Professional Documents
Culture Documents
Assessment Objectives
Part 1: Initialize Devices (3 points, 5 minutes) Part 2: Configure Device Basic Settings (37 points, 20 minutes) Part 3: Configure OSPFv2 Dynamic Routing Protocol (45 points, 35 minutes) Part 4: Configure ACLs (15 points, 25 minutes)
Scenario
In this Skills Assessment (SA) you will configure a small multi-router network. You must configure three routers and a PC simulating the Internet, to support IPv4 connectivity. You will then configure the devices with OSPFv2 and apply some advanced features to your OSPF configuration. Access control lists (ACLs) will be applied for security. Finally, you will test and document the network using common CLI commands.
Required Resources
3 Routers (Cisco 1941 with Cisco IOS Release 15.2(4)M3 universal image or comparable) 1 PC (Windows 7, Vista, or XP with terminal emulation program, such as Tera Term) Console cable to configure the Cisco IOS devices via the console ports Ethernet and Serial cables as shown in the topology
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 1 of 10
SA Exam
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 2 of 10
SA Exam
Configuration Item or Task Disable DNS lookup Router name Encrypted privileged EXEC password Console access password Telnet access password Encrypt the plain text passwords MOTD banner R1 class cisco cisco
Specification
Points (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point)
Unauthorized Access is Prohibited! Set the description Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set the clocking rate to 128000 Activate interface Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set the Layer 3 IPv4 address. Use the first available address in the subnet.
(1 point)
Interface S0/0/0
(2 points)
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 10
SA Exam
Configuration Item or Task Disable DNS lookup Router name Encrypted privileged EXEC password Console access password Telnet access password Encrypt the plain text passwords Enable HTTP server MOTD banner R2 class cisco cisco
Specification
Points (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point)
Unauthorized Access is Prohibited! Set the description Set the Layer 3 IPv4 address. Use the next available address in the subnet. Activate Interface Set the description Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set clocking rate to 128000 Activate Interface Set the description Set the Layer 3 IPv4 address. Use the first available address in the subnet. Activate Interface Set the Layer 3 IPv4 address. Configure a default route out G0/0.
(1/2 point)
Interface S0/0/0
(2 points)
Interface S0/0/1
(2 points)
(2 points)
(1 point) (2 points)
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 4 of 10
SA Exam
Configuration Item or Task Disable DNS lookup Router name Encrypted privileged exec password Console access password Telnet access password Encrypt the plain text passwords MOTD banner R3 class cisco cisco
Specification
Points (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point) (1/2 point)
Unauthorized Access is Prohibited! Set the description Set the Layer 3 IPv4 address. Use the next available address in the subnet. Activate Interface Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set the Layer 3 IPv4 address. Use the first available address in the subnet. Set the Layer 3 IPv4 address. Use the first available address in the subnet.
(1 point)
Interface S0/0/1
(2 points)
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 5 of 10
SA Exam
Specification
Points (1 point) (1 point) (2 points) (1 point) (2 points) (2 points) (1 point) (1 point) (1 point) (1 point)
Advertise directly connected Networks Set all LAN (Loopback) interfaces as passive Configure an inter-area summary route for the networks in area 1 Change the default cost reference bandwidth to support Gigabit interface calculations Set the serial interface bandwidth Adjust the metric cost of S0/0/0 Create an OSPF MD5 key on S0/0/0 Apply MD5 authentication to S0/0/0.
Use classless network addresses Assign Serial interface to Area 0 Assign LAN interfaces to Area 1
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 6 of 10
SA Exam
Specification
Advertise directly connected Networks Set LAN (Loopback) interface as passive Propagate the default route to all other OSPF routers Change the default cost reference bandwidth to allow for Gigabit interfaces Set the bandwidth on all serial interfaces Adjust the metric cost of S0/0/0 Create an OSPF MD5 key on the serial interfaces Apply MD5 authentication on the serial interfaces
Use classless network addresses. All connected networks should be assigned to Area 0 except the G0/0 network.
(2 point)
(1 point) (2 points) 1000 128 Kb/s Cost: 7500 Key: 1 Password: CISCO (2 point) (2 point) (1 point) (1 point) (1 point)
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 7 of 10
SA Exam
Specification
Points (1 point) (1 point) (2 point) (1 point) (2 points) (2 point) (1 point) (1 point) (1 point)
Advertise directly connected Networks Set all LAN (Loopback) interfaces as passive Configure an inter-area summary route for the networks in area 3 Change the default cost reference bandwidth to support Gigabit interface calculations Set the serial interface bandwidth Create an OSPF MD5 key on S0/0/1 Apply MD5 authentication to S0/0/1
Use classless network addresses Assign Serial interface to Area 0 Assign LAN interfaces to Area 3
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 8 of 10
SA Exam
Task Configure a standard named access list to only allow R1 to telnet to R2. Apply the named ACL to the VTY lines Verify ACL is working as expected,
Specification
Command Description Configure an extended ACL that prevents traffic from the Internet from pinging internal interfaces, while continuing to allow LAN interfaces to ping the Internet PC. Internet hosts should be granted WWW access to the simulated web server (Lo0) on R2. Apply ACL to the appropriate interface(s) Verify ACL is working as expected
Points (2 point)
(2 point) (1 point)
Step 3: Enter the appropriate CLI command needed to display the following:
Command Description Display the matches an access-list has received since the last reset. Reset access-list counters. Display what ACL is applied to an interface and the direction that it is applied Instructor Sign-off Part 4: ______________________ Points: _________ of 15 Student Input (command) Points (2 point) (2 point) (1 point)
Part 5: Cleanup
NOTE: DO NOT PROCEED WITH CLEANUP UNTIL YOUR INSTRUCTOR HAS GRADED YOUR SKILLS EXAM AND HAS INFORMED YOU THAT YOU MAY BEGIN CLEANUP. Before turning off power to the routers, remove the NVRAM configuration files (if saved) from all devices. Disconnect and neatly put away all cables that were used in the Final.
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 9 of 10
SA Exam
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.
2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 10 of 10