Professional Documents
Culture Documents
Developed by
FAWAD RAZA
LAB.
LABS DESCRIPTION
PAGE NO.
ROUTING
1 2 3 Router Basic IOS Static Routing Dynamic Routing 1. RIP 2. IGRP 3. EIGRP 4. OSPF Access Control List (ACL) 1. Standard ACL 2. Extended ACL Network Address Translation (NAT) 1. Static NAT 2. Dynamic NAT 3. Port Address Translation (PAT)
2 12 13 14 15 16 17 18 19 20 21
SWITCHING
6 7 8 9 Switch Basic IOS Spanning Tree Protocol (STP) VLANs Vlan Trunking Protocol (VTP)
23 34 35 36
WAN
10 11 PPP Authentication Frame Relay
38 39
WIRELESS
12 13 Infrastructure Mode AdHoc Mode
41 47
VoIP
14 IP Phones
51
Appendix
Lab # 1
Host A
Configuration
Step 1: After connecting your PC to the Console Port.
Router con0 is now available Press RETURN to get started. Router>
Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & ViceVersa. Router>enable Router# Router#disable Router>
Step 5(A): Set the System Clock, Date & Time on the Router
R1#clock set ? hh:mm:ss Current Time R1#clock set 6:30:45 ? <1-31> Day of the month MONTH Month of the year R1#clock set 6:30:45 1 JAN ? <1993-2035> Year R1#clock set 6:30:45 1 JAN 2005
Step 5(B): Verify the System Clock, Date & Time on the Router
R1#show clock 06:32:33.527 UTC Sat Jan 1 2005
Step 6(A): Set the Message of the Day Banner on the Router.
R1(config)#banner motd # HELLO & WELCOME TO CISCO WORLD #
Step 6(B): Verify the Message of the Day Banner on the Router.
R1 con0 is now available Press RETURN to get started. HELLO & WELCOME TO CISCO WORLD R1>
Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-I-L), Version 12.0(7)T, RELEASE SOFTWARE (fc2) Copyright (c) 1986-1999 by Cisco Systems, Inc. Compiled Mon 06-Dec-99 14:50 by phanguye
Step 16: Remove the Privileged Mode Password (Level 15) in clear form.
R1(config)#no enable password cisco
Step 17: Remove the Privileged Mode Secret Password (Level 15) in encrypted
form. R1(config)#no enable secret cisco1
Router.
OK? Method
Status
Protocol
YES NVRAM administratively down down YES NVRAM administratively down down YES NVRAM administratively down down
Enter interface name used to connect to the management network from the above interface summary: Ethernet0 Configuring interface Ethernet0: Configure IP on this interface? [no]: yes IP address for this inerface: 10.0.0.20 Subnet mask for this interface [255.0.0.0] : 255.0.0.0 Class A network is 10.0.0.0, 8 subnet bits; mask is /8 The following configuration command script was created: hostname R1 enable secret 5 $1$ZFA2$ZR288i7VkOufhqSdIyiOs. enable password cisco line vty 0 4 password cisco no snmp-server ! no ip routing ! interface Ethernet0 no shutdown ip address 10.0.0.20 255.0.0.0 ! interface Serial0 shutdown no ip address ! interface Serial1 shutdown no ip address end [0] Go to the IOS command prompt without saving this config. [1] Return back to the setup without saving this config. [2] Save this configuration to nvram and exit. Enter your selection [2]: 0 % You can enter the setup, by typing setup at IOS command prompt Router#
Configuration
WAN
IP Address 15.0.0.1 Serial 0 DCE IP Address 15.0.0.2 Serial 0 DTE
Configuration
Step 1: Assign the IP Address on the Serial Interface of the Router R1.
R1(config)#interface serial 0 R1(config-if)#ip address 15.0.0.1 255.0.0.0 R1(config-if)#no shutdown R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface) R1(config-if)#end
Step 2: Assign the IP Address on the Serial Interface of the Router R2.
R2(config)#interface serial 0 R2(config-if)#ip address 15.0.0.2 255.0.0.0 R2(config-if)#no shutdown R2(config-if)#end
Verifying Commands
Router#show ip interface brief Router#show controllers serial 0
10
WAN
IP Address 15.0.0.1 Serial 0 DCE IP Address 15.0.0.2 Serial 0 DTE
Configuration
Step 1: Check the Connectivity between 2 routers.
R1#ping 15.0.0.2
11
to Router R1.
R2# Press [ Ctrl+Shift+6 and then x ] R1# (Note: And then Resume connection by just Enter Key.)
Verifying Command
Router#show line Router#show users Router#show sessions
12
Lab # 2
STATIC Routes
Diagram
IP Address 15.0.0.1 Serial 0 IP Address 15.0.0.2 Serial 0
WAN
R1 R2
Configuration
Step 1: Configure the Static Route on the Router R1. R1(config)#ip route 20.0.0.0 255.0.0.0 15.0.0.2 Step 2: Configure the Static Route on the Router R2.
R2(config)#ip route 10.0.0.0 255.0.0.0 15.0.0.1
Verifying Command
Router#show ip route Router#show running-config
13
Lab # 3 (i)
WAN
R1 R2
Configuration
Step 1: Enable the RIP protocol on the Router R1.
R1(config)#router rip R1(config-router)#network 10.0.0.0 R1(config-router)#network 15.0.0.0
Step 2: Enable the RIP protocol on the Router R2. R2(config)#router rip R2(config-router)#network 20.0.0.0 R2(config-router)#network 15.0.0.0
Verifying Command
Router#show ip protocols Router#show ip route
14
Lab # 3 (ii)
WAN
R1 R2
Configuration
Step 1: Enable the IGRP protocol on the Router R1.
R1(config)#router igrp 10 R1(config-router)#network 10.0.0.0 R1(config-router)#network 15.0.0.0
Step 2: Enable the IGRP protocol on the Router R2. R2(config)#router igrp 10 R2(config-router)#network 20.0.0.0 R2(config-router)#network 15.0.0.0
Verifying Command
Router#show ip protocols Router#show ip route Router#clear ip route *
15
Lab # 3 (iii)
WAN
R1 R2
Configuration
Step 1: Enable the EIGRP protocol on the Router R1. R1(config)#router eigrp 64 R1(config-router)#network 10.0.0.0 R1(config-router)#network 15.0.0.0 Step 2: Enable the EIGRP protocol on the Router R2.
R2(config)#router eigrp 64 R2(config-router)#network 20.0.0.0 R2(config-router)#network 15.0.0.0
Verifying Command
Router#show ip protocols Router#show ip route Router#clear ip route * Router #show ip eigrp neighbor Router #show ip eigrp interface Router #show ip eigrp topology
16
Lab # 3 (iv)
WAN
IP Address 10.0.0.20 Ethernet 0 R1 R2 IP Address 20.0.0.20 Ethernet 0
Configuration
Step 1: Enable the OSPF protocol on the Router R1.
R1(config)#router ospf 1 R1(config-router)#network 10.0.0.0 0.255.255.255 area 0 R1(config-router)#network 15.0.0.0 0.255.255.255 area 0
Verifying Commands
Router#show ip protocols Router#show ip route Router#clear ip route * Router #show ip ospf Router #show ip ospf interface Router #show ip ospf neighbor Router #show ip ospf database
17
Lab # 4
WAN
R2
Configuration
Step 1: Make the Standard ACL on router R1 such that Host A can not be
accessing the Web & Ftp Server. R1(config)#access-list 10 deny host 10.0.0.1 R1(config)#access-list 10 permit any
Step 2: Apply the Standard ACL on router R1s Serial Interface. R1(config)#interface serial 0 R1(config-if)#ip access-group 10 out
Verifying commands (Now Host A should not be accessing both Web & FTP
servers. However, Host B should be accessing both Web & FTP Servers) R1#show access-lists R1#show ip interface serial 0
18
WAN
R2
Configuration
Step 1: Make the Extended ACL on router R1 such that Host A can not be
accessing the Web Server & Host B can not be accessing the Ftp Server. R1(config)#access-list 110 deny tcp host 10.0.0.1 host 20.0.0.1 eq www R1(config)#access-list 110 deny tcp host 10.0.0.2 host 20.0.0.2 eq ftp R1(config)#access-list 110 permit ip any any
Verifying commands
(Now Host A should not be accessing Web server & Host B should not be accessing both FTP server).
19
Lab # 5
WAN
R1
R2
NAT
Translation Table Of R1 10.0.0.1 15.0.0.11 10.0.0.2 15.0.0.12 FTP Server
WEB Server
Host A IP Address 10.0.0.1
IP Address 20.0.0.1
IP Address 20.0.0.2
Configuration
Step 1: Establishes Static NAT Translation between an inside local address
and an inside global address. R1(config)#ip nat inside source static 10.0.0.1 15.0.0.11 R1(config)#ip nat inside source static 10.0.0.2 15.0.0.12
Step 3: Marks the interface as connected to the Outside Network. R1(config)#interface serial 0 R1(config-if)#ip nat outside
20
Verifying Command
R1#show ip nat translation R1#debug ip nat
WAN
R1
R2
FTP Server
IP Address 20.0.0.2
WEB Server
IP Address 20.0.0.1
Configuration
Step 1: Defines a pool of global addresses to be allocated as needed.
R1(config)#ip nat pool abc 15.0.0.41 15.0.0.45 netmask 255.0.0.0
Step 2: Defines a standard IP access list permitting those inside local addresses
that are to be translated. R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
Step 3: Establishes dynamic source translation, specifying the access list defined
in the prior step. R1(config)#ip nat inside source list 1 pool abc
21
Verifying Command
R1#debug ip nat R1#show ip nat translations R1#clear ip nat translation *
WAN
R1
R2
PAT Table Of
R1 10.0.0.1 = 15.0.0.200 + Dyn Port 10.0.0.1 = 15.0.0.200 + Dyn Port
Host A IP Address 10.0.0.1
FTP Server
IP Address 20.0.0.2
WEB Server
IP Address 20.0.0.1
Configuration
Step 1: Defines a pool of global addresses to be allocated as needed.
R1(config)#ip nat pool abc 15.0.0.200 15.0.0.200 netmask 255.0.0.0
Step 2: Defines a standard IP access list permitting those inside local addresses
that are to be translated. R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
22
Step 3: Establishes dynamic source translation, specifying the access list defined
in the prior step. R1(config)#ip nat inside source list 1 pool abc overload
Verifying Command
R1#debug ip nat R1#show ip nat translations
23
Lab # 6
Configuration
Step 1: After connecting your PC to the Console Port.
Switch con0 is now available Press RETURN to get started. Switch> (User Mode)
Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & ViceVersa. Switch>enable Switch# Switch#disable Switch>
24
25
Base ethernet MAC Address: 00:0F:24:68:05:00 Motherboard assembly number: 73-5700-11 Power supply part number: 34-0966-04 Motherboard serial number: CAT08050JCX Power supply serial number: DTH08042TFG Model revision number: L0 Motherboard revision number: A0 Model number: WS-C2950-24-SMI System serial number: CAT0805Z0CW Configuration register is 0x10F
26
switchport mode dynamic desirable ! interface GigabitEthernet0/2 switchport mode dynamic desirable ! interface Vlan1 no ip address shutdown ! ip classless ip http server ! <Output Omitted> end
27
Vlan1 is up, line protocol is up Hardware is EtherSVI, address is 000f.2468.0500 (bia 000f.2468.0500) Internet address is 10.0.0.10/8 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Queueing strategy: fifo Output queue: 0/40 (size/max) <Output Omitted>
28
Port Fa0/2
Name
Status
Type 10/100BaseTX
notconnect 1
<Output Omitted> Fa0/22 Fa0/23 Fa0/24 Gi0/1 Gi0/2 notconnect notconnect notconnect notconnect notconnect 1 1 1 1 1 auto auto auto auto auto auto auto auto auto auto 10/100BaseTX 10/100BaseTX 10/100BaseTX unknown unknown
29
Name: Fa0/1 Switchport: Enabled Administrative Mode: dynamic desirable Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) <Output Omitted> Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Appliance trust: none
30
Fa0/24
desirable
n-802.1q
trunking
Port Vlans allowed on trunk Fa0/23 1-4094 Fa0/24 1-4094 Port Vlans allowed and active in management domain Fa0/23 1-2 Fa0/24 1-2
Port Vlans in spanning tree forwarding state and not pruned Fa0/23 1-2 Fa0/24 2
Ports ----Fa0/1
31
32
33
34
Lab # 7
Root Switch
Priority: 4096
2950-SWA
2950-SWB
Con 0
Con 0
Configuration
Step 1: Switch (2950-SWB)
Switch(config)#spanning-tree vlan 1 priority 4096
Verifying Commands
Switch#show spanning-tree vlan 1
35
Lab # 8
VLANs
Diagram
Switch
Con 0
Configuration
vlans (VLAN # 2 & VLAN#3). Switch(config)#vlan 2 Switch(config-vlan)#name esp2 Switch(config)#vlan 3 Switch(config-vlan)#name esp3
Step 1: Creating
Verifying Command
Switch#show vlan
36
Lab # 9
Con 0
Con 0
Configuration
Step 1: To set the VTP Domain CISCO on the switch.
Switch(config)#vtp domain CISCO Changing VTP domain name from NULL to CISCO
37
Verifying Command
Switch# show vtp status Switch#show vlan
38
Lab # 10
WAN
R1 R2
Configuration
Step 1(A): Change the Hostname to R1 & Assign the IP addresses on the Serial
Interface of Router R1 as shown in figure.
Step 1(B): Change the Hostname to R2 & Assign the IP addresses on the Serial
Interface of Router R2 as shown in figure.
Verifying Commands
Router#show interfaces serial 0 Router#debug ppp authentication
39
Lab # 11
FRAME RELAY-(Point-to-Point)
Diagram
Frame Relay Network
(FR Switch)
Serial 0 DCE
Serial 1 DCE
R1
DLCI=102
IP Address 15.0.0.1 Serial 0 DTE
DLCI=201
IP Address 15.0.0.2 Serial 0 DTE
R2
Configuration
Step 1: Configuring the FR switch.
FR-SWITCH(config)#frame-relay switching FR-SWITCH(config)#int s0 FR-SWITCH(config-if)#no ip address FR-SWITCH(config-if)#no shutdown FR-SWITCH(config-if)#encapsulation frame-relay FR-SWITCH(config-if)#frame-relay intf-type dce FR-SWITCH(config-if)#clock rate 64000 FR-SWITCH(config-if)#frame-relay route 102 int s1 201 FR-SWITCH(config)#int s1 FR-SWITCH(config-if)#no ip address FR-SWITCH(config-if)#no shutdown FR-SWITCH(config-if)#encapsulation frame-relay FR-SWITCH(config-if)#frame-relay intf-type dce FR-SWITCH(config-if)#clock rate 64000 FR-SWITCH(config-if)#frame-relay route 201 int s0 102
40
Verifying Commands
FR Client Router#show frame-relay pvc Router#show frame-relay map Router#show frame-relay lmi FR Switch Router#show frame-relay route
41
Lab # 12
WIRELESS NETWORK
i. Infrastructure Mode
Diagram
Wired Client 192.168.1.4 Wireless Access Point 192.168.1.1
Wireless Client
192.168.1.2
192.168.1.3
At Machine 192.168.1.4: First configure the Access Point. Go to the Internet Explorer and type http://192.168.1.1 in address bar.
42
43
44
At Client 192.168.1.2:
Press the Install button. Type linksys in the SSID. Select the Infrastructure from the Wireless Mode
45
46
47
ii. Adhoc-Mode
Wireless Adhoc-Mode
192.168.1.2
Wireless Peer-to-Peer
Client
192.168.1.3
At Client 192.168.1.2: Go to the LINKSYS G Wireless Utility at the task bar. Press the configuration on the less side of LAN Monitor Go to the Profile Tag & Follow the Wizard.
48
49
50
Repeat the same procedure at machine 192.168.1.3. Go to the Internet Explorer and type other machines ip now both machines communicates in the Ad-hoc mode or you can ping from the command prompt by just going into the command prompt and type ping other machines ip.
51
Lab # 13
IP PHONES
Diagram
IP Address 15.0.0.1 Serial 0 IP Address 10.0.0.20 R1 Client 2 Analog Phone With ATA IP Address 10.0.0.2 IP Address 15.0.0.2 Serial 0
WAN
R2
IP Address 20.0.0.20
52
Appendix
53
Diagram
Straight-through Ethernet Cable
Hub/Switch Host
1 2 3 6
1 2 3 6
Notice that only pins 1, 2, 3, and 6 are used. Just connect 1 to 1, 2 to 2, 3 to 3, and 6 to 6. However, remember that this would be an Ethernet-only cable and wouldnt work with Voice, Token Ring, ISDN, etc.
54
3) Host to host 4) Hub to switch 5) Router direct to host The same four wires are used in this cable as in the straight-through cable; we just connect different pins together. Figure shows how the four wires are used in a crossover Ethernet cable. Notice that instead of connecting 1 to 1, etc., here we connect pins 1 to 3 and 2 to 6 on each side of the cable.
Diagram
Cross-over Ethernet Cable
Hub/Switch/Host 1 2 3
6
Hub/Switch/Host 1 2 3 6
55
Diagram
Rolled Ethernet Cable
Host 1 2 3 4 5 6 7 8 Router/Switch 1 2 3 4 5 6 7 8
To make, just cut the one side like a straight-through cable and reverse the other end. Once you connect the cable from your PC to the Cisco router or switch, you can start HyperTerminal to create a console connection and configure the device
56
Straight Cable
Procedure
1. Make sure that both NICs are installed onto your PCs. 2. Assign IP address to your LAN (NIC) card on both PCs.
57
Configuration
Step 1: Make sure that both NICs are installed onto your PCs.
Go to Windows Start Button > Settings > Control Panel
Then go to System
58
59
Note: - If LAN (NIC) card is not installed onto your PC then go to Windows Start Button > Settings > Control Panel > Add/Remove Hardware.
60
61
62
Give the IP Address, & press O.K. Check the IP Address on the Command Prompt. D:\>ipconfig Windows 2000 IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address . . . . . . . . . . . . . . : 10.0.0.1 Subnet Mask . . . . . . . . . . . : 255.0.0.0 Default Gateway .........: Step 3(A): Check their connectivity by PING command. D:\>ping 10.0.0.2 Pinging 10.0.0.2 with 32 bytes of data: Reply from 10.0.0.2: bytes=32 time<10ms TTL=128
63
Reply from 10.0.0.2: bytes=32 time<10ms TTL=128 Reply from 10.0.0.2: bytes=32 time<10ms TTL=128 Reply from 10.0.0.2: bytes=32 time<10ms TTL=128 Ping statistics for 10.0.0.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
64
65
Procedure
1. Open an Internet Information Service (IIS) from an Administrative tools and Make a WEB Server. 2. Open an Internet Information Service (IIS) from an Administrative tools and Make a FTP Server. 3. Verifying the WEB & FTP Derver from Host A.
Configuration
Step 1: Open an Internet Information Service (IIS) from an Administrative tools
& Make a WEB Server. Go to Windows Start Button > Programs > Administrative Tools > Internet Services Manager.
66
Then, Start IIS & Right Click on the Computer Name > New > Web Site
67
68
69
70
71
72
73
Check the Web Page by Right Click & Press the Browse.
74
75
Then, Start IIS & Right Click on the Computer Name > New > Ftp Site
76
77
78
79
Check the Ftp Site by Right Click on Ftp Server & Press the Browse.
80
Check the Ftp Site by Right Click on Ftp Server & Press the Browse.
81
82
Switch
Host A
Host B
Procedure
1. Open the Hyper Terminal Session From RUN by giving the command hypertrm or from STRART Button -> Programs -> Accessories -> Communications -> Hyper Terminal. 2. Give the Session name. 3. Define the connection type i-e., COM1.
Configuration
Step 1: Open the Hyper Terminal Session From RUN by giving the command
hypertrm or from START Button -> Programs -> Accessories -> Communications -> Hyper Terminal.
83
84
COM Port.
85
86
87
Password Recovery
Diagram
Router
Procedure
1. Attach a PC with terminal emulation software to the Routers Console port. 2. Turn off the Router, and turn it on and press the Break Key on the PC within 60 seconds of turning on the Router. 3. Enter the command to By-Pass the NVRAM on the > prompt and initialize the Router by command. 4. Enter no in response to the System Configuration dialog prompts. 5. Enter into the Router and copy the configuration from the NVRAM, change the password & change the value of the configuration register & save the configuration into NVRAM again and reload the Router.
Configuration
Step 1: Attach a PC with terminal emulation software to the Routers Console
Port.
88
The configuration register value is 0x2102 by-default. Its mean that whenever the Router boots, it will read the contents of the NVRAM. So, we need to by-pass the NVRAM at the time of startup for the password recovery.
Step 2: Turn off the Router, and turn it on and press the Break Key on the PC
within 60 seconds of turning on the Router. The > prompt with no Router name appears at the Router screen.
Step 3: Enter the command to By-Pass the NVRAM on the > prompt and
initialize the Router by command. > o/r 0x2142 (to boot from flash) >i (initialize the Router)
Step 4: Enter no in response to the System Configuration dialog prompts until the
following message appears. Press RETURN to get started!
Step 5: Enter into the Router and copy the configuration from the NVRAM,
change the password & change the value of the configuration register & save the configuration into NVRAM again and reload the Router. Router#copy stratup-config running-config Router(config)#no enable password Router(config)#enable password cisco Router(config)#configuration-register 0x2102 Router#write memory (Equivalent Command of copy running-config startup-config) Router#reload
89
TFTP Server
i. Uploading Configuration from Router to the TFTP Server
Diagram
Uploading Configuration
Procedure
1. 2. 3. 4. Make a TFTP Server to Host A. Verification of connectivity of PC & Router by ping command. Upload the NVRAM Configuration into TFTP Server. Verifying the uploaded configuration from the TFTP Server.
90
Configuration
Step 1: Make a TFTP Server to Host A.
91
Diagram
92
Procedure
1. 2. 3. 4. 5. 6. Make a TFTP Server to Host A. Remove the Configuration from the NVRAM and reload the Router. Give the IP Address to the Router. Verification of connectivity of PC & Router by ping command. Download the NVRAM Configuration from the TFTP Server. Verifying the uploaded configuration from the TFTP Server.
Configuration
Step 1: Make a TFTP Server to Host A.
Step 2: Remove the Configuration from the NVRAM & reload the Router.
R1#write erase [OK] R1#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested System Bootstrap, Version 11.0(10c), SOFTWARE Copyright (c) 1986-1996 by cisco Systems <Output Omitted>
93
Step 6(B): Verifying the uploaded configuration from the TFTP Server.