Professional Documents
Culture Documents
A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any exam windows during the exam. 2. Do not close Packet Tracer when you are done, it will close automatically. 3. Click the Submit Assessment button to submit your work.
Introduction
In this practice Packet Tracer Skills Exam, you are expected to do as follows: Implement the addressing in the network to meet the stated requirements. Configure and verify a DHCP server implementation. Configure and verify WAN technologies. Configure EIGRP to enable communication with the rest of the network. Configure NAT to translate addresses for traffic that is destined to the Internet. Implement access control lists as part of a security policy.
Addressing Table
Device Interface Fa0/0 R1 S0/0/0 S0/0/1.101 S0/0/0 R2 S0/0/1.201 S0/1/0 Fa0/0 R3 S0/0/0 S0/0/1 PC1 PC3 NIC NIC Address 172.16.1.193 172.30.1.1 10.10.10.1 172.30.1.6 10.10.10.2 209.165.201.2 172.16.1.129 172.30.1.2 172.30.1.5 172.16.1.222 DHCP Assigned Subnet Mask 255.255.255.224 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.192 255.255.255.252 255.255.255.252 255.255.255.224 DHCP Assigned Default Gateway n/a n/a n/a n/a n/a n/a n/a n/a n/a 172.16.1.193 DHCP Assigned
NOTE: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.
b. Verify that PC3 now has full IP addressing. It may be necessary to toggle between Static and DHCP on the IP Configuration screen for PC3 before PC3 will send a DHCP request. PC3 should be able to ping the default gateway.
b. Configure R2 with a default route using the outbound interface argument. Use one command to propagate the default route into the EIGRP routing process. c. Verify PC1 and PC3 can ping each other as well as R1, R2 and R3. You will not be able to ping Internet hosts yet.
b. Verify that PC1 and PC3 can ping the Internet hosts.
b. Verify that ACL 50 is operating as intended. c. Configure and apply a named ACL with the case-sensitive name FIREWALL that implements the following policy: Deny ping requests sourced from the Internet. Deny Telnet and HTTP traffic sourced from the Internet. Allow all other traffic.
Version 2.0 Created in Packet Tracer 5.3.2.0027 and Marvel 1.0.1 All contents are Copyright 1992 - 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
R1: R1(config)#interface fastEthernet 0/0 R1(config-if)#ip address 172.16.1.193 255.255.255.224 R1(config-if)#ip access-group 50 out R1(config)#interface serial 0/0/1 R1(config-if)#no ip address R1(config-if)#encapsulation frame-relay R1(config)#interface serial 0/0/1 R1(config-if)#no ip address R1(config-if)#encapsulation frame-relay R1(cofig-if)#exit R1(config)#interface serial 0/0/0 R1(config-if)#encapsulation hdlc R1(config)#interface serial 0/0/1.101 pointto-point R1(config-subif)#ip address 10.10.10.1 255.255.255.252 R1(config-subif)#frame-relay interface-dlci 101 R1(config-subif)#interface Vlan1 R1(config-if)#no ip address R1(config-if)#shutdown R1(config-if)#router eigrp 100 R1(config-router)#passive-interface fastEthernet 0/0 R1(config-router)#network 172.16.0.0 R1(config-router)#network 10.0.0.0 R1(config-router)#network 172.30.0.0 R1(config-router)#no auto-summary R1(config)#access-list 50 deny 172.16.1.120 0.0.0.63 R1(config)#access-list 50 permit any --------R1(config)#interface serial 0/0/1 R1(config-if)#no shutdown ----------------------------------------------------------R2
R2(config)#username R3 password 0 ciscochap R2(config)#ip ssh version 1 R2(config)#ip name-server 0.0.0.0 R2(config)#interface serial 0/0/0 R2(config-if)#ip address 172.30.1.6 255.255.255.252 R2(config-if)#encapsulation ppp R2(config-if)#ppp authentication chap R2(config-if)#ip nat inside R2(config-if)#exit R2(config)#interface serial 0/0/1 R2(config-if)#encapsulation frame-relay R2(config-subif)#exit R2(config)#interface serial 0/0/1.201 pointto-point R2(config-subif)#ip address 10.10.10.2 255.255.255.252 R2(config-subif)#frame-relay interface-dlci 201 R2(config-subif)#ip nat inside R2(config-subif)#exit R2(conig)#interface serial 0/1/0 R2(config-if)#ip address 209.165.201.2 255.255.255.252 R2(config-if)#ip access-group FIREWALL IN R2(config-if)#IP NAT OUtside R2(config)#interface vlan1 R2(config-if)#no ip address R2(config-if)#exit R2(config)#router eigrp 100 R2(config-router)#redistribute static R2(config-router)#passive-interface serial 0/1/0 R2(config-router)#network 172.30.0.0 R2(config-router)#network 10.0.0.0 R2(config-router)#no auto-summary
R2(config-router)#exit R2(config)#ip nat inside source list 1 interface serial 0/1/0 overload R2(config)#ip route 0.0.0.0 0.0.0.0 serial 0/1/0 R2(config)#ip access-list extended FIREWALL R2(config)#ip route 0.0.0.0 0.0.0.0 serial 0/1/0 R2(config)#access-list 1 permit 172.16.1.128 0.0.0.127 R2(config)#ip access-list extended FIRSWALL R2(config-ext-nacl)#deny icmp any any echo R2(config-ext-nacl)#deny tcp any any eq telnet R2(config-ext-nacl)#deny tcp any any eq www R2(config-ext-nacl)#permit ip any any R2(config)# Username R3 password 0 ciscochap R2(config)#ip ssh version 1 Please create RSA keys (of at least 768 bits size) to enable SSH v2. R2(config)#ip name-server 0.0.0.0 -----------R2(config)#interface serial 0/0/1 R2(config-if)#no shutdown -------------------------------------------------------R3 R3(config)#ip dhcp excluded-address 172.16.1.129 172.16.1.131 R3(config)#ip dhcp pool R3_LAN R3(dhcp-config)#network 172.16.1.128 255.255.255.192
R3(dhcp-config)#default-router 172.16.1.129 R3(dhcp-config)#exit R3(config)#username R2 password 0 ciscochap R3(config)#interface fastEthernet 0/0 R3(config-if)#ip address 172.16.1.129 255.255.255.192 R3(config-if)#exit R3(config)#interface serial 0/0/0 R3(config-if)#ip address 172.30.1.2 255.255.255.252 R3(config-if)#encapsulation hdlc R3(config-if)#exit R3(config)#interface serial 0/0/1 R3(config-if)#ip address 172.30.1.5 255.255.255.252 R3(config-if)#encapsulation ppp R3(config-if)#ppp authentication chap R3(config-if)#clock rate 2000000 R3(config-if)#exit R3(config)#interface vlan1 R3(config-if)#no ip address R3(config-if)#shutdown R3(config-if)#exit R3(config)#router eigrp 100 R3(config-router)#passive-interface fastEthernet 0/0 R3(config-router)#network 172.16.0.0 R3(config-router)#network 172.30.0.0 R3(config-router)#no auto-summary ----------------------------R3#ping 10.10.10.1 R1#ping 10.10.10.2