Building configuration...

Current configuration : 1415 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ACME ! enable secret 5 $1$2MEe$fFkMYaJCzoWGTe9wwclTq/ ! ip subnet-zero ! !

44

WAN Technologies CCNA 4 Labs and Study Guide

! ! ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 --More-description DIS vlan 1 encapsulation dot1Q 1 native ip address 192.168.100.49 255.255.255.240 ! interface FastEthernet0/0.10 description Marketing Department vlan 10 encapsulation dot1Q 10 ip address 192.168.100.1 255.255.255.224 ! interface FastEthernet0/0.20 description Finance Department vlan 20 encapsulation dot1Q 20 ip address 192.168.100.33 255.255.255.240 ! interface Serial0/0 ip address 162.23.218.166 255.255.255.252 no fair-queue ! interface Serial0/1 no ip address shutdown ! router rip --More-version 2 network 162.23.0.0 network 192.168.100.0 ! ip nat pool marketing 200.127.54.1 200.127.54.30 netmask 255.255.255.192 ip nat pool finance 200.127.54.31 200.127.54.31 netmask 255.255.255.192 ip nat inside source list 1 pool marketing ip nat inside source list 2 pool finance overload ip nat inside source static 192.168.100.28 200.127.54.32 ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 no ip http server !

Chapter 1: Scaling IP Addresses

45

! access-list 1 permit 192.168.100.0 0.0.0.31 access-list 2 permit 192.168.100.32 ! line con 0 password class login line aux 0 line vty 0 4 password itsasecret --More-login ! end 0.0.0.15

ACME#

ISP#show running-config Serial0/0

Current configuration : 779 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ISP ! enable secret 5 $1$kwHm$6RH0d5guV7RCPBX7EanZM0 enable password cisco ! ip subnet-zero ! ! ! ! ! interface Loopback0 ip address 192.168.1.1 255.255.255.252 ! interface FastEthernet0/0 --More-no ip address speed auto

46

WAN Technologies CCNA 4 Labs and Study Guide

! interface Serial0/0 ip address 162.23.218.165 255.255.255.252 no fair-queue clockrate 56000 ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router rip version 2 network 162.23.0.0 network 192.168.1.0 ! ip classless ip route 200.127.54.0 255.255.255.0 Serial0/0 --More-no ip http server ! ! ! line con 0 password cisco login line aux 0 line vty 0 4 password itsasecret login ! end

ISP#

ALSwitch#show running-config

Current configuration : 1602 bytes ! version 12.1 no service pad service timestamps debug uptime

Chapter 1: Scaling IP Addresses

47

service timestamps log uptime no service password-encryption ! hostname ALSwitch ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1 Trunk Link to Router --More-switchport mode trunk ! interface FastEthernet0/2 shutdown ! interface FastEthernet0/3 description Marketing vlan 10 switchport access vlan 10 ! interface FastEthernet0/4 description Marketing vlan 10 switchport access vlan 10 ! interface FastEthernet0/5 description Marketing vlan 10 switchport access vlan 10! interface FastEthernet0/6 description Marketing vlan 10 switchport access vlan 10 ! interface FastEthernet0/7 description Finance vlan 20 switchport access vlan 20 ! interface FastEthernet0/8 description Finance vlan 20 switchport access vlan 20 !

48

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/9 --More-description Finance vlan 20 switchport access vlan 20 ! interface FastEthernet0/10 description Finance vlan 20 switchport access vlan 20 ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 !shutdown

interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 shutdown ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23

Chapter 1: Scaling IP Addresses

49

shutdown ! interface FastEthernet0/24 shutdown ! interface Vlan1 ip address 192.168.100.51 255.255.255.240

no ip route-cache ! ip default-gateway 192.168.100.49 --More-ip http server ! line con 0 line vty 5 15 ! ! end

ALSwitch#

Challenge Lab 1-9: NAT, PAT, DHCP


Estimated time: 90 minutes
Figure 1-11 Network Topology for Lab 1-9

CO
DCE S0/0 192.168.2.1/24

DTE S0/0 192.168.2.2/24

Edison
Fa0/0

Fa0/1

Na VL tive AN 1 (2 5)

VLAN 10 (69)

AN VL 0 2 3) 1 (10

Host A VLAN 10

Host B VLAN 20

50

WAN Technologies CCNA 4 Labs and Study Guide

Note This lab tests your knowledge of NAT, PAT, DHCP, static, and default routes. It builds on VLAN concepts and configurations you have learned previously in CCNA 3 of the curriculum. You might find it useful to review notes and labs from CCNA 3 before proceeding.

General Configuration Tasks


Cable and configure the equipment based on the topology shown in Figure 1-11. Control access to the console on all devices using cisco as the password. Use an encrypted password when accessing the privileged mode of all devices using class as the password. Restrict remote access to all devices using itsasecret as the password. Configure descriptions on all interfaces.

Addressing

As the network administrator, you decide which private address to use on the inside of your network. Choose a Class B address with a 24-bit mask from RFC 1918. Use the address that you have chosen and create three subnets to accommodate users on the management, teacher, and student VLANs:

90 users on the student VLAN 20 users on the teacher VLAN 12 users on the management VLAN

VLANs

Create three VLANs and apply them to the following ports on the ALswitch:

VLAN 1: Management VLAN ports 25 VLAN 10: Student VLAN ports 69 VLAN 20: Teacher VLAN ports 1013

Configure trunk ports as indicated in the diagram. All trunk links should carry traffic for all VLANs. Configure the switch with an address from VLAN 1 with the appropriate default gateway. Configure inter-VLAN routing on the Edison router using IEEE 802.1q encapsulation.

Static Routes

Create a default route on the Edison router so that the hosts can access all networks on the Central Office router. Create a static route on the Central Office router so that it can connect to all networks on the Edison LAN.

DHCP

Instead of assigning a static IP address to each device on the network, use DHCP to assign IP addresses to all devices on the student VLAN. Configure the appropriate default gateway and exclude the first 10 addresses from this pool. Connect the PCs to the appropriate switch ports as indicated by the diagram. Verify that the PCs on the student VLAN have been assigned an address from the correct subnet pool. Devices on the teacher VLAN will be statically assigned. Remember to use only those addresses suitable for teacher client devices.

Chapter 1: Scaling IP Addresses

51

NAT/PAT

Only traffic from the student and teacher VLANs will be NATed when leaving the Edison router. Traffic from the management VLAN will remain the same. The NAT/PAT pools should be created from the unused address space on the WAN subnet between the Central Office and Edison routers. Separate pools should be created for each VLAN. Create a large pool for students so that they are each assigned a unique address when crossing the WAN. All devices on the teacher VLAN will cross the WAN as the same address. In other words, the teacher pool will require overloading (PAT).

Testing and Verification

Test connectivity between PCs, to the default gateway, and from the PC to the loopback interface on the Central Office router. Ensure that devices on the student VLAN have an address assigned from the DHCP pool. Ensure that each device on the student VLAN crosses the WAN link with an address from the NAT pool and that each device on the teacher VLAN crosses the WAN with the same address assigned in that pool.

Reflection List five commands other than the show running-config command that you used to verify the correct configuration of the lab assignment. Explain how each command proved useful in completing this lab.
show ip nat translation show ip dhcp binding show ip route show ip interface brief show vlan

____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________ ____________________________________________________________________________________

52

WAN Technologies CCNA 4 Labs and Study Guide

Edison#show running-config Building configuration... Current configuration : 1420 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Edison ! enable secret 5 $1$nUs2$IalHqjDEilgTPu5ulZzHm0 enable password cisco ! ip subnet-zero ! ip dchp excluded-address 172.31.1.1 172.31.1.10 ip dhcp pool Students network 172.31.1.0 255.255.255.128 default-router 172.31.1.1 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 172.31.1.161 255.255.255.240 ! interface FastEthernet0/0.10 description Student VLAN encapsulation dot1Q 10 ip address 172.31.1.1 255.255.255.128 ip nat inside ! interface FastEthernet0/0.20 description Teacher VLAN encapsulation dot1Q 20 ip address 172.31.1.129 255.255.255.224 ip nat inside ! interface Serial0/0 ip address 192.168.2.2 255.255.255.0

Chapter 1: Scaling IP Addresses

53

ip nat outside no fair-queue ! interface Serial0/1 no ip address shutdown ! ip nat pool Teachers 192.168.2.4 192.168.2.4 netmask 255.255.255.0 ip nat pool Students 192.168.2.129 192.168.2.254 netmask 255.255.255.0 ip nat inside source list 1 pool Students ip nat inside source list 2 pool Teachers overload ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 no ip http server ! ! access-list 1 permit 172.31.1.0 0.0.0.127 access-list 2 permit 172.31.1.128 0.0.0.31 ! line con 0 line aux 0 line vty 0 4 password itsasecret login ! no scheduler allocate end Edison# CO#show running-config Building configuration... Current configuration : 712 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CO ! enable secret 5 $1$qySU$w3Em8trubgSFY3I7AZofL. ! ip subnet-zero ! ! ! ! ! interface Loopback0

54

WAN Technologies CCNA 4 Labs and Study Guide

ip address 192.168.1.1 255.255.255.252 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 ip address 192.168.2.1 255.255.255.0 clockrate 56000 ! interface Serial0/1 no ip address ! interface BRI1/0 no ip address shutdown ! ip classless ip route 172.31.1.0 255.255.255.0 192.168.2.2 no ip http server ! ! ! line con 0 password cisco login line aux 0 line vty 0 4 password itsasecret login ! no scheduler allocate end CO# ALSwitch#show running-config Building configuration... Current configuration : 1468 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname ALSwitch ! !

Chapter 1: Scaling IP Addresses

55

ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1 Description Trunk Link to Router switchport mode trunk ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 description Student VLAN switchport access vlan 10 ! interface FastEthernet0/7 description Student VLAN switchport access vlan 10 ! interface FastEthernet0/8 description Student VLAN switchport access vlan 10 ! interface FastEthernet0/9 description Student VLAN switchport access vlan 10 ! interface FastEthernet0/10 description Teacher VLAN switchport access vlan 20 ! interface FastEthernet0/11 description Teacher VLAN switchport access vlan 20 ! interface FastEthernet0/12 description Teacher VLAN switchport access vlan 20 !

56

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/13 description Teacher VLAN switchport access vlan 20 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 172.31.1.162 255.255.255.240 no ip route-cache ! ip default-gateway 172.31.1.161 ip http server ! line con 0 password cisco logging synchronous login line vty 0 4 password itsasecret login line vty 5 15 password cisco login ! ! end ALSwitch#

Chapter 1: Scaling IP Addresses

57

Challenge Lab 1-10: Double NAT Configuration


Figure 1-12 Topology for Challenge Lab 1-10

Internet
VLAN 1 = 250 Hosts VLAN 10 = 120 Hosts VLAN 20 = 60 Hosts
193.10.100.1/30 Lo0

Rock
S0/0 64.26.91.1/30 DCE

NAT Scissor and Paper using 24.58.96.252/30


192.168.10.0/23 Fa0/1
VL 1 AN AN VL 0 2

S0/0 196.100.10.1/24

S0/0 64.26.91.2/30 DCE

Scissor

S0/1 196.100.10.2/24

Paper

Fa0/1
VL 1 AN AN VL 0 2

VLAN 10

NAT

VLAN 10

192.168.10.0/23

192.168.20.0/23

NAT

This lab requires you to perform NAT on two different routers. The Scissor LAN addresses are translated on the Scissor router using remaining address space from the WAN connection and are translated again on the Paper router using a different set of addresses. Objectives

Configure VLANs and inter-VLAN routing. Configure DHCP. Configure NAT and PAT. Configure RIPv2.

Task 1: Cabling and Configuration


Cable and configure equipment according to the diagram in Figure 1-12.

Task 2: IP Addressing
Assign IP addresses on your routers using the appropriate addressing scheme for each LAN based on the detailed VLAN information in Figure 1-12. This task tests your knowledge of Classless Interdomain Routing (CIDR) and Variable-Length subnet Masks (VLSMs).

58

WAN Technologies CCNA 4 Labs and Study Guide

Task 3: Inter-VLAN Communication


Configure inter-VLAN routing using IEEE 802.1q encapsulation.

Task 4: Configure VLANs, VLAN Ports, and the HTTP Server


Step 1.

Configure the Scissor switch and the Paper switch with the following VLANs:

VLAN 1 VLAN 10: Wholesale VLAN 20: Retail

Step 2.

Assign the VLANs to the appropriate ports:


VLAN 1: All unassigned ports VLAN 10: Ports 610 VLAN 20: Ports 1115

Step 3.

Set up the Rock router as an HTTP server.

Task 5: Configure and Verify RIPv2 Operation


Step 1. Step 2.

Configure RIPv2 on each router and advertise all directly connected networks. Verify functionality with the show ip route command.

Task 6: Configure DHCP


Step 1. Step 2.

Configure DHCP on the Paper and Scissor routers. Exclude the first 10 addresses from each VLAN.

Task 7: Configure NAT and PAT


Step 1. Step 2.

Configure NAT and PAT on the Paper and Scissor routers. Translate the Scissor LAN with the unused address space from 196.100.10.0/24 in this way:

VLAN 1 will access the outside world using one IP address. Create a NAT pool for VLAN 10. Create a NAT pool for VLAN 20.

Step 3.

All addresses will be retranslated at the Paper router when communicating with the Rock router in the following way:

All Scissor addresses will use the 24.58.96.253/30 address. The Paper LAN will use the 24.58.96.254/30 address.

Task 8: Verify Configurations


Verify configurations using the appropriate commands. Hosts on the Scissor LAN should ping the Paper LAN using an address from the 196.100.10.0/24 network. Hosts on the Scissor LAN should ping the Rock router using the 24.58.96.253/30 address. Hosts on the Paper LAN should ping the Scissor LAN using an address from the 192.168.20.0/23 network. Hosts on the Paper LAN should ping the Rock router using the 24.58.96.254/30 address.

Chapter 1: Scaling IP Addresses

59

Rock#show running-config Building configuration...

Current configuration : 735 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Rock ! ! ip subnet-zero ! ! ! ! ! interface Loopback0 description Internet ip address 193.10.100.1 255.255.255.252 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 description WAN connection to Paper ip address 64.26.91.1 255.255.255.252 no fair-queue clockrate 56000 ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router rip version 2 network 64.0.0.0 network 193.10.100.0

60

WAN Technologies CCNA 4 Labs and Study Guide

! ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 ip http server ! ! ! line con 0 line aux 0 line vty 0 4 ! no scheduler allocate end

Paper#show running-config Building configuration...

Current configuration : 1792 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Paper ! ! ip subnet-zero ip dhcp excluded-address 192.168.20.1 192.168.20.10 ip dhcp excluded-address 192.168.21.1 192.168.21.10 ip dhcp excluded-address 192.168.21.129 192.168.21.139 ! ip dhcp pool Management network 192.168.20.0 255.255.255.0 default-router 192.168.20.1 ! ip dhcp pool Wholesale network 192.168.21.0 255.255.255.128 default-router 192.168.21.1 ! ip dhcp pool Retail network 192.168.21.128 255.255.255.192 default-router 192.168.21.129 ! !

Chapter 1: Scaling IP Addresses

61

! ! ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description Management encapsulation dot1Q 1 native ip address 192.168.20.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.10 description Wholesale encapsulation dot1Q 10 ip address 192.168.21.1 255.255.255.128 ip nat inside ! interface FastEthernet0/0.20 description Retail encapsulation dot1Q 20 ip address 192.168.21.129 255.255.255.192 ip nat inside ! interface Serial0/0 description WAN connection to Rock ip address 64.26.91.2 255.255.255.252 ip nat outside no fair-queue ! interface Serial0/1 description WAN connection to Scissor ip address 196.100.10.2 255.255.255.0 ip nat inside clockrate 56000 ! router rip version 2 network 64.0.0.0 network 192.168.20.0 network 192.168.21.0 network 196.100.10.0 ! ip nat pool PaperVlan 24.58.96.254 24.58.96.254 netmask 255.255.255.252 ip nat pool Scissor 24.58.96.253 24.58.96.253 netmask 255.255.255.252

62

WAN Technologies CCNA 4 Labs and Study Guide

ip nat inside source list 1 pool PaperVlan overload ip nat inside source list 2 pool Scissor overload ip classless no ip http server ! ! access-list 1 permit 192.168.20.0 0.0.3.255 access-list 2 permit 196.100.10.0 0.0.0.255 ! line con 0 logging synchronous line aux 0 line vty 0 4 ! no scheduler allocate end

Scissor#show running-config Building configuration...

Current configuration : 1718 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Scissor ! ! ip subnet-zero ip dhcp excluded-address 192.168.10.1 192.168.10.10 ip dhcp excluded-address 192.168.11.1 192.168.11.10 ip dhcp excluded-address 192.168.11.129 192.168.11.139 ! ip dhcp pool Management network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 ! ip dhcp pool Wholesale network 192.168.11.0 255.255.255.128 default-router 192.168.11.1 ! ip dhcp pool Retail network 192.168.11.128 255.255.255.192

Chapter 1: Scaling IP Addresses

63

default-router 192.168.11.129 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description Management encapsulation dot1Q 1 native ip address 192.168.10.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.10 description Wholesale encapsulation dot1Q 10 ip address 192.168.11.1 255.255.255.128 ip nat inside ! interface FastEthernet0/0.20 description Retail encapsulation dot1Q 20 ip address 192.168.11.129 255.255.255.192 ip nat inside ! interface Serial0/0 ip address 196.100.10.1 255.255.255.0 ip nat outside no fair-queue ! interface Serial0/1 no ip address shutdown ! router rip version 2 network 192.168.10.0 network 192.168.11.0 network 196.100.10.0 ! ip nat pool Management 196.100.10.3 196.100.10.3 netmask 255.255.255.0 ip nat pool Wholesale 196.100.10.4 196.100.10.124 netmask 255.255.255.0 ip nat pool Retail 196.100.10.125 196.100.10.185 netmask 255.255.255.0

64

WAN Technologies CCNA 4 Labs and Study Guide

ip nat inside source list 1 pool Management overload ip nat inside source list 2 pool Wholesale ip nat inside source list 3 pool Retail ip classless no ip http server ! ! access-list 1 permit 192.168.10.0 0.0.0.255 access-list 2 permit 192.168.11.0 0.0.0.127 access-list 3 permit 192.168.11.128 0.0.0.63 ! line con 0 line aux 0 line vty 0 4 ! no scheduler allocate end

Scissor_Switch#sh run Building configuration...

Current configuration : 1822 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Scissor-Switch ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 no ip address

Chapter 1: Scaling IP Addresses

65

! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/7 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/8 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/9 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/10 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/11 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/12 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/13

66

WAN Technologies CCNA 4 Labs and Study Guide

description retail switchport access vlan 20 no ip address ! interface FastEthernet0/14 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/15 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/16 no ip address ! interface FastEthernet0/17 no ip address ! interface FastEthernet0/18 no ip address ! interface FastEthernet0/19 no ip address ! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.10.2 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.10.1

Chapter 1: Scaling IP Addresses

67

ip http server ! ! line con 0 logging synchronous line vty 0 4 login line vty 5 15 login ! end

Paper-Switch#show running-config Building configuration...

Current configuration : 1820 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Paper-Switch ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5

68

WAN Technologies CCNA 4 Labs and Study Guide

no ip address ! interface FastEthernet0/6 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/7 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/8 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/9 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/10 description wholesale switchport access vlan 10 no ip address ! interface FastEthernet0/11 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/12 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/13 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/14 description retail switchport access vlan 20 no ip address ! interface FastEthernet0/15 description retail

Chapter 1: Scaling IP Addresses

69

switchport access vlan 20 no ip address ! interface FastEthernet0/16 no ip address ! interface FastEthernet0/17 no ip address ! interface FastEthernet0/18 no ip address ! interface FastEthernet0/19 no ip address ! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.20.2 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.20.1 ip http server ! ! line con 0 logging synchronous line vty 0 4 login line vty 5 15 login ! end

70

WAN Technologies CCNA 4 Labs and Study Guide

Optional Lab 1-11: Using a Linksys Router to Simulate a Home Network


In this lab, you use a Linksys router to simulate a real-world example of a home network.
Figure 1-13 Network Topology for Lab 1-11

ISP
Fa0/0 200.100.28.1/24

Public Domain
Fa0/1

Fa0/2

Home Network
Host A Host B

Equipment

You can complete this lab using any Linksys router other than voice-enabled models. You can use 1700, 2500, and 2600 series routers for this lab to simulate the ISP.

Objective

Configure the ISP router with DHCP, which will allow the Linksys router to pull an address from the pool you create. The Linksys router will then perform PAT on attached devices without having to be configured. Before you begin, reset the Linksys router to factory defaults by pressing the small button on the back of the router for 1 minute using a small pointy object, such as a pencil or paper clip. Cable and configure the equipment based on the topology in Figure 1-13. Configure the router with DHCP. Omit the routers IP address from the pool. The switch does not to be configured but should be cleaned of any previous configurations, especially VLAN information. Use the following commands to clear configurations:
Switch#delete flash:vlan.dat Switch#erase startup-config or write erase Switch#reload

Step 1. Step 2. Step 3.

Chapter 1: Scaling IP Addresses

71

Step 4.

Connect to the Linksys router. a. Open your web browser. b. Enter 192.168.1.1 in the address bar. This is the default IP address of the Linksys router (see Figure 1-14).

Figure 1-14

Default Linksys IP Address

c. The router prompts you for a password (see Figure 1-15).


Figure 1-15 Linksys Password Prompt

d. Leave the username blank and enter the default password, admin (see Figure 1-16).
Figure 1-16 Linksys Administrator Login

e. The information shown in Figure 1-17 appears on the Linksys setup page.

72

WAN Technologies CCNA 4 Labs and Study Guide

Figure 1-17

Linksys Setup Page

f. Under Network Setup, the default address of the Linksys router appears. With this option, you can use any address you choose, including those not included in RFC 1918. Why is the routers IP address 192.168.1.1 rather than an address from the pool that has been created? This address represents the default gateway for all hosts connected to the Linksys router. What is the range of DHCP addresses used by the Linksys router? 192.168.1.100 through 192.168.1.254
Step 5.

Open the command prompt dialog box and display the IP address of Host A and Host B (see Figure 1-18).
Displaying Host A and B IP Addresses

Figure 1-18

Step 6.

On the ISP router, enter the following command:


ISP#debug ip icmp

Step 7.

From Host A, ping the ISP routers Fast Ethernet interface. The following information was displayed on the ISP router:
Router# *Apr 14 07:51:53.955: 200.100.28.3 *Apr 14 07:51:54.953: 200.100.28.3 ICMP: ICMP: echo reply sent, src 200.100.28.1, dst echo reply sent, src 200.100.28.1, dst

Chapter 1: Scaling IP Addresses

73

Router# *Apr 14 07:51:55.955: 200.100.28.3 *Apr 14 07:51:56.956: 200.100.28.3 Router# *Apr 14 07:52:06.760: 200.100.28.3 *Apr 14 07:52:07.750: 200.100.28.3 Router# *Apr 14 07:52:08.752: 200.100.28.3 *Apr 14 07:52:09.753: 200.100.28.3 Router# ICMP: ICMP: echo reply sent, src 200.100.28.1, dst echo reply sent, src 200.100.28.1, dst ICMP: ICMP: echo reply sent, src 200.100.28.1, dst echo reply sent, src 200.100.28.1, dst ICMP: ICMP: echo reply sent, src 200.100.28.1, dst echo reply sent, src 200.100.28.1, dst

Why is the reply sent to the 200.100.28.3 address rather than the 192.168.100.2 address? The 200.100.28.3 address is the address that the Linksys router pulled from the DHCP pool. When the ICMP packet passed through the Linksys router, it translated the inside private address of 192.168.100.102 into the 200.100.28.3 address.
Step 8.

Ping the 200.100.28.1 address from both hosts. Why is only one address listed as the source instead of the IP address from each host? The Linksys router uses PAT, which allows multiple users to access the Internet using a single IP address.

ISP#show running-config Building configuration...

Current configuration : 666 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ISP ! ! ip subnet-zero ip dhcp excluded-address 200.100.28.1 ! ip dhcp pool Linksys network 200.100.28.0 255.255.255.0 default-router 200.100.28.1 ! ! ! ! !

74

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/0 ip address 200.100.28.1 255.255.255.0 speed auto no shut ! interface Serial0/0 no ip address shutdown ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! ip classless ip route 192.168.1.0 255.255.255.0 FastEthernet0/0 no ip http server ! ! ! line con 0 line aux 0 ! ip address 200.100.28.1 255.255.255.0 speed auto ! interface Serial0/0 no ip address shutdown ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! ip classless ip route 192.168.1.0 255.255.255.0 FastEthernet0/0 no ip http server ! ! ! line con 0 line aux 0 line vty 0 4 ! end

CHAPTER 2

WAN Technologies

The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice, and open-ended question exercises to test your knowledge of the theory of WAN devices, technologies, and connections such as Frame Relay, Integrated Services Digital Network (ISDN), digital subscriber line (DSL), and cable. This chapter also discusses WAN design and implementation. This chapter contains no lab exercises.

76

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
WAN Technologies Overview
A WAN is a network that connects multiple LANs regardless of their physical location. A typical WAN uses several fundamental devices, such as routers, modems, WAN switches, channel service units/data service units (CSUs/DSUs), and communication servers. WANs use all seven layers of the OSI model but are generally focused within Layers 1 and 2. Layer 1 defines the type of connections used, along with their functionality. Layer 2 is where the encapsulation of data takes place, using protocols such as High-Level Data Link Control (HDLC) and Point-to-Point Protocol (PPP) to name just a few. WANs connect multiple locations (LANs) and use packet-switched technology to create virtual circuits between locations to make them look as though they are directly connected to one another.

Concept Questions
1. Explain the difference between LANs and WANs. LANs are composed of hosts that are usually on the same network, and they generally span a small area (such as a building or campus). LANs can be located anywhere in the world and are connected through the services of an ISP. A WAN usually connects multiple LANs over a greater distance, and it is composed of multiple LANs. The network administrator has complete control over the LAN, and implementation of device placement and protocols are at his discretion. WANs are under the control of the ISP, and connecting LANs must follow all rules and procedures set forth by their carrier. Failure to comply with them might result in the LAN losing service. WAN equipment is owned by the carrier, and LAN equipment is owned by the company. 2. Compare and contrast the devices found on a LAN and those found on a WAN. Devices found on a LAN are PCs, servers, and printers that store data or provide a type of service to end users. Network devices found on a LAN are switches and routers, which also provide services to users. Some examples of WAN devices are routers, WAN switches, communication servers, CSUs/DSUs, and modems, all of which provide connectivity between LANs so that these same services can be shared over a large geographic area. 3. A company has multiple locations, and each locations router is from a different vendor. Would there be connectivity if each router is configured with HDLC? Why or why not? There would not be connectivity because HDLC is vendor-specific, and different-vendor HDLCs are not compatible. The solution is to use an open-standard encapsulation such as PPP. 4. Compare and contrast a switched virtual circuit (SVC) and a permanent virtual circuit (PVC). SVCs are set up on demand and are connectionless. In SVCs, packets may take a different path each time a connection is established. PVCs are connection-oriented, predetermined permanent circuits within the WAN cloud. In the WAN cloud, packets take the same path from source to destination every time a link is brought up. Frame Relay identifies these circuits with data-link connection identifiers (DLCIs). 5. Dialup connectivity is considered too slow, with low throughput speeds. It is generally being replaced by cable and DSL services. If this is the case, why is dialup still being used and still the most available connection available? Dialup uses existing phone lines, which reach even the most remote areas of this country. This makes dialup a low-cost option widely available to anyone. Other services, such as ISDN, cable, and DSL, are not available in all areas, which often makes dialup the only choice available.

Chapter 2: WAN Technologies

77

WAN Technologies
A network administrator may choose from several options when creating the physical links within a WAN. These options include analog dialup, ISDN, cable, DSL, Frame Relay, ATM, leased lines, and X.25. Analog dialup is what we know as regular dialup or 56k; this uses ordinary telephone lines to transmit data using analog signals rather than digital. ISDN usually carries two different channels:

The B (bearer) channel, which carries voice and data The D (delta) channel, which is used for call setup and termination

There are two different types of ISDN:


Basic Rate Interface (BRI)Two 64-kbps B channels and one 16-kbps D channel Primary Rate Interface (PRI)Twenty-three 64-kbps B channels and one 64-kbps D channel (equal in bandwidth to that of a T1)

Leased lines are connections to the provider network/ISP that a business must pay for monthly and can range from a 56-kbps line to an OC-48 line. In Frame Relay, there is no error checking, and Frame Relay uses PVCs and SVCs to provide connectivity between two locations. Asynchronous Transfer Mode (ATM) is a technology that provides low latency and low levels of jitter at high bandwidths by using cell technology; that is, data is split up into 53-byte cells to transmit faster. DSL, a dedicated user line, uses telephone lines to transmit data over high speeds by transmitting at higher frequencies than a regular phone line. Cable provides an always-on connection through coaxial cable, and users are in a shared environment.

Matching Terms
Match the definition on the left with the correct term on the right. Use each definition only one time. Definitions a. A full-time shared connection b. An always-on connection that uses coaxial cable to carry signals to a modem c. A path that is up during the duration of the connection that requires call setup and call termination d. A pre-established dedicated connection available in different bandwidth options e. A temporary permanent circuit dedicated from source to destination f. A cell-switched technology that uses fixed cells at 53 bytes g. A packet-switched technology that uses virtual circuits to connect multiple locations h. Offers home and mobile users an inexpensive option for connecting to the Internet i. A dedicated line from the source to the ISP that provides Internet access j. Digital telephony and data transport services offered by regional telephone carriers Terms __j___ ISDN BRI __h___ Analog dialup __f___ ATM __e___ PVC __g___ Frame Relay __c___ circuit-switched __i___ DSL __d___ leased line __b___ cable __a___ packet-switched

78

WAN Technologies CCNA 4 Labs and Study Guide

WAN Design
There are many different considerations when designing a WAN, such as the connections, LAN locations, how to connect them, and so on. Topology is also vital; primarily, star, full-mesh, and partial-mesh topologies are set up for WANs. Whether the WAN will use ATM, Frame Relay, or X.25 depends on the type of traffic that the WAN must handle. A hierarchy also proves useful to make the WAN more manageable, easier to troubleshoot, and scalable. Typically, the three-layer hierarchy used in WAN design consists of the access, distribution, and core layers. Securityprotecting servers, LANs within the WAN, and so onis also a primary concern when designing a WAN.

Concept Questions
1. You have a company that has four remote sites and a home office user (see Figure 2-1). Remote sites A, B, and C require permanent connections. Site D does not require a fixed connection but makes large file transfers once a day. The home office user needs access to resources located at headquarters and must be connected at all times. What type of WAN connection and speed should you use at headquarters? The remote sites? The home office?
Figure 2-1 WAN Connection Requirements
Headquarters

WAN Cloud
Remote Office A Remote Office B

Remote Office C Home Office

Remote Office D

Remote sites A, B, and C could use T1 lines with Frame Relay connections. Headquarters should use a T3 connection because a T1 might not provide enough bandwidth to handle all the sites connecting to it. Remote site D could use ISDN because it makes large file transfers only once a day. The home office user could use an SDSL connection because it provides a continuous connection and the same upload and download speeds.

Chapter 2: WAN Technologies

79

2. What type of connection is best for a home office, and why? Cable or DSL is best suited for a home office user because it uses existing lines, such as a cable TV line or a telephone line for DSL. With cable or DSL, the home office user can stay connected at all times (always-on connection). This is also a cost-effective way to stay connected to headquarters. 3. What types of DSL services are available to the consumer? Explain the differences between them. In asymmetric digital subscriber line (ADSL), the flow of data has a higher download speed than upload speed. ADSL uses two separate frequency bands. A direct relationship exists between the number of chunks available and the throughput capacity of the ADSL connection. Symmetric digital subscriber line (SDSL) differs from ADSL in that SDSL has the same upstream data transfer rate as the downstream.

80

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises
This chapter contains no lab exercises.

CHAPTER 3

PPP

The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice, and open-ended question exercises to test your knowledge of the theory of serial point-to-point links, Point-to-Point Protocol (PPP), and authentication using Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). The Lab Exercises portion of this chapter includes all the online curriculum labs, a comprehensive lab, and a challenge lab to ensure that you have mastered the practical, hands-on skills needed for PPP and authentication configurations.

82

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
Serial Point-to-Point Links
The fundamentals of WAN technologies and communications are the links within a WAN. One of the more popular methods of transmission over a serial link is time-division multiplexing (TDM). Because serial links can transmit only 1 bit at a time over the link, TDM provides an organization data transmission through the use of timeslots. TDM prioritizes what data needs to be sent over the link and puts data into different categories, such as video, voice, and data. With TDM, multiple devices can transmit over one line. TDM acts as a train doeseach timeslot contains one of the three categories of data, and they are just sent. However, the disadvantage of this is that if a device does not have any information to send, the empty timeslot remains part of the train being transmitted across the line. Another aspect of WANs are demarcation points. These are the exchange of how responsibility from the provider to the customer and vice versa takes place. They may also separate the data circuit-terminating equipment (DCE) and data terminal equipment (DTE). The DCE is the device that provides the service, such as a connection to the Internet or to the WAN. The DTE, in most cases, is the customer using the service. The DCE sets the rate at which the link operates (synchronously). Just like Ethernet, encapsulation is required for the data to be sent. HDLC is one form of encapsulation and is vendor-specific. All vendors (such as Cisco, 3Com, and so on) have their own version of High-Level Data Link Control (HDLC) that cannot communicate with another vendors version. Typically, HDLC does not support multiple-link access protocols, but the Cisco version of HDLC has a Type field in the encapsulation that allows more than one protocol to operate on the same serial line. All versions of HDLC also add a flag at the beginning and the end of the datagram; the sole function of the flag is to say where the datagram begins and ends. To configure HDLC on a serial link, you must configure both connected serial interfaces on the router with the command encapsulation hdlc.

Concept Questions
1. You have a large network that has various connections to the Internet and that uses multiple Layer 3 protocols on the network. Security is a concern, and authentication is a must for remote users connecting to the network. The routers on the edge of the network are all Cisco, but those on the inside come from different vendors. The WAN encapsulation that you decide to use is PPP. Explain why this is the correct choice over HDLC. The Cisco versions of HDLC and PPP support multiple Layer 3 protocols, but only PPP supports multiple interface types. HDLC is limited to serial interfaces and does not provide authentication or protect against callback. As far as the type of routers you use, encapsulation is used only between the border routers on the edge of your network that connects to the WAN cloud. The routers on the inside of your network are not affected by WAN encapsulation. 2. The clock rate is normally set on the DCE end of a serial connection. Explain the purpose of the clock rate command and why the interface remains down if not set. Serial interfaces are synchronous and require a timing mechanism for them to communicate. Without this, the line is up, but the protocol is down. This has no relationship to bandwidth, which is the amount of data that can be forwarded across a link.

Chapter 3: PPP

83

3. Explain the benefit of using TDM. TDM allocates bandwidth to multiple channels on a single line. Each channel can then be allocated for different types of traffic, such as voice, video, and data. This type of service prevents one form of data stream from using all the bandwidth.

PPP Authentication
PPP is another form of WAN encapsulation and is much different from HDLC. For one, it is an openstandard protocol that works in a multivendor environment. PPP provides the option of operating on asynchronous, synchronous, high-speed serial interfaces and ISDN. In addition, PPP allows authentication (optional configuration parameter) to be set to provide more security for a link. When establishing a link, PPP sends out a link control protocol (LCP) to negotiate the links parameters before data transmission. After both routers negotiate the maximum transmission unit (MTU) and bandwidth over the link, authentication, if configured, takes place. The network control protocol (NCP) then chooses a network layer protocol to use, such as IP. PPP may use two types of authentication:

Password Authentication Protocol (PAP)Uses a two-way handshake that asks the devices to authenticate only one time. It provides a simple security measure to verify the identity of the devices in question using a username and password. However, PAP is susceptible to hackers because it passes the username and password across the link in plain text, making it easier for the hacker to gain access. Challenge Handshake Authentication Protocol (CHAP)Uses a three-way handshake and randomly authenticates the connecting device. CHAP is more secure than PAP because it is not susceptible to playback and because the challenges are encrypted using MD5 and are verified using a hash.

Concept Questions
1. Explain some of the functions of the LCP as it negotiates parameters of a link. Besides authentication, compression, and callback, the LCP performs error detection by checking for excessive errors on a link. It uses looped link detection by using magic numbers. Each router uses a different number, so if a router sees its own magic number in a frame, it knows that there is a loop and can terminate the link immediately. 2. CHAP authentication is more secure than PAP because it uses MD5, a one-way hash to encode the password as it is sent across the link. Explain how a one-way hash works. A one-way hash converts data into a fixed string of digits. The sending device encodes the data, and the receiving device generates a hash using the same algorithm. If the two hashes match, the receiving device knows the sending device has been authenticated. It is also used to verify and authenticate the originator of a message (called digital signatures). 3. Explain the PPP session establishment phase. The PPP session is established when all three phases are complete. First is the link-establishment phase, which uses LCP to establish the link and negotiate certain parameters, which might include compression and MTU. This must occur for any data to be sent. The next phase is the authentication phase, which is optional and does not begin until the LCP phase is complete. This is where PAP/CHAP can be used to provide a more secure connection between hosts. The third and final phase is the network layer protocol phase, during which one or more network layer protocols can be used to send data across the link.

84

WAN Technologies CCNA 4 Labs and Study Guide

Configuring PPP
Encapsulation works on the border routers (ones that connect to the WAN). It does not matter what type of routers are on the inside of your network, because encapsulation has no bearing on them. To configure PPP on a serial interface, you must enter the command encapsulation ppp. To add the authentication, use the command ppp authentication followed by either pap or chap. To verify that the authentication has been configured properly on the interface, use the command show interfaces serial or show interface serial x or show interface serial x/y, where x or x/y is the number of the interface. If there is any problem with the configuration, debugging is a useful method of troubleshooting:
debug ppp [authentication | negotiation | packet | error | chap]

Concept Questions
1. Explain the purpose of the ppp multilink command and what would happen if it were not configured on an interface. The ppp multilink command logically combines both B channels on an ISDN interface and allows the router to packet-fragment (load-balance fragments) between them. If this command were not configured, only one B channel would be used to a single destination. 2. Explain the difference between Stacker and Predictor compression mechanisms used by PPP. Stacker replaces continuous streams of characters with codes. Predictor tries to predict the next sequence of characters in a data stream using a compression dictionary. Stacker is CPU-intensive, whereas Predictor is memory-intensive. 3. What information appears when you use the debug ppp negotiation command? The debug ppp negotiation command displays the following information:

The type of authentication being used (PAP or CHAP). Whether it is a challenge or response. The username of the device you are trying to connect to. This indicates whether the usernames correspond with the hostnames of the routers. If they dont, this causes an authentication failure. The letter I indicates an incoming message, and the letter O indicates an outgoing message. Whether authentication succeeded.

Chapter Review Questions


1. Which of the following are true of PAP? (Select two) A. B. C. D. It is a strong authentication protocol. It sends usernames and passwords across the link in plain text. It is a weak authentication protocol. It uses a one-way hash function.

2. Which of the following compression mechanisms is CPU-intensive? A. B. C. D. PAP Stacker Predictor CHAP

3. Which command enables PPP on an interface? A. B. C. D. Router(config)#ppp encapsulation Router(config)#encapsulation ppp Router(config-if)#ppp encapsulation Router(config-if)#encapsulation ppp

Chapter 3: PPP

85

4. PPP can be configured on which of the following interface types? (Select all that apply) A. B. C. D. E. F. Serial interfaces Auxiliary interfaces Virtual interfaces High-speed serial interfaces ISDN BRI interfaces Loopback interfaces

5. What type of cable is used when connecting two DTE devices? A. RS-232 B. Smart serial cable C. Null-modem D. V.35 6. Which of the following functions does the LCP perform? (Select all that apply) A. Detect misconfiguration errors B. Terminate a link C. Configure network layer protocols D. Determine whether a link is functioning E. Perform encryption 7. Which command provides load balancing across a PPP-configured interface? A. B. C. D. Callback Playback Overload Multilink

8. Which of the following are true of CHAP? (Select two) A. B. C. D. E. It uses a one-way hash. It uses a two-way hash. It uses a one-way handshake. It uses a two-way handshake. It uses a three-way handshake.

9. What is the location in the network called where responsibility between the telco and customer changes hands? A. Demarcation B. Local loop C. CSU/DSU D. DTE E. DCE

86

WAN Technologies CCNA 4 Labs and Study Guide

10. Which command displays real-time events as they happen on a PPP-configured interface? (Select all that apply) A. show ppp interfaces B. C. show ppp authentication show ppp negotiation

D. debug ppp interfaces E. debug ppp authentication F. debug ppp negotiation

11. Which of the following features uses a magic number to detect loops? A. Authentication B. Negotiation C. Multilink D. Error detection E. Split horizon 12. Which of the following are true of PPP? (Select all that apply) A. Allows multiple network layer protocols to operate on the same link. B. Provides a separate NCP for every network layer protocol. C. Provides a separate LCP for every data link layer protocol. D. Does not support multiple network layer protocols across the same link. E. Each network layer protocol requires a separate LCP. 13. How should the username and passwords on each router be configured for PPP authentication? (Select two) A. Name of the person connecting to the device. B. Hostname of the local router. C. Hostname of the remote router. D. Same on both routers. E. Passwords can differ. F. Passwords must be the same.

14. What would happen if both PAP and CHAP were enabled on a router? (Select two) A. Negotiation would fail. B. C. The first method would be used during link negotiation. The peer could refuse to use the first method and try the second one instead.

D. Authentication would fail if the peer router is configured for only one method only. 15. When does PAP authentication occur? A. After NCP establishes the link B. During the three-way handshake C. Only upon initial link establishment D. Periodically

Chapter 3: PPP

87

16. Which of the following are true of PAP and CHAP authentication? (Select all that apply) A. It ensures that the caller has permission to establish a connection. B. It is an optional parameter. C. It reduces the amount of congestion on a link. D. Peer routers exchange authentication messages. E. It detects loops that may occur across the link. 17. What is the default encapsulation on Cisco serial interfaces? A. PPP B. ARAP C. IP D. IPX E. HDLC 18. Which command displays the state of interface channels and the type of cable connected? A. show interface s0/0 B. C. show ip interface s0/0 show ip interface brief

D. show controller s0/0 E. show interfaces serial 19. Which network layer protocols does NCP support? (Select two) A. IPCP B. IPNP C. ICMP D. IPXCP E. IPXNP 20. Which of the following are not protected against by PAP? (Select all that apply) A. Callback attacks B. Playback attacks

C. Random challenges D. Trial-and-error attacks

88

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises
Curriculum Lab 3-1: Troubleshooting a Serial Interface (3.1.7)
Figure 3-1 Topology for Lab 3-1

Table 3-1

Lab Equipment Configuration Router Name Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

London Paris

DCE DTE

192.168.15.1 192.168.15.2

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. The subnet mask for both routers is 255.255.255.0. Objectives

Configure a serial interface on two routers. Use show commands to troubleshoot connectivity issues.

Background/Preparation Cable a network that is similar to the one in Figure 3-1. You can use any router that meets the interface requirements in Figure 3-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C, Router Interface Summary Chart, to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E, Erasing and Reloading the Router, on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 3-1. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Chapter 3: PPP

89

Task 2: Configure the Paris Interface


Configure the Paris router serial interface as follows:
Paris(config)#interface serial 0 Paris(config-if)#ip address 192.168.15.2 255.255.255.0 Paris(config-if)#clock rate 56000 Paris(config-if)#no shutdown Paris(config-if)#exit Paris(config)#exit

Task 3: Configure the London Interface


Configure the London router serial interface as follows:
London(config)#interface serial 0 London(config-if)#ip address 192.168.15.1 255.255.255.0 London(config-if)#no shutdown London(config-if)#exit London(config)#exit

Task 4: Save the Configuration


To save the configuration of the Paris and London router serial interfaces, enter the following:
London#copy running-config startup-config

Paris#copy running-config startup-config

Task 5: Enter the Command show interface serial 0 (See Appendix C) on London
London#show interface serial 0

This shows the details of interface serial 0.


London#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:06, output 00:00:00, output hang never 58 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.1.7 Copyright ? 2003, Cisco Systems, Inc. Last clearing of show interface counters 03:02:45 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/32 (active/max active/max total)

90

WAN Technologies CCNA 4 Labs and Study Guide

Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1039 packets input, 67974 bytes, 0 no buffer Received 753 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1047 packets output, 77227 bytes, 0 underruns 0 output errors, 0 collisions, 4 interface resets 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Answer the following questions: Serial 0 is up, and line protocol is down. What type of problem is indicated in the last statement? Data link- (Layer 2) related What is the Internet address? 192.168.15.1 What is the encapsulation type? HDLC

Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris
Paris#show interface serial 0

This shows the details of interface serial 0. Answer the following questions: Serial 0 is up, and line protocol is down. What is the Internet address? 192.168.15.2 What is the encapsulation type? HDLC To what OSI layer does Encapsulation refer? Layer 2 Why is the interface down? The clock rate is not set on the DCE interface.
End #show interface serial 0 Serial0 is up, line protocol is down Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input never, output never, output hang never Last clearing of show interface counters 00:04:44 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair

Chapter 3: PPP

91

Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 15 packets output, 869 bytes, 0 underruns 0 output errors, 0 collisions, 10 interface resets 0 output buffer failures, 0 output buffers swapped out 16 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 7: Correct the Clock Location


The clock rate statement has been placed on the wrong interface. It is currently placed on the Paris router, but the London router is the DCE. Remove the clock rate statement from the Paris router by using the no version of the command. Then, add it to the London routers configuration.

Task 8: Enter the Command show interface serial 0 on Paris


Paris#show interface serial 0

Serial 0 is up, and line protocol is up. What is the difference in the Line and Protocol status that was recorded on Paris earlier? Why? Both interfaces are up due to the correct clock rate setting.
End is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:02, output 00:00:07, output hang never Last clearing of show interface counters 00:07:47 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 31 packets input, 2864 bytes, 0 no buffer Received 21 broadcasts, 0 runts, 0 giants, 0 throttles

92

WAN Technologies CCNA 4 Labs and Study Guide

1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort 43 packets output, 3231 bytes, 0 underruns 0 output errors, 0 collisions, 11 interface resets 0 output buffer failures, 0 output buffers swapped out 20 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 9: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router
London#ping 192.168.15.2

Paris#ping 192.168.15.1 London#ping 192.168.15.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/40 ms London# Paris#ping 192.168.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms Paris#

From London, can you ping the Paris routers serial interface? Yes From Paris, can you ping the London routers serial interface? Yes If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do the pings again until the answer to both questions is yes. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Paris Router#configure terminal Router(config)#hostname Paris Paris(config)#enable password cisco Paris(config)#enable secret class Paris(config)#line vty 0 4 Paris(config-line)#password cisco Paris(config-line)#login Paris(config-line)#line con 0 Paris(config-line)#password cisco Paris(config-line)#login

Chapter 3: PPP

93

Paris(config-line)#interface serial 0 Paris(config-if)#ip address 192.168.15.2 255.255.255.0 Paris(config-if)#clock rate 56000 Paris(config-if)#no shutdown Paris(config-if)#exit Paris(config)#exit Paris#copy running-config startup-config ! Removing the clock from Paris Serial DTE interface Paris#configure terminal Paris(config)#interface serial 0 Paris(config-if)#no clock rate 56000 Paris(config-if)#exit Paris(config)#exit Paris#copy running-config startup-config

! London Router#configure terminal Router(config)#hostname London London(config)#enable password cisco London(config)#enable secret class London(config)#line vty 0 4 London(config-line)#password cisco London(config-line)#login London(config-line)#line con 0 London(config-line)#password cisco London(config-line)#login London(config-line)#interface serial 0 London(config-if)#ip address 192.168.15.1 255.255.255.0 London(config-if)#no shutdown London(config-if)#exit London(config)#exit London#copy running-config startup-config ! Configuring the clock on London Serial DCE interface London#configure terminal London(config)#interface serial 0 London(config-if)#clock rate 56000 London(config-if)#exit London(config)#exit London#copy running-config startup-config

94

WAN Technologies CCNA 4 Labs and Study Guide

Curriculum Lab 3-2: Configuring PPP Encapsulation (3.3.2)


Figure 3-2 Topology for Lab 3-2

Table 3-2

Lab Equipment Configuration Router Name Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

Washington Dublin

DCE DTE

192.168.15.1 192.168.15.2

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. The subnet mask for both routers is 255.255.255.0. Objectives

Configure the serial interfaces on two routers with the PPP protocol. Test the link for connectivity.

Background/Preparation Cable a network that is similar to the one in Figure 3-2. You can use any router that meets the interface requirements in Figure 3-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 3-2. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Chapter 3: PPP

95

Task 2: Configure the Dublin Interface


Configure the Dublin router serial interface as follows:
Dublin(config)#interface serial 0 Dublin(config-if)#ip address 192.168.15.2 255.255.255.0 Dublin(config-if)#no shutdown Dublin(config-if)#exit Dublin(config)#exit

Task 3: Configure the Washington Interface


Configure the Washington router serial interface as follows:
Washington(config)#interface serial 0 Washington(config-if)#ip address 192.168.15.1 255.255.255.0 Washington(config-if)#clock rate 64000 Washington(config-if)#no shutdown Washington(config-if)#exit Washington(config)#exit

Task 4: Save the Configuration


To save the Dublin and Washing router serial interfaces, use the following commands:
Dublin#copy running-config startup-config

Washington#copy running-config startup-config

Task 5: Enter the Command show interface serial 0 (See Appendix C) on Washington
Washington#show interface serial 0

This shows the details of interface serial 0. Serial 0 is up, and line protocol is up. The Internet address is 192.168.15.1. Encapsulation is HDLC.
Washington#show interface 0serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:04, output 00:00:03, output hang never Last clearing of show interface counters 00:06:09 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

96

WAN Technologies CCNA 4 Labs and Study Guide

Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 16 packets input, 902 bytes, 0 no buffer Received 16 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 35 packets output, 2939 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 2 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 6: Enter the Command show interface serial 0 (See Appendix C) on Dublin
Dublin#show interface serial 0

This shows the details of interface serial 0. Serial 0 is up, and line protocol is up. The Internet address is 192.168.15.2. Encapsulation is HDLC.
Dublin#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:01, output 00:00:02, output hang never Last clearing of show interface counters 00:05:19 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 11 packets input, 1068 bytes, 0 no buffer Received 11 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 25 packets output, 1603 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 14 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Chapter 3: PPP

97

Task 7: Change the Encapsulation Type


Change the encapsulation type to PPP by entering encapsulation ppp at the interface serial 0 configuration mode prompt on both routers:
Washington(config-if)#encapsulation ppp Dublin(config-if)#encapsulation ppp

Task 8: Enter the Command show interface serial 0 on Washington


Washington#show interface serial 0

What is the encapsulation type? PPP


Washington#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:13, output 00:00:10, output hang never Last clearing of show interface counters 00:00:17 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 11 packets input, 1220 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 7 packets output, 366 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 9: Enter the Command show interface serial 0 on Dublin


Dublin#show interface serial 0

What is the encapsulation type? PPP


Dublin#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24

98

WAN Technologies CCNA 4 Labs and Study Guide

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP 68 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.2 Copyright ? 2003, Cisco Systems, Inc. Last input 00:00:02, output 00:00:02, output hang never Last clearing of show interface counters 00:00:28 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 10 packets input, 412 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 15 packets output, 1280 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 4 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 10: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router
Washington#ping 192.168.15.2

Dublin#ping 192.168.15.1

From Washington, can you ping the Dublin routers serial interface? Yes From Dublin, can you ping the Washington routers serial interface? Yes If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do the pings again until the answer to both questions is yes.
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms Washington# Dublin#ping 192.168.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms Dublin#

Chapter 3: PPP

99

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! Washington Router#configure terminal Router(config)#hostname Washington Washington(config)#enable password cisco Washington(config)#enable secret class Washington(config)#line vty 0 4 Washington(config-line)#password cisco Washington(config-line)#login Washington(config-line)#line con 0 Washington(config-line)#password cisco Washington(config-line)#login Washington(config-line)#exit Washington(config)#interface serial 0 Washington(config-if)#ip address 192.168.15.1 255.255.255.0 Washington(config-if)#clock rate 64000 Washington(config-if)#no shutdown Washington(config-if)#exit Washington(config)#exit Washington#copy running-config startup-config ! Configuring PPP on Washington Washington#configure terminal Washington(config)#interface serial 0 Washington(config-if)#encapsulation ppp Washington(config-if)#exit Washington(config)#exit Washington#copy running-config startup-config

! Dublin Router#configure terminal Router(config)#hostname Dublin Dublin(config)#enable password cisco Dublin(config)#enable secret class Dublin(config)#line vty 0 4 Dublin(config-line)#password cisco Dublin(config-line)#login Dublin(config-line)#line con 0 Dublin(config-line)#password cisco Dublin(config-line)#login Dublin(config-line)#exit Dublin(config)#interface serial 0 Dublin(config-if)#ip address 192.168.15.2 255.255.255.0 Dublin(config-if)#no shutdown Dublin(config-if)#exit

100

WAN Technologies CCNA 4 Labs and Study Guide

Dublin(config)#exit Dublin#copy running-config startup-config ! Configuring PPP on Dublin Dublin#configure terminal Dublin(config)#interface serial 0 Dublin(config-if)#encapsulation ppp Dublin(config-if)#exit Dublin(config)#exit Dublin#copy running-config startup-config

Curriculum Lab 3-3: Configuring PPP Authentication (3.3.3)


Figure 3-3 Topology for Lab 3-3

Table 3-3

Lab Equipment Configuration Router Name Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

Madrid Tokyo

DCE DTE

192.168.15.1 192.168.15.2

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. The subnet mask for both routers is 255.255.255.0. Objective

Configure PPP authentication by using CHAP on two routers.

Background/Preparation Cable a network that is similar to the one in Figure 3-3. You can use any router that meets the interface requirements in Figure 3-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Chapter 3: PPP

101

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 3-3. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Configure the Tokyo Interface


Configure the Tokyo router serial interface as follows:
Tokyo(config)#interface serial 0 Tokyo(config-if)#ip address 192.168.15.2 255.255.255.0 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#no shutdown Tokyo(config-if)#exit Tokyo(config)#exit

Task 3: Configure the Madrid Interface


Configure the Madrid router serial interface as follows:
Madrid(config)#interface serial 0 Madrid(config-if)#ip address 192.168.15.1 255.255.255.0 Madrid(config-if)#clock rate 64000 Madrid(config-if)#encapsulation ppp Madrid(config-if)#no shutdown Madrid(config-if)#exit Madrid(config)#exit

Task 4: Save the Configuration


To save the Tokyo and Madrid serial interface configurations, use the following commands:
Tokyo#copy running-config startup-config Madrid#copy running-config startup-config

Task 5: Enter the Command show interface serial 0 on Madrid


Madrid#show interface serial 0

What is the encapsulation type? PPP


Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:09, output 00:00:09, output hang never Last clearing of show interface counters 00:00:35

102

WAN Technologies CCNA 4 Labs and Study Guide

Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 10 packets input, 136 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 10 packets output, 136 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Task 6: Enter the Command show interface serial 0 on Tokyo


Tokyo#show interface serial 0

What is the encapsulation type? PPP


Tokyo#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:02, output 00:00:02, output hang never Last clearing of show interface counters 00:00:29 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 12 packets input, 168 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 12 packets output, 168 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Chapter 3: PPP

103

Task 7: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router
Madrid#ping 192.168.15.2

Tokyo#ping 192.168.15.1

If the pings are unsuccessful, troubleshoot the router configurations to find the error. Then, do the pings again until both pings succeed.

Task 8: Configure PPP Authentication


Configure usernames and passwords on the Madrid router. The passwords must be the same on both routers. The username must reflect the other routers hostname exactly. (It is case-sensitive.)
Madrid(config)#username Tokyo password cisco Madrid(config)#interface serial 0 Madrid(config-if)#ppp authentication chap

Task 9: Verify That the Serial Connection Is Functioning


Verify that the serial connection is functioning by pinging the serial interface of the other router:
Madrid#ping 192.168.15.2

Did the ping succeed? No Why? CHAP is not set up on Tokyo.


Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)

Task 10: Configure PPP Authentication


Configure usernames and passwords on the Tokyo router. The passwords must be the same on both routers. The usernames must reflect the other routers hostname exactly (they are case-sensitive).
Tokyo(config)#username Madrid password cisco Tokyo(config)#interface serial 0 Tokyo(config-if)#ppp authentication chap

Task 11: Verify That the Serial Connection Is Functioning


Verify that the serial connection is functioning by pinging the serial interface of the other router:
Tokyo#ping 192.168.15.1

Did the ping succeed? Yes Why? The username was set up on Tokyo.
Tokyo#ping 192.168.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds: !!!!!

104

WAN Technologies CCNA 4 Labs and Study Guide

Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms Madrid#ping 192.168.15.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Tokyo Router#configure terminal Router(config)#hostname Tokyo Tokyo(config)#enable password cisco Tokyo(config)#enable secret class Tokyo(config)#line vty 0 4 Tokyo(config-line)#password cisco Tokyo(config-line)#login Tokyo(config-line)#line con 0 Tokyo(config-line)#password cisco Tokyo(config-line)#login Tokyo(config-line)#exit Tokyo(config)#interface serial 0 Tokyo(config-if)#ip address 192.168.15.2 255.255.255.0 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#no shutdowndown Tokyo(config-if)#exit Tokyo(config)#exit Tokyo#copy running-config startup-config Tokyo chap configuration Tokyo#configure terminal Tokyo(config)#username Madrid password cisco Tokyo(config)#interface serial 0 Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#exit Tokyo(config)#exit Tokyo#copy running-config startup-config

! Madrid Router#configure terminal Router(config)#hostname Madrid Madrid(config)#enable password cisco Madrid(config)#enable secret class Madrid(config)#line vty 0 4 Madrid(config-line)#password cisco Madrid(config-line)#login Madrid(config-line)#line con 0

Chapter 3: PPP

105

Madrid(config-line)#password cisco Madrid(config-line)#login Madrid(config-line)#exit Madrid(config)#interface serial 0 Madrid(config-if)#ip address 192.168.15.1 255.255.255.0 Madrid(config-if)#clock rate 56000 Madrid(config-if)#encapsulation ppp Madrid(config-if)#no shutdown Madrid(config-if)#exit Madrid(config)#exit Madrid chap configuration Madrid#configure terminal Madrid(config)#username Tokyo password cisco Madrid(config)#interface serial 0 Madrid(config-if)#ppp authentication chap Madrid(config-if)#exit

Curriculum Lab 3-4: Verifying PPP Configuration (3.3.4)


Figure 3-4 Topology for Lab 3-4

Table 3-4

Lab Equipment Configuration Router Name Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

Brasilia Warsaw

DCE DTE

192.168.15.1 192.168.15.2

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. The subnet mask for both routers is 255.255.255.0. Objectives

Configure a serial interface on two routers with the PPP protocol. Verify and test the link for connectivity.

106

WAN Technologies CCNA 4 Labs and Study Guide

Background/Preparation Cable a network that is similar to the one in Figure 3-4. You can use any router that meets the interface requirements in Figure 3-4 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 3-4. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Configure the Warsaw


Configure the Warsaw router serial interface as follows:
Warsaw(config)#interface serial 0 Warsaw(config-if)#ip address 192.168.15.2 255.255.255.0 Warsaw(config-if)#no shutdown Warsaw(config-if)#exit Warsaw(config)#exit

Task 3: Configure the Brasilia Interface


Configure the Brasilia router serial interface as follows:
Brasilia(config)#interface serial 0 Brasilia(config-if)#ip address 192.168.15.1 255.255.255.0 Brasilia(config-if)#clock rate 64000 Brasilia(config-if)#no shutdown Brasilia(config-if)#exit Brasilia(config)#exit

Task 4: Save the Configuration


To save the Warsaw and Brasilia router serial interface configurations, use the following commands:
Warsaw#copy running-config startup-config

Brasilia#copy running-config startup-config

Task 5: Enter the Command show interface serial 0 (See Appendix C) on Brasilia
Brasilia#show interface serial 0

This shows the details of interface serial 0. The encapsulation type is HDLC.

Chapter 3: PPP

107

Task 6: Enter the Command show interface serial 0 (See Appendix C) on Warsaw
Warsaw#show interface serial 0

This shows the details of interface serial 0. The encapsulation type is HDLC.

Task 7: Turn on PPP Debugging


Turn on the PPP debug function on both routers by entering debug ppp event at the privileged EXEC mode prompt. Note: For the 2600 router, use the command debug ppp tasks.

Task 8: Change the Encapsulation Type


Step 1.

Change the encapsulation type to PPP by entering encapsulation ppp at the interface serial 0 configuration mode prompt on both routers:
Brasilia(config-if)#encapsulation ppp

Warsaw(config-if)#encapsulation ppp

What did the debug function report when the PPP encapsulation was applied to each router?
00:03:07: Se0 AUTH: Started process 0 pid 4 00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) queued 1/1/1 00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) busy/0 started 1/1/1 00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) busy/0 done in 0 s. 0/0/1

Step 2.

Turn off the debug function by entering undebug all at the privileged EXEC mode prompt.

Task 9: Enter the Command show interface serial 0 on Brasilia


Brasilia#show interface serial 0 Brasilia#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set LCP Open Open: IPCP, CDPCP Last input 00:00:00, output 00:00:01, output hang never Last clearing of show interface counters 00:01:04 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated)

108

WAN Technologies CCNA 4 Labs and Study Guide

Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 7 packets input, 945 bytes, 0 no buffer Received 7 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 4 packets output, 362 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

The encapsulation type is PPP.

Task 10: Enter the Command show interface serial 0 on Warsaw


Warsaw#show interface serial 0 Warsaw#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set LCP Open Open: IPCP, CDPCP Last input 00:00:01, output 00:00:03, output hang never Last clearing of show interface counters 00:01:11 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 5 packets input, 386 bytes, 0 no buffer Received 5 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 8 packets output, 1228 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

The encapsulation type is PPP.

Chapter 3: PPP

109

Task 11: Verify That the Serial Connection Is Functioning


Step 1.

Ping the other router to verify that there is connectivity between the two routers.
Brasilia#ping 192.168.15.2

Warsaw#ping 192.168.15.1 Brasilia#ping 192.168.15.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms 84 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.4 Copyright ? 2003, Cisco Systems, Inc. Brasilia# Warsaw#ping 192.168.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms Warsaw#

From Brasilia, can you ping the Warsaw routers serial interface? Yes From Warsaw, can you ping the Brasilia routers serial interface? Yes
Step 2.

If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do the pings again until the answer to both questions is yes. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Brasilia Router#configure terminal Router(config)#hostname Brasilia Brasilia(config)#enable password cisco Brasilia(config)#enable secret class Brasilia(config)#line vty 0 4 Brasilia(config-line)#password cisco Brasilia(config-line)#login Brasilia(config-line)#line con 0 Brasilia(config-line)#password cisco Brasilia(config-line)#login Brasilia(config-line)#interface serial 0 Brasilia(config-if)#ip address 192.168.15.1 255.255.255.0 Brasilia(config-if)#clock rate 64000 Warsaw(config-if)#encapsulation ppp Brasilia(config-if)#no shutdown Brasilia(config-if)#exit Brasilia(config)#exit Brasilia#copy running-config startup-config

Step 3.

110

WAN Technologies CCNA 4 Labs and Study Guide

! Warsaw Router#configure terminal Router(config)#hostname Warsaw Warsaw(config)#enable password cisco Warsaw(config)#enable secret class Warsaw(config)#line vty 0 4 Warsaw(config-line)#password cisco Warsaw(config-line)#login Warsaw(config-line)#line console 0 Warsaw(config-line)#password cisco Warsaw(config-line)#login Warsaw(config-line)# Warsaw(config-line)# Warsaw(config-line)#interface serial 0 Warsaw(config-if)#ip address 192.168.15.2 255.255.255.0 Warsaw(config-if)#encapsulation ppp Warsaw(config-if)#no shutdown Warsaw(config-if)#exit Warsaw(config)#exit Warsaw#copy running-config startup-config

Curriculum Lab 3-5: Troubleshooting PPP Configuration (3.3.5)


Figure 3-5 Topology for Lab 3-5

Table 3-5

Lab Equipment Configuration Router Name Interface Type Serial 0 Address

Router Designation

Router 1 Router 2

London Paris

DCE DTE

192.168.15.1 192.168.15.2

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. The subnet mask for both routers is 255.255.255.0.

Chapter 3: PPP

111

Objectives

Configure a PPP on the serial interfaces of two routers. Use show and debug commands to troubleshoot connectivity issues.

Background/Preparation Cable a network that is similar to the one in Figure 3-5. You can use any router that meets the interface requirements in Figure 3-5 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 3-5. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Configure the Paris Interface


Configure the Paris router serial interface as follows:
Paris(config)#interface serial 0 Paris(config-if)#ip address 192.168.15.2 255.255.255.0 Paris(config-if)#clock rate 56000 Paris(config-if)#no shutdown Paris(config-if)#exit Paris(config)#exit

Task 3: Configure the London Interface


Configure the London router serial interface as follows:
London(config)#interface serial 0 London(config-if)#ip address 192.168.15.1 255.255.255.0 London(config-if)#encapsulation ppp London(config-if)#no shutdown London(config-if)#exit London(config)#exit

Task 4: Save the Configuration


To save the Paris and London router serial interface configurations, use the following commands:
Paris#copy running-config startup-config London#copy running-config startup-config

112

WAN Technologies CCNA 4 Labs and Study Guide

Task 5: Enter the Command show interface serial 0 (See Appendix C) on London
London#show interface serial 0

This shows the details of interface serial 0.


London#show interface serial 0 Serial0 is up, line protocol is down Hardware is PowerQUICC Serial Internet address is 192.168.15.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Listen Closed: IPCP, CDPCP Last input never, output never, output hang never Last clearing of show interface counters 00:00:27 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/2/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 2 packets output, 28 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 2 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

List the following information discovered from issuing this command:


Serial 0 is up, and line protocol is down. What type of problem is indicated in the last statement? Encapsulation The Internet address is 192.168.15.1. The encapsulation type is PPP.

Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris
Paris#show interface serial 0

This shows the details of interface serial 0.


Paris#show interface serial 0

Chapter 3: PPP

113

Serial0 is up, line protocol is down Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input never, output never, output hang never Last clearing of show interface counters 00:04:02 91 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.5 Copyright ? 2003, Cisco Systems, Inc. Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 19 packets output, 1230 bytes, 0 underruns 0 output errors, 0 collisions, 14 interface resets 0 output buffer failures, 0 output buffers swapped out DCD=up DSR=up DTR=up RTS=up CTS=up

List the following information discovered from issuing this command:


Serial 0 is up, and line protocol is down. The Internet address is 192.168.15.2. The encapsulation type is HDLC. To what OSI layer does Encapsulation refer? Layer 2

If the serial interface were configured, why did the show interface serial 0 output show that the interface is down? The clock rate is not set on the London DCE, and encapsulation is HDLC on Paris.

Task 7: Correct the Clock Location


The clock rate statement has been placed on the wrong interface. It is currently placed on the Paris router, but the London router is the DCE. Remove the clock rate statement from the Paris router by using the no version of the command, and then add it to the configuration for the London router.
London#configure terminal End (config)#interface serial 0 London(config-if)#clock rate 56000 London(config-if)#exit

114

WAN Technologies CCNA 4 Labs and Study Guide

Task 8: Enter the Command show cdp neighbors on London


London#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID

Is there output from the command? No Should there be output? No

Task 9: Enter the Command debug ppp negotiation on London


It might take 60 seconds or more before output occurs.
London# 00:07:48: Se0 LCP: TIMEout: State REQsent 00:07:48: Se0 LCP: O CONFREQ [REQsent] id 77 len 10 00:07:48: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6) 00:07:50: Se0 LCP: TIMEout: State REQsent 00:07:50: Se0 LCP: O CONFREQ [REQsent] id 78 len 10 00:07:50: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6) 00:07:52: Se0 LCP: TIMEout: State REQsent 00:07:52: Se0 LCP: O CONFREQ [REQsent] id 79 len 10 00:07:52: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6) 00:07:54: Se0 LCP: TIMEout: State REQsent 00:07:54: Se0 LCP: O CONFREQ [REQsent] id 80 len 10 00:07:54: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6) 00:07:56: Se0 LCP: TIMEout: State REQsent 00:07:56: Se0 LCP: State is Listen 00:08:26: Se0 LCP: TIMEout: State Listen 00:08:26: Se0 LCP: O CONFREQ [Listen] id 81 len 10 00:08:26: Se0 LCP: MagicNumber 0x09BFAF37 (0x050609BFAF37) 00:08:28: Se0 LCP: TIMEout: State REQsent 00:08:28: Se0 LCP: O CONFREQ [REQsent] id 82 len 10 00:08:28: Se0 LCP: MagicNumber 0x09BFAF37 (0x050609BFAF37)

Is there output? Yes What is the output saying? Request timeout Is there a problem with PPP encapsulation on the London router or the Paris router? Paris Why? PPP encapsulation is not set. What encapsulations were listed for the interfaces? London? PPP Paris? HDLC Is there an issue with the preceding answers? Yes What is the issue? Router interface encapsulations do not match.

Chapter 3: PPP

115

Task 10: Enter the command debug ppp negotiation on Paris


Enter the command debug ppp negotiation on the Paris router at the privileged EXEC mode prompt. Is there output from the debug command? No

Task 11: Correct the Encapsulation Type


Convert the encapsulation to PPP on the Paris router. Is there output from the debug command? Yes Does it confirm link establishment? Yes
Paris#configure terminal Paris(config)#interface serial 0 Paris(config-if)#encapsulation ppp Paris(config-if)# 00:09:48: Se0 PPP: Phase is DOWN, Setup [0 sess, 0 load] 00:09:48: Se0 PPP: Using default call direction 00:09:48: Se0 PPP: Treating connection as a dedicated line 00:09:48: Se0 PPP: Phase is ESTABLISHING, Active Open [0 sess, 0 load] 00:09:48: Se0 LCP: O CONFREQ [Closed] id 1 len 10 00:09:48: Se0 LCP: MagicNumber 0x09F12828 (0x050609F12828) 00:09:48: Se0 LCP: I CONFREQ [REQsent] id 101 len 10 00:09:48: Se0 LCP: MagicNumber 0x09C0E151 (0x050609C0E151) 00:09:48: Se0 LCP: O CONFACK [REQsent] id 101 len 10 00:09:48: Se0 LCP: MagicNumber 0x09C0E151 (0x050609C0E151) 00:09:48: Se0 LCP: I CONFACK [ACKsent] id 1 len 10 00:09:48: Se0 LCP: MagicNumber 0x09F12828 (0x050609F12828) 00:09:48: Se0 LCP: State is Open 00:09:48: Se0 AUTH: Started process 0 pid 23 00:09:48: Se0 PPP: Phase is UP [0 sess, 0 load] 00:09:48: Se0 IPCP: O CONFREQ [Closed] id 1 len 10 00:09:48: Se0 IPCP: Address 192.168.15.2 (0x0306C0A80F02) 00:09:48: Se0 CDPCP: O CONFREQ [eClosed] id 1 len 4 00:09:48: Se0 IPCP: I CONFREQ [REQsent] id 1 len 10 93 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.5 Copyright ? 2003, Cisco Systems, Inc. 00:09:48: Se0 IPCP: Address 192.168.15.1 (0x0306C0A80F01) 00:09:48: Se0 IPCP: O CONFACK [REQsent] id 1 len 10 00:09:48: Se0 IPCP: Address 192.168.15.1 (0x0306C0A80F01) 00:09:48: Se0 CDPCP: I CONFREQ [REQsent] id 1 len 4 00:09:48: Se0 CDPCP: O CONFACK [REQsent] id 1 len 4 00:09:48: Se0 IPCP: I CONFACK [ACKsent] id 1 len 10 00:09:48: Se0 IPCP: Address 192.168.15.2 (0x0306C0A80F02) 00:09:48: Se0 IPCP: State is Open 00:09:48: Se0 CDPCP: I CONFACK [ACKsent] id 1 len 4 00:09:48: Se0 CDPCP: State is Open 00:09:48: Se0 IPCP: Install route to 192.168.15.1nd

116

WAN Technologies CCNA 4 Labs and Study Guide

Task 12: Enter the command show interface serial 0 on Paris


Paris#show interface serial 0 End #show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial Internet address is 192.168.15.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 00:00:19 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 10 packets input, 408 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 9 packets output, 388 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Serial0 is up, and line protocol is up. The encapsulation type is PPP. What is the difference between the Line and Protocol status recorded on Paris earlier? Why? Both are up. Proper configuration of the serial interfaces

Task 13: Verify That the Serial Connection Is Functioning by Pinging the Serial Interface of the Other Router
London#ping 192.168.15.1

Paris#ping 192.168.15.2 Paris#ping 192.168.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:

Chapter 3: PPP

117

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms London#ping 192.168.15.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms

From London, can you ping the serial interface on the Paris router? Yes From Paris, can you ping the serial interface on the London router? Yes If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do the pings again until the answer to both questions is yes. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Paris Router#configure terminal Paris(config)#hostname Paris Paris(config)#enable password cisco Paris(config)#enable secret class Paris(config)#line vty 0 4 Paris(config-line)#password cisco Paris(config-line)#login Paris(config-line)#line con 0 Paris(config-line)#password cisco Paris(config-line)#login Paris(config-line)#exit Paris(config-line)#interface serial 0 Paris(config-if)#ip address 192.168.15.2 255.255.255.0 Paris(config-if)#encapsulation ppp Paris(config-if)#no shutdown Paris(config-if)#exit Paris(config)#exit Paris#exit Paris#copy running-config startup-config

! London Router#configure terminal Router(config)#hostname London London(config)#enable password cisco London(config)#enable secret class London(config)#line vty 0 4 London(config-line)#password cisco London(config-line)#login London(config-line)#line console 0 London(config-line)#password cisco

118

WAN Technologies CCNA 4 Labs and Study Guide

London(config-line)#login London(config-line)#exit London(config)#interface serial 0 London(config-if)#ip address 192.168.15.1 255.255.255.0 London(config-if)#encapsulation ppp London(config-if)#no shutdown London(config-if)#clock rate 56000 London(config-if)#exit London(config)#exit London#copy running-config startup-config

Challenge Lab 3-6: Configuring PPP with NAT, DHCP, and VLANs
You are a newly hired network administrator for a start-up company (ACME) that wants to you to create a secure connection to an ISP. You are also responsible for IP addressing, VLAN assignment, DHCP, and NAT. Figure 3-6 shows the network topology for this lab.
Figure 3-6 Network Topology for Lab 3-6
S0/0 200.100.37.2/26 ACME DTE Lo0 192.172.10.1/30 Web Server

Fa0/1 ACME_Switch
VL A 1 N Po 0 6 rts 30 10 Ho sts

Fa0/0

DCE ISP

VLAN 1 Ports 25 14 Hosts

AN VL 0 2 s rt Po 15 11 osts H 60

S0/0 200.100.37.1/26

ACME LAN Address Pool 192.168.100.0/24

Objectives

Configure PPP with authentication. Configure DHCP, NAT, and PAT. Configure the ISP as a web server and verify connectivity via a web browser from hosts on the ACME LAN.

Task 1
Step 1. Step 2. Step 3. Step 4.

Cable the equipment. Protect the privileged mode using an encrypted password of class. Ensure that the command output is not interrupted by router output. Restrict remote access to devices using cisco as the password.
router#config t router(config)#hostname ACME ACME(config)#enable secret class

Chapter 3: PPP

119

ACME(config)#line con 0 ACME(config-line)#logging synchronous ACME(config)#line vty 0 4 ACME(config-line)#password cisco ACME(config-line)#login ACME(config-line)#exit ACME(config)#

router#config t router(config)#hostname ISP ISP(config)#enable secret class ISP(config)#line con 0 ISP(config-line)#logging synchronous ISP(config)#line vty 0 4 ISP(config-line)#password cisco ISP(config-line)#login ISP(config-line)#exit ISP(config)#

switch#config t switch(config)#hostname ACME_Switch ACME_Switch(config)#enable secret class ACME_Switch(config)#line con 0 ACME_Switch(config-line)#logging synchronous ACME_Switch(config)#line vty 0 15 ACME_Switch(config-line)#password cisco ACME_Switch(config-line)#login ACME_Switch(config-line)#exit ACME_Switch(config)#

Task 2
Step 1.

Based on the diagram in Figure 3-6, create an addressing scheme to accommodate users on the ACME LAN. Create three VLANs on ACME_Switch:

Step 2.

VLAN 1: default name VLAN 10: Marketing VLAN VLAN 20: HR_Dept

Step 3. Step 4.

Assign VLANs to the appropriate interfaces based on the diagram in Figure 3-6. Configure inter-VLAN routing on the ACME router.
Router configuration: ACME(config)#int fa0/0 ACME(config-if)#no shut ACME(config-if)#int fa0/0.1

120

WAN Technologies CCNA 4 Labs and Study Guide

ACME(config-if)#description VLAN1 ACME(config-if)#encapsulation dot1q 1 native ACME(config-if)#ip address 192.168.100.97 255.255.255.240 ACME(config-if)#int fa0/0.10 ACME(config-if)#description Marketing ACME(config-if)#encapsulation dot1q 10 ACME(config-if)#ip address 192.168.100.65 255.255.255.224 ACME(config-if)#int fa0/0.20 ACME(config-if)#description HR_Dept ACME(config-if)#encapsulation dot1q 20 ACME(config-if)#ip address 192.168.100.1 255.255.255.192

Switch configuration: ACME_Switch#vlan database ACME_Switch(vlan)#vlan 10 name Marketing ACME_Switch(vlan)#vlan 20 name HR_Dept ACME_Switch(vlan)#exit ACME_Switch#config t ACME_Switch(config-if)#int fa0/1 ACME_Switch(config-if)#switchport mode trunk ACME_Switch(config-if)#int fa0/6 ACME_Switch(config-if)#switchport access vlan 10 ACME_Switch(config-if)#int fa0/7 ACME_Switch(config-if)#switchport access vlan 10 ACME_Switch(config-if)#int fa0/8 ACME_Switch(config-if)#switchport access vlan 10 ACME_Switch(config-if)#int fa0/9 ACME_Switch(config-if)#switchport access vlan 10 ACME_Switch(config-if)#int fa0/10 ACME_Switch(config-if)#switchport access vlan 10 ACME_Switch(config-if)#int fa0/11 ACME_Switch(config-if)#switchport access vlan 20 ACME_Switch(config-if)#int fa0/12 ACME_Switch(config-if)#switchport access vlan 20 ACME_Switch(config-if)#int fa0/13 ACME_Switch(config-if)#switchport access vlan 20 ACME_Switch(config-if)#int fa0/14 ACME_Switch(config-if)#switchport access vlan 20 ACME_Switch(config-if)#int fa0/15 ACME_Switch(config-if)#switchport access vlan 20 ACME_Switch(config-if)#int vlan1 ACME_Switch(config-if)#ip address 192.168.100.98 255.255.255.240 ACME_Switch(config-if)#no shut ACME_Switch(config-if)#exit ACME_Switch(config)#ip default-gateway 192.168.100.97

Chapter 3: PPP

121

Task 3
Step 1. Step 2. Step 3. Step 4.

Configure the ACME router as a DHCP server. Create a separate DHCP pool for each subnet. Exclude the first three addresses from each DHCP pool. Verify that the workstations obtain the correct information from the server.
DHCP commands: ACME(config)#ip dhcp excluded-address 192.168.100.1 192.168.100.3 ACME(config)#ip dhcp excluded-address 192.168.100.65 192.168.100.68 ACME(config)#ip dhcp excluded-address 192.168.100.97 192.168.100.100 ACME(config)#ip dhcp pool VLAN1 ACME(dhcp-config)#network 192.168.100.96 255.255.255.240 ACME(dhcp-config)#default-router 192.168.100.97 ACME(dhcp-config)#exit ACME(config)#ip dhcp pool Marketing ACME(dhcp-config)#network 192.168.100.64 255.255.255.224 ACME(dhcp-config)#default-router 192.168.100.65 ACME(dhcp-config)#exit ACME(config)#ip dhcp pool HR_Dept ACME(dhcp-config)#network 192.168.100.0 255.255.255.192 ACME(dhcp-config)#default-router 192.168.100.1

Task 4
Step 1. Step 2. Step 3.

Use the spare addresses from the WAN link to create your NAT pools. Configure dynamic NAT for VLAN 1 and the Marketing VLAN. Use one global address for HR_Dept to access the outside world.
NAT commands: ACME(config)#ip nat pool VLAN1 200.100.37.3 200.100.37.17 netmask 255.255.255.192 ACME(config)#ip nat pool Marketing 200.100.37.18 200.100.37.48 netmask 255.255.255.192 ACME(config)#ip nat pool HR_Dept 200.100.37.49 200.100.37.49 netmask 255.255.255.192 ACME(config)#access-list 1 permit 192.168.100.96 0.0.0.15 ACME(config)#access-list 2 permit 192.168.100.64 0.0.0.31 ACME(config)#access-list 3 permit 192.168.100.0 0.0.0.63 ACME(config)#ip nat inside source list 1 pool VLAN1 ACME(config)#ip nat inside source list 2 pool Marketing ACME(config)#ip nat inside source list 3 pool HR_Dept overload

ACME(config-if)#int fa0/0.1 ACME(config-if)#ip nat inside ACME(config-if)#int fa0/0.10 ACME(config-if)#ip nat inside ACME(config-if)#int fa0/0.20 ACME(config-if)#ip nat inside

122

WAN Technologies CCNA 4 Labs and Study Guide

Task 5
Configure both routers to use PPP as the encapsulation protocol.
PPP encapsulation commands: ACME(config)#int s0/0 ACME(config-if)#encapsulation ppp

ISP(config)#int s0/0 ISP(config-if)#encapsulation ppp

Task 6
Configure a secure authentication on both routers that protects against callback.
CHAP commands: ACME(config)#int s0/0 ACME(config-if)#ppp authentication chap ACME(config)#username ISP password cisco

ISP(config)#int s0/0 ISP(config-if)#ppp authentication chap ISP(config)#username ACME password cisco

Task 7
Verify the configuration using the appropriate commands. Do not limit yourself to using only the show running-config command. The lab is accomplished when all hosts can access the web server via the web browser.
ACME#show running-config

hostname ACME ! enable secret 5 $1$Pp3L$otAkhDxd956.DcsYZqcwd0 ! username ISP password 0 cisco ip subnet-zero ip dhcp excluded-address 192.168.100.1 192.168.100.3 ip dhcp excluded-address 192.168.100.65 192.168.100.68 ip dhcp excluded-address 192.168.100.97 192.168.100.100 ! ip dhcp pool VLAN1 network 192.168.100.96 255.255.255.240 default-router 192.168.100.97 ! ip dhcp pool Marketing network 192.168.100.64 255.255.255.224 default-router 192.168.100.65 !

Chapter 3: PPP

123

ip dhcp pool HR_Dept network 192.168.100.0 255.255.255.192 default-router 192.168.100.1 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto no shut ! interface FastEthernet0/0.1 description VLAN1 encapsulation dot1Q 1 native ip address 192.168.100.97 255.255.255.240 ip nat inside ! interface FastEthernet0/0.10 description Marketing encapsulation dot1Q 10 ip address 192.168.100.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description HR_Dept encapsulation dot1Q 20 ip address 192.168.100.1 255.255.255.192 ip nat inside ! interface Serial0/0 ip address 200.100.37.2 255.255.255.192 ip nat outside encapsulation ppp ppp authentication chap no shut ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown !

124

WAN Technologies CCNA 4 Labs and Study Guide

ip nat pool vlan1 200.100.37.3 200.100.37.17 netmask 255.255.255.0 ip nat pool Marketing 200.100.37.18 200.100.37.48 netmask 255.255.255.0 ip nat pool hrdept 200.100.37.49 200.100.37.49 netmask 255.255.255.0 ip nat inside source list 1 pool vlan1 ip nat inside source list 2 pool Marketing ip nat inside source list 3 pool HR_Dept overload ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 no ip http server ! ! access-list 1 permit 192.168.100.96 0.0.0.15 access-list 2 permit 192.168.100.64 0.0.0.31 access-list 3 permit 192.168.100.0 0.0.0.63 ! line con 0 logging synchronous line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end

ISP#show running-config

hostname ISP ! enable secret 5 $1$IV8q$i0rJSg6vBuxcKzLVXGb/01 ! username ACME password 0 cisco ip subnet-zero ! ! ! ! ! interface Loopback0 description Web Server ip address 192.172.10.1 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown

Chapter 3: PPP

125

speed auto !

interface Serial0/0 ip address 200.100.37.1 255.255.255.192 encapsulation ppp clockrate 56000 ppp authentication chap no shut ! interface Serial0/1 no ip address shutdown ip route 192.168.100.0 255.255.255.0 s0/0 ! ip classless ip http server ! ! ! line con 0 logging synchronous line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end

ACME_Switch#show running-config

hostname ACME_switch ! enable secret 5 $1$/HXH$FrVwLK/aQBNXXnpL4YMxX/ ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! !

126

WAN Technologies CCNA 4 Labs and Study Guide

! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 switchport access vlan 10 ! interface FastEthernet0/7 switchport access vlan 10 ! interface FastEthernet0/8 switchport access vlan 10 ! interface FastEthernet0/9 switchport access vlan 10 ! interface FastEthernet0/10 switchport access vlan 10 ! interface FastEthernet0/11 switchport access vlan 20 ! interface FastEthernet0/12 switchport access vlan 20 ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport access vlan 20 ! interface FastEthernet0/16 ! interface FastEthernet0/17 !

Chapter 3: PPP

127

interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.100.98 255.255.255.0 no shut no ip route-cache ! ip default-gateway 192.168.100.97 ip http server ! line con 0 logging synchronous line vty 0 4 password cisco login line vty 5 15 password cisco login ! ! end

This page intentionally left blank

CHAPTER 4

ISDN and DDR

The Study Guide portion of this chapter uses a combination of multiple-choice and open-ended question exercises to test your knowledge of the theory of ISDN standards, concepts, and reference points. The Lab Exercises portion of this chapter includes all the online curriculum labs and a challenge lab to ensure that you have mastered the practical, hands-on skills needed for dialer interfaces, dialer maps, and dialer profiles.

130

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
ISDN Concepts
ISDN is a WAN technology that serves as a solution for offices using digitized phone lines. ISDN allows for faster call setup and transfer of data, video, and audio than traditional analog dialup. Call setup and termination are done on a separate channel (D or delta channel), which is called out-of-band signaling. Data is transmitted over a separate channel called the B or bearer channel. Each B channel provides 64 kbps of bandwidth, whereas the D channel has 16 kbps of bandwidth (ISDN Basic Rate Interface [BRI]) or 64 kbps (ISDN Primary Rate Interface [PRI]). ISDN PRI in North America consists of 23 B channels and one D channel. It is an inexpensive, cost-effective alternative to a dedicated T1 connection. The European equivalent to an ISDN PRI is called an E. It consists of 30 B channels and a single D channel. ISDN has three sets of standards:

The E protocols, which define the telephone network standards The I protocols, which relate to ISDN concepts and terms The Q protocols, which determine the operation of signaling and switching

During the call setup process, the phone number is transmitted to the local ISDN switch via the D channel. It is then forwarded to another ISDN switch using the Signaling System 7 (SS7) signaling protocol. The number is passed to the destination, which sends its acknowledgment back through the ISDN switches to the caller; from here, the connection is officially established. Switch types that give a set of call setup needs must also be configured depending on which type the service provider is using. Service provider identifiers (SPIDs) are also provided by the Internet service provider (ISP) as a mandatory component to connect to the local ISDN switch. SPIDs are actually phone lines that are dialed to establish a connection.

Concept Questions
1. Compare ISDN BRI and PRI. ISDN BRI uses two B channels and one D channel. ISDN PRI uses 23 B channels and one D channel. In ISDN BRI, the D channel has a bandwidth of 16 kbps, whereas ISDN PRIs D channel has a bandwidth of 64 kbps. 2. Explain the function of the ISDN delta and bearer channels. The bearer channel is used to transport user data. This could be voice, video, or data that can consist of e-mails, FTP, or even Telnet traffic. The delta channel is for call setup and termination. It also provides out-of-band signaling. 3. Explain the difference between in-band and out-of-band signaling. Out-of-band signaling is when call setup and termination are done on a channel separate from the channel used to transport data. ISDN is an example of out-of-band signaling, which is done on the delta channel. In-band signaling occurs where data transport and call setup and termination are all done on the same line. An example of in-band signaling is the Public Switched Telephone Network (PSTN).

Chapter 4: ISDN and DDR

131

ISDN Configuration
ISDN BRI must be configured with the switch type and SPIDs. The switch type can be configured in either global configuration mode or interface mode. You use global configuration mode when connecting to multiple switches that are of the same type. You use interface mode when connecting to multiple switches of different types. This requires the exact switch type to be configured on the appropriate interface. In global configuration mode, configure the switch type using the command isdn switch-type switch-type. You can set up two SPIDs on ISDN BRI, one for each B channel. Go into the BRI interface and enter isdn spid1 [spid-number] and isdn spid2 [spid-number]. In ISDN PRI, you must also configure the switch type. Specify in global configuration mode where the T1/E1 card is located with the command controller [t1 | e1] slot/port. This is similar to going into an interface. When inside controller mode, set the framing with either framing [sf | esf] when configuring T1 lines or framing [crc4 | no-crc4] for E1 lines. Also, inside controller mode, you must specify the signaling with the command linecode [ami | b8zs | hdb3]. To verify all configurations, use the commands show isdn active, show dialer, and show interface bri [slot/port].

Concept Questions
1. Explain the purpose of identifying the appropriate ISDN switch type. The purpose of a switch type is to establish communication between the carriers network and your network. Switch types vary depending on the country or part of the country in which you are located. Each switch type has different call setup requirements, making it impossible to connect when configured incorrectly. 2. Explain the function of a SPID. Each SPID represents a separate channel (bearer channel) in your carriers network. The number consists of a phone number and a carrier identifier. When interesting traffic turns the line on, the phone number associated with the SPID is dialed, and the call is placed. 3. What information appears when you enter the show isdn active command? The show isdn active command displays the number called and the time remaining on the call.

DDR Configuration
Dial-on-demand routing (DDR) is a method that allows the ISDN line to be triggered only when certain types of traffic, called interesting traffic, attempt to cross the line. This interesting traffic is filtered by a set of predetermined criteria set in a dialer list. When the line is turned on, all traffic can cross, even that considered boring. After all interesting traffic has finished crossing the ISDN line, the line terminates until the next batch of interesting traffic passes through. To specify what the interesting traffic will be, use the dialer-list command. For example, to allow all IP traffic to be considered interesting, you use the command dialer-list 1 protocol ip permit. You must apply the dialer list to the interface with the command dialer-group [list-number]. Legacy DDR is a basic method of setting up dialer characteristics that must be applied to an interface. Setting up legacy DDR requires configuring static routes and dialer information and predetermining interesting traffic. The dialer information consists of the dialer map, encapsulation, authentication, and idle timeout. To configure the dialer map, use the command dialer map [protocol] [next-hop-address] name [hostname] [dial-string] while inside the interface. Use the dialer idle-timeout command on the interface to specify when the line will disconnect after all interesting traffic has been transmitted.

132

WAN Technologies CCNA 4 Labs and Study Guide

A more flexible alternative to dialer maps is dialer profiles. Instead of statically configuring dialer parameters onto an interface and changing them every time the call setup requirements change, dialer profiles are automatically assigned to the interface every time the call requirements change. Create a dialer profile with the command interface dialer [number], and assign the profile with the encapsulation, an IP address, and a dialer string using the command dialer remote-name [name]. Go into the physical ISDN interface and use the command dialer pool-member [pool-number] priority [number] to make the interface part of a dialer pool. If multiple calls are placed simultaneously, the pool with the highest priority dials out first. Verify all DDR configurations with the commands show isdn status, show isdn active, and show dialer.

Concept Questions
1. Why is it better to use static routes rather than dynamic routes across an ISDN connection? Static routes are used rather than dynamic routes because they do not send periodic updates that can trigger the line and take away the cost-effectiveness of ISDN. 2. Explain the function of a SPID within a dialer map. The SPID identifies the actual phone line used in the carriers network that data will be sent across. It can also be called the circuit that establishes the connection from end to end. 3. Compare a dialer map to a dialer profile. A dialer map is a manual mapping of a destination to the circuit being used (SPID). A different dialer map must be configured for each location. Dialer profiles can be set for various locations with different criteria and applied to the ISDN interface. Dialer profiles are more scalable and flexible than dialer maps.

Chapter Review Questions


For multiple-choice questions 1 through 20, circle the correct answers. Some questions have more than one answer. 1. What are the benefits of ISDN? (Select three) A. Always-on connection B. C. Cost-effective Faster call setup and termination

D. Fiber connection E. Can transport video, voice, and data simultaneously 2. What set of protocols deal with ISDN telephone network standards? A. I protocols B. Q protocols C. IEEE protocols D. E protocols E. HDLC-derived protocols

Chapter 4: ISDN and DDR

133

3. Which channel in ISDN is used for call setup and termination? A. B channel B. D channel C. C channel D. BRI channel E. PRI channel 4. In North America, ISDN PRI uses 23 bearer channels and one delta channel to equal the bandwidth of a T1. What does this make ISDN PRI most efficient for? A. A substitute for using a T1 line B. A fallback in case the original line malfunctions C. No efficiency whatsoever D. Primary always-on connection 5. Which device in an ISDN connection is responsible for converting the four-wire signal to a two-wire digitized ISDN signal? A. TA B. TE1 C. NT2 D. NT1 E. TE2 6. What factors affect which switch type a private network will use on its ISDN router? (Select two) A. Switch type used by the carrier B. Protocols that are being run C. Country/region of the private network D. Whether the connection is BRI or PRI E. SPIDs being used 7. What modes on a router can a switch type be configured in? (Select two) A. Router> B. Router# C. Router(config)# D. Router(config-if)# E. Router(config-subif)# 8. On ISDN BRI, what is the maximum number of SPIDs you can configure per bearer channel? A. 1 B. C. 2 3

D. The SPID is configured for the BRI interface. E. None

134

WAN Technologies CCNA 4 Labs and Study Guide

9. What command enables you to make configurations when using ISDN PRI? A. Router(config)#interface pri slot/port B. Router(config)#interface t1/e1 slot/port C. Router(config)#controller pri slot/port D. Router(config)#controller t1/e1 slot/port E. Router(config)#interface pri t1/e1 10. What command shows the time remaining on an ISDN call? A. show isdn status B. C. show isdn active show interface bri0/0

D. debug isdn q921 E. show running-configuration 11. How do you configure DDR? (Select three) A. Determine interesting traffic with a dialer list. B. Set up static routes. C. Disable ISDN before setting up DDR. D. Set up dialer maps. E. DDR is on by default on Cisco routers. 12. When configuring dialer information, what are the requirements for setup? (Select three) A. Encapsulation B. Dialer maps C. Access lists D. Idle timeouts E. Static routes 13. What are some advantages of using dialer profiles over legacy DDR and dialer maps? (Select three) A. One ISDN interface can take on different characteristics based on the calls. B. You can configure each B channel on a different subnet. C. All aspects of dialer profiles are dynamic and do not have to be configured. D. Each B channel can have different DDR parameters. E. Dialer profiles have no advantages. 14. What command assigns an ISDN interface to a dialer pool? A. Router(config-if)#dialer pool-member number B. Router(config)#interface bri slot/port dialer-pool member number C. Router(config-if)#ip assign dialer pool-member number D. Router(config)#dialer pool-member number E. Router(config-if)#pool-member dialer number

Chapter 4: ISDN and DDR

135

15. Which command displays information about the BRI interfaces three layers? A. show isdn status B. C. show isdn active show interface bri0/0

D. debug isdn q921 E. debug isdn q931 16. What command helps troubleshoot call setup and termination? A. debug ppp error B. C. debug isdn q931 debug ppp negotiation

D. debug isdn q921 E. debug ppp authentication 17. What is the name of the reference point that connects the customers switching device and enables calls between the various types of customer premises equipment? A. R B. C. S T

D. U E. NT1 F. NT2 18. A dialer profile consists of which three elements? A. Dialer interface B. Dialer pool C. Virtual interface D. Physical interface E. Static routes F. Dynamic routes 19. What does an ISDN PRI use for T1/E1 connections? A. ISDN switch B. DTE C. DCE D. CSU/DSU E. LMI extensions 20. Each TE1 must be manually or statically assigned a unique identifier. What range of numbers is used when statically assigning an identifier to a TE1 device? A. 063 B. C. D. 163 64126 64128

136

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises
Curriculum Lab 4-1: Configuring ISDN BRI (U-Interface) (4.2.1)
Figure 4-1 Topology for Lab 4-1

Table 4-1

Lab Equipment Configuration Router Name Fast Ethernet0 Address/Subnet Mask BRI 0 Address Adtran Connection

Router Designation

Router 1

Ottawa

192.168.14.1/24

BRI 1

The enable secret password for this router is class. The enable, vty, and console password for this router is cisco. Objective

Configure an ISDN router to make a successful connection to a local ISDN switch.

Background/Preparation This lab assumes that a router with an ISDN BRI U interface is available. An Adtran Atlas550 ISDN emulator is used to simulate the ISDN switch and cloud. If an ISDN router is not available, review the lab and perform as many noninterface commands as possible. Cable a network that is similar to the one in Figure 4-1. You can use any router that meets the interface requirements in Figure 4-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C, Router Interface Summary Chart, to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E, Erasing and Reloading the Router, on all routers before you continue with this lab.

Task 1: Configure the Router


Configure the hostname, console, vty, and enable passwords according to Table 4-1.

Chapter 4: ISDN and DDR

137

Task 2: Verify the ISDN BRI Switch Type


Not all ISDN switch types are the same worldwide, so the first step is to configure the ISDN TE1 device (the router) to tell it what ISDN switch type is in use. The ISDN telco provider provides this information. In this case, the ISDN switch type, which the Adtran simulator supports, is National ISDN-1 (North America) and is configured on the router using the keyword basic-ni. To check the ISDN BRI status, issue the following command before you issue configuration commands:
Ottawa#show isdn status Ottawa#show isdn status **** No Global ISDN Switchtype currently defined **** ISDN BRI0 interface dsl 0, interface ISDN Switchtype = none Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x0 Number of L2 Discards = 0, L2 Session ID = 0 Total Allocated ISDN CCBs = 0

What is the Layer 1 status? Deactivated What is the ISDN switch type? None

Task 3: Specify the Switch Type


Step 1.

To specify the ISDN switch type, use the isdn switch-type command at the global configuration mode prompt. You can review the different switch types that are available by using the isdn switch-type ? command:
Ottawa#configure terminal Ottawa(config)#isdn switch-type ? Ottawa(config)#isdn switch-type ? basic-1tr6 1TR6 switch type for Germany basic-5ess AT&T 5ESS switch type for the U.S. basic-dms100 Northern DMS-100 switch type basic-net3 NET3 switch type for UK and Europe basic-ni National ISDN switch type basic-qsig QSIG switch type basic-ts013 TS013 switch type for Australia ntt NTT switch type for Japan vn3 VN3 and VN4 switch types for France

How many different switch types are available? 9


Step 2.

To configure the router to communicate with a National ISDN-1 switch type, enter the following:
Ottawa(config)#isdn switch-type basic-ni

138

WAN Technologies CCNA 4 Labs and Study Guide

Task 4: Verify the Switch Status


Check the state of the ISDN interface again:
Ottawa#show isdn status Ottawa#show isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: DEACTIVATED Layer 2 Status: Layer 2 NOT Activated Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x0 Number of L2 Discards = 0, L2 Session ID = 0 Total Allocated ISDN CCBs = 0

What is the Layer 1 status? Deactivated What is the ISDN switch type? basic-ni

Task 5: Activate the BRI Connection


Activate the ISDN BRI by using the no shutdown command at the interface configuration prompt:
Ottawa#configure terminal Ottawa(config)#interface bri 0 Ottawa(config-if)#no shutdown

Task 6: Review the Switch Status


At this stage, the ISDN BRI should be physically active, and one TEI should be negotiated. Enter the following command to review the switch status:
Ottawa#show isdn status Ottawa#show isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x80000003 Number of L2 Discards = 0, L2 Session ID = 0

Chapter 4: ISDN and DDR

139

Total Allocated ISDN CCBs = 0

What is the Layer 1 status? Active What is the ISDN switch type? basic-ni Has the Layer 2 status changed? Yes

Task 7: Configure the ISDN SPIDs


Depending on the region, you might have to specify ISDN SPIDs for the ISDN switch to respond to the ISDN TE1 correctly. The SPIDs that the Adtran simulator supports are specified as isdn spid1 and isdn spid2. To configure the SPIDs, issue the following commands:
Ottawa(config)#interface bri 0 Ottawa(config-if)#isdn spid1 51055510000001 5551000 Ottawa(config-if)#isdn spid2 51055510010001 5551001

Task 8: Review the Switch Status


Check the state of the ISDN interface again:
Ottawa#show isdn status

What does the output specify about SPID1?


TEI 64, ces = 1, state = 8(established) spid1 configured, spid1 NOT sent, spid1 NOT valid

What does the output specify about SPID2?


TEI Not Assigned, ces = 2, state = 1(terminal down) spid2 configured, spid2 NOT sent, spid2 NOT valid

If you examine this output carefully, you will see that the assigned SPID values have not been sent to the ISDN switch and have not been verified. This is because you specified them after the ISDN interface was enabled. To send the SPID values, you must reset the interface.

Task 9: Reset the Interface


To manually reset the ISDN BRI interface, issue the command clear interface bri 0. This command causes all ISDN parameters to be renegotiated. Issue the clear command on the router, and then check the ISDN interface status. SPID1 and SPID2 are sent and validated:
Ottawa#clear interface bri 0 Ottawa#show isdn status Ottawa#show isdn status Global ISDN Switchtype = basic-ni ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-ni Layer 1 Status: ACTIVE Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED TEI = 65, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED

140

WAN Technologies CCNA 4 Labs and Study Guide

TEI 64, ces = 1, state = 5(init) spid1 configured, spid1 sent, spid1 valid Endpoint ID Info: epsf = 0, usid = 70, tid = 1 TEI 65, ces = 2, state = 5(init) spid2 configured, spid2 sent, spid2 valid Endpoint ID Info: epsf = 0, usid = 70, tid = 2 Layer 3 Status: 0 Active Layer 3 Call(s) Active dsl 0 CCBs = 0 The Free Channel Mask: 0x80000003 Number of L2 Discards = 0, L2 Session ID = 1 Total Allocated ISDN CCBs = 0

Have SPID1 and SPID2 been sent and verified? Yes

Task 10: Save the Configuration and Reboot


Save the configuration and reboot the router. This time, verify that the ISDN interface has correctly negotiated with the ISDN switch. Review activity on the ISDN interface by using the show isdn active command:
Ottawa#copy running-config startup-config Ottawa#reload

Ottawa#show isdn active ! Note to instructor: This is sample output and may not be identical to that produced locally. Ottawa#show isdn active ---------------------------------------------------------------------------------------------------ISDN ACTIVE CALLS ---------------------------------------------------------------------------------------------------Call Calling Called Remote Seconds Seconds Seconds Charges Type Number Number Name Used Left Idle Units/Currency ---------------------------------------------------------------------------------------------------Out 6120 Ottawa 165 74 45 0

The history table has a maximum of how many entries? 100 The history table data is retained for how long? 15 minutes After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Router>enable Router#configure terminal

Chapter 4: ISDN and DDR

141

Router(config)# Router(config)#hostname Ottawa Ottawa(config)#enable password cisco Ottawa(config)#enable secret class Ottawa(config)#line console 0 Ottawa(config-line)#password cisco Ottawa(config-line)#login Ottawa(config-line)#exit Ottawa(config)#line vty 0 4 Ottawa(config-line)#password cisco Ottawa(config-line)#login Ottawa(config-line)#exit Ottawa(config)#interface bri 0 Ottawa(config-if)#isdn spid1 51055510000001 5551000 Ottawa(config-if)#isdn spid2 51055510010001 5551001 Ottawa(config-if)#no shutdown Ottawa(config-if)#exit Ottawa(config)#exit Ottawa#copy running-config startup-config

Curriculum Lab 4-2: Configuring Legacy DDR (4.3.2)


Figure 4-2 Topology for Lab 4-2

Table 4-2

Lab Equipment Configuration Router Name Fast Ethernet0 Address/Subnet Mask SPID Numbers Phone Numbers Adtran Connection

Router Designation

Router 1 Router 2

Tokyo Moscow

192.168.1.1/24 192.168.2.1/24

51055510000001 51055510010001 51055520000001 51055520010001

5551000 5551001 5552000 5552001

BRI 1 BRI 2

142

WAN Technologies CCNA 4 Labs and Study Guide

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. Objectives

Configure an ISDN router to make a legacy DDR call to another ISDN-capable router. When the DDR connection is made successfully, augment the configuration to specify that only HTTP traffic will bring up the link.

Background/Preparation In this lab, two ISDN routers are required. If ISDN routers are not available, review the lab to become familiar with the process. An Adtran Atlas550 ISDN emulator is used to simulate the switch/ISDN cloud. Cable a network that is similar to the one in Figure 4-2. You can use any router that meets the interface requirements in Figure 4-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Router


Configure the hostname, console, vty, and enable passwords according to Table 4-2. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Define the Switch Type and SPID Numbers


You must specify the switch type and SPID numbers on the routers:
Router(config)#hostname Tokyo Tokyo(config)#enable secret class Tokyo(config)#isdn switch-type basic-ni Tokyo(config)#interface fastethernet 0 Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0 Tokyo(config-if)#no shutdown Tokyo(config-if)#exit Tokyo(config)#interface bri 0 Tokyo(config-if)#isdn spid1 51055510000001 5551000 Tokyo(config-if)#isdn spid2 51055510010001 5551001 Tokyo(config-if)#no shutdown

Router(config)# hostname Moscow Moscow(config)# enable secret class Moscow(config)# isdn switch-type basic-ni Moscow(config)# interface fastethernet 0 Moscow(config-if)#ip address 192.168.2.1 255.255.255.0 Moscow(config-if)#no shutdown Moscow(config-if)#exit

Chapter 4: ISDN and DDR

143

Moscow(config)# interface bri 0 Moscow(config-if)#isdn spid1 51055520000001 5552000 Moscow(config-if)#isdn spid2 51055520010001 5552001 Moscow(config-if)#no shutdown

Task 3: Define the Static Routes for DDR


Step 1.

Use static and default routes rather than dynamic routing so that you can reduce the cost of the dialup connection. To configure a static route, you must know the network address of the network to be reached and the IP address of the next router on the path to this destination:
Moscow#configure terminal Moscow(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1

Tokyo#configure terminal Tokyo(config)#ip route 0.0.0.0 0.0.0.0 192.168.3.2

Step 2.

Execute the show ip route command to verify that the routes exist.

Task 4: Specify Interesting Traffic for DDR


Specify the traffic that will cause the DDR interface to dial up the remote router. For the moment, declare that all IP traffic is interesting. You do this by using the dialer-list command:
Tokyo#configure terminal Tokyo(config)#dialer-list 1 protocol ip permit Tokyo(config)#interface bri 0 Tokyo(config-if)#dialer-group 1 Tokyo(config-if)#end

Task 5: Configure the DDR Dialer Information for Router 1


Step 1.

Configure the correct dialer information necessary for the correct function of the dialer profile and dialer interface. This includes IP address information, PPP configuration, name, passwords, and dial number:
Tokyo#configure terminal Tokyo(config)#interface bri 0 Tokyo(config-if)#ip address 192.168.3.1 255.255.255.0

Step 2.

Configure the PPP information:


Tokyo#configure terminal Tokyo(config)#username Moscow password class Tokyo(config)#interface bri 0 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap

Step 3.

Configure the dial information:


Tokyo#configure terminal Tokyo(config)#interface bri 0 Tokyo(config-if)#dialer idle-timeout 120 Tokyo(config-if)#dialer map ip 192.168.3.2 name Moscow 5552000

144

WAN Technologies CCNA 4 Labs and Study Guide

Task 6: Configure the DDR Dialer Information for Router 2


Moscow#configure terminal Moscow(config)#dialer-list 1 protocol ip permit Moscow(config)#username Tokyo password class Moscow(config)#interface bri 0 Moscow(config-if)#ip address 192.168.3.2 255.255.255.0 Moscow(config-if)#dialer-group 1 Moscow(config-if)#encapsulation ppp Moscow(config-if)#ppp authentication chap Moscow(config-if)#dialer idle-timeout 120 Moscow(config-if)#dialer map ip 192.168.3.1 name Tokyo 5551000

Task 7: View the Tokyo Router Configuration


To view the configuration, use the show running-config command:
Tokyo#show running-config

What authentication is being used? CHAP What are the ISDN SPIDs on the Tokyo router? 51055510000001 5551000 and 51055510010001 5551001

Task 8: Verify the DDR Configuration


Step 1.

Generate some interesting traffic across the DDR link from the remote Moscow router to verify that connections are made correctly:
Tokyo#ping 192.168.2.1

Did the pings succeed? Yes


Step 2. Step 3.

If not, troubleshoot the router configuration. Use the show interface command and note that the output shows that the interface is spoofing. This provides a mechanism for the interface to simulate an active state for internal processes, such as routing, on the router. You can also use the show interface command to display information about the B channel:
Tokyo#show interface bri 0

Step 4.

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.

Chapter 4: ISDN and DDR

145

Curriculum Lab 4-3: Configuring Dialer Profiles (4.3.7)


Figure 4-3 Topology for Lab 4-3

Table 4-3

Lab Equipment Configuration Router Name Fast Ethernet0 Address with Subnet Mask SPID Numbers Phone Numbers Adtran Connection

Router Designation

Router 1 Router 2 Router 3

Tokyo Moscow Sydney

192.168.1.1/24 192.168.2.1/24 192.168.3.1/24

51055510000001 51055510010001 51055520000001 51055520010001 51055530000001 51055530010001

5551000 5551001 5552000 5552001 5553000 5553001

BRI 1 BRI 2 BRI 3

The enable secret password for all routers is class. The enable, vty, and console password for all routers is cisco. Objective

Configure ISDN dialer profiles on the routers, enabling a DDR call to be made from two remote routers simultaneously into a central ISDN BRI router.

Background/Preparation In this lab, three ISDN routers are required. If ISDN routers are not available, review the lab to become familiar with the process. An Adtran Atlas550 ISDN emulator is used to simulate the switch/ISDN cloud. Cable a network that is similar to the one in Figure 4-3. You can use any router that meets the interface requirements in Figure 4-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise.

146

WAN Technologies CCNA 4 Labs and Study Guide

Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Router


Configure the hostname, console, vty, and enable passwords according to Table 4-3. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Define the Switch Type and SPID Numbers


To configure the switch type and SPID numbers, use the following commands:
Router(config)#hostname Tokyo Tokyo(config)#enable secret class Tokyo(config)#isdn switch-type basic-ni Tokyo(config)#interface fastethernet 0 Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0 Tokyo(config-if)#no shutdown Tokyo(config-if)#exit Tokyo(config)#interface bri 0 Tokyo(config-if)#isdn spid1 51055510000001 5551000 Tokyo(config-if)#isdn spid2 51055510010001 5551001 Tokyo(config-if)#no shutdown

Router(config)#hostname Moscow Moscow(config)#enable secret class Moscow(config)#isdn switch-type basic-ni Moscow(config)#interface fastethernet 0 Moscow(config-if)#ip address 192.168.2.1 255.255.255.0 Moscow(config-if)#no shutdown Moscow(config-if)#exit Moscow(config)#interface bri 0 Moscow(config-if)#isdn spid1 51055520000001 5552000 Moscow(config-if)#isdn spid2 51055520010001 5552001 Moscow(config-if)#no shutdown

Router(config)#hostname Sydney Sydney(config)#enable secret class Sydney(config)#isdn switch-type basic-ni Sydney(config)#interface fastethernet 0 Sydney(config-if)#ip address 192.168.3.1 255.255.255.0 Sydney(config-if)#no shutdown Sydney(config-if)#exit Sydney(config)#interface bri 0 Sydney(config-if)#isdn spid1 51055530000001 5553000 Sydney(config-if)#isdn spid2 51055530010001 5553001 Sydney(config-if)#no shutdown

Chapter 4: ISDN and DDR

147

Task 3: Define the Static Routes for DDR


Use static and default routes rather than dynamic routing so that you can reduce the cost of the dialup connection. To configure a static route, you must know the network address of the network trying to be reached and the IP address of the next router on the path to this destination:
Moscow#configure terminal Moscow(config)#ip route 0.0.0.0 0.0.0.0 192.168.253.1

Sydney#configure terminal Sydney(config)#ip route 0.0.0.0 0.0.0.0 192.168.254.1

Tokyo#configure terminal Tokyo(config)#ip route 192.168.2.0 255.255.255.0 192.168.253.2 Tokyo(config)#ip route 192.168.3.0 255.255.255.0 192.168.254.2

Task 4: Specify Interesting Traffic for DDR


You must define traffic as interesting to cause the DDR interface to dial up the remote router. For the moment, declare that all IP traffic is interesting by using the dialer-list command:
Moscow(config)#dialer-list 1 protocol ip permit Moscow(config)#interface dialer 0 Moscow(config-if)#dialer-group 1

Sydney(config)#dialer-list 1 protocol ip permit Sydney(config)#interface dialer 0 Sydney(config-if)#dialer-group 1

Tokyo#configure terminal Tokyo(config)#dialer-list 1 protocol ip permit Tokyo(config)#interface dialer 1 Tokyo(config-if)#description The Profile for the Moscow router Tokyo(config-if)#dialer-group 1 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#description The Profile for the Sydney router Tokyo(config-if)#dialer-group 1

Task 5: Configure the DDR Dialer Information


Configure the correct dialer information that is necessary for the correct function of the dialer profile and dialer interface. This includes IP address information, PPP configuration, name, passwords, and dial number:
Tokyo(config)#interface dialer 1 Tokyo(config-if)#ip address 192.168.253.1 255.255.255.0 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#ip address 192.168.254.1 255.255.255.0 Tokyo(config-if)#interface bri 0 Tokyo(config-if)#encapsulation ppp

148

WAN Technologies CCNA 4 Labs and Study Guide

Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#exit Tokyo(config)#username Moscow password class Tokyo(config)#username Sydney password class

Moscow(config)#interface dialer 0 Moscow(config-if)#ip address 192.168.253.2 255.255.255.0 Moscow(config-if)#interface bri 0 Moscow(config-if)#encapsulation ppp Moscow(config-if)#ppp authentication chap Moscow(config-if)#interface dialer 0 Moscow(config-if)#encapsulation ppp Moscow(config-if)#ppp authentication chap Moscow(config-if)#no shutdown Moscow(config-if)#exit Moscow(config)#username Tokyo password class

Sydney(config)#interface dialer 0 Sydney(config-if)#ip address 192.168.254.2 255.255.255.0 Sydney(config-if)#interface bri 0 Sydney(config-if)#encapsulation ppp Sydney(config-if)#ppp authentication chap Sydney(config-if)#interface dialer 0 Sydney(config-if)#encapsulation ppp Sydney(config-if)#ppp authentication chap Sydney(config-if)#no shutdown Sydney(config-if)#exit Sydney(config)#username Tokyo password class

Task 6: Configure the Dialer Information


Next, you must configure the dial information to specify the remote name of the remote router in the dialer profile, and the dial string (phone number) to use to contact this remote device. Use the commands in the following steps to do this.
Step 1.

To configure the dial information on Tokyo, use the following:


Tokyo(config)#interface dialer 1 Tokyo(config-if)#dialer remote-name Moscow Tokyo(config-if)#dialer string 5552000 Tokyo(config-if)#dialer string 5552001

Chapter 4: ISDN and DDR

149

Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer remote-name Sydney Tokyo(config-if)#dialer string 5553000 Tokyo(config-if)#dialer string 5553001

Step 2.

To configure the dial information on Moscow, use the following:


Moscow(config-if)#interface dialer 0 Moscow(config-if)#dialer remote-name Tokyo Moscow(config-if)#dialer string 5551000 Moscow(config-if)#dialer string 5551001

Step 3.

To configure the dial information on Sydney, use the following:


Sydney(config-if)#interface dialer 0 Sydney(config-if)#dialer remote-name Tokyo Sydney(config-if)#dialer string 5551000 Sydney(config-if)#dialer string 5551001

Task 7: Associate the Dialer Profiles


Finally, associate the dialer profiles with the dialer interfaces that will be used, when needed. Create a dialer pool and put the interfaces and the associated dialer profiles in a common pool. The commands for doing this are as follows.
Step 1.

On Tokyo, the commands issued would be as follows:


Tokyo(config-if)#interface bri 0 Tokyo(config-if)#dialer pool-member 1 Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#dialer pool 1 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer pool 1

Step 2.

On Moscow, the commands issued would be as follows:


Moscow(config-if)#interface bri 0 Moscow(config-if)#dialer pool-member 1 Moscow(config-if)#interface dialer 0 Moscow(config-if)#dialer pool 1

Step 3.

Use the same commands to configure the Sydney router.

Task 8: Configure the Dialer Timeouts


Step 1.

Configure a dialer idle-timeout of 60 seconds for each of the dialer interfaces:


Tokyo(config)#interface dialer 1 Tokyo(config-if)#dialer idle-timeout 60 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer idle-timeout 60

Step 2.

Repeat these commands on Moscow and Sydney.

150

WAN Technologies CCNA 4 Labs and Study Guide

Task 9: View the Tokyo Router Configuration


To view the configuration, use the show running-config command:
Tokyo#show running-config Tokyo#show running-config Building configuration... Current configuration : 1535 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Tokyo ! enable secret 5 $1$.Tf2$ph3oCXloaQGXpguejZTIJ0 ! username Moscow password 0 class username Sydney password 0 class ip subnet-zero ! ! ! isdn switch-type basic-ni ! ! ! interface FastEthernet0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface Serial0 no ip address shutdown no fair-queue ! interface BRI0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055510000001 5551000 isdn spid2 51055510010001 5551001 ppp authentication chap !

Chapter 4: ISDN and DDR

151

interface FastEthernet1 no ip address shutdown duplex auto speed auto ! interface Serial1 no ip address shutdown ! interface Dialer1 description The Profile for the Moscow router ip address 192.168.253.1 255.255.255.0 encapsulation ppp dialer pool 1 dialer remote-name Moscow dialer idle-timeout 60 dialer string 5552000 dialer string 5552001 dialer-group 1 ppp authentication chap ! interface Dialer2 description The Profile for the Sydney router ip address 192.168.254.1 255.255.255.0 encapsulation ppp dialer pool 1 dialer remote-name Sydney dialer idle-timeout 60 dialer string 5553000 dialer string 5553001 dialer-group 1 ppp authentication chap ! ip classless ip route 192.168.2.0 255.255.255.0 192.168.253.2 ip route 192.168.3.0 255.255.255.0 192.168.254.2 ip http server ! dialer-list 1 protocol ip permit ! line con 0 password cisco login line aux 0 line vty 0 4

152

WAN Technologies CCNA 4 Labs and Study Guide

password cisco login ! end

How many username statements exist? 2 What authentication type is being used for PPP? CHAP Which sections of the configuration list the authentication type? Interface Dialer What are the dialer strings on the Tokyo router?
interface Dialer1 End string 5552000 dialer string 5552001 interface Dialer2 dialer string 5553000 dialer string 5553001

Task 10: Verify the DDR Configuration


Step 1.

Generate some interesting traffic across the DDR link from Moscow and Sydney to verify that connections are made correctly and that the dialer profiles are functioning:
Moscow#ping 192.168.1.1 Sydney#ping 192.168.1.1

Did the pings succeed? Yes


Step 2.

If not, troubleshoot the router configurations. What other information was displayed when the ping was issued? 00:25:01: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up 00:25:01: %DIALER-6-BIND: Interface BRI0:1 bound to profile Di0 00:25:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up

Step 3.

Use the show dialer command to see the reason for the call. This information is shown for each channel:
Tokyo#show dialer Tokyo#show dialer BRI0 - dialer type = ISDN Dial String Successes Failures Last DNIS Last status 0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback. BRI0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle BRI0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs)

Chapter 4: ISDN and DDR

153

Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Di1 - dialer type = DIALER PROFILE Idle timer (60 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Number of active calls = 0 Dial String Successes Failures Last DNIS Last status 5552000 0 0 never - Default 5552001 0 0 never - Default Di2 - dialer type = DIALER PROFILE Idle timer (60 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Number of active calls = 0 Dial String Successes Failures Last DNIS Last status 5553000 0 0 never - Default 5553001 0 0 never - Default Tokyo#

Which dialer strings are associated with Dialer1? 555-2000, 555-2001 What is the last status for dial string 5553000 in the Dialer2 readout? None
Step 4.

Use the show interface command and note that the output shows that the interface is spoofing. This provides a mechanism for the interface to simulate an active state for internal processes, such as routing, on the router. You can also use the show interface command to display information about the B channel:
Tokyo#show interface bri 0 Tokyo#show interface bri 0 BRI0 is up, line protocol is up (spoofing) Hardware is PQUICC BRI with U interface MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Last input 00:00:01, output never, output hang never Last clearing of show interface counters 00:28:42 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/16 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 48 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 365 packets input, 1549 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 362 packets output, 1522 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets

154

WAN Technologies CCNA 4 Labs and Study Guide

0 output buffer failures, 0 output buffers swapped out 8 carrier transitions

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! Tokyo Tokyo#configure terminal Tokyo(config)#hostname Tokyo Tokyo(config)#enable secret class Tokyo(config)#isdn switch-type basic-ni Tokyo(config)#interface fastethernet 0 Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0 Tokyo(config-if)#no shutdown Tokyo(config-if)#exit Tokyo(config)#interface bri 0 Tokyo(config-if)#isdn spid1 51055510000001 5551000 Tokyo(config-if)#isdn spid2 51055510010001 5551001 Tokyo(config-if)#no shutdown Tokyo(config-if)#exit Tokyo(config-if)#ip route 192.168.2.0 255.255.255.0 192.168.253.2 Tokyo(config)#ip route 192.168.3.0 255.255.255.0 192.168.254.2 Tokyo(config)#dialer-list 1 protocol ip permit Tokyo(config)#interface dialer 1 Tokyo(config-if)#description The Profile for the Moscow router Tokyo(config-if)#dialer-group 1 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#description The Profile for the Sydney router Tokyo(config-if)#dialer-group 1 Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#ip address 192.168.253.1 255.255.255.0 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#ip address 192.168.254.1 255.255.255.0 Tokyo(config-if)#interface bri 0 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#encapsulation ppp Tokyo(config-if)#ppp authentication chap Tokyo(config-if)#exit Tokyo(config)#username Moscow password class Tokyo(config)#username Sydney password class Tokyo(config)#interface dialer 1 Tokyo(config-if)#dialer remote-name Moscow Tokyo(config-if)#dialer string 5552000 Tokyo(config-if)#dialer string 5552001 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer remote-name Sydney

Chapter 4: ISDN and DDR

155

Tokyo(config-if)#dialer string 5553000 Tokyo(config-if)#dialer string 5553001 Tokyo(config-if)#exit Tokyo(config-if)#interface bri 0 Tokyo(config-if)#dialer pool-member 1 Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#dialer pool 1 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer pool 1 Tokyo(config-if)#exit Tokyo(config-if)#interface dialer 1 Tokyo(config-if)#dialer idle-timeout 60 Tokyo(config-if)#interface dialer 2 Tokyo(config-if)#dialer idle-timeout 60 Tokyo(config-if)#exit Tokyo(config)#exit Tokyo#copy running-config startup-config

! Moscow Router#configure terminal Router(config)#hostname Moscow Moscow(config)#enable secret class Moscow(config)#isdn switch-type basic-ni Moscow(config)#interface fastethernet 0 Moscow(config-if)#ip address 192.168.2.1 255.255.255.0 Moscow(config-if)#no shutdown Moscow(config-if)#exit Moscow(config)#interface bri 0 Moscow(config-if)#isdn spid1 51055520000001 5552000 Moscow(config-if)#isdn spid2 51055520010001 5552001 Moscow(config-if)#no shutdown Moscow(config-if)#exit Moscow(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.253.1 Moscow(config)#dialer-list 1 protocol ip permit Moscow(config)#interface dialer 0 Moscow(config-if)#dialer-group 1 Moscow(config-if)#exit Moscow(config-if)#interface dialer 0 Moscow(config-if)#ip address 192.168.253.2 255.255.255.0 Moscow(config-if)#interface bri 0 Moscow(config-if)#encapsulation ppp Moscow(config-if)#ppp authentication chap Moscow(config-if)#interface dialer 0 Moscow(config-if)#encapsulation ppp Moscow(config-if)#ppp authentication chap Moscow(config-if)#no shutdown Moscow(config-if)#exit Moscow(config)#username Tokyo password class

156

WAN Technologies CCNA 4 Labs and Study Guide

Moscow(config)#interface dialer 0 Moscow(config-if)#dialer remote-name Tokyo Moscow(config-if)#dialer string 5551000 Moscow(config-if)#dialer string 5551001 Moscow(config-if)#exit Moscow(config-if)#interface bri 0 Moscow(config-if)#dialer pool-member 1 Moscow(config-if)#interface dialer 0 Moscow(config-if)#dialer pool 1 Moscow(config-if)#exit Moscow(config)#exit Moscow#copy running-config startup-config

! Sydney Router#configure terminal Router(config)#hostname Sydney Sydney(config)#enable secret class Sydney(config)#isdn switch-type basic-ni Sydney(config)#interface fastethernet 0 Sydney(config-if)#ip address 192.168.3.1 255.255.255.0 Sydney(config-if)#no shutdown Sydney(config-if)#exit Sydney(config)#interface bri 0 Sydney(config-if)#isdn spid1 51055530000001 5553000 Sydney(config-if)#isdn spid2 51055530010001 5553001 Sydney(config-if)#no shutdown Sydney(config-if)#exit Sydney(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.254.1 Sydney(config)#dialer-list 1 protocol ip permit Sydney(config)#interface dialer 0 Sydney(config-if)#dialer-group 1 Sydney(config-if)#exit Sydney(config)#interface dialer 0 Sydney(config-if)#ip address 192.168.254.2 255.255.255.0 Sydney(config-if)#interface bri 0 Sydney(config-if)#encapsulation ppp Sydney(config-if)#ppp authentication chap Sydney(config-if)#interface dialer 0 Sydney(config-if)#encapsulation ppp Sydney(config-if)#ppp authentication chap Sydney(config-if)#no shutdown Sydney(config-if)#exit Sydney(config)#username Tokyo password class Sydney(config)#interface dialer 0 Sydney(config-if)#dialer remote-name Tokyo

Chapter 4: ISDN and DDR

157

Sydney(config-if)#dialer string 5551000 Sydney(config-if)#dialer string 5551001 Sydney(config-if)#exit Sydney(config)#interface bri 0 Sydney(config-if)#dialer pool-member 1 Sydney(config-if)#interface dialer 0 Sydney(config-if)#dialer pool 1 Sydney(config-if)#exit Sydney(config)#exit Sydney#copy running-config startup-config

Challenge Lab 4-4: Configuring Dialer Maps and Dialer Profiles


You are hired as a consultant for a company that has three remote locations: Mo, Larry, and Curley. The task at hand is to set up ISDN across their WAN and the addressing on their internal network. The company wants you to use dialer maps on the Larry and Curley routers pointing to the Mo router. The Mo router will use dialer profiles pointing to the Larry and Curley routers. This lab challenges your ability to configure dialer profiles and dialer maps in an ISDN environment. Figure 4-4 presents the topology for this lab.
Figure 4-4 ISDN Challenge Lab Topology

Internet 172.16.0.1/24 Lo0

MO
BRI 1/0 180.78.15.1/30 194.65.14.1/30

Dialer Profiles ISDN


BRI 1

Switch A

fa0/1 fa0/0

BRI 1/0

Larry

180.78.15.2/30

BRI 2

Dialer Map
Larry LAN Addresses 192.168.100.0/24

ISDN Cloud (Adtran)

BRI 3

BRI 1/0 194.65.14.2/30

fa0/1

Curley Dialer Map

fa0/0

Switch B

Curley LAN Addresses 193.168.100.0/24 Service Profile Identifiers: Mo BRI/1: SPID 1 5105551000 SPID 2 5105551001

Larry BRI/2: SPID 1 5105552000 SPID 2 5105552001 Curley BRI/3: SPID 1 5105553000 SPID 2 5105553001

158

WAN Technologies CCNA 4 Labs and Study Guide

Task 1: Physical
Connect and configure the devices as shown in Figure 4-4.

Task 2: Logical Mo
Step 1.

Configure router Mo with encapsulation PPP on the BRI interface using CHAP authentication and Multilink. Configure dialer profiles. Configure two dialer interfaces each using two dialer strings and given IP addresses (SPIDs remain in dialer-pool 1). Configure usernames and passwords:

Step 2. Step 3.

Step 4.

Username Larry password 0 cisco. Username Curley password 0 cisco.

Step 5. Step 6. Step 7.

Permit both dialer lists. Configure router Mo with switch type basic-ni. Configure static routes to Larry and Curley dialer interfaces and to SwitchA and SwitchB LANs. Create access lists permitting both switched networks and the loopback on Mo.

Step 8.

Task 3: Logical Larry


Step 1.

Configure Larry with encapsulation PPP on the BRI interface using CHAP authentication and Multilink. Use switch type basic-ni. Create dialer 0 to use the IP address 180.78.15.2 /30. Include dialer-pool, dialer-group, and permit dialer-list. Configure Larrys BRI using the appropriate SPIDs. Make sure that both B channels are used simultaneously. Configure username and password to Mo with password cisco. Configure interface fa0/0 on Larry with IP address 192.168.100.1 /24. Configure static routes to the Curley LAN and Mos loopback. Configure a default route out of BRI1/0.

Step 2. Step 3.

Step 4. Step 5. Step 6. Step 7. Step 8. Step 9.

Task 4: Logical Curley


Step 1.

Configure Curley with encapsulation PPP on the BRI interface using CHAP authentication and Multilink. Create dialer 0 with given IP address 194.65.14.2 /30. Include dialer-pool, dialer-group, and permit dialer-list. Configure the BRI interface with the appropriate SPIDs. Configure username and password to Mo with password class. Configure interface fa0/0 with an IP address of 193.168.100.1 /24.

Step 2.

Step 3. Step 4. Step 5.

Chapter 4: ISDN and DDR

159

Step 6. Step 7.

Configure static routes to the Larry LAN and to the loopback on Mo. Configure a default route out of BRI 1/0.

Task 5: Switches
Configure each switch with an IP address and appropriate default gateway for its network.

Task 6: Verification
This lab is complete when you can ping every interface shown in Figure 4-4.
Mo#show running-config Building configuration...

Current configuration : 1709 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Mo ! enable secret 5 $1$0usK$RscXAJFH74Osj7ahj2Qqo. ! username Larry password 0 cisco username Curley password 0 class memory-size iomem 25 ip subnet-zero ! ! isdn switch-type basic-ni ! ! ! interface Loopback0 ip address 172.16.0.1 255.255.255.0 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 no ip address shutdown no fair-queue

160

WAN Technologies CCNA 4 Labs and Study Guide

! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055510000001 5551000 isdn spid2 51055510010001 5551001 ppp authentication chap ppp multilink ! interface Dialer0 ip address 180.78.15.1 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name Larry dialer string 5552000 dialer string 5552001 dialer-group 1 ppp authentication chap ! interface Dialer1 ip address 194.65.14.1 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name Curley dialer string 5553000 dialer string 5553001 dialer-group 2 ppp authentication chap ! ! ip classless ip route 180.78.15.0 255.255.255.252 180.78.15.2 ip route 192.168.100.0 255.255.255.0 180.78.15.2 ip route 193.168.100.0 255.255.255.0 194.65.14.2 ip route 194.65.14.0 255.255.255.252 194.65.14.2 no ip http server ! ! dialer-list 1 protocol ip permit dialer-list 2 protocol ip permit

Chapter 4: ISDN and DDR

161

! line con 0 line aux 0 line vty 0 4 ! no scheduler allocate end

Larry#show running-config Building configuration...

Current configuration : 1097 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Larry ! enable secret 5 $1$5Jud$6ua9o9Z58aEpWAepfy0x1. ! username Mo password 0 cisco ip subnet-zero ! ! isdn switch-type basic-ni ! ! ! interface FastEthernet0/0 ip address 192.168.100.1 255.255.255.0 speed auto speed auto ! interface Serial0/0 no ip address shutdown ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address

162

WAN Technologies CCNA 4 Labs and Study Guide

encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055520000001 5552000 isdn spid2 51055520010001 5552001 ppp authentication chap ppp multilink ! interface Dialer0 ip address 180.78.15.2 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name Mo dialer string 5551000 dialer-group 1 ppp authentication chap ! ip classless ip route 0.0.0.0 0.0.0.0 BRI1/0 ip route 172.16.0.0 255.255.255.0 180.78.15.1 ip route 193.168.100.0 255.255.255.0 180.78.15.1 no ip http server ! ! dialer-list 1 protocol ip permit ! line con 0 line aux 0 line vty 0 4 ! no scheduler allocate end

Curley#show running-config Building configuration...

Current configuration : 1133 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Curley !

Chapter 4: ISDN and DDR

163

enable secret 5 $1$rNMq$pgKhyff67/X.hYe9ejz4c0 ! username Mo password 0 class memory-size iomem 25 ip subnet-zero ! ! isdn switch-type basic-ni ! ! ! interface FastEthernet0/0 ip address 193.168.100.1 255.255.255.0 speed auto ! interface Serial0/0 no ip address shutdown no fair-queue ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055530000001 5553000 isdn spid2 51055530010001 5553001 ppp authentication chap ppp multilink ! interface Dialer0 ip address 194.65.14.2 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name ISP dialer string 5551001 dialer-group 1 ppp authentication chap ! ip classless ip route 0.0.0.0 0.0.0.0 BRI1/0 ip route 172.16.0.0 255.255.255.0 194.65.14.1

164

WAN Technologies CCNA 4 Labs and Study Guide

ip route 192.168.100.0 255.255.255.0 194.65.14.1 no ip http server ! ! dialer-list 1 protocol ip permit ! line con 0 line aux 0 line vty 0 4 ! no scheduler allocate end

SwitchA#show running-config Building configuration...

Current configuration : 1476 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchA ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4

Chapter 4: ISDN and DDR

165

no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 no ip address ! interface FastEthernet0/7 no ip address ! interface FastEthernet0/8 no ip address ! interface FastEthernet0/9 no ip address ! interface FastEthernet0/10 no ip address ! interface FastEthernet0/11 no ip address ! interface FastEthernet0/12 no ip address ! interface FastEthernet0/13 no ip address ! interface FastEthernet0/14 no ip address ! interface FastEthernet0/15 no ip address ! interface FastEthernet0/16 no ip address ! interface FastEthernet0/17 no ip address ! interface FastEthernet0/18 no ip address ! interface FastEthernet0/19 no ip address

166

WAN Technologies CCNA 4 Labs and Study Guide

! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.100.2 255.255.255.0 no ip route-cache ! ip default-gateway 192.168.100.1 ip http server ! ! line con 0 line vty 5 15 ! end

SwitchB#show running-config Building configuration...

Current configuration : 1476 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchB ! ! ip subnet-zero !

Chapter 4: ISDN and DDR

167

! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 no ip address ! interface FastEthernet0/7 no ip address ! interface FastEthernet0/8 no ip address ! interface FastEthernet0/9 no ip address ! interface FastEthernet0/10 no ip address ! interface FastEthernet0/11 no ip address ! interface FastEthernet0/12 no ip address ! interface FastEthernet0/13 no ip address ! interface FastEthernet0/14

168

WAN Technologies CCNA 4 Labs and Study Guide

no ip address ! interface FastEthernet0/15 no ip address ! interface FastEthernet0/16 no ip address ! interface FastEthernet0/17 no ip address ! interface FastEthernet0/18 no ip address ! interface FastEthernet0/19 no ip address ! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 193.168.100.2 255.255.255.0 no ip route-cache ! ip default-gateway 193.168.100.1 ip http server ! ! line con 0 line vty 5 15 ! end

CHAPTER 5

Frame Relay

The Study Guide portion of this chapter uses a combination of fill-in-the-blank, multiple-choice, and openended question exercises to test your knowledge of the theory of Frame Relay terminology, bandwidth, and flow control. This chapter also discusses the importance of Frame Relay addressing, map statements, and the use of Inverse Address Resolution Protocol (ARP) and Local Management Interface (LMI) operation. The Lab Exercises portion of this chapter includes all the online curriculum labs and three challenge labs to ensure that you have mastered the practical, hands-on skills needed for Frame Relay maps, subinterface configuration, and troubleshooting.

170

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
Frame Relay Concepts
Frame Relay is a standalone packet-switched technology that operates using virtual circuits to connect LANs across a cloud. It uses switched virtual circuits (SVCs) (less common) and permanent virtual circuits (PVCs), which the carrier preconfigures, to join locations. Frame Relay also provides no error-checking technology, because it was designed to run on digital, high-quality lines. A Frame Relay edge router may have multiple PVCs toward different locations and labels each one with a data-link connection identifier (DLCI). Each PVC has its own set amount of bandwidth inside the cloud; this is called the committed information rate (CIR), which is the method of flow control for Frame Relay. Commonly, Frame Relay networks are set up in either star (hub-and-spoke), Frame Relay star, full-mesh, or partial-mesh topologies. In a star topology, all the edge routers connect to a central location, as opposed to a Frame Relay star, where the edge routers connect to a cloud. Mesh and partial-mesh topologies connect every location, or at least most of them, to one another. Local Management Interfaces (LMI) extensions are also provided with Frame Relay to reduce the transfer delay between two locations. LMIs include mechanisms to keep track of keepalive messages and VC status and a mechanism with flow control; LMI types are Cisco, Q933a, and ANSI. LMIs combined with Inverse ARP allow a router to associate a DLCI with a network layer address; this allows the router to learn PVCs dynamically.

Concept Questions
1. Compare a PVC to an SVC. A PVC is a temporary connection brought up in the carriers cloud when communication with a remote site is initiated. The connection is considered permanent because data takes the same path to and from each location every time. An SVC is a switched connection that is not mapped inside the carriers network and that takes a different path each time data is sent between locations. It is treated as a one-time connection. 2. LMI is a signaling standard that allows DTEs to dynamically acquire information about a networks status. Keepalive messages are one example of status messages that are sent. Explain how routers use keepalive messages. Keepalive messages allow connecting devices to know that the link is active. When no keepalives are received, the connecting devices view the link as inactive or down. 3. Explain how a DLCI is used to route Frame Relay traffic. A DLCI is used to identify a virtual circuit between a CPE and the Frame Relay switch. The Frame Relay switch maps the DLCI to a circuit between two remote routers to provide a permanent thoroughfare between them.

Configuring Frame Relay


To configure Frame Relay, go into the serial interface connected to the frame cloud or frame switch and enter encapsulation frame-relay [cisco | ietf]. cisco is the default encapsulation and should be used only if youre connecting to another Cisco router. You should use the ietf encapsulation option when connecting non-Cisco routers. You can also set the LMI type with the command frame-relay lmi-type [cisco | q933a | ansi]. This is not necessary for Cisco IOS Software Release 11.2 and later, because LMI types are automatically discovered.

Chapter 5: Frame Relay

171

You might need to statically configure a Frame Relay map with the command frame-relay map [protocol] [network address] [dlci] broadcast when Inverse ARP is not available on the router. The broadcast keyword allows routing updates to be sent across the cloud. The use of a subinterface enables you to use one interface to connect multiple locations, avoiding the need to purchase more equipment. Each subinterface can be set up as a point-to-point or point-to-multipoint interface (interface serial [number]/ [number].[subinterface number] [point-to-point | point-to-multipoint]). Point-to-point is used when each subinterface will act as point-to-point connection to another interface. The subinterfaces must also be on the same subnet, separate from others. A point-to-multipoint interface is used when connecting multiple locations. In this case, all connecting interfaces must be on the same subnet. To verify the configurations, you can use the show frame-relay map and show frame-relay pvc commands to display PVC information. To clear out any dynamically learned maps, use the command clear frame-relay inarp.

Concept Questions
1. Explain why using subinterfaces resolves the split-horizon issue without your having to disable the feature. Split horizon prevents routing updates from being sent across the same interface in which they were received. Turning this feature off increases the chances of a routing loop occurring. Subinterfaces are logical subdivisions of a physical interface. This allows each subinterface to look as though it is a separate physical interface, therefore allowing the update to be sent. 2. Forward explicit congestion notification (FECN) and backward explicit congestion notification (BECN) are used for traffic shaping. Explain each ones purpose and how they are used to notify devices of congestion. FECNs are sent to the destination device, indicating that congestion has occurred. BECNs are sent to the transmitting router, instructing it to reduce the rate at which it is sending packets into the Frame Relay network. Traffic shaping must be configured for the router to respond to BECN notification. 3. You are troubleshooting a Frame Relay network that is not functioning. What commands can you use to determine the cause of the problem, and what information do these commands display? show interface serial 0 displays the following:

Encapsulation, Layer 1 and 2 information, DLCI and LMI information

show frame-relay pvc displays the following:


The status of each configured VC Traffic statistics BECN and FECN packets received by the router

show frame-relay map displays the following:


Current map entries The IP address of the remote router and the DLCI it is mapped to Connection status

show frame-relay lmi displays the following:


LMI traffic statistics The number of status messages exchanged between the router and Frame Relay switch

172

WAN Technologies CCNA 4 Labs and Study Guide

Chapter Review Questions


For multiple-choice questions 1 through 20, circle the correct answers. Some questions have more than one answer. 1. Which of the following are valid Frame Relay LMI types? (Select three) A. Cisco B. C. Q921 Q931

D. Q933a E. ANSI F. IETF G. Annex A H. Annex D 2. Which of the following are true of point-to-point subinterfaces? (Select all that apply) A. They are used to establish one PVC connection. B. They are used to establish multiple PVC connections. C. Each pair of point-to-point routers requires its own subnet. D. All participating interfaces are in the same subnet. E. The split-horizon rule does not apply to routing update traffic. 3. DLCI numbers range from 0 through 1023. What range of numbers is available to subscribers? A. B. C. 01023 115 and 10081022 9921007

D. 16991 4. When a Frame Relay switch notices its queue increasing, what does it use to reduce the flow of frames it receives? A. Explicit correction notifications B. Error correction notifications C. Explicit congestion notifications D. Error congestion notifications 5. What command enables you to configure the local DLCI on the subinterface? A. Router(config)#frame-relay interface dlci [number] B. Router(config-if)#frame-relay interface dlci [number] C. Router(config)#frame relay interface-dlci [number] D. Router(config-subif)#frame-relay interface-dlci [number] 6. Which of the following are true of the Local Management Interface? (Select all that apply) A. Cisco IOS Software Release 11.2 or later allows the router to automatically determine the LMI type used by the switch. B. It is used between the DCE and the Frame switch in the carriers network. C. It is used between the DTE and the Frame switch in the carriers network. D. It can be used only with Inverse ARP enabled.

Chapter 5: Frame Relay

173

7. Which of the following are displayed when you use the command show frame-relay lmi? (Select two) A. LMI type B. DLCI number C. The number of status messages sent and received between the router and the Frame switch D. Current map entries and their status E. The number of status messages sent and received for each configured PVC 8. When you configure Frame Relay subinterfaces, which of the following must not be configured? A. Frame Relay encapsulation on the physical interface B. The DLCI numbers on the subinterface C. The subinterface type as multipoint D. The IP address on the physical interface E. The IP address on the subinterface 9. What would be the result if the broadcast keyword at the end of the following command line were omitted?
frame-relay map ip 131.108.123.1 100 broadcast

A. Routing updates would be forwarded. B. Routing updates would not be forwarded. C. The statement would be broadcast to all other routers in the frame network. D. The router would be prevented from becoming a broadcast firewall. 10. Which of the following solve the split-horizon quandary in a Frame Relay environment with multiple connections over a single physical interface? (Select two) A. Partial-mesh topology B. C. Full-mesh topology Subinterfaces

D. Point-to-point topology 11. Which of the following are true of multipoint subinterfaces? (Select all that apply) A. They are used to establish one PVC connection. B. They are used to establish multiple PVC connections. C. Each pair of point-to-point routers requires its own subnet. D. All participating interfaces are in the same subnet. E. The split-horizon rule does not apply to routing update traffic. F. The split-horizon rule is applied because the subinterface acts like an NBMA interface.

12. What two methods allow a router to associate network layer and data link layer addresses? A. Inverse ARP with LMI messages B. Inverse RARP C. Reverse ARP D. Frame Relay map E. DLCI status messages F. FECN G. BECN

174

WAN Technologies CCNA 4 Labs and Study Guide

13. What is used to distinguish between various PVCs on a single line? A. LMI B. LAPF C. DLCI D. LAPD 14. What are DLCI 0 and DLCI 1023 reserved for? A. Cisco LMI type is 0, and Q933a LMI type is 1023. B. Q933a LMI type is 0, and Cisco LMI type is 1023. C. Cisco LMI type is 0, and Q931 LMI type is 1023. D. IETF LMI type is 0, and Cisco LMI type is 1023. 15. Which of the following are true of DLCI values? (Select three) A. They have local significance. B. They have global significance. C. They are unique to the physical channel on which they reside. D. Different DLCI values can be used at each end to refer to the same VC. E. DLCI values must be the same on each end when referring to the same VC. 16. How does a switch identify frames that exceed the CIR? A. DE B. FECN C. BECN D. LAPF 17. What are the possible connection states that a VC could be in when using the show frame-relay pvc command? (Select three) A. Active B. Passive C. Inactive D. Deleted E. Unknown 18. When configuring Frame Relay, what can you do to prevent split-horizon problems? (Select two) A. Use a physical interface to route traffic for multiple PVCs. B. Configure a separate subinterface for each PVC. C. Configure a separate subinterface for multiple PVCs. D. Disable split horizon.

Chapter 5: Frame Relay

175

19. Most ISPs disable the use of Inverse ARP in their networks. What command is the alternative solution when they cannot be dynamically mapped? A. frame-relay inverse-arp B. C. frame-relay map frame-relay interface-type

D. frame-relay ip map 20. Which of the following appear when you use the show frame-relay pvc command? (Select all that apply) A. Status of each configured connection B. Traffic statistics C. IP address of the remote location D. Map entries E. The number of FECN and BECN entries received by the router

176

WAN Technologies CCNA 4 Labs and Study Guide

Lab Exercises
Curriculum Lab 5-1: Configuring Frame Relay (5.2.1)
Figure 5-1 Topology for Lab 5-1

Table 5-1

Lab Equipment Configuration Router Name Fast Ethernet 0 Address/Subnet Mask Adtran Connection

Router Designation

Router 1

Cork

192.168.14.1/24

1/1

The enable secret password for this router is class. The enable, vty, and console password for this router is cisco. Objective

Configure a router to establish a connection to a local Frame Relay switch.

Background/Preparation This lab uses an Adtran Atlas550 Frame Relay to simulate the Frame Relay switch/cloud. The Cork Wholesale Food Company has just had a Frame Relay circuit installed to its local central office (CO) by the telco carrier. The network administrator must confirm that the router and Frame Relay switch can communicate successfully. Cable a network that is similar to the one in Figure 5-1. You can use any router that meets the interface requirements in Figure 5-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C, Router Interface Summary Chart, to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E, Erasing and Reloading the Router, on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 5-1. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Chapter 5: Frame Relay

177

Task 2: Configure the Serial Interface


Step 1.

In Frame Relay, the customer router is considered to be the DTE device. To configure the serial interface, you must define the Layer 2 Frame Relay frame type. To configure the frame type, use the following commands:
Cork#configure terminal Cork(config)#interface serial 0 Cork(config-if)#encapsulation frame-relay IETF

Step 2.

Next, you need to configure the format of the Frame Relay management protocol. To configure the Local Management Interface (LMI) type, use the following commands:
Cork(config-if)#frame-relay lmi-type ansi Cork(config-if)#no shutdown Cork(config-if)#ctrl+z

Task 3: Verify the Frame Relay Configuration


To verify the configuration, use the show interface commands that are related to Frame Relay. To view the serial interface configuration, enter the following command:
Cork#show interface serial 0 Serial0 is up, line protocol is up Hardware is PowerQUICC Serial MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY IETF, loopback not set Keepalive set (10 sec) LMI enq sent 7, LMI stat recvd 7, LMI upd recvd 0, DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:04, output 00:00:04, output hang never Last clearing of show interface counters 00:01:34 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 7 packets input, 128 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 7 packets output, 98 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

178

WAN Technologies CCNA 4 Labs and Study Guide

What is the state of the interface? Serial 0 is up, line protocol is up. What is the encapsulation type? frame-relay ietf What state is the DTE LMI in? Up What is the LMI type? ANSI Annex D

Task 4: Review Switch Assignments


To verify that the DLCIs are defined on the switch, use show frame-relay pvc. The DLCIs are learned by the router via LMI and can be viewed:
Cork#show frame-relay pvc Cork#show frame-relay pvc PVC Statistics for interface Serial0 (Frame Relay DTE) Active Inactive Deleted Static Local 0 0 0 0 Switched 0 0 0 0 Unused 0 3 0 0 DLCI = 102, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE = Serial0 input pkts 0 output pkts 0 in bytes 0 out bytes 0 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 switched pkts 0 Detailed packet drop counters: no out intf 0 out intf down 0 no out PVC 0 in PVC down 0 out PVC down 0 pkt too big 0 shaping Q full 0 pkt above DE 0 policing drop 0 pvc create time 00:02:30, last time pvc status changed 00:02:30 DLCI = 103, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE = Serial0 input pkts 0 output pkts 0 in bytes 0 out bytes 0 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 switched pkts 0 Detailed packet drop counters: no out intf 0 out intf down 0 no out PVC 0 in PVC down 0 out PVC down 0 pkt too big 0 shaping Q full 0 pkt above DE 0 policing drop 0 pvc create time 00:02:31, last time pvc status changed 00:02:31

Chapter 5: Frame Relay

179

DLCI = 104, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE = Serial0 input pkts 0 output pkts 0 in bytes 0 out bytes 0 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 switched pkts 0 Detailed packet drop counters: no out intf 0 out intf down 0 no out PVC 0 in PVC down 0 out PVC down 0 pkt too big 0 shaping Q full 0 pkt above DE 0 policing drop 0 pvc create time 00:02:32, last time pvc status changed 00:02:32

What DLCI numbers are available on the switch? 102, 103, 104 What is the PVC status of the first DLCI? Inactive

Task 5: Check the Frame Relay Map


The output from the show frame-relay map command shows that none of the DLCIs defined on the switch are in use. The PVC is inactive, and there is no current mapping between the Layer 2 DLCI and Layer 3 IP address. Why is this? There is no output because there is no mapping between the DLCI and IP. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! Cork Router#configure terminal Router(config)#hostname Cork Cork(config)#enable password cisco Cork(config)#enable secret class Cork(config)#line con 0 Cork(config-line)#password cisco Cork(config-line)#login Cork(config-line)#line vty 0 4 Cork(config-line)#password cisco Cork(config-line)#login Cork(config-line)#exit Cork(config)#exit Cork#copy running-config startup-config Cork Frame Relay Configuration Cork#configure terminal Cork(config)#interface serial 0 Cork(config-if)#encapsulation frame-relay ietf Cork(config-if)#frame-relay lmi-type ansi

180

WAN Technologies CCNA 4 Labs and Study Guide

Cork(config-if)#no shutdown Cork(config-if)#exit Cork(config)#exit Cork#copy running-config startup-config

Curriculum Lab 5-2: Configuring Frame Relay PVC (5.2.2)


Figure 5-2 Topology for Lab 5-2

Table 5-2

Lab Equipment Configuration Router Name Interface Type Serial 0 Address/Subnet Mask Fast Ethernet 0 Address/Subnet Mask DLCI Number

Router Designation

Router 1 Router 2

Washington Dublin

DCE DTE

192.168.1.1/24 192.168.1.2/24

192.168.3.1/24 192.168.2.1/24

102 102

The enable secret password for both routers is class. The enable, vty, and console password for both routers is cisco. Objective

Configure two routers back to back as a Frame Relay PVC. You will do this manually, in the absence of a Frame Relay switch, so there will be no LMI.

Background/Preparation Cable a network that is similar to the one in Figure 5-2. You can use any router that meets the interface requirements in Figure 5-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 5-2. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Chapter 5: Frame Relay

181

Task 2: Configure the Washington Serial Interface


First, define the Frame Relay frame type to be used on this link. To configure the encapsulation type, use the command encapsulation frame-relay ietf. Disable keepalive messages because there is no Frame Relay switch in this configuration (and consequently no Frame Relay DCE):
Washington#configure terminal Washington(config-if)#interface serial 0 Washington(config-if)#encapsulation frame-relay ietf Washington(config-if)#no keepalive Washington(config-if)#ip address 192.168.1.1 255.255.255.0 Washington(config-if)#no shutdown

Task 3: Configure the Frame Relay Map on Washington


When you are sending an Ethernet frame to a remote IP address, you must discover the remote MAC address so that you can construct the correct frame type. Frame Relay needs a similar mapping. The remote IP address needs to be mapped to the local DLCI (Layer 2 address) so that the correctly addressed frame can be created locally for this PVC. Because you cannot map the DLCI automatically, with LMI disabled, you must create this map manually by using the frame-relay map command. The broadcast parameter allows IP broadcasts to use the same mapping for crossing this PVC:
Washington(config-if)#frame-relay map ip 192.168.1.2 102 ietf broadcast

Task 4: Configure the DCE on Washington


In this configuration using DCE cables, a clock signal is necessary. The bandwidth command is optional, but it is a wise choice for verifying bandwidth transmission. Another option is to describe the connection by using the description command. This is useful so that you can record information about the PVC, such as a remote contact person and the leased-line circuit identifier:
Washington(config-if)#clockrate 64000 Washington(config-if)#bandwidth 64 Washington(config-if)#description PVC to Dublin, DLCI 102, Circuit #DASS465875, Contact John Tobin (061-8886745)

Task 5: Configure the Dublin Router


Configure the Dublin router by using the following commands:
Dublin#configure terminal Dublin(config-if)#interface serial 0 Dublin(config-if)#encapsulation frame-relay ietf Dublin(config-if)#no keepalive Dublin(config-if)#no shutdown Dublin(config-if)#ip address 192.168.1.2 255.255.255.0 Dublin(config-if)#frame-relay map ip 192.168.1.1 102 ietf broadcast Dublin(config-if)#bandwidth 64 Dublin(config-if)#description PVC to Washington, DLCI 102, Circuit #DASS465866 Contact Pat White (091-6543211)

182

WAN Technologies CCNA 4 Labs and Study Guide

Task 6: Verify the Frame Relay PVC


On the Washington router, enter the command show frame-relay pvc:
Washington#show frame-relay pvc Washington#show frame-relay pvc PVC Statistics for interface Serial0 (Frame Relay DTE) Active Inactive Deleted Static Local 0 0 0 1 Switched 0 0 0 0 Unused 0 0 0 0 DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE = Serial0 input pkts 5 output pkts 5 in bytes 520 out bytes 520 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 00:07:26, last time pvc status changed 00:03:18

What DLCI number is reported? 102 What is the PVC status? STATIC What is the value of the DLCI USAGE? LOCAL

Task 7: Display the Frame Relay Map


To view the Layer 2 to Layer 3 mapping, use the show frame-relay map command at the privileged EXEC mode prompt:
Washington#show frame-relay map Washington#show frame-relay map Serial0 (up): ip 192.168.1.2 dlci 102(0x66,0x1860), static, broadcast, IETF

What is the IP address shown? 192.168.1.2 In what state is interface serial 0? Up

Task 8: Verify Frame Relay Connectivity


Step 1.

From the Washington router, ping the Dublin router serial interface:
Washington#ping 192.168.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms Washington#

Did the ping succeed? Yes

Chapter 5: Frame Relay

183

Step 2.

If not, troubleshoot router configurations.

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
! Washington Router#configure terminal Router(config)#hostname Washington Washington(config)#enable password cisco Washington(config)#enable secret class Washington(config)#line con 0 Washington(config-line)#password cisco Washington(config-line)#login Washington(config-line)#line vty 0 4 Washington(config-line)#password cisco Washington(config-line)#login Washington(config-line)#interface fastethernet 0 Washington(config-if)#ip address 192.168.3.1 255.255.255.0 Washington(config-if)#no shutdown Washington(config-if)#exit Washington(config)#exit Washington#copy running-config startup-config

! Washington Frame Relay Configuration Washington#configure terminal Washington(config)#interface serial 0 Washington(config-if)#encapsulation frame-relay ietf Washington(config-if)#no keepalive Washington(config-if)#ip address 192.168.1.1 255.255.255.0 Washington(config-if)#no shutdown Washington(config-if)#frame-relay map ip 192.168.1.2 102 ietf broadcast Washington(config-if)#clock rate 64000 Washington(config-if)#bandwidth 64 Washington(config-if)#description PVC to Dublin, DLCI 102, Circuit #DASS465875, Contact John Tobin (061-8886745) Washington(config-if)#exit Washington#copy running-config startup-config

! Dublin Router#configure terminal Router(config)#hostname Dublin Dublin(config)#enable password cisco Dublin(config)#enable secret class Dublin(config)#line console 0 Dublin(config-line)#password cisco Dublin(config-line)#login Dublin(config-line)#line vty 0 4

184

WAN Technologies CCNA 4 Labs and Study Guide

Dublin(config-line)#password cisco Dublin(config-line)#login Dublin(config-line)#interface fastethernet 0 Dublin(config-if)#ip address 192.168.2.1 255.255.255.0 Dublin(config-if)#no shutdown Dublin(config-if)#exit Dublin(config)#exit Dublin#copy running-config startup-config

! Dublin Frame Relay Configuration Dublin#configure terminal Dublin(config)#interface serial 0 Dublin(config-if)#encapsulation frame-relay ietf Dublin(config-if)#no keepalive Dublin(config-if)#no shutdown Dublin(config-if)#ip address 192.168.1.2 255.255.255.0 Dublin(config-if)#frame-relay map ip 192.168.1.1 102 ietf broadcast Dublin(config-if)#bandwidth 64 Dublin(config-if)#$description PVC to Washington, DLCI 102,Circuit #DASS465866 Contact Pat White (091-6543211) Dublin(config-if)#exit Dublin(config)#exit Dublin#copy running-config startup-config

Curriculum Lab 5-3: Configuring Frame Relay Subinterfaces (5.2.5)


Figure 5-3 Topology for Lab 5-3

Chapter 5: Frame Relay

185

Table 5-3

Lab Equipment Configuration Router Name Interface Type Serial 0 Address/Subnet Mask DLCI Number Fast Ethernet 0 Address/Subnet

Router Designation

Router 1 Router 2 Router 3

Amsterdam Paris Berlin

DTE DTE DTE

192.168.4.1/24 192.168.5.1/24 192.168.4.2/24 192.168.6.1/24 192.168.5.2/24 192.168.6.2/24

102 103 201 203 301 302

192.168.1.1/24 192.168.2.1/24 192.168.3.1/24

The enable secret password for all routers is class. The enable, vty, and console password for all routers is cisco. The routing protocol for all routers is IGRP 100. Objective

Configure three routers in a full-mesh Frame Relay network.

Background/Preparation This lab uses an Adtran Atlas550 Frame Relay to simulate the switch/Frame Relay cloud. Cable a network that is similar to the one in Figure 5-3. You can use any router that meets the interface requirements in Figure 5-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the information in Appendix C to correctly specify the interface identifiers based on the equipment in your lab. The 1721 series routers produced the configuration output in this lab. Another router might produce slightly different output. Execute the following tasks on each router unless you are specifically instructed otherwise. Start a HyperTerminal session. Implement the procedure documented in Appendix E on all routers before you continue with this lab.

Task 1: Configure the Routers


Configure the hostname, console, vty, and enable passwords according to Table 5-3. If you have difficulty doing this, see Lab 1-1, Configuring NAT.

Task 2: Configure the Serial 0 Interfaces


Step 1.

Define the Frame Relay encapsulation type to be used on this link by using the following commands:
Amsterdam#configure terminal Amsterdam(config)#interface serial 0 Amsterdam(config-if)#encapsulation frame-relay ietf Amsterdam(config-if)#frame-relay lmi-type ansi

Step 2.

Use a description field to store relevant information, such as the circuit number, if you have to report a line fault:
Amsterdam(config-if)#description Circuit #KPN465555 Amsterdam(config-if)#no shutdown

186

WAN Technologies CCNA 4 Labs and Study Guide

Step 3.

The same commands are used to configure the Berlin and Paris routers:
Paris(config)#interface serial 0 Paris(config-if)#encapsulation frame-relay ietf Paris(config-if)#frame-relay lmi-type ansi Paris(config-if)#description Circuit #FRT372826 Paris(config-if)#no shutdown

Berlin(config)#interface serial 0 Berlin(config-if)#encapsulation frame-relay ietf Berlin(config-if)#frame-relay lmi-type ansi Berlin(config-if)#description Circuit #DTK465866 Berlin(config-if)#no shutdown

Task 3: Create Subinterfaces on the Amsterdam Router


For each of the PVCs, create a subinterface on the serial port. This subinterface will be a point-to-point configuration. For consistency and future troubleshooting, use the DLCI number as the subinterface number. The commands to create a subinterface are as follows:
Amsterdam(config-if)#interface serial 0.102 point-to-point Amsterdam(config-if)#description PVC to Paris, DLCI 102, Contact Rick Voight(+33-1-55342234) Circuit #FRT372826 Amsterdam(config-if)#ip address 192.168.4.1 255.255.255.0 Amsterdam(config-if)#frame-relay interface-dlci 102 Amsterdam(config-if)#interface serial 0.103 point-to-point Amsterdam(config-if)#description PVC to Berlin, DLCI 103, Contact P Wills(+49- 61 03 / 7 65 72 00) Circuit #DTK465866 Amsterdam(config-if)#ip address 192.168.5.1 255.255.255.0 Amsterdam(config-if)#frame-relay interface-dlci 103

Task 4: Create Subinterfaces on the Paris Router


To configure the subinterfaces on the Paris router, use the following commands:
Paris(config-if)#interface Serial 0.201 point-to-point Paris(config-if)#description PVC to Amsterdam, DLCI 201, Contact Peter Muller (+31 20 623 32 67) Circuit #KPN465555 Paris(config-if)#ip address 192.168.4.2 255.255.255.0 Paris(config-if)#frame-relay interface-dlci 201 Paris(config-if)#interface Serial 0.203 point-to-point Paris(config-if)#description PVC to Berlin, DLCI 203, Contact Peter Willis (+49- 61 03 / 7 66 72 00) Circuit #DTK465866 Paris(config-if)#ip address 192.168.6.1 255.255.255.0 Paris(config-if)#frame-relay interface-dlci 203

Task 5: Create Subinterfaces on the Berlin Router


To configure the subinterfaces on the Berlin router, use the following commands:
Berlin(config-if)#interface Serial 0.301 point-to-point Berlin(config-if)#description PVC to Amsterdam, DLCI 301, Contact Peter Muller (+31 20

Chapter 5: Frame Relay

187

623 32 67) Circuit #KPN465555 Berlin(config-if)#ip address 192.168.5.2 255.255.255.0 Berlin(config-if)#frame-relay interface-dlci 301 Berlin(config-if)#interface Serial 0.302 point-to-point Berlin(config-if)#description PVC to Paris, DLCI 302, Contact Rick Voight (+33-1-55342234) Circuit #FRT372826 Berlin(config-if)#ip address 192.168.6.2 255.255.255.0 Berlin(config-if)#frame-relay interface-dlci 302

Task 6: Configure IGRP Routing


To configure the routing protocol IGRP 100, use the following configuration:
Amsterdam(config)#router igrp 100 Amsterdam(config-router)#network 192.168.1.0 Amsterdam(config-router)#network 192.168.4.0 Amsterdam(config-router)#network 192.168.5.0

Paris(config)#router igrp 100 Paris(config-router)#network 192.168.2.0 Paris(config-router)#network 192.168.4.0 Paris(config-router)#network 192.168.6.0

Berlin(config)#router igrp 100 Berlin(config-router)#network 192.168.3.0 Berlin(config-router)#network 192.168.5.0 Berlin(config-router)#network 192.168.6.0

Task 7: Verify the Frame Relay PVC


On the Amsterdam router, issue the command show frame-relay pvc:
Amsterdam#show frame-relay pvc Amsterdam#show frame-relay pvc PVC Statistics for interface Serial0 (Frame Relay DTE) Active Inactive Deleted Static Local 2 1 0 0 Switched 0 0 0 0 Unused 0 0 0 0 DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.102 input pkts 13 output pkts 14 in bytes 2180 out bytes 2254 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 153 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 5.2.5 Copyright ? 2003, Cisco Systems, Inc. in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0

188

WAN Technologies CCNA 4 Labs and Study Guide

out bcast pkts 14 out bcast bytes 2254 pvc create time 00:14:27, last time pvc status changed 00:02:59 DLCI = 103, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0.103 input pkts 16 output pkts 14 in bytes 2258 out bytes 2307 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 9 out bcast bytes 1787 pvc create time 00:14:29, last time pvc status changed 00:02:02 DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = INACTIVE, INTERFACE = Serial0 input pkts 0 output pkts 0 in bytes 0 out bytes 0 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 00:14:30, last time pvc status changed 00:06:13

How many active local PVCs exist? 2 What is the interface value? Serial0.102, Serial0.103 What is the PVC status? Active Which DLCI number is inactive? 104 From this, you can see that three DLCIs are defined on this Frame Relay circuit, and only two of them are in use. This is the way the Adtran 550 emulator has been configured. It is useful output because it shows what you would see if a DLCI were defined on the Frame Relay switch but not configured on the router. The other DLCIs, 102 and 103, are active and are associated with their respective subinterfaces. It also shows that some packets have passed across the PVC.

Task 8: Show the Frame Relay Maps


Look at the Frame Relay maps by entering the command show frame-relay map at the privileged EXEC mode prompt:
Amsterdam#show frame-relay map Amsterdam#show frame-relay map Serial0.103 (up): point-to-point dlci, dlci 103(0x67,0x1870), broadcast status defined, active Serial0.102 (up): point-to-point dlci, dlci 102(0x66,0x1860), broadcast status defined, active

What is the status of the links? Up What type are the DLCIs defined as? Point-to-point Are the DLCIs the same on the Paris router? No

Chapter 5: Frame Relay

189

Task 9: Show the LMIs


Look at the LMI statistics by using the show frame-relay lmi command:
Amsterdam#show frame-relay lmi Amsterdam#show frame-relay lmi LMI Statistics for interface Serial0 (Frame Relay DTE) LMI TYPE = ANSI Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 55 Num Status msgs Rcvd 56 Num Update Status Rcvd 0 Num Status Timeouts 0

Which fields have nonzero counter values? Num Status Enq. Sent, Num Status msgs Rcvd What is the LMI type? ANSI

Task 10: Check the Routing Protocol


Step 1.

Use the show ip route command to verify that the PVCs are up and active:
Amsterdam#show ip route Amsterdam#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C 192.168.4.0/24 is directly connected, Serial0.102 C 192.168.5.0/24 is directly connected, Serial0.103 I 192.168.6.0/24 [100/10476] via 192.168.4.2, 00:01:06, Serial0.102 [100/10476] via 192.168.5.2, 00:01:20, Serial0.103 C 192.168.1.0/24 is directly connected, FastEthernet0 I 192.168.2.0/24 [100/8486] via 192.168.4.2, 00:01:06, Serial0.102 I 192.168.3.0/24 [100/8486] via 192.168.5.2, 00:01:20, Serial0.103

Is the routing protocol working? Yes


Step 2.

If not, troubleshoot the router configurations. List the IGRP routes. I 192.168.6.0/24 [100/10476] via 192.168.4.2, 00:01:06, Serial0.102 [100/10476] via 192.168.5.2, 00:01:20, Serial0.103

190

WAN Technologies CCNA 4 Labs and Study Guide

I 192.168.2.0/24 [100/8486] via 192.168.4.2, 00:01:06, Serial0.102 I 192.168.3.0/24 [100/8486] via 192.168.5.2, 00:01:20, Serial0.103

Task 11: Verify Connectivity


Step 1.

Ping the Fast Ethernet interfaces.


Amsterdam#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms Amsterdam#ping 192.168.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 36/39/40 ms Amsterdam#ping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/40 ms

Did the pings succeed? Yes


Step 2.

If not, troubleshoot the router configurations and repeat this task.

After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove and store the cables and adapter.
Amsterdam Router#configure terminal Router(config)#hostname Amsterdam Amsterdam(config)#enable password cisco Amsterdam(config)#enable secret class Amsterdam(config)#line con 0 Amsterdam(config-line)#password cisco Amsterdam(config-line)#login Amsterdam(config-line)#line vty 0 4 Amsterdam(config-line)#password cisco Amsterdam(config-line)#login Amsterdam(config-line)#interface fastethernet 0 Amsterdam(config-if)#ip address 192.168.1.1 255.255.255.0 Amsterdam(config-if)#no shutdown Amsterdam(config-if)#exit Amsterdam(config)#exit Amsterdam#copy running-config startup-config

! Amsterdam Frame Relay and IGRP Configuration Amsterdam#configure terminal

Chapter 5: Frame Relay

191

Amsterdam(config)#interface serial 0 Amsterdam(config-if)#encapsulation frame-relay ietf Amsterdam(config-if)#frame-relay lmi-type ansi Amsterdam(config-if)#description Circuit #KPN465555 Amsterdam(config-if)#no shutdown Amsterdam(config-if)#interface serial 0.102 point-to-point Amsterdam(config-subif)#description PVC to Paris, DLCI 102, contact Rick Voight(+33-1-5534-2234) Circuit #FRT372826 Amsterdam(config-subif)#ip address 192.168.4.1 255.255.255.0 Amsterdam(config-subif)#frame-relay interface-dlci 102 Amsterdam(config-fr-dlci)#interface serial 0.103 point-to-point Amsterdam(config-subif)#description PVC to Berlin, DLCI 103, Contact P Wills (+49- 61 03 / 7 65 72 00) Circuit #DTK465866 Amsterdam(config-subif)#ip address 192.168.5.1 255.255.255.0 Amsterdam(config-subif)#frame-relay interface-dlci 103 Amsterdam(config-fr-dlci)#router igrp 100 Amsterdam(config-router)#network 192.168.1.0 Amsterdam(config-router)#network 192.168.4.0 Amsterdam(config-router)#network 192.168.5.0 Amsterdam(config-router)#exit Amsterdam(config)#exit Amsterdam#copy running-config startup-config

! Paris Router#configure terminal Router(config)#hostname Paris Paris(config)#enable password cisco Paris(config)#enable secret class Paris(config)#line con 0 Paris(config-line)#password cisco Paris(config-line)#login Paris(config-line)#line vty 0 4 Paris(config-line)#password cisco Paris(config-line)#login Paris(config-line)#interface fastethernet 0 Paris(config-if)#ip address 192.168.2.1 255.255.255.0 Paris(config-if)#no shutdown Paris(config-if)#exit

! Paris Frame Relay and IGRP Configuration Paris#configure terminal Paris(config)#interface serial 0 Paris(config-if)#encapsulation frame-relay ietf Paris(config-if)#frame-relay lmi-type ansi Paris(config-if)#description Circuit #FRT372826

192

WAN Technologies CCNA 4 Labs and Study Guide

Paris(config-if)#no shutdown Paris(config-if)#interface Serial 0.201 point-to-point Paris(config-subif)#description PVC to Amsterdam, DLCI 201, Contact Peter Muller (+31 20 623 32 67) Circuit #KPN465555 Paris(config-subif)#ip address 192.168.4.2 255.255.255.0 Paris(config-subif)#frame-relay interface-dlci 201 Paris(config-fr-dlci)#interface Serial 0.203 point-to-point Paris(config-subif)#description PVC to Berlin, DLCI 203, Contact Peter Willis (+49- 61 03 / 7 66 72 00) Circuit #DTK465866 Paris(config-subif)#ip address 192.168.6.1 255.255.255.0 Paris(config-subif)#frame-relay interface-dlci 203 Paris(config-fr-dlci)#router igrp 100 Paris(config-router)#network 192.168.2.0 Paris(config-router)#network 192.168.4.0 Paris(config-router)#network 192.168.6.0 Paris(config-router)#exit Paris(config)#exit Paris#copy running-config startup-config

! Berlin Router#configure terminal Router(config)#hostname Berlin Berlin(config)#enable password cisco Berlin(config)#enable secret class Berlin(config)#line con 0 Berlin(config-line)#password cisco Berlin(config-line)#login Berlin(config-line)#line vty 0 4 Berlin(config-line)#password cisco Berlin(config-line)#login Berlin(config-line)#interface fastethernet 0 Berlin(config-if)#ip address 192.168.3.1 255.255.255.0 Berlin(config-if)#no shutdown Berlin(config-if)#exit Berlin(config)#exit Berlin#copy running-config startup-config

! Berlin Frame Relay and IGRP Configuration Berlin#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Berlin(config)#interface serial 0 Berlin(config-if)#encapsulation frame-relay ietf Berlin(config-if)#frame-relay lmi-type ansi Berlin(config-if)#description Circuit #DTK465866 Berlin(config-if)#no shutdown

Chapter 5: Frame Relay

193

Berlin(config-if)#interface Serial 0.301 point-to-point Berlin(config-subif)#description PVC to Amsterdam, DLCI 301, Contact Peter Muller (+31 20 623 32 67) Circuit #KPN465555 Berlin(config-subif)#ip address 192.168.5.2 255.255.255.0 Berlin(config-subif)#frame-relay interface-dlci 301 Berlin(config-fr-dlci)#interface Serial 0.302 point-to-point Berlin(config-subif)#$ description PVC to Paris, DLCI 302, Contact Rick Voight (+33-1-5534-2234) Circuit #FRT372826 Berlin(config-subif)#ip address 192.168.6.2 255.255.255.0 Berlin(config-subif)#frame-relay interface-dlci 302 Berlin(config-subif)#exit Berlin(config-if)#exit Berlin(config)#router igrp 100 Berlin(config-router)#network 192.168.3.0 Berlin(config-router)#network 192.168.5.0 Berlin(config-router)#network 192.168.6.0 Berlin(config-router)#exit Berlin(config)#exit Berlin#copy running-config startup-config

Challenge Lab 5-4: Four-Interface Frame Relay Switch


This lab teaches you how to make a router into a four-interface Frame Relay switch. It is intended for use if an Adtran is unavailable. It lets you convert a router into a Frame Relay switch. You must have a WIC2T inserted in both WIC slots on the router. You can complete this lab using a 1721, 1760, or 2600 router that has two serial WICs available. Figure 5-4 presents the topology for this lab.
Figure 5-4 Network Topology for Lab 5-4

DLCI [101] DLCI [102] DLCI [103]

DLCI [301] DLCI [302] DLCI [303]

S0/0

S0/1

Frame Switch

S1/0

S1/1

DLCI [201] DLCI [202] DLCI [203]

DLCI [401] DLCI [402] DLCI [403]

194

WAN Technologies CCNA 4 Labs and Study Guide

Task 1
Erase the NVRAM and restart the router.

Task 2
Rename the router Frame_Switch:
Router(config)#Frame_Switch

Task 3
Enable Frame Relay switching on the router using the following command:
Frame_Switch (config)#frame-relay switching

This command enables you to create PVCs on the router interfaces. You must do this before configuring any interfaces.

Task 4
For the router to act as a Frame Relay switch, configure the following command on each interface:
Frame_Switch (config-if)#frame-relay interface-type dce

Task 5
Configure each router interface to use the IETF encapsulation type:
Frame_Switch (config-if)#encapsulation frame-relay ietf

Task 6
Configure Frame Relay PVC static routes on each interface. Following is a list of how each PVC should be mapped on the appropriate interfaces:

Interface Serial 0/0:


DLCI 101 to DLCI 201 on interface Serial 0/1 DLCI 102 to DLCI 301 on interface Serial 1/0 DLCI 103 to DLCI 401 on interface Serial 1/1

Interface Serial 0/1:


DLCI 201 to DLCI 101 on interface Serial 0/0 DLCI 202 to DLCI 302 on interface Serial 1/0 DLCI 203 to DLCI 402 on interface Serial 1/1

Interface Serial 1/0:


DLCI 301 to DLCI 102 on interface Serial 0/0 DLCI 302 to DLCI 202 on interface Serial 1/0 DLCI 303 to DLCI 403 on interface Serial 1/1

Interface Serial 1/1:

DLCI 401 to DLCI 103 on interface Serial 0/0

Chapter 5: Frame Relay

195

DLCI 402 to DLCI 203 on interface Serial 1/0 DLCI 403 to DLCI 303 on interface Serial 1/1

Task 7
Proceed to Challenge Lab 5-5, Frame Relay Switch Challenge Lab 1.
Frame_Switch#show running-config Building configuration...

Current configuration : 1415 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Frame_Switch ! ! ip subnet-zero ! frame-relay switching ! ! ! ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 no ip address encapsulation frame-relay IETF no fair-queue clockrate 64000 frame-relay intf-type dce frame-relay route 101 interface Serial0/1 201 frame-relay route 102 interface Serial1/1 301 frame-relay route 103 interface Serial1/0 401 ! interface Serial0/1 no ip address encapsulation frame-relay IETF clockrate 64000 frame-relay intf-type dce

196

WAN Technologies CCNA 4 Labs and Study Guide

frame-relay route 201 interface Serial0/0 101 frame-relay route 202 interface Serial1/0 302 frame-relay route 203 interface Serial1/1 402 ! interface Serial1/0 no ip address encapsulation frame-relay IETF clockrate 64000 frame-relay intf-type dce frame-relay route 301 interface Serial0/0 102 frame-relay route 302 interface Serial0/1 202 frame-relay route 303 interface Serial1/1 403 ! interface Serial1/1 no ip address encapsulation frame-relay IETF clockrate 64000 frame-relay intf-type dce frame-relay route 401 interface Serial0/0 103 frame-relay route 402 interface Serial0/1 203 frame-relay route 403 interface Serial1/0 303 ! ip classless no ip http server ! ! ! line con 0 logging synchronous line aux 0 line vty 0 4 ! no scheduler allocate end

Challenge Lab 5-5: Frame Relay Switch Challenge Lab 1


As the network administrator, you are required to set up a network using Frame Relay maps that will allow multiple Open Shortest Path First (OSPF) areas to communicate over a secure path through the Frame Relay cloud. You also need to set up the internal network addressing using virtual-length subnet masks (VLSMs) and classless interdomain routing (CIDR). You need a strong grasp of Dynamic Host Control Protocol (DHCP) and Network Address Translation (NAT) to complete this lab. Figure 5-5 shows the network topology for this lab using a Frame Relay switch, and Figure 5-6 shows the same topology using an Adtran.

Chapter 5: Frame Relay

197

Figure 5-5

Challenge Lab Diagram Using a Frame Relay Switch


Lo0 200.154.69.1/32 Web Server

DLCI [101]

ISP
S0/0

DLCI [102]

S0/0

DLCI [201] West


S0/0 S0/1 S1/0 S0/0

DLCI [301] East DLCI [302]


FA0/1 FA0/0

Area 51
West_S2
FA0/24 FA0/24

FA0/0 FA0/1

DLCI [202]

Frame Switch Area 0

Area 61
FA0/24 FA0/24

West_S1

East_S1

East_S2

West LAN VLAN1 14 Hosts VLAN10 (Students) 28 Hosts VLAN20 (Teachers) 14 Hosts VLAN30 (Administration) 30 Hosts 192.168.100.0/24

East LAN VLAN1 60 Hosts VLAN10 (Students) 240 Hosts VLAN20 (Teachers) 60 Hosts VLAN30 (Administration) 30 Hosts 192.168.10.0/23

Figure 5-6

Challenge Lab Diagram Using an Adtran


Lo0 200.154.69.1/32 Web Server

DLCI [102]

ISP
S0/0

DLCI [103]

1/1

DLCI [201] West


S0/0 1/2 2/1 S0/0

DLCI [301] East DLCI [302]


FA0/1 FA0/0

Area 51
West_S2
FA0/24 FA0/24

FA0/0 FA0/1

DLCI [203]

Adtran Area 0

Area 61
FA0/24 FA0/24

West_S1

East_S1

East_S2

VLAN1 14 Hosts VLAN10 (Students) 28 Hosts VLAN20 (Teachers) 14 Hosts VLAN30 (Administration) 30 Hosts

East LAN VLAN1 60 Hosts VLAN10 (Students) 240 Hosts VLAN20 (Teachers) 60 Hosts VLAN30 (Administration) 30 Hosts 192.168.10.0/23

198

WAN Technologies CCNA 4 Labs and Study Guide

Table 5-4 Router Name

Lab Equipment Configuration Serial Interface Address Interface Type Loopback 0 Address DLCI Numbers Enable Secret Password

ISP East West

64.53.18.1 /29 64.53.18.2 /29 64.53.18.3 /29

DTE DTE DTE

200.154.69.1/32

101, 102 301, 302 201, 202

cisco cisco cisco

Note: This lab gives you the option of using a Frame Relay switch as the cloud or an Adtran if one is available. You can complete this lab exercise using any 1721, 1760, or 2600 series routers. The Frame Relay switch can be configured using Lab 5-4 and should follow the diagram in Figure 5-5 for the correct DLCI numbers. If an Adtran is available, follow the diagram in Figure 5-6 for the correct DLCI numbers.

Objectives

Configure Frame Relay using a router as the Frame Switch. Multiple area OSPF with authentication. DHCP. NAT and PAT. VLANs and inter-VLAN routing.

Task 1
Cable and configure the equipment according to Figure 5-5 or 5-6, depending on whether you are using a Frame Relay switch or an Adtran. Instructors initials _____________

Task 2
Step 1. Step 2.

Configure Frame Relay using the appropriate DLCIs. Ping each neighbors serial interface to verify correct configuration.

Instructors initials _____________

Task 3
Step 1.

Configure East_Switch1 and West_Switch1 as VLAN Trunking Protocol (VTP) servers and the remaining switches as VTP clients. Configure all switches as part of the cisco VTP domain. Create the following VLANs on both server switches as follows:

Step 2. Step 3.

VLAN 1 VLAN 10: Students VLAN 20: Teachers VLAN 30: Administrators

Chapter 5: Frame Relay

199

Step 4.

Assign the VLANs to the appropriate ports:


VLAN 1: All unassigned ports VLAN 10: Ports 610 (ports 36 if youre using a 12-port switch) VLAN 20: Ports 1115 (ports 79 if youre using a 12-port switch) VLAN 30: Ports 1620 (ports 1011 if youre using a 12-port switch)

Step 5.

Configure inter-VLAN routing using IEEE 802.1q encapsulation and the appropriate addressing scheme according to the diagram.

Instructors initials _____________

Task 4
Step 1. Step 2.

Configure OSPF on each router using process ID 1. With multiple areas inside the OSPF environment, be sure to use the appropriate wildcard mask and area ID. The following commands must be configured on each OSPF router for Frame Relay to function across the Frame Switch. (Use Step 3 only when using a router as a Frame Relay switch.)
ISP(config)#router ospf 1 ISP(config-router)#neighbor 64.53.18.2 priority 1 ISP(config-router)#neighbor 64.53.18.3 priority 1

Step 3.

Step 4.

Verify functionality using the show ip route command.

Do not configure authentication yet! Instructors initials _____________

Task 5
Step 1. Step 2.

Configure DHCP on the East and West routers based on VLAN subnet information. Exclude the first three addresses from each pool.

Instructors initials _____________

Task 6
Step 1. Step 2.

Configure NAT on the East and West routers. East router will use 24.83.68.0/25 for its NAT pool:

Create a dynamic NAT pool for VLAN 1. All users from VLAN 10 will access the outside world using one IP address. All users from VLAN 20 will access the outside world using one IP address. Create a dynamic NAT pool for VLAN 30.

Step 3.

West router will use 161.73.29.0/26 for its NAT pool:


Create a dynamic NAT pool for VLAN 1. Create a dynamic NAT pool for VLAN 10. Create a dynamic NAT pool for VLAN 20. All users from VLAN 30 will access the outside world using one IP address.

Instructors initials _____________

200

WAN Technologies CCNA 4 Labs and Study Guide

Task 7
Step 1. Step 2.

Configure OSPF authentication on each router. Configure the OSPF authentication key as fred. You have the choice of using plain text or encrypted options for authentication.

Instructors initials _____________

Task 8
Configure the ISP router as a web server. Instructors initials _____________

Task 9
Verify configuration using the appropriate commands. Hosts from each LAN should be able to open a browser and connect to the ISP web server. Instructors initials _____________
ISP#show running-config Building configuration... Current configuration : 1094 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname ISP ! ! memory-size iomem 25 ip subnet-zero ! ! ! ! ! interface Loopback0 description Web Server ip address 200.154.69.1 255.255.255.255 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 description Frame Switch ip address 64.53.18.1 255.255.255.248 encapsulation frame-relay IETF

Chapter 5: Frame Relay

201

frame-relay map ip 64.53.18.2 102 broadcast frame-relay map ip 64.53.18.3 101 broadcast no frame-relay inverse-arp ip ospf authentication-key secret fred no shut ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router ospf 1 log-adjacency-changes network 64.53.18.1 0.0.0.0 area 0 neighbor 64.53.18.3 priority 1 neighbor 64.53.18.2 priority 1 default-information originate area 0 authentication ! ip classless ip route 0.0.0.0 0.0.0.0 Serial0/0 ip route 24.83.68.0 255.255.255.128 64.53.18.2 ip route 161.73.29.0 255.255.255.192 64.53.18.3 ip http server ! ! ! line con 0 logging synchronous line aux 0 line vty 0 4 login ! end

West#show running-config Building configuration... Current configuration : 2840 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname West ! ! ip subnet-zero

202

WAN Technologies CCNA 4 Labs and Study Guide

ip dhcp excluded-address 192.168.100.81 192.168.100.83 ip dhcp excluded-address 192.168.100.33 192.168.100.35 q ip dhcp excluded-address 192.168.100.65 192.168.100.67 ip dhcp excluded-address 192.168.100.1 192.168.100.3 ! ip dhcp pool Vlan1 network 192.168.100.80 255.255.255.240 default-router 192.168.100.81 ! ip dhcp pool Students network 192.168.100.32 255.255.255.224 default-router 192.168.100.33 ! ip dhcp pool Administration network 192.168.100.0 255.255.255.224 default-router 192.168.100.1 ! ip dhcp pool Teachers network 192.168.100.64 255.255.255.240 default-router 192.168.100.65 ! ! ! ! ! interface FastEthernet0/0 no shut no ip address speed auto ! interface FastEthernet0/0.1 description Vlan1 encapsulation dot1Q 1 native ip address 192.168.100.81 255.255.255.240 ip nat inside ! interface FastEthernet0/0.10 description Students encapsulation dot1Q 10 ip address 192.168.100.33 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description Teachers encapsulation dot1Q 20 ip address 192.168.100.65 255.255.255.240 ip nat inside ! interface FastEthernet0/0.30 description Administration encapsulation dot1Q 30 ip address 192.168.100.1 255.255.255.224 only exclude 3 addresses? only exclude 3 addresses? 33-35 65-67

Chapter 5: Frame Relay

203

ip nat inside ! interface Serial0/0 ip address 64.53.18.3 255.255.255.248 ip nat outside encapsulation frame-relay IETF no fair-queue frame-relay map ip 64.53.18.1 201 broadcast frame-relay map ip 64.53.18.2 202 broadcast no frame-relay inverse-arp ip ospf authentication-key secret fred no shut ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router ospf 1 log-adjacency-changes network 64.53.18.3 0.0.0.0 area 0 network 192.168.100.1 0.0.0.0 area 51 network 192.168.100.33 0.0.0.0 area 51 network 192.168.100.65 0.0.0.0 area 51 network 192.168.100.81 0.0.0.0 area 51 neighbor 64.53.18.2 priority 1 neighbor 64.53.18.1 priority 1 area 0 authentication ! ip nat pool Vlan1 161.73.29.1 161.73.29.14 netmask 255.255.255.192 ip nat pool Students 161.73.29.15 161.73.29.43 netmask 255.255.255.192 ip nat pool Teachers 161.73.29.44 161.73.29.58 netmask 255.255.255.192 ip nat pool Administration 161.73.29.59 161.73.29.59 netmask 255.255.255.192 ip nat inside source list 1 pool Vlan1 ip nat inside source list 2 pool Students ip nat inside source list 3 pool Teachers ip nat inside source list 4 pool Administration overload ip classless ip route 24.83.68.0 255.255.255.128 Serial0/0 no ip http server ! ! access-list 1 permit 192.168.100.80 0.0.0.15 access-list 2 permit 192.168.100.32 0.0.0.31 access-list 3 permit 192.168.100.64 0.0.0.15 access-list 4 permit 192.168.100.0 0.0.0.31 ! line con 0 logging synchronous line aux 0

204

WAN Technologies CCNA 4 Labs and Study Guide

line vty 0 4 login ! end

East#show running-config Building configuration...

Current configuration : 2773 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname East ! ! memory-size iomem 25 ip subnet-zero ip dhcp excluded-address 192.168.11.1 192.168.11.3 ip dhcp excluded-address 192.168.10.1 192.168.10.3 ip dhcp excluded-address 192.168.11.65 192.168.11.67 ip dhcp excluded-address 192.168.11.129 192.168.11.131 ! ip dhcp pool Vlan1 network 192.168.11.0 255.255.255.192 default-router 192.168.11.1 ! ip dhcp pool Students network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 ! ip dhcp pool Teachers network 192.168.11.64 255.255.255.192 default-router 192.168.11.65 ! ip dhcp pool Administration network 192.168.11.128 255.255.255.224 default-router 192.168.11.129 ! ! ! ! ! interface FastEthernet0/0

Chapter 5: Frame Relay

205

no shut no ip address speed auto ! interface FastEthernet0/0.1 description Vlan1 encapsulation dot1Q 1 native ip address 192.168.11.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Students encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.20 description Teachers encapsulation dot1Q 20 ip address 192.168.11.65 255.255.255.192 ip nat inside ! interface FastEthernet0/0.30 description Administration encapsulation dot1Q 30 ip address 192.168.11.129 255.255.255.224 ip nat inside ! interface Serial0/0 ip address 64.53.18.2 255.255.255.248 ip nat outside encapsulation frame-relay IETF frame-relay map ip 64.53.18.1 301 broadcast frame-relay map ip 64.53.18.3 302 broadcast no frame-relay inverse-arp ip ospf authentication-key secret fred no shut ! interface Serial0/1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 64.53.18.2 0.0.0.0 area 0 network 192.168.10.1 0.0.0.0 area 61

206

WAN Technologies CCNA 4 Labs and Study Guide

network 192.168.11.1 0.0.0.0 area 61 network 192.168.11.65 0.0.0.0 area 61 network 192.168.11.129 0.0.0.0 area 61 neighbor 64.53.18.1 priority 1 neighbor 64.53.18.3 priority 1 area 0 authentication ! ip nat pool Vlan1 24.83.68.1 24.83.68.60 netmask 255.255.255.128 ip nat pool Students 24.83.68.61 24.83.68.61 netmask 255.255.255.128 ip nat pool Teachers 24.83.68.62 24.83.68.62 netmask 255.255.255.128 ip nat pool Administration 24.83.68.65 24.83.68.95 netmask 255.255.255.128 ip nat inside source list 1 pool Vlan1 ip nat inside source list 2 pool Students overload ip nat inside source list 3 pool Teachers overload ip nat inside source list 4 pool Administration ip classless ip route 161.73.29.0 255.255.255.192 Serial0/0 no ip http server ! ! access-list 1 permit 192.168.11.0 0.0.0.63 access-list 2 permit 192.168.10.0 0.0.0.255 access-list 3 permit 192.168.11.64 0.0.0.63 access-list 4 permit 192.168.11.128 0.0.0.31 ! line con 0 logging synchronous line aux 0 line vty 0 4 login ! end

West_Switch1#show running-config Building configuration...

Current configuration : 1984 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname West_Switch1

Chapter 5: Frame Relay

207

! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 10 no ip address !

208

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/11 switchport access vlan 20 no ip address ! interface FastEthernet0/12 switchport access vlan 20 no ip address ! interface FastEthernet0/13 switchport access vlan 20 no ip address ! interface FastEthernet0/14 switchport access vlan 20 no ip address ! interface FastEthernet0/15 switchport access vlan 20 no ip address ! interface FastEthernet0/16 switchport access vlan 30 no ip address ! interface FastEthernet0/17 switchport access vlan 30 no ip address ! interface FastEthernet0/18 switchport access vlan 30 no ip address ! interface FastEthernet0/19 switchport access vlan 30 no ip address ! interface FastEthernet0/20 switchport access vlan 30 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address !

Chapter 5: Frame Relay

209

interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 switchport mode trunk no ip address ! interface Vlan1 ip address 192.168.100.82 255.255.255.240 no ip route-cache no shut ! ip default-gateway 192.168.100.81 ip http server ! ! line con 0 logging synchronous line vty 0 4 login line vty 5 15 login ! end

West_Switch2#show running-config Building configuration...

Current configuration : 1927 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname West_Switch2 ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id

210

WAN Technologies CCNA 4 Labs and Study Guide

! ! interface FastEthernet0/1 no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 10 no ip address ! interface FastEthernet0/11 switchport access vlan 20 no ip address ! interface FastEthernet0/12 switchport access vlan 20 no ip address ! interface FastEthernet0/13

Chapter 5: Frame Relay

211

switchport access vlan 20 no ip address ! interface FastEthernet0/14 switchport access vlan 20 no ip address ! interface FastEthernet0/15 switchport access vlan 20 no ip address ! interface FastEthernet0/16 switchport access vlan 30 no ip address ! interface FastEthernet0/17 switchport access vlan 30 no ip address ! interface FastEthernet0/18 switchport access vlan 30 no ip address ! interface FastEthernet0/19 switchport access vlan 30 no ip address ! interface FastEthernet0/20 switchport access vlan 30 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address no ip address interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 switchport mode trunk no ip address ! interface Vlan1 ip address 192.168.100.83 255.255.255.240

212

WAN Technologies CCNA 4 Labs and Study Guide

no ip route-cache no shut ! ip default-gateway 192.168.100.81 ip http server ! ! line con 0 logging synchronous line vty 0 4 login line vty 5 15 login ! end

East_Switch1#show running-config Building configuration...

Current configuration : 1980 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname East_Switch1 ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 no ip address !

Chapter 5: Frame Relay

213

interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address ! interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 10 no ip address ! interface FastEthernet0/11 switchport access vlan 20 no ip address ! interface FastEthernet0/12 switchport access vlan 20 no ip address ! interface FastEthernet0/13 switchport access vlan 20 no ip address ! interface FastEthernet0/14 switchport access vlan 20 no ip address ! interface FastEthernet0/15

214

WAN Technologies CCNA 4 Labs and Study Guide

switchport access vlan 20 no ip address ! interface FastEthernet0/16 switchport access vlan 30 no ip address ! interface FastEthernet0/17 switchport access vlan 30 no ip address ! interface FastEthernet0/18 switchport access vlan 30 no ip address ! interface FastEthernet0/19 switchport access vlan 30 no ip address ! interface FastEthernet0/20 switchport access vlan 30 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 switchport mode trunk no ip address ! interface Vlan1 ip address 192.168.11.2 255.255.255.192 no ip route-cache no shut ! ip default-gateway 192.168.11.1 ip http server ! ! line con 0

Chapter 5: Frame Relay

215

logging synchronous line vty 0 4 login line vty 5 15 login ! end

East_Switch2#show running-config Building configuration...

Current configuration : 1925 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname East_Switch2 ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 no ip address ! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5 no ip address !

216

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 10 no ip address ! interface FastEthernet0/11 switchport access vlan 20 no ip address ! interface FastEthernet0/12 switchport access vlan 20 no ip address ! interface FastEthernet0/13 switchport access vlan 20 no ip address ! interface FastEthernet0/14 switchport access vlan 20 no ip address ! interface FastEthernet0/15 switchport access vlan 20 no ip address ! interface FastEthernet0/16 switchport access vlan 30 no ip address ! interface FastEthernet0/17 switchport access vlan 30

Chapter 5: Frame Relay

217

no ip address ! interface FastEthernet0/18 switchport access vlan 30 no ip address ! interface FastEthernet0/19 switchport access vlan 30 no ip address ! interface FastEthernet0/20 switchport access vlan 30 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 switchport mode trunk no ip address ! interface Vlan1 ip address 192.168.11.3 255.255.255.192 no ip route-cache no shut ! ip default-gateway 192.168.11.1 ip http server ! ! line con 0 logging synchronous line vty 0 4 login line vty 5 15 login ! end

218

WAN Technologies CCNA 4 Labs and Study Guide

West_S1#show vtp status VTP Version Configuration Revision : 2 : 2

Maximum VLANs supported locally : 64 Number of existing VLANs VTP Operating Mode VTP Domain Name VTP Pruning Mode VTP V2 Mode VTP Traps Generation MD5 digest : 7 : Server : cisco : Disabled : Disabled : Disabled : 0x2A 0x44 0x1E 0x28 0xD1 0xEC 0xAA 0x77

West_S2#show vtp status VTP Version Configuration Revision : 2 : 2

Maximum VLANs supported locally : 64 Number of existing VLANs VTP Operating Mode VTP Domain Name VTP Pruning Mode VTP V2 Mode VTP Traps Generation MD5 digest : 7 : Client : cisco : Disabled : Disabled : Disabled : 0x2A 0x44 0x1E 0x28 0xD1 0xEC 0xAA 0x77

East_S1#show vtp status VTP Version Configuration Revision : 2 : 2

Maximum VLANs supported locally : 64 Number of existing VLANs VTP Operating Mode VTP Domain Name VTP Pruning Mode VTP V2 Mode VTP Traps Generation MD5 digest : 7 : Server : cisco : Disabled : Disabled : Disabled : 0x0B 0xCB 0xF4 0x3E 0x7A 0xEC 0x8A 0x49

East_S2#show vtp status VTP Version Configuration Revision : 2 : 2

Maximum VLANs supported locally : 64 Number of existing VLANs VTP Operating Mode VTP Domain Name VTP Pruning Mode VTP V2 Mode VTP Traps Generation MD5 digest : 7 : Client : cisco : Disabled : Disabled : Disabled : 0x0B 0xCB 0xF4 0x3E 0x7A 0xEC 0x8A 0x49

Chapter 5: Frame Relay

219

Challenge Lab 5-6: Frame-Relay Challenge Lab 2


You are the network administrator of an international organization that has multiple sites around the world. Your task is to set up Frame Relay across the London, China, and Ireland routers. Enhanced Interior Gateway Routing Protocol (EIGRP) should be used to communicate between them. The Ireland and Scotland routers will use ISDN with static routes. In addition, you must set up the internal network off the Scotland router using VLSM, DHCP, and NAT. Figure 5-7 shows the network topology for this lab, and Table 5-5 lists the router interface details.
Figure 5-7 Network Topology for Challenge Lab 5-6
VLANS Management 1 = 28 Hosts Design 10 = 254 Hosts Security 15 = 60 Hosts Research 20 = 53 Hosts DLCI [201] London DLCI [203]
1/1 1/2
VL 1 AN

Lo0 132.16.83.1/30 Web Server

DLCI [102] China DLCI [103]

Scotland LAN Addressing 192.168.1.0/23


AN VL 0 2 9 1 15

WAN Cloud (Frame Switch)


2/1

VLAN 10 49

VLAN 15 1014

Fa0/1

Fa0/2 Fa0/3

Fa0/1

Dundee

Fa0/2

Dumfries
Fa0/1 Fa0/0

DLCI [301]

S0/0

DLCI [302]
BRI 0/0 BRI 1

Ireland

ISDN

BRI 2

BRI 0/0

Scotland DHCP

NAT Address Pool 194.18.26.0/26

Table 5-5 Router Name

Lab Equipment Configuration Serial Interface Address Loopback 0 Address Loopback 1 Address Enable Secret

China London Ireland Scotland

200.200.200.3/30 200.200.200.1/30 200.200.200.2/30

132.16.83.1/30 24.72.48.1/30 116.232.192.1/30

69.118.96.1/30 137.213.181.1/30

cisco cisco cisco cisco

Note: This lab can be done using any 1721, 1760, and 2600 series routers.

Objectives

Configure Frame Relay. Configure ISDN using dialer profiles and interfaces. Use EIGRP as the routing protocol. Configure DHCP, NAT, and PAT. Configure VLANs and inter-VLAN routing.

220

WAN Technologies CCNA 4 Labs and Study Guide

Task 1
Cable and configure the equipment according to the diagram in Figure 5-7. Instructors initials _____________

Task 2
Step 1. Step 2.

Configure Frame Relay using the appropriate DLCIs. Ping each neighbors serial interface to verify correct configuration.

Instructors initials _____________

Task 3
Step 1. Step 2. Step 3. Step 4.

Configure the Dumfries and Dundee switches with an available IP address from VLAN 1. Configure the Dumfries switch as a VTP server and the Dundee switch as a VTP client. Configure all switches as part of the cisco VTP domain. Create the following VLANs:

VLAN 1: Management VLAN 10: Design VLAN 15: Security VLAN 20: Research

Step 5.

Assign the VLANs to the appropriate ports:


VLAN 1: All unassigned ports VLAN 10: Ports 49 VLAN 15: Ports 1014 VLAN 20: Ports 1519

Step 6.

Configure inter-VLAN routing using IEEE 802.1q encapsulation and the appropriate addressing scheme according to the diagram in Figure 5-7.

Instructors initials _____________

Task 4
Step 1. Step 2. Step 3.

Configure EIGRP on the London, China, and Ireland routers using AS100. Create a default route on the Scotland router. Create static routes on the Ireland router to the LAN addresses on the Scotland router, and point them to the dialer interface address of the Scotland router. Propagate static routes inside the EIGRP domain. Create a default route on the Scotland router, and point it to the dialer interface address of the Ireland router. Verify functionality using the show ip route command on all routers.

Step 4. Step 5.

Step 6.

Instructors initials _____________

Chapter 5: Frame Relay

221

Task 5
Step 1. Step 2. Step 3. Step 4. Step 5. Step 6. Step 7.

Configure ISDN on the Scotland and Ireland routers. Use the appropriate SPIDs on the ISDN BRI interfaces. Configure CHAP as the authentication protocol using cisco as the password. Use the ISDN switch type basic-ni. Allow ISDN to load-balance across both B channels. Create dialer profiles. Create dialer interfaces using the following addresses:

Ireland: 193.15.63.1 255.255.255.252 Scotland: 193.15.63.2 255.255.255.252

Step 8. Step 9.

Allow all IP traffic to turn the ISDN line on. Do not advertise either address in EIGRP. This will cause the interface to flap uncontrollably.

Instructors initials _____________

Task 6
Step 1. Step 2.

Configure DHCP on the Scotland router. Exclude the first three addresses from each pool.

Instructors initials _____________

Task 7
Step 1. Step 2.

Configure NAT on the Scotland router. Use the 194.18.26.0 /26 address for its NAT pool:

Create a dynamic NAT pool for VLAN 1. All users from VLAN 10 will access the outside world using one IP address. Prevent VLAN 15 from accessing the outside world so that a NAT pool is not required. All users from VLAN 20 will access the outside world using one IP address.

Instructors initials _____________

Task 8
Configure the China router as an HTTP server. Instructors initials _____________

Task 9
Verify configuration using the appropriate commands. DHCP-enabled hosts should receive a different address. Instructors initials _____________
London#show running-config Building configuration...

222

WAN Technologies CCNA 4 Labs and Study Guide

Current configuration : 861 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname London ! ! ip subnet-zero ! ! ! ! ! interface Loopback0 ip address 24.72.48.1 255.255.255.252 ! interface Loopback1 ip address 69.118.96.1 255.255.255.252 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 ip address 200.200.200.1 255.255.255.0 encapsulation frame-relay IETF no fair-queue frame-relay map ip 200.200.200.2 203 broadcast frame-relay map ip 200.200.200.3 201 broadcast ! interface Serial0/1 no ip address shutdown ! router eigrp 100 network 24.0.0.0 network 69.0.0.0 network 200.200.200.0 auto-summary no eigrp log-neighbor-changes ! ip classless

Chapter 5: Frame Relay

223

no ip http server ! ! ! line con 0 logging synchronous line aux 0 line vty 0 4 login ! no scheduler allocate end

China#show running-config Building configuration...

Current configuration : 835 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname China ! ! ip subnet-zero ! ! ! ! ! interface Loopback0 ip address 132.16.83.1 255.255.255.252 ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 ip address 200.200.200.3 255.255.255.0 encapsulation frame-relay IETF frame-relay map ip 200.200.200.1 102 broadcast frame-relay map ip 200.200.200.2 103 broadcast

224

WAN Technologies CCNA 4 Labs and Study Guide

! interface Serial0/1 no ip address shutdown ! ! interface BRI1/0 no ip address shutdown ! router eigrp 100 network 132.16.0.0 network 200.200.200.0 auto-summary no eigrp log-neighbor-changes ! ip classless ip http server ! ! ! line con 0 logging synchronous line aux 0 line vty 0 4 login ! no scheduler allocate end

Ireland#show running-config Building configuration...

Current configuration : 1415 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Ireland ! ! username Scotland password 0 cisco ip subnet-zero

Chapter 5: Frame Relay

225

! ! isdn switch-type basic-ni ! ! ! interface FastEthernet0/0 no ip address shutdown speed auto ! interface Serial0/0 ip address 200.200.200.2 255.255.255.0 encapsulation frame-relay IETF frame-relay map ip 200.200.200.1 302 broadcast frame-relay map ip 200.200.200.3 301 broadcast ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055510000001 5551000 isdn spid2 51055510010001 5551001 ppp authentication chap ppp multilink ! interface Dialer0 ip address 193.15.63.1 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name Scotland dialer string 5552000 dialer string 5552001 dialer-group 1 ppp authentication chap ! router eigrp 100 redistribute static network 200.200.200.0 auto-summary no eigrp log-neighbor-changes

226

WAN Technologies CCNA 4 Labs and Study Guide

! ip classless ip route 116.232.192.0 255.255.255.252 193.15.63.2 ip route 137.213.181.0 255.255.255.252 193.15.63.2 ip route 192.18.26.0 255.255.255.0 193.15.63.2 ip route 193.15.63.0 255.255.255.0 193.15.63.2 no ip http server ! ! dialer-list 1 protocol ip permit ! line con 0 logging synchronous line aux 0 line vty 0 4 password cisco login ! end

Scotland#show running-config Building configuration...

Current configuration : 2803 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Scotland ! ! username Ireland password 0 cisco memory-size iomem 25 ip subnet-zero ip dhcp excluded-address 192.168.1.1 192.168.1.3 ip dhcp excluded-address 192.168.2.1 192.168.2.3 ip dhcp excluded-address 192.168.1.33 192.168.1.35 ip dhcp excluded-address 192.168.1.97 192.168.1.99 ! ip dhcp pool Management network 192.168.1.0 255.255.255.224 default-router 192.168.1.1 !

Chapter 5: Frame Relay

227

ip dhcp pool Design network 192.168.2.0 255.255.255.0 default-router 192.168.2.1 ! ip dhcp pool Security network 192.168.1.32 255.255.255.192 default-router 192.168.1.33 ! ip dhcp pool Research network 192.168.1.96255.255.255.192 default-router 192.168.1.97 ! ! isdn switch-type basic-ni ! ! ! interface FastEthernet0/0 no ip address speed auto ! interface FastEthernet0/0.1 description Management encapsulation dot1Q 1 native ip address 192.168.1.1 255.255.255.224 ip nat inside ! interface FastEthernet0/0.10 description Design encapsulation dot1Q 10 ip address 192.168.2.1 255.255.255.0 ip nat inside ! interface FastEthernet0/0.15 description Security encapsulation dot1Q 15 ip address 192.168.1.33 255.255.255.192 ! interface FastEthernet0/0.20 description Research encapsulation dot1Q 20 ip address 192.168.1.97 255.255.255.192 ip nat inside ! interface Serial0/0 no ip address

228

WAN Technologies CCNA 4 Labs and Study Guide

shutdown ! interface Serial0/1 no ip address shutdown ! interface BRI0/0 no ip address ip nat outside encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 51055520000001 5552000 isdn spid2 51055520010001 5552001 ppp authentication chap ppp multilink ip access-group 101 out ! interface Dialer0 ip address 193.15.63.2 255.255.255.252 ip nat outside encapsulation ppp dialer pool 1 dialer remote-name Ireland dialer string 5551000 dialer string 5551001 dialer-group 1 ppp authentication chap ! ip nat pool Management 194.18.26.1 194.18.26.61 netmask 255.255.255.192 ip nat pool Design 194.18.26.62 194.18.26.62 netmask 255.255.255.192 ip nat pool Research 194.18.26.94 194.18.26.94 netmask 255.255.255.192 ip nat inside source list 1 pool Management ip nat inside source list 2 pool Design overload ip nat inside source list 3 pool Research overload ip classless ip route 0.0.0.0 0.0.0.0 193.15.63.1 no ip http server ! ! access-list 1 permit 192.168.1.0 0.0.0.31 access-list 2 permit 192.168.2.0 0.0.0.255 access-list 3 permit 192.168.1.96 0.0.0.63 access-list 101 deny ip 192.168.1.32 0.0.0.63 any access-list 101 permit any any dialer-list 1 protocol ip permit ! line con 0

Chapter 5: Frame Relay

229

logging synchronous line aux 0 line vty 0 4 ! no scheduler allocate end

Dumfries#show running-config Building configuration...

Current configuration : 2028 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Dumfries ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 switchport mode trunk no ip address ! interface FastEthernet0/3 switchport mode trunk no ip address ! interface FastEthernet0/4 switchport access vlan 10

230

WAN Technologies CCNA 4 Labs and Study Guide

no ip address ! interface FastEthernet0/5 switchport access vlan 10 no ip address ! interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 15 no ip address ! interface FastEthernet0/11 switchport access vlan 15 no ip address ! interface FastEthernet0/12 switchport access vlan 15 no ip address ! interface FastEthernet0/13 switchport access vlan 20 no ip address ! interface FastEthernet0/14 switchport access vlan 20 no ip address ! interface FastEthernet0/15 switchport access vlan 20 no ip address !

Chapter 5: Frame Relay

231

interface FastEthernet0/16 switchport access vlan 20 no ip address ! interface FastEthernet0/17 switchport access vlan 20 no ip address ! interface FastEthernet0/18 switchport access vlan 20 no ip address ! interface FastEthernet0/19 switchport access vlan 20 no ip address ! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.1.2 255.255.255.224 no ip route-cache no shut ! interface Vlan10 no ip address no ip route-cache ! interface Vlan15 no ip address no ip route-cache ! interface Vlan20 no ip address

232

WAN Technologies CCNA 4 Labs and Study Guide

no ip route-cache ! ip default-gateway 193.15.63.2 ip http server ! ! line con 0 logging synchronous line vty 5 15 ! end

Dundee#show running-config Building configuration...

Current configuration : 1972 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Dundee ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address ! interface FastEthernet0/2 switchport mode trunk no ip address ! interface FastEthernet0/3 no ip address !

Chapter 5: Frame Relay

233

interface FastEthernet0/4 switchport access vlan 10 no ip address ! interface FastEthernet0/5 switchport access vlan 10 no ip address ! interface FastEthernet0/6 switchport access vlan 10 no ip address ! interface FastEthernet0/7 switchport access vlan 10 no ip address ! interface FastEthernet0/8 switchport access vlan 10 no ip address ! interface FastEthernet0/9 switchport access vlan 10 no ip address ! interface FastEthernet0/10 switchport access vlan 15 no ip address ! interface FastEthernet0/11 switchport access vlan 15 no ip address ! interface FastEthernet0/12 switchport access vlan 15 no ip address ! interface FastEthernet0/13 switchport access vlan 15 no ip address ! interface FastEthernet0/14 switchport access vlan 15 no ip address ! interface FastEthernet0/15 switchport access vlan 20

234

WAN Technologies CCNA 4 Labs and Study Guide

no ip address ! interface FastEthernet0/16 switchport access vlan 20 no ip address ! interface FastEthernet0/17 switchport access vlan 20 no ip address !interface FastEthernet0/18 switchport access vlan 20 no ip address ! interface FastEthernet0/19 switchport access vlan 20 no ip address ! interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.1.3 255.255.255.224 no ip route-cache ! interface Vlan10 no ip address no ip route-cache ! interface Vlan15 no ip address no ip route-cache ! interface Vlan20 no ip address

Chapter 5: Frame Relay

235

no ip route-cache

! ip default-gateway 192.168.1.1 ip http server ! ! line con 0 line vty 5 15 ! end

This page intentionally left blank

CHAPTER 6

Introduction to Network Administration

The Study Guide portion of this chapter uses a combination of multiple-choice and open-ended question exercises to test your knowledge of the theory of network administration. This chapter contains no lab exercises.

238

WAN Technologies CCNA 4 Labs and Study Guide

Study Guide
Workstations and Servers
Workstations are regular computers that run multiple applications (word processing, spreadsheets, and so on) and allow multiple users to access information from a single location. They can run using one of several different platforms such as Windows, UNIX/Linux, or even Macintosh. One specific type of workstation is a diskless workstation. A diskless workstation contains no drives for storage, making it unable to upload or download anything in the network. This aspect makes a diskless workstation ideal for networks that have security as a top priority. Laptops can serve as a mobile workstation if they are connected to the network (for example, wireless). Servers are workstations with different software and much more hardware, including memory and processing speed. This is because they must be operational all the time and capable of handling several simultaneous requests. Both servers and workstations have network operating systems that allow access to network resources and functions. Windows NT by Microsoft was the first network operating system designed to operate on large-scale networks with workgroup servers. Windows 2000 was then released as an all-in-one network operating system for large and small networks and single standalone computers. It also allows plug-and-play devices. Another version of a network operating system is UNIX, including variations such as Linux, which is an open-source programming code.

Concept Questions
1. Why is a diskless workstation preferred in a high-security situation as opposed to a regular workstation or a laptop? A diskless workstation is preferable over an ordinary workstation or a laptop because it has no storage drives, and therefore it cannot download or upload anything inside the network. This also prevents viruses from being spread and infecting the network. 2. Compare and contrast Windows and UNIX platforms as network operating systems. UNIX is a command-line operating system that is similar to the command-line interface of a Cisco router. It is a network operating system mainly used in large financial institutions. Linux is an opensource operating system derived from UNIX. This feature allows different companies and individuals to create their own variations of Linux to suit their needs. Windows, on the other hand, is a GUI-based operating system that cannot be modified. It is the standard operating system found on most PCs today and is designed for both personal and corporate environments.

Network Management
Managing a network involves an array of tasks to keep the network operational, including the ability to grow or scale your network, routing and rerouting traffic, managing security, dealing with costs and budgets, and much more. Standards have been created for network management by the International Organization for Standardization (ISO). These standards are also encompassed within Simple Network Management Protocol (SNMP) and Common Management Information Protocol (CMIP), which both allow management of different platforms. SNMP is the most popular protocol used for managing corporate, connected networks. The four parts that allow SNMP to operate are a network management agent, station, information base, and protocol. The management station and agent work together to monitor occurrences such as the status of interfaces, virtual circuits, sent and received broadcast messages, and so on. Management Information Bases (MIBs) are used as banks of information about a device. Most MIBs are vendor-specific to help manage that particular device in the way it functions. Management agents are

Chapter 6: Introduction to Network Administration

239

embedded within the software of network devices to send clear-text messages, or community strings, to the management station. A rule of thumb in SNMP is to collect the least amount of information over a widespread interval. The string acts as the messages password, and ro (read-only) and rw (read-write) tell whether the management station can make changes to the MIB. Remote Monitoring (RMON) is a MIB that allows for remote monitoring of networks. It divides the task of monitoring into nine groups of aspects that it oversees: Statistics, History, Alarm, Host, HostTopN, Traffic Matrix, Filter, Packet Capture, and Event. Syslog is a utility used within Cisco devices to report errors. Syslog tags every error with a number, ranging from 0 to 7, that indicates the errors level of severity. If the syslog report has a 0 attached to it, the severity is great, whereas 7 indicates a minor severity. The level numbers are equivalent to the following (in order from 0 to 7): emergencies, alerts, critical, errors, warnings, notifications, informational, and debugging. The default severity level for all Cisco IOS syslog reports is 6. To enable syslog on a Cisco device, enter the command logging on in global configuration mode, which sends the logs to every destination that can read them. If there is a specific device to which the logs are to be sent, use the command logging [ip address | hostname].

Concept Questions
1. Management agents are embedded in the software of all network devices to report back to the management station. What are some of the things that the management agents keep track of and report to the management station? Agents report the status of the devices interfaces, any virtual circuits, and other things. Whenever an agent sends a message, it does so after a trap that captures an event such as an interface changing state. However, the device must be configured to send the messages to a management station or stations. 2. Explain how SNMP can be used in conjunction with software or other devices to enhance network monitoring. WhatsUp Professional 2006 (formally known as WhatsUp Gold) monitoring software can be used with SNMP to send messages to an Exchange server. The Exchange server then sends messages to the network engineers Blackberry, cell phone, pager, or e-mail to immediately inform him of changes within the network or other information about the network as it happens.

Chapter Review Questions


For multiple-choice questions 1 through 20, circle the correct answers. Some questions have more than one answer. 1. What are the operating systems that a client workstation may operate on? (Select three) A. Sun Microsystems B. Windows C. Solaris D. UNIX E. Macintosh 2. What features of a diskless workstation provide security? (Select two) A. It contains no drives. B. It is used only for storage. C. It is unable to download or upload files. D. It is physically isolated from the rest of the network. E. All information is stored on an external hard drive.

240

WAN Technologies CCNA 4 Labs and Study Guide

3. There are workstations that perform low- and high-end tasks. What are some of the tasks that a highend workstation may perform? (Select three) A. Word processing B. C. Graphic design Circuit design

D. Spreadsheets E. Weather data analysis 4. Servers provide a variety of services on request from devices within the network. What are some of the services provided? (Select three) A. DHCP requests B. FTP file transfers C. Equipment management D. Print jobs E. Doubles as a backup workstation 5. Why are servers equipped with much more memory and processing power than a regular workstation? (Select two) A. They must be able to handle simultaneous requests from multiple workstations. B. They serve as a backup to every workstation in case one of them malfunctions. C. Servers are used for heavy data analysis and computer graphics animation. D. They function as storage facilities for network devices. E. Workstations are actually equipped with more hardware. 6. Which network operating system was released to operate on large and small-scale networks and remote computers? A. UNIX B. Windows 2000 C. Windows NT D. Red Hat Linux E. Mac OS X 7. What protocols are used to help manage computer networks? (Select two) A. CMIP B. SMTP C. CMNP D. SNMP E. ISO Network Management Protocol 8. Which commands send all syslog entries to a specific location? (Select two) A. Router(config)#logging ip address B. Router(config-if)#logging hostname C. Router(config-if)#logging ip address D. Router(config)#logging hostname E. Router(config)#logging syslog ip address

Chapter 6: Introduction to Network Administration

241

9. What service does a Domain Name System (DNS) provide to a PC when accessing a website? A. It routes your request to the correct website. B. It provides the IP address for the website. C. It converts the website name into an IP address and then redirects your request to the website. D. It tells your router which path to take to get to the website. 10. Which devices in an SNMP-managed network communicate with one another and are responsible for reporting network errors? A. Management agent and protocol B. Management agent and information base C. Management station and agent D. Management protocol and information base E. Management station and information base 11. What are some of the things that a management agent can monitor about a particular device? (Select three) A. Status of virtual circuits B. Whether the device is powered on C. The size and number of packets that travel through the device D. If anyone is in a Telnet session in the network E. The states of the devices interfaces 12. What type of messages are sent to the remote management station from the management agents in the network? A. UDP error messages B. MD5 encrypted updates C. TCP synchronous messages D. TCP acknowledgments E. ICMP packets 13. A network management station (NMS) obtains information on the operation of the network from a MIB. What message types does the MIB send back to the NMS? (Select three) A. Bulk B. C. Get Set

D. Log E. Trap 14. When SNMPv2c was introduced, what two additional functions were added? A. GetNextRequest B. SetRequest C. GetBulkRequest D. 64-bit counters E. GetRequestBulk

242

WAN Technologies CCNA 4 Labs and Study Guide

15. What is true about the command snmp-server community string rw? A. The management station can obtain only MIB objects. B. The management station can create a copy of the information base. C. The management station and other local devices may modify the MIB. D. The management station can retrieve and change MIB items. E. The management station cannot do anything at all. 16. The syslog utility in Cisco is used to mark errors with a severity level number ranging from 0 to 7. What is the default severity level? A. Notifications B. Informational C. Debugging D. Emergencies E. Alerts 17. What command tells the device where to send all SNMP entries? A. Router(config)#snmp-server manage text B. Router(config-if)#snmp-server agent text C. Router(config)#snmp-server location text D. Router(config)#snmp-server agent text E. Router(config-if)#snmp-server manage text 18. What is the purpose of the SNMP community string? (Select two) A. It is the name of the router connecting to the SNMP server. B. It acts like a password. C. It is encrypted. D. It is in plain text. 19. What are the four parts of the ISO model for network management? A. Organization B. Information C. Fault D. Configuration E. Communication F. Performance G. Functional 20. What feature of the MAC OS X is considered a cross between Microsoft Windows XP and Linux X Window System GUI? A. Apple B. Aqua C. Darwin D. AppleTalk

Chapter 6: Introduction to Network Administration

243

Lab Exercises
This chapter contains no lab exercises.

This page intentionally left blank

APPENDIX A

Troubleshooting Questions and Lab Exercise

Troubleshooting Questions
1. Which of the following display when you use the command show controller serial 0? (Select all that apply) A. Clock rate B. Bandwidth C. Cable type D. DTE or DCE E. Line up, protocol up 2. When troubleshooting OSPF, which of the following would cause configuration issues? (Select all that apply) A. Incorrect timers B. Misconfigured areas C. Authentication seen in plain text D. Incorrect address and subnet mask E. No DR and BDR 3. Which command displays the WAN encapsulation currently being used? A. show encapsulation B. show ip route C. show interface serial 0 D. show ip interface serial 0 4. Which of the following display when you use the show ip route command? (Select all that apply) A. Metric B. Routing protocol C. Line up, protocol down D. Connected networks E. Learned networks F. Name of router advertising learned routes G. Number of routers in network 5. What commands are necessary when you completely erase a switchs configurations? (Select all that apply) A. erase startup-config B. delete flash C. reboot D. delete flash:vlan.dat E. reload F. erase running-config

246

WAN Technologies CCNA 4 Labs and Study Guide

6. Which of the following would cause a Frame Relay connection to fail when using map statements? (Select all that apply) A. Misconfigured DLCI B. Inverse ARP disabled C. Broadcast statement missing D. Misconfigured routing protocol E. Misconfigured map statements 7. Which of the following must be done for a successful PAT configuration? (Select all that apply) A. Create an ACL B. Create a NAT pool C. Static keyword D. Overload keyword E. Apply ACL to NAT pool F. Sufficient number of addresses in NAT pool 8. Which command produces the following output?
*Mar *Mar *Mar 1 00:40:52.202: ISDN BR1/0 Q921: User RX <- RRp sapi=0 tei=64 nr=21 1 00:40:52.202: ISDN BR1/0 Q921: User TX -> RRf sapi=0 tei=64 nr=14 1 00:40:52.467: %ISDN-6-DISCONNECT: Interface BRI1/0:1 disconnected from

5552000 Scotland, call lasted 430 seconds *Mar 4 *Mar *Mar 2 *Mar *Mar *Mar 1 00:40:52.515: ISDN BR1/0 Q921: User TX -> RR sapi=0 tei=64 nr=15 1 00:40:52.515: %LINK-3-UPDOWN: Interface BRI1/0:1, changed state to down 1 00:40:52.519: %DIALER-6-UNBIND: Interface BR1/0:1 unbound from profile D 1 00:40:52.499: ISDN BR1/0 Q921: User RX <- RR sapi=0 tei=64 nr=22 1 00:40:52.511: ISDN BR1/0 Q921: User RX <- INFO sapi=0 tei=64, ns=14 nr=2 1 00:40:52.471: ISDN BR1/0 Q921: User TX -> INFO sapi=0 tei=64, ns=21 nr=1

A. debug isdn B. debug isdn status C. debug q931 D. debug q921 9. What command displays the number of ISDN lines that were established? A. show interface serial 0 B. show encapsulation ppp C. show isdn active D. show dialer 10. Which command propagates a default route when you use OSPF? A. redistribute static B. Nothing (because its automatic) C. default information-originate D. redistribute default

Appendix A: Troubleshooting Questions and Lab Exercise

247

11. Which of the following causes an EIGRP route to be put in the Stuck in active state? A. Misconfigured area B. Misconfigured timers C. Wrong autonomous system number D. No response from a query E. DUAL not working properly 12. What must be done for a router to become the DR in an OSPF environment? A. Assign it the highest-priority number. B. Assign it the highest loopback address. C. Assign it the highest configured IP address on one of its interfaces. D. Put at least one interface in area 0. 13. What should be added to the end of a static route to make sure it is used only when the primary routing protocol goes down? A. High metric B. Low metric C. Higher administrative distance than the routing protocol D. Lower administrative distance than the routing protocol E. Nothing 14. What command displays real-time events as they occur on a router? A. show B. debug C. show run D. show events 15. You are running RIPv2 in your network and have a destination that is reachable by some locations but not by all. Which of the following causes this problem to occur? A. There are more than 15 routers in your network. B. The network statement was not properly configured. C. The network was not being advertised. D. The network is down. 16. Which command displays the DHCP addresses currently in use? A. show ip dhcp B. show ip dhcp addresses C. show ip dhcp binding D. show ip dhcp statistics 17. Which of the following causes the following to occur: Serial 0 is up, line protocol is down? (Select all that apply) A. Clock rate not detected B. Administratively down C. No keepalives D. Wrong clock rate

248

WAN Technologies CCNA 4 Labs and Study Guide

18. Which command produces the following output?


BRI1/0 - dialer type = ISDN

Dial String

Successes

Failures

Last DNIS

Last status

0 incoming call(s) have been screened. 0 incoming call(s) rejected for callback.

BRI1/0:1 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle

BRI1/0:2 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle

Di0 - dialer type = DIALER PROFILE Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is idle Number of active calls = 0

A. show isdn status B. show dialer C. show isdn dialer D. show q921 19. Which routing protocols are suitable for VLSM and CIDR? (Select all that apply) A. RIP B. RIPv2 C. OSPF D. EIGRP E. IGRP F. Static routes G. IS-IS 20. You just configured a switch and noticed that it is not propagating the VLAN information to the other switches on your network. What would cause this to happen? (Select all that apply) A. The switch is in the wrong domain. B. Misconfigured VLAN numbers C. The switch is in server mode. D. The switch is in transparent mode. E. The switch is in client mode.

Appendix A: Troubleshooting Questions and Lab Exercise

249

21. You configured NAT on a router that is using inter-VLAN routing. You put the ip nat inside command on the physical interface and the ip nat outside command on the outside interface, but nothing is being translated. You checked your configurations, and everything was done correctly. What could be the problem? A. There are too many hosts with not enough addresses. B. The ip nat inside command should be put on the subinterfaces. C. The ip nat inside command should be put on the outside interface. D. PAT is being used. 22. You work for an ISP. A customer needs an IP address for 4519 hosts. You decide to summarize a group of Class C addresses because a Class B would waste a large number of addresses. How many Class C addresses need to be summarized? A. 1 B. 10 C. 15 D. 18 23. Which command produces the following?
Pro Inside global --- 194.18.26.1 --- 194.18.26.2 --- 194.18.26.15 Inside local 192.168.100.99 192.168.100.98 192.168.100.66 Outside local ------Outside global -------

A. show ip dhcp binding B. show ip nat translations C. show nat translations D. show translations 24. Which of the following does LCP negotiate when establishing a PPP connection? A. Q.931 B. IPCP C. Multilink D. CHAP E. Callback 25. Which command would you use to terminate a vty session? A. close B. disable C. disconnect D. suspend E. exit 26. If you can dial across an ISDN connection but your session is dropped immediately upon connecting, what could be the cause? (Select two) A. Incorrect SPIDs B. LCP not connecting C. Username and passwords were not set. D. Wrong username and/or password

250

WAN Technologies CCNA 4 Labs and Study Guide

27. Which command produces the following output?


Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - reply Status, s - sia Status

P 24.0.0.0/8, 1 successors, FD is 20640000 via 200.200.200.1 (20640000/128256), Serial0/0 P 69.0.0.0/8, 1 successors, FD is 20640000 via 200.200.200.1 (20640000/128256), Serial0/0 P 116.232.192.0/30, 1 successors, FD is 40512000 via Rstatic (40512000/0) P 132.16.0.0/16, 1 successors, FD is 20640000 via 200.200.200.3 (20640000/128256), Serial0/0 P 200.200.200.0/24, 1 successors, FD is 20512000 via Connected, Serial0/0 P 194.18.26.0/26, 1 successors, FD is 46226176

A. show ip protocol B. show ip ospf database C. show ip eigrp topology D. show ip eigrp neighbors 28. Which command produces the following output?
IP address 192.168.100.3 192.168.100.66 Hardware address 0100.1422.3497.93 0100.123f.49e5.20 Lease expiration Mar 02 1993 12:14 AM Mar 02 1993 12:33 AM Type Automatic Automatic

A. show dhcp addresses B. show ip dhcp addresses C. show ip dhcp binding D. show ip nat translations 29. In an ISDN environment, what would be the result of advertising the dialer interface over a routing protocol? A. Routing protocols are corrupted. B. The dialer interface continuously flaps. C. The network will not be advertised in routing updates. D. Nothing; everything would work fine. 30. What is the purpose of the frame-relay inverse-arp command? A. To create dynamic maps B. To create an ARP table across a Frame Relay network C. To create static maps D. To reverse the inverse table of RARP

Appendix A: Troubleshooting Questions and Lab Exercise

251

Lab A-1: WAN Troubleshooting


Figure A-1 Topology for Lab A-1
VLANs Management 1 = 60 hosts Retail 10 = 28 hosts Wholesale 20 = 14 hosts OSPF Area 0 Switches Fa 0/1 = Trunk Fa 0/60/10 = VLAN 10 Fa 0/110/15 = VLAN 20

DLCI 101 DLCI 103

S0/0
R1

1/1

Frame Switch

1/2

S0/0

R3

DLCI 301 DLCI 302

Fa0/0 Fa0/1
Switch 1 192.168.1.0/24

Fa0/0 2/1 Fa0/1


Switch 3 Fa0/2 192.168.2.0/24

S0/0 Area 61
R2

Area 4

Web Server 192.168.3.3/26


Switch 2 192.168.2.0/24 Area 51

Complete the lab exercise by isolating and correcting the problems outlined in the scenario. This lab tests your ability to use a troubleshooting methodology and commands to isolate and correct network problems. When complete, all hosts should be able to telnet and ping to each device in the network. Make sure that the diagram is correctly cabled before proceeding.
Note This lab can be performed one of two ways. The students can cable the lab and load the broken configs themselves, before proceeding to troubleshoot the scenario. Alternatively, you may choose to set up the lab for them. You might even consider miscabling the lab to add bugs.

Objectives

List problems found and document corrections that solve each issue. Verify that the network has been restored and that no new problems were created from unnecessary changes.

Scenario You are the on-call network administrator for the weekend, and so far nothing new has come up. You decide to enjoy the afternoon by catching a movie with your friends when you receive an urgent message Please call the office immediately; nothing seems to be working, and the network is down. You call the office and find out that a disgruntled ex-employee sabotaged the network. You leave for the office immediately, to the dismay of your friends.

252

WAN Technologies CCNA 4 Labs and Study Guide

Back at the office, you find the following problems:


You are unable to get into the R1 router. Routes from remote locations are not seen. NAT is not functioning properly on Router 2 for the Wholesale department. Hosts on the R3 LAN cannot access the network.

Troubleshooting Log Fill in the problems and solutions for each network device in the following table.
Network Device Problems Solutions

R1

Password is unknown. Not neighboring with other OSPF routers. Not receiving OSPF routing updates.

Perform password recovery. Change ip ospf network point-topoint command to point-multipoint on Serial 0/0. broadcast keyword missing from Frame Relay map statement. Change native VLAN from 2 back to VLAN 1. Change authentication key to cisco. access-list 3 permit 192.168.2.96 0.0.0.15 missing. no shut command on the trunk port. Set vty password to cisco. Put correct mask: 255.255.255.248 default-router 192.168.3.97 command missing. Assigns switch ports to proper VLANs based on diagram.

Switch_1 R2

Wrong native VLAN on trunk. OSPF authentication failing. NAT not functioning on Wholesale VLAN. Trunk port disabled. Cannot telnet. Incorrect subnet mask on serial 0/0. Hosts on Retail VLAN cannot ping outside their network No VLANs configured on switch ports.

Switch_2 R3:

Switch_3

Student name _____________________________________ Instructors initials _______


Bugged Configs
R1#show running-config Building configuration...

Current configuration : 2226 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1

Appendix A: WTroubleshooting Questions and Lab Exercise

253

! ip subnet-zero ip dhcp excluded-address 192.168.1.1 192.168.1.2 ip dhcp excluded-address 192.168.1.65 ! ip dhcp pool Management network 192.168.1.0 255.255.255.192 default-router 192.168.1.1 ! ip dhcp pool Retail network 192.168.1.64 255.255.255.224 default-router 192.168.1.65

! ! ! ! ! interface FastEthernet0/0 no shut no ip address speed auto ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 192.168.1.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Retail VLAN encapsulation dot1Q 10 ip address 192.168.1.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description Wholesale VLAN

encapsulation dot1Q 20 ip address 192.168.1.97 255.255.255.240 ip nat inside ! interface Serial0/0 no shut description To WAN Cloud ip address 10.10.10.1 255.255.255.248

254

WAN Technologies CCNA 4 Labs and Study Guide

ip nat outside encapsulation frame-relay ip ospf authentication-key cisco ip ospf network point-to-point no fair-queue frame-relay map ip 10.10.10.2 101 frame-relay map ip 10.10.10.3 103 ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown !

router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.1 0.0.0.0 area 0 network 192.168.1.1 0.0.0.0 area 4 network 192.168.1.65 0.0.0.0 area 4 network 192.168.1.97 0.0.0.0 area 4 ! ip nat pool Management 63.49.18.1 63.49.18.60 netmask 255.255.255.0 ip nat pool Retail 63.49.18.65 63.49.18.65 netmask 255.255.255.0 ip nat pool Wholesale 63.49.18.97 63.49.18.110 netmask 255.255.255.0 ip nat inside source list 1 pool Management ip nat inside source list 2 pool Retail overload ip nat inside source list 3 pool Wholesale ip classless ip route 181.16.57.0 255.255.255.0 10.10.10.2 ip route 200.169.54.0 255.255.255.0 10.10.10.3 no ip http server ! ! access-list 1 permit 192.168.1.0 0.0.0.63 access-list 2 permit 192.168.1.64 0.0.0.31 access-list 3 permit 192.168.1.96 0.0.0.15

! line con 0 logging synch password class login

Appendix A: Troubleshooting Questions and Lab Exercise

255

line aux 0 line vty 0 4 password cisco login ! end

R2#show running-config Building configuration...

Current configuration : 2260 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! ! ip subnet-zero ip dhcp excluded-address 192.168.2.1 192.168.2.2 ip dhcp excluded-address 192.168.2.65 ip dhcp excluded-address 192.168.2.97 ! ip dhcp pool Management network 192.168.2.0 255.255.255.192 default-router 192.168.2.1 ! ip dhcp pool Retail network 192.168.2.64 255.255.255.224

default-router 192.168.2.65 ! ip dhcp pool Wholesale network 192.168.2.96 255.255.255.240 default-router 192.168.2.97 ! ! ! ! ! interface FastEthernet0/0 no shut

256

WAN Technologies CCNA 4 Labs and Study Guide

no ip address speed auto ! interface FastEthernet0/0.1 description Management encapsulation dot1Q 1 native ip address 192.168.2.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Retail encapsulation dot1Q 10

ip address 192.168.2.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description Wholesale encapsulation dot1Q 20 ip address 192.168.2.97 255.255.255.240 ip nat inside ! interface Serial0/0 no shut description to WAN Cloud ip address 10.10.10.2 255.255.255.248 ip nat outside encapsulation frame-relay ip ospf authentication-key cysco ip ospf network point-to-multipoint no fair-queue frame-relay map ip 10.10.10.1 202 Broadcast frame-relay map ip 10.10.10.3 203 Broadcast ! interface Serial0/1 no ip address shutdown

! router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.2 0.0.0.0 area 0 network 192.168.2.1 0.0.0.0 area 51 network 192.168.2.65 0.0.0.0 area 51

Appendix A: Troubleshooting Questions and Lab Exercise

257

network 192.168.2.97 0.0.0.0 area 51 ! ip nat pool Management 181.16.57.1 181.16.57.60 netmask 255.255.255.0 ip nat pool Retail 181.16.57.65 181.16.57.87 netmask 255.255.255.0 ip nat pool Wholesale 181.16.57.97 181.16.57.110 netmask 255.255.255.0 ip nat inside source list 1 pool Marketing ip nat inside source list 2 pool Retail ip nat inside source list 3 pool Wholesale ip classless ip route 63.49.18.0 255.255.255.0 10.10.10.1 ip route 200.169.54.0 255.255.255.0 10.10.10.3 no ip http server ! ! access-list 1 permit 192.168.2.0 0.0.0.63 access-list 2 permit 192.168.2.64 0.0.0.31

! line con 0 logging synch password class login line aux 0 line vty 0 4 password cisco login ! end

R2#

R3#show running-config Building configuration...

Current configuration : 2420 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! ! ip subnet-zero

258

WAN Technologies CCNA 4 Labs and Study Guide

ip dhcp excluded-address 192.168.3.1 192.168.3.2 ip dhcp excluded-address 192.168.3.65 ip dhcp excluded-address 192.168.3.97 ! ip dhcp pool Management network 192.168.3.0 255.255.255.192 default-router 192.168.3.1 ! ip dhcp pool Retail network 192.168.3.96 255.255.255.224

! ip dhcp pool Wholesale network 192.168.3.96 255.255.255.240 default-router 192.168.3.97 ! ! ! ! ! interface FastEthernet0/0 no shut no ip address speed auto ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 192.168.3.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Retail VLAN encapsulation dot1Q 10 ip address 192.168.3.65 255.255.255.224

ip nat inside ! interface FastEthernet0/0.20 description Wholesale VLAN encapsulation dot1Q 20 ip address 192.168.3.97 255.255.255.240 ip nat inside ! interface Serial0/0 no shut

Appendix A: Troubleshooting Questions and Lab Exercise

259

description To WAN cloud ip address 10.10.10.3 255.255.255.240 ip nat outside encapsulation frame-relay ip ospf authentication-key cisco ip ospf network point-to-multipoint no fair-queue frame-relay map ip 10.10.10.1 302 Broadcast frame-relay map ip 10.10.10.2 301 Broadcast ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.3 0.0.0.0 area 0 network 192.168.3.1 0.0.0.0 area 61 network 192.168.3.65 0.0.0.0 area 61 network 192.168.3.97 0.0.0.0 area 61 ! ip nat pool Management 200.169.54.4 200.169.54.60 netmask 255.255.255.0 ip nat pool Retail 200.169.54.65 200.169.54.87 netmask 255.255.255.0 ip nat pool Wholesale 200.169.54.97 200.169.54.97 netmask 255.255.255.0 ip nat inside source list 1 pool Management ip nat inside source list 2 pool Retail ip nat inside source list 3 pool Wholesale overload ip nat inside source static 192.168.3.3 200.169.54.3 ip classless ip route 63.49.18.0 255.255.255.0 10.10.10.1 ip route 181.16.57.0 255.255.255.0 10.10.10.2 no ip http server ! ! access-list 1 permit 192.168.3.0 0.0.0.63 access-list 2 permit 192.168.3.64 0.0.0.31 access-list 3 permit 192.168.3.96 0.0.0.15 ! line con 0 password class logging synchronous

260

WAN Technologies CCNA 4 Labs and Study Guide

login line aux 0 line vty 0 4 password cisco login ! end

R3#

Switch1#show running-config Building configuration...

Current configuration : 1443 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch1 ! VLAN 10 name Retail VLAN 20 name Wholesale exit ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1

switchport trunk native switchport mode trunk ! interface FastEthernet0/2

Appendix A: Troubleshooting Questions and Lab Exercise

261

! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 switchport access vlan 10 ! interface FastEthernet0/7 switchport access vlan 10 ! interface FastEthernet0/8 switchport access vlan 10 ! interface FastEthernet0/9 switchport access vlan 10 !

interface FastEthernet0/10 switchport access vlan 10 ! interface FastEthernet0/11 switchport access vlan 20 ! interface FastEthernet0/12 switchport access vlan 20 ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport access vlan 20 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18

262

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.1.2 255.255.255.192 no ip route-cache no shut ! ip default-gateway 192.168.1.1 ip http server ! line con 0 logging synch line vty 0 4 password cisco login line vty 5 15 password cisco login

end

Switch2#show running-config Building configuration...

Current configuration : 1421 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch2

Appendix A: Troubleshooting Questions and Lab Exercise

263

! vlan 10 name Retail vlan 20 name Wholesale exit ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1

switchport mode trunk shutdown ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 switchport access vlan 10 ! interface FastEthernet0/7 switchport access vlan 10 ! interface FastEthernet0/8 switchport access vlan 10 ! interface FastEthernet0/9 switchport access vlan 10 !

interface FastEthernet0/10 switchport access vlan 10 !

264

WAN Technologies CCNA 4 Labs and Study Guide

interface FastEthernet0/11 switchport access vlan 20 ! interface FastEthernet0/12 switchport access vlan 20 ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport access vlan 20 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18

! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.2.2 255.255.255.192 no ip route-cache no shut ! ip default-gateway 192.168.2.1 ip http server ! line con 0 logging sync line vty 5 15 !

Appendix A: Troubleshooting Questions and Lab Exercise

265

end

Switch3#show running-config Building configuration...

Current configuration : 1524 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch3 ! vlan 10 name Retail vlan 20 name Wholesale exit ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! interface FastEthernet0/1 switchport mode trunk no ip address

! interface FastEthernet0/2 no ip address ! interface FastEthernet0/3 no ip address ! interface FastEthernet0/4 no ip address ! interface FastEthernet0/5

266

WAN Technologies CCNA 4 Labs and Study Guide

no ip address ! interface FastEthernet0/6 no ip address ! interface FastEthernet0/7 no ip address ! interface FastEthernet0/8 no ip address ! interface FastEthernet0/9

no ip address ! interface FastEthernet0/10 no ip address ! interface FastEthernet0/11 no ip address ! interface FastEthernet0/12 no ip address ! interface FastEthernet0/13 no ip address ! interface FastEthernet0/14 no ip address ! interface FastEthernet0/15 no ip address ! interface FastEthernet0/16 no ip address

! interface FastEthernet0/17 no ip address ! interface FastEthernet0/18 no ip address ! interface FastEthernet0/19 no ip address !

Appendix A: Troubleshooting Questions and Lab Exercise

267

interface FastEthernet0/20 no ip address ! interface FastEthernet0/21 no ip address ! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24

! interface FastEthernet0/22 no ip address ! interface FastEthernet0/23 no ip address ! interface FastEthernet0/24 no ip address ! interface Vlan1 ip address 192.168.3.2 255.255.255.192 no ip route-cache no shut ! ip default-gateway 192.168.3.1 ip http server ! ! line con 0 logging sync line vty 0 4 password cisco login line vty 5 15 password cisco login end

Fixed Configs
R3#show running-config

268

WAN Technologies CCNA 4 Labs and Study Guide

Building configuration...

Current configuration : 2518 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R3 ! enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1 ! ip subnet-zero ip dhcp excluded-address 192.168.3.1 192.168.3.2 ip dhcp excluded-address 192.168.3.65 ip dhcp excluded-address 192.168.3.97 ! ip dhcp pool Management network 192.168.3.0 255.255.255.192 default-router 192.168.3.1 ! ip dhcp pool Retail network 192.168.3.64 255.255.255.224 default-router 192.168.3.65 ! ip dhcp pool Wholesale network 192.168.3.96 255.255.255.240 default-router 192.168.3.97 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto no shut ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 192.168.3.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10

Appendix A: Troubleshooting Questions and Lab Exercise

269

description Retail VLAN encapsulation dot1Q 10 ip address 192.168.3.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description Wholesale VLAN encapsulation dot1Q 20 ip address 192.168.3.97 255.255.255.240 ip nat inside ! interface Serial0/0 description To WAN cloud no shut ip address 10.10.10.3 255.255.255.248 ip nat outside encapsulation frame-relay ip ospf authentication-key cisco ip ospf network point-to-multipoint ip ospf demand-circuit no fair-queue frame-relay map ip 10.10.10.1 302 broadcast frame-relay map ip 10.10.10.2 301 broadcast ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.3 0.0.0.0 area 0 network 192.168.3.1 0.0.0.0 area 61 network 192.168.3.65 0.0.0.0 area 61 network 192.168.3.97 0.0.0.0 area 61 ! ip nat pool Management 200.169.54.4 200.169.54.60 netmask 255.255.255.0 ip nat pool Retail 200.169.54.65 200.169.54.87 netmask 255.255.255.0 ip nat pool Wholesale 200.169.54.97 200.169.54.97 netmask 255.255.255.0 ip nat inside source list 1 pool Management ip nat inside source list 2 pool Retail ip nat inside source list 3 pool Wholesale overload

270

WAN Technologies CCNA 4 Labs and Study Guide

ip nat inside source static 192.168.3.3 200.169.54.3 ip classless ip route 63.49.18.0 255.255.255.0 10.10.10.1 ip route 181.16.57.0 255.255.255.0 10.10.10.2 no ip http server ! ! access-list 1 permit 192.168.3.0 0.0.0.63 access-list 2 permit 192.168.3.64 0.0.0.31 access-list 3 permit 192.168.3.96 0.0.0.15 ! line con 0 password class logging synchronous login line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end

R2#show running-config Building configuration...

Current configuration : 2390 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1 ! ip subnet-zero ip dhcp excluded-address 192.168.2.1 192.168.2.2 ip dhcp excluded-address 192.168.2.65 ip dhcp excluded-address 192.168.2.97 ! ip dhcp pool Management network 192.168.2.0 255.255.255.192 default-router 192.168.2.1

Appendix A: Troubleshooting Questions and Lab Exercise

271

! ip dhcp pool Retail network 192.168.2.64 255.255.255.224 default-router 192.168.2.65 ! ip dhcp pool Wholesale network 192.168.2.96 255.255.255.240 default-router 192.168.2.97 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto no shut ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 192.168.2.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Retail VLAN encapsulation dot1Q 10 ip address 192.168.2.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20 description Wholesale VLAN encapsulation dot1Q 20 ip address 192.168.2.97 255.255.255.240 ip nat inside ! interface Serial0/0 description to WAN Cloud no shut ip address 10.10.10.2 255.255.255.248 ip nat outside encapsulation frame-relay ip ospf authentication-key cisco ip ospf network point-to-multipoint ip ospf demand-circuit no fair-queue

272

WAN Technologies CCNA 4 Labs and Study Guide

frame-relay map ip 10.10.10.1 202 broadcast frame-relay map ip 10.10.10.3 203 broadcast ! interface Serial0/1 no ip address shutdown ! router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.2 0.0.0.0 area 0 network 192.168.2.1 0.0.0.0 area 51 network 192.168.2.65 0.0.0.0 area 51 network 192.168.2.97 0.0.0.0 area 51 ! ip nat pool Management 181.16.57.1 181.16.57.60 netmask 255.255.255.0 ip nat pool Retail 181.16.57.65 181.16.57.87 netmask 255.255.255.0 ip nat pool Wholesale 181.16.57.97 181.16.57.110 netmask 255.255.255.0 ip nat inside source list 1 pool Marketing ip nat inside source list 2 pool Retail ip nat inside source list 3 pool Wholesale ip classless ip route 63.49.18.0 255.255.255.0 10.10.10.1 ip route 200.169.54.0 255.255.255.0 10.10.10.3 no ip http server ! ! access-list 1 permit 192.168.2.0 0.0.0.63 access-list 2 permit 192.168.2.64 0.0.0.31 access-list 3 permit 192.168.2.96 0.0.0.15 ! line con 0 password class logging synchronous login line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end

R1#show running-config Building configuration...

Appendix A: Troubleshooting Questions and Lab Exercise

273

Current configuration : 2318 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1 ! ip subnet-zero ip dhcp excluded-address 192.168.1.1 192.168.1.2 ip dhcp excluded-address 192.168.1.65 ! ip dhcp pool Management network 192.168.1.0 255.255.255.192 default-router 192.168.1.1 ! ip dhcp pool Retail network 192.168.1.64 255.255.255.224 default-router 192.168.1.65 ! ! ! ! ! interface FastEthernet0/0 no ip address speed auto no shut ! interface FastEthernet0/0.1 description Management VLAN encapsulation dot1Q 1 native ip address 192.168.1.1 255.255.255.192 ip nat inside ! interface FastEthernet0/0.10 description Retail VLAN encapsulation dot1Q 10 ip address 192.168.1.65 255.255.255.224 ip nat inside ! interface FastEthernet0/0.20

274

WAN Technologies CCNA 4 Labs and Study Guide

description Wholesale VLAN encapsulation dot1Q 20 ip address 192.168.1.97 255.255.255.240 ip nat inside ! interface Serial0/0 description To WAN Cloud no shut ip address 10.10.10.1 255.255.255.248 ip nat outside encapsulation frame-relay ip ospf authentication-key cisco ip ospf network point-to-multipoint ip ospf demand-circuit no fair-queue frame-relay map ip 10.10.10.2 101 broadcast frame-relay map ip 10.10.10.3 103 broadcast ! interface Serial0/1 no ip address shutdown ! interface BRI1/0 no ip address shutdown ! router ospf 1 log-adjacency-changes area 0 authentication network 10.10.10.1 0.0.0.0 area 0 network 192.168.1.1 0.0.0.0 area 4 network 192.168.1.65 0.0.0.0 area 4 network 192.168.1.97 0.0.0.0 area 4 ! ip nat pool Management 63.49.18.1 63.49.18.60 netmask 255.255.255.0 ip nat pool Retail 63.49.18.65 63.49.18.65 netmask 255.255.255.0 ip nat pool Wholesale 63.49.18.97 63.49.18.110 netmask 255.255.255.0 ip nat inside source list 1 pool Management ip nat inside source list 2 pool Retail overload ip nat inside source list 3 pool Wholesale ip classless ip route 181.16.57.0 255.255.255.0 10.10.10.2 ip route 200.169.54.0 255.255.255.0 10.10.10.3 no ip http server ! !

Appendix A: Troubleshooting Questions and Lab Exercise

275

access-list 1 permit 192.168.1.0 0.0.0.63 access-list 2 permit 192.168.1.64 0.0.0.31 access-list 3 permit 192.168.1.96 0.0.0.15 ! line con 0 password class logging synchronous login line aux 0 line vty 0 4 password cisco login ! no scheduler allocate end

Switch1#show running-config Building configuration...

Current configuration : 1491 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch1 vlan 1 no shut vlan 10 name Retail no shut vlan 20 name Wholesale no shut ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id !

276

WAN Technologies CCNA 4 Labs and Study Guide

! ! ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 switchport access vlan 10 ! interface FastEthernet0/7 switchport access vlan 10 ! interface FastEthernet0/8 switchport access vlan 10 ! interface FastEthernet0/9 switchport access vlan 10 ! interface FastEthernet0/10 switchport access vlan 10 ! interface FastEthernet0/11 switchport access vlan 20 ! interface FastEthernet0/12 switchport access vlan 20 ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport access vlan 20 ! interface FastEthernet0/16 !

Appendix A: Troubleshooting Questions and Lab Exercise

277

interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.1.2 255.255.255.192 no ip route-cache ! ip default-gateway 192.168.1.1 ip http server ! line con 0 logging synchronous line vty 0 4 password cisco login line vty 5 15 password cisco login ! ! end

Switch2#show running-config Building configuration...

Current configuration : 1470 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption

278

WAN Technologies CCNA 4 Labs and Study Guide

! hostname Switch2 vlan 1 no shut vlan 10 name Retail no shut vlan 20 name Wholesale no shut ! ! ip subnet-zero ! ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! ! ! ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 switchport access vlan 10 ! interface FastEthernet0/7 switchport access vlan 10 ! interface FastEthernet0/8 switchport access vlan 10 ! interface FastEthernet0/9 switchport access vlan 10 ! interface FastEthernet0/10

Appendix A: Troubleshooting Questions and Lab Exercise

279

switchport access vlan 10 ! interface FastEthernet0/11 switchport access vlan 20 ! interface FastEthernet0/12 switchport access vlan 20 ! interface FastEthernet0/13 switchport access vlan 20 ! interface FastEthernet0/14 switchport access vlan 20 ! interface FastEthernet0/15 switchport access vlan 20 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.2.2 255.255.255.192 no ip route-cache ! ip default-gateway 192.168.2.1 ip http server ! line con 0 line vty 0 4 password cisco login

280

WAN Technologies CCNA 4 Labs and Study Guide

line vty 5 15 password cisco login ! ! end

Appendix B Adtran Configuration Lab

Objectives

Manually configure an Adtran for ISDN, Frame Relay, and POTS. Verify configurations.

Task 1: Log in to Adtran


Step 1. Step 2. Step 3.

Use a straight-through cable from the PC NIC to the Adtran Ethernet port. Configure the PC to IP address 10.0.0.2/24. Open the command prompt and enter the following command (see Figure B-1):
C:\>telnet 10.0.0.1

The default IP address for the Ethernet interface on the Adtran is 10.0.0.1. This allows you to telnet into the Adtran.
Figure B-1 Telnet to Adtran

Step 4. Figure B-2

Enter the default login password of password (see Figure B-2).


Insert Default Password at Login Screen

282

WAN Technologies CCNA 4 Labs and Study Guide

Task 2: Set Up ISDN BRI Switch Emulation


Step 1. Figure B-3

Using the arrow keys, scroll down to Dial Plan on the left (see Figure B-3).
Main Menu of the Adtran

Note The mouse will not work in this mode. Step 2. Figure B-4

Using the right-arrow key, select User Term (see Figure B-4).
Select User Term

Step 3.

Configure the ISDN Slot info (see Figure B-5). Press Enter to change the Slot/Service setting. Slot 1: U-BRI-4

Figure B-5

Configure User Term

Step 4.

Using the right arrow, change the Port/Packet Endpoint (PEP) setting as follows: Port 1: QUAD BRI (see Figure B-5)

Appendix B: Adtran Configuration Lab

283

Step 5.

Using the right arrow, scroll to the In#Accept value and press Enter. Select Accept Number and press Enter (see Figure B-6).

Figure B-6

Configure Two Accept Numbers

Step 6.

Configure two numbers per slot (see Figure B-6). 1st Port number: 555-1000 2nd Port number: 555-1001

Note To insert a new line, press the letter I. To delete a line, press the letter D. Return to the preceding screen. Step 7. Figure B-7

Select an interface under Slot/Svc and press Enter (see Figure B-7).
Select an Interface

Step 8.

Select Interface Configuration (see Figure B-8). Select SPID list and press Enter.

284

WAN Technologies CCNA 4 Labs and Study Guide

Figure B-8

Select SPID List

Step 9. Figure B-9

Configure the SPID list as shown for each port (see Figure B-9).
Configure SPID List

Step 10. Repeat Steps 3 through 9 for all four ISDN ports.

When you have finished, the configuration should look like Figure B-10.
Figure B-10 Completed Configuration of ISDN Ports

Note When selecting port/PEP, each port must be a different number:


Slot 1: 1>QUAD BR Slot 2: 2>QUAD BR

and so on. Press the left-arrow key until you return to the main menu.

Appendix B: Adtran Configuration Lab

285

Task 3: Set Up Analog POTS Switch Emulation (from the Main Menu)
Step 1. Figure B-11

Scroll down to Dial Plan and press Enter (see Figure B-11).
Select a Dial Plan

Step 2. Figure B-12

Select User Term (see Figure B-12) and press Enter.


Select User Term

Step 3.

Configure a fifth line with the slot configured for FXS-8 (see Figure B-13). Configure Port/PEP as FXS 3/1. To insert a new line, press the letter I.

Figure B-13

Create and Configure a Fifth Line

Step 4.

Select In#Accept. Configure the Accept Number as shown (see Figure B-14).

286

WAN Technologies CCNA 4 Labs and Study Guide

Figure B-14

Configure the Accept Number

Task 4: Configuring Frame Relay (from the Main Menu)


Step 1.

Scroll down and select Packet Manager (see Figure B-15). Select Packet Endpoints and press Enter.

Figure B-15

Select Packet Endpoints

Step 2. Figure B-16

Select Config and press Enter (see Figure B-16).


Select Config

Step 3.

Configure endpoints as shown (see Figure B-17). Name each endpoint. Select Frame Relay Protocol for each. Using the right-arrow key, move over to Config and press Enter.

Appendix B: Adtran Configuration Lab

287

Figure B-17

Configure Each Endpoint Name

Note To insert a new line, press the letter I. To delete a line, press the letter D. Return to the preceding screen. Step 4.

Configure Signaling Role as Network (see Figure B-18). Configure Signaling Type as Annex D. Scroll down to Sublinks and press Enter.

Figure B-18

Configure Signaling Type

Step 5.

Configure as shown in Figures B-19, B-20, B-21, and B-22. Name DLCIs and DLCI number for each sublink.

Figure B-19

Chicago Port

288

WAN Technologies CCNA 4 Labs and Study Guide

Figure B-20 Los Angeles Port

Figure B-21 New York Port

Figure B-22 Texas Port

Step 6. Note

Repeat Steps 4 and 5 for each Frame Relay port.

To insert a new line, press the letter I. To delete a line, press the letter D. Return to the preceding screen. Step 7.

All DLCIs and DLCI number should be configured as shown in Figures B-19, B-20, B-21, and B-22. Return to the main menu. Use the down arrow to go down to Packet Manager (see Figure B-23). Select Packet Cncts and press Enter.

Step 8. Step 9.

Appendix B: Adtran Configuration Lab

289

Figure B-23 Select Packet Cncts

Step 10. Configure Packet Cncts as shown (see Figure B-24). Figure B-24 Configure Packet Cncts

Step 11.

Return to the main menu.

Step 12. Scroll down to Dedicated Maps (see Figure B-25).

Use the down arrow to scroll to Create/Edit Maps and press Enter.
Figure B-25 Select Create/Edit Maps

Step 13. Use the right-arrow key and select Connects (see Figure B-26).

290

WAN Technologies CCNA 4 Labs and Study Guide

Figure B-26 Select Connects

Step 14. Configure each port as shown in Figure B-27.

Each of the four slots should be directed to a location as shown.


Figure B-27 Final Port Configuration

Note To insert a new line, press the letter I. To delete a line, press the letter D. Return to the preceding screen. Return to the main menu.

APPENDIX C

Router Interface Summary Chart

For most of the CCNA 4 labs, you need to examine the following chart to correctly reference the router interface identifiers to use in commands based on the equipment in your lab.
Router Model Ethernet Interface 1 Ethernet Interface 2 Serial Interface 1 Serial Interface 2

800 (806) 1600 1700 2500 2600

Ethernet 0 (E0) Ethernet 0 (E0) FastEthernet 0 (FA0) Ethernet 0 (E0) FastEthernet 0/0 (FA0/0)

Ethernet 1 (E1) Ethernet 1 (E1) FastEthernet 1 (FA1) Ethernet 1 (E1) FastEthernet 0/1 (FA0/1)

Serial 0 (S0) Serial 0 (S0) Serial 0 (S0) Serial 0/0 (S0/0)

Serial 1 (S1) Serial 1 (S1) Serial 1 (S1) Serial 0/1 (S0/1)

To find out exactly how the router is configured, look at the interfaces to identify what type of and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. The chart provides the identifiers for the possible combinations of interfaces in the device. This interface chart does not include any other type of interface, even though a specific router might contain one. An example of this is an ISDN BRI interface. The string in parentheses is the legal abbreviation that you can use in Cisco IOS Software commands to represent the interface.

This page intentionally left blank

APPENDIX D

Erasing and Reloading the Switch

For the majority of the labs in CCNA 4 focusing on switch configuration, it is necessary to start with a basic unconfigured switch; otherwise, the configuration parameters you enter might combine with previous ones and produce unpredictable results. The instructions here allow you to prepare the switch before performing the lab so that previous configuration options do not interfere with your configurations. The following is the procedure for clearing out previous configurations and starting with an unconfigured switch. Instructions are provided for the 2900, 2950, and 1900 series switches.

2900 and 2950 Series Switches


Step 1.

Disconnect the switch to be erased from all other switches. Verify that there is no uplink or backbone cabling to any other switch; otherwise, VLAN configuration information can be transferred automatically. Enter privileged EXEC mode by entering enable. If prompted for a password, enter class (if that does not work, ask the instructor):
Switch> enable

Step 2.

Step 3.

Remove the VLAN database information file.


Switch# delete flash:vlan.dat Delete filename [vlan.dat]?[Enter] Delete flash:vlan.dat? [confirm][Enter]

If there is no VLAN file, this message appears:


%Error deleting flash:vlan.dat (No such file or directory)

Step 4.

Remove the switch startup configuration file from NVRAM.


Switch# erase startup-config

The responding line prompt will be this:


Erasing the nvram filesystem will remove all files! Continue? [confirm]

Press Enter to confirm. The response should be this:


Erase of nvram: complete

Step 5.

Check that VLAN information was deleted. Verify that the VLAN configuration was deleted in Step 3 using the show vlan command. If previous VLAN configuration information (other than the default management VLAN 1) is still present, you must power-cycle the switch (hardware restart) instead of issuing the reload command. To power-cycle the switch, remove the power cord from the back of the switch or unplug it. Then plug it back in. If the VLAN information was successfully deleted in Step 3, go to Step 6 and restart the switch using the reload command.

294

WAN Technologies CCNA 4 Labs and Study Guide

Step 6. Note

Software restart (using the reload command).

This step is not necessary if the switch was restarted using the power-cycle method.

A. In privileged EXEC mode, enter the command reload.


Switch(config)# reload

The responding line prompt will be this:


System configuration has been modified. Save? [yes/no]:

B. Type n and then press Enter. The responding line prompt will be this:
Proceed with reload? [confirm][Enter]

The first line of the response will be this:


Reload requested by console.

After the switch has reloaded, the line prompt will be this:
Would you like to enter the initial configuration dialog? [yes/no]:

C. Type n and then press Enter. The responding line prompt will be this:
Press RETURN to get started![Enter]

1900 Series Switches


Step 1.

Remove VLAN Trunking Protocol (VTP) information.


#delete vtp This command resets the switch with VTP parameters set to factory defaults. All other parameters will be unchanged.

Reset system with VTP parameters set to factory defaults, [Y]es or [N]o?

Type y and press Enter.


Step 2.

Remove the switch startup configuration from NVRAM.


#delete nvram This command resets the switch with factory defaults. All system All static

parameters will revert to their default factory settings. and dynamic addresses will be removed.

Reset system with factory defaults, [Y]es or [N]o?

Type y and press Enter.

APPENDIX E

Erasing and Reloading the Router

For some of the CCNA 4 labs, it is necessary to start with a basic unconfigured router; otherwise, the configuration parameters you enter might combine with previous ones and produce unpredictable results. The instructions here allow you to prepare the router before performing the lab so that previous configuration options do not interfere with your configurations. The following is the procedure for clearing out previous configurations and starting with an unconfigured router.
Step 1.

Enter privileged EXEC mode by entering enable.


Router> enable

If prompted for a password, enter class. (If that does not work, ask your instructor.)
Step 2.

In privileged EXEC mode, enter the command erase startup-config.


Router# erase startup-config

The response from the router will be this:


Erasing the nvram filesystem will remove all files! Continue? [confirm]

Step 3.

Press Enter to confirm. The response will be this:


Erase of nvram: complete

Step 4.

In privileged EXEC mode, enter the command reload.


Router# reload response: System configuration has been modified. Save? [yes/no]:

Type n and then press Enter. The router responds with this:
Proceed with reload? [confirm]

Step 5.

Press Enter to confirm. The first line of the response will be this:
Reload requested by console.

After the router reloads, the prompt will be this:


Would you like to enter the initial configuration dialog? [yes/no]:

Step 6.

Type n and then press Enter. The responding prompt will be this:
Press RETURN to get started!

Step 7.

Press Enter.

Now, the router is ready for you to perform the assigned lab.

You might also like