CCNA Lab Manual by ESP

Cisco Certified Network AssociateCCNA

Lab ManualRevision 2

Developed by

Muhammad Irfan Ghauri Muhammad Rizwan

Copy rights 2006ESP Press

Etronics Solution ProviderF1, 8th floor, Flat # 132

Sunny Pride, Gulistan-e-Jauhar, Karachi.Ph # 021-6034003

CCNA Lab Manual 1

By M. Irfan Ghauri M. Rizwan

Etronics Solution Provider

Table of Contents

Section-I Network Fundamentals_____1- Ethernet Cables

Cross Cable. 4Straight Cable.......5Roll-Over Cable...6

2- How To Make A LANConnecting Two PCs via Cross Cable........7Connecting Two PCs via Straight Cable....8

3- How To Make A Web & Ftp ServerWeb Server.........14Ftp Server...21

4- Open a Hyper Terminal Session......28

Section-II Routing _____________________________5- Router Basic IOS

Router Basic Commands...........33Assign the IP address on the Ethernet Interface of Router............42Assign the IP address on the Serial interface of Router.................45

6- Accessing Router Through A Telnet...497- Static Routes................538- Dynamic Routes

RIP Configuration..........57IGRP Configuration...........61EIGRP Configuration.............66OSPF Configuration In A Single Area..............71

Section-III IP Traffic Management____________9- Access Control List

Standard ACL. ..77Extended ACL...82

CCNA Lab Manual 2



10- Network Address TranslationStatic NAT.....87Dynamic NAT....92

Overload NAT.......97

Section-IV Switching________________11- Switch Basic IOS...10312- Spanning Tree Protocol.............11713- VLAN & VLAN Trunking Protocol.................125

Section-V WAN______________ _____14- Frame Relay....13715- ISDN..140

Section-VI Appendix_________________________________16- Password Recovery14817- Port Security. .............15118- TFTP Server

Uploading Configuration Through A TFTP Server.........154Downloading Configuration Through A TFTP Server............157

CCNA Lab Manual 3



Section 1

NetworkFundamentals

CCNA Lab Manual 4



Lab # 1

Ethernet CABLES

ObjectiveThis lab demonstrates how to make an Ethernet Cables.

The types of Ethernet cables are:

1) Straight-through cable2) Crossover cable3) Rolled cable

i. Straight-Through CableThe straight-through cable is used to connect

1) Host to switch or hub2) Router to switch or hub

Four wires are used in straight-through cable to connect Ethernet devices. It is relativelysimple to create ; Figure shows the four wires used in a straight-through Ethernetcable.

Diagram

CCNA Lab Manual 5



Notice that only pins 1, 2, 3, and 6 are used. Just connect 1 to 1, 2 to 2, 3 to 3, and 6 to 6.However, remember that this would be an Ethernet-only cable and wouldnt work withVoice, Token Ring, ISDN, etc.

ii. Crossover Cable CableThe crossover cable can be used to connect

1) Switch to switch2) Hub to hub3) Host to host4) Hub to switch5) Router direct to host

The same four wires are used in this cable as in the straight-through cable; we justconnect different pins together. Figure shows how the four wires are used in a crossoverEthernet cable.

Notice that instead of connecting 1 to 1, etc., here we connect pins 1 to 3 and 2 to 6 oneach side of the cable.

Diagram

CCNA Lab Manual 6



iii. Rolled CableAlthough rolled cable isnt used to connect any Ethernet connections together, you canuse a rolled Ethernet cable to connect a host to a router console serial communication(com) port.

Eight wires are used in this cable to connect serial devices, although not all eight are usedto send information, just as in Ethernet networks. Figure shows the eight wires used in arolled cable.

Diagram

To make, just cut the one side like a straight-through cable and reverse the other end.

Once you connect the cable from your PC to the Cisco router or switch, you can startHyperTerminal to create a console connection and configure the device

CCNA Lab Manual 7



Lab # 2

How to Create A LAN

ObjectiveThis lab demonstrates how to make a LAN Network.

The demonstration includes :1. To connect 2 PCs with a cross cable.2. To connect 2 PCs with a switch using a straight cable.

i. Connecting 2 PCs via Cross Cable

Diagram

Cross Cable

Host AIP Address: 10.0.0.1MAC: 00-01-02-62-fc-c4

Host BIP Address: 10.0.0.2

MAC: 00-50-da-23-c9-dd

CCNA Lab Manual 8



ii. Connecting 2 PCs via Straight Cable

Diagram

Procedure

1. Make sure that both NICs are installed onto your PCs.2. Assign IP address to your LAN (NIC) card on both PCs.3. Check their connectivity by PING command & DATA sharing.

Ethernet 0/2Ethernet 0/1

2950-SWAIP Address: 10.0.0.10

MAC: 00-03-6b-33-42-c0

StraightCable

StraightCable

Host BIP Address: 10.0.0.2

MAC: 00-50-da-23-c9-ddHost AIP Address: 10.0.0.1MAC: 00-01-02-62-fc-c4

CCNA Lab Manual 9



Configuration

Step 1: Make sure that both NICs are installed onto your PCs.Go to Windows Start Button > Settings > Control Panel

Then go to System

CCNA Lab Manual 10



Then go to Hardware tab > Device Manager

Expand the SERVER123 (Computer Name) tab > Network Adapters

Note: - If LAN (NIC) card is not installed onto your PC then go to Windows StartButton > Settings > Control Panel > Add/Remove Hardware.

CCNA Lab Manual 11



Step 2: Assign IP address to your LAN (NIC) card on both PCs.Go to My Network Places, Right Click & take the Properties & open the Network &Dial-up Connections

Choose your LAN card, & take the Properties,

Go to the TCP/IP, & take the Properties

CCNA Lab Manual 12



Give the IP Address, & press O.K.

Check the IP Address on the Command Prompt.

D:\>ipconfig

Windows 2000 IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : IP Address . . . . . . . . . . . . . . : 10.0.0.1 Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

Step 3(A): Check their connectivity by PING command.D:\>ping 10.0.0.2Pinging 10.0.0.2 with 32 bytes of data:

CCNA Lab Manual 13



Reply from 10.0.0.2: bytes=32 time

CCNA Lab Manual 14



Lab # 3

How to Make a Web & Ftp Server

ObjectiveThis lab demonstrates how to make a Web & Ftp Server.The demonstrations include:

1. Web Server.2. Ftp Server.

Diagram

Host AIP Address: 10.0.0.1

IP Address 10.0.0.2

Web Server

FTP Server

IP Address 10.0.0.3

CCNA Lab Manual 15



Procedure

1. Open an Internet Information Service (IIS) from an Administrative tools andMake a WEB Server.

2. Open an Internet Information Service (IIS) from an Administrative tools andMake a FTP Server.

3. Verifying the WEB & FTP Server from Host A.

Configuration

Step 1: Open an Internet Information Service (IIS) from an Administrative tools& Make a WEB Server.

Go to Windows Start Button > Programs > Administrative Tools > Internet ServicesManager.

Then, Start IIS & Right Click on the Computer Name > New > Web Site

CCNA Lab Manual 16





CCNA Lab Manual 17



Then, Set the IP Address & Port

CCNA Lab Manual 18



Enter the path of the Web Page

Assigns the Permission,

CCNA Lab Manual 19



Wizard will finish now successfully.

Take the Properties of the Web Server

CCNA Lab Manual 20



Go to the Documents tab,

Add your Web Page,

CCNA Lab Manual 21



Check the Web Page by Right Click & Press the Browse.

Step 2: Open an Internet Information Service (IIS) from an Administrative tools& Make a FTP Server.

Go to Windows Start Button > Programs > Administrative Tools > Internet ServicesManager.

CCNA Lab Manual 22



Then, Start IIS & Right Click on the Computer Name > New > Ftp Site

Start the Ftp Wizard

CCNA Lab Manual 23



Give the name to Ftp Site

Give the IP Address & Port setting

CCNA Lab Manual 24



Enter the Path of the Ftp site

Assign the permissions

CCNA Lab Manual 25



Wizard will finish now successfully.

Check the Ftp Site by Right Click on Ftp Server & Press the Browse.

CCNA Lab Manual 26



Check the Ftp Site by Right Click on Ftp Server & Press the Browse.

CCNA Lab Manual 27



Step 3: Verifying the WEB & FTP Server from Host A.WEB Server from Host A.

FTP Server from Host A.

CCNA Lab Manual 28



Lab # 4

Open A Hyper Terminal Session

ObjectiveThis lab demonstrates how to open a Hyper Terminal session.

Diagram

R1

Console 0Roll Over cable

Host A

2950

Host A


CCNA Lab Manual 29



Procedure

1. Open the Hyper Terminal Session From RUN by giving the commandhypertrm or from STRART Button -> Programs -> Accessories ->Communications -> Hyper Terminal.

2. Give the Session name.3. Define the connection type i-e., COM1.

Configuration

Step 1: Open the Hyper Terminal Session From RUN by giving the commandhypertrm or from START Button -> Programs -> Accessories ->Communications -> Hyper Terminal.

CCNA Lab Manual 30



Step 2: Give the Session name.

Step 3: Define the Connection Type i-e., COM1.

CCNA Lab Manual 31



Step 4: Define the Port Settings of COM Port.

Note: Press Restore Defaults Button

Step 5: Start the Hyper Terminal Session.

CCNA Lab Manual 32



Section 2

Routing

CCNA Lab Manual 33



Lab # 5

Router Basic IOS

ObjectiveThis lab includes basic commands of Router IOS on 2500 Series.

i. Router Basic Commands.

DiagramR1


Host A

CCNA Lab Manual 34



Configuration

Step 1: After connecting your PC to the Console Port.Router con0 is now available

Press RETURN to get started.Router>

Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & Vice-Versa.

Router>enableRouter#Router#disableRouter>

Step 3: To Enter Into Global Configuration Mode.Router#configure terminalRouter(config)#

Step 4: To change the Host Name of Router.

Router(config)#hostname R1R1(config)#

Step 5(A): Set the System Clock, Date & Time on the RouterR1#clock set ?

hh:mm:ss Current Time

R1#clock set 6:30:45 ?

CCNA Lab Manual 35



Day of the month MONTH Month of the year

R1#clock set 6:30:45 1 JAN ?

Year

R1#clock set 6:30:45 1 JAN 2005

Step 5(B): Verify the System Clock, Date & Time on the RouterR1#show clock

06:32:33.527 UTC Sat Jan 1 2005

Step 6(A): Set the Message of the Day Banner on the Router.R1(config)#banner motd # HELLO & WELCOME TO CISCO WORLD #

Step 6(B): Verify the Message of the Day Banner on the Router.R1 con0 is now available

Press RETURN to get started.

HELLO & WELCOME TO CISCO WORLD

R1>

Step 7: Display the Version Information of the Router.R1#show version

Cisco Internetwork Operating System SoftwareIOS (tm) 2500 Software (C2500-I-L), Version 12.0(7)T, RELEASE SOFTWARE(fc2)Copyright (c) 1986-1999 by cisco Systems, Inc.Compiled Mon 06-Dec-99 14:50 by phanguyeImage text-base: 0x0303C728, data-base: 0x00001000

CCNA Lab Manual 36



ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWAREBOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASESOFTWARE (fc1)R1 uptime is 1 minuteSystem returned to ROM by reloadSystem image file is "flash:c2500-i-l[1].120-7.T.bin"

cisco 2500 (68030) processor (revision F) with 16384K/2048K bytes of memory.Processor board ID 04851445, with hardware revision 00000000Bridging software.X.25 software, Version 3.0.0.1 Ethernet/IEEE 802.3 interface(s)2 Serial network interface(s)32K bytes of non-volatile configuration memory.8192K bytes of processor board System flash (Read ONLY)

Configuration register is 0x2102

Step 8: Display the Flash Information.R1#dir

OR

R1#show flash:

System flash directory:File Length Name/status 1 7432656 c2500-i-l[1].120-7.T.bin[7432720 bytes used, 955888 available, 8388608 total]8192K bytes of processor board System flash (Read ONLY)

Step 9: Show contents of Current Configuration (RAM).R1#show running-config

CCNA Lab Manual 37



Step 10: Show contents of Startup Configuration (NVRAM).R1#show startup-config

Step 11(A): Set the Line Console Password on the Router.R1(config)#line console 0R1(config-line)#password ciscoR1(config-line)#login

Step 11(B): Verification Line Console Password on the switch.R1 con0 is now available


User Access Verification

Password:R1>

Step 12(A): Set the privileged mode password in clear text.R1(config)#enable password cisco

Step 12(B): Verifying the privileged mode password in clear text.R1#disableR1>enablePassword:R1#

CCNA Lab Manual 38



Step 13(A): Set the Privileged Mode password in encrypted form.R1(config)#enable secret cisco

The enable secret you have chosen is the same as your enable password.This is not recommended. Re-enter the enable secret.

R1(config)#enable secret cisco1

Step 13(B): Verifying the Privileged Mode password in encrypted form.R1#disableR1>enablePassword: (Enter Clear Text Password)Password: (Enter Encrypted Password)R1#

Step 14: Set the Line VTY Password on the Router.

R1(config)#line vty 0 4R1(config-line)#password ciscoR1(config-line)#login

Step 15: Set the Line Auxiliary Password on the Router.R1(config)#line aux 0R1(config-line)#password ciscoR1(config-line)#login

Step 16: Remove the Privileged Mode Password (Level 15) in clear form.R1(config)#no enable password cisco

Step 17: Remove the Privileged Mode Secret Password (Level 15) in encryptedform.

R1(config)#no enable secret cisco1

CCNA Lab Manual 39



Step 18: To enter in the Setup Mode (Initial Configuration Dialog) of Router.Router#setup

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: y

At any point you may enter a question mark '?' for help.Use ctrl-c to abort configuration dialog at any prompt.Default settings are in square brackets '[]'.

Basic management setup configures only enough connectivityfor management of the system, extended setup will ask youto configure each interface on the system

Would you like to enter basic management setup? [yes/no]: y

Configuring global parameters: Enter host name [Router]: R1

The enable secret is a password used to protect access to privileged EXEC and configuration modes. This password, after entered, becomes encrypted in the configuration. Enter enable secret: cisco1

The enable password is used when you do not specify an enable secret password, with some older software versions, and some boot images. Enter enable password: cisco

The virtual terminal password is used to protect access to the router over a network interface. Enter virtual terminal password: cisco

Configure SNMP Network Management? [no]:

Current interface summary

CCNA Lab Manual 40



Interface IP-Address OK? Method Status Protocol

Ethernet0 unassigned YES NVRAM administratively down down

Serial0 unassigned YES NVRAM administratively down down


Enter interface name used to connect to themanagement network from the above interface summary: Ethernet0

Configuring interface Ethernet0: Configure IP on this interface? [no]: yes IP address for this inerface: 10.0.0.20 Subnet mask for this interface [255.0.0.0] : 255.0.0.0 Class A network is 10.0.0.0, 8 subnet bits; mask is /8

The following configuration command script was created:

hostname R1enable secret 5 $1$ZFA2$ZR288i7VkOufhqSdIyiOs.enable password ciscoline vty 0 4password ciscono snmp-server!no ip routing!interface Ethernet0no shutdownip address 10.0.0.20 255.0.0.0!interface Serial0shutdownno ip address!!interface Serial1shutdown

CCNA Lab Manual 41



no ip address!end[0] Go to the IOS command prompt without saving this config.[1] Return back to the setup without saving this config.[2] Save this configuration to nvram and exit.

Enter your selection [2]: 0% You can enter the setup, by typing setup at IOS command promptRouter#

CCNA Lab Manual 42



ii. Assign the IP Address on the EthernetInterface of the Router.

Diagram

Procedure

1. Check for the interfaces summary of the Router.2. Assign the IP Address on the Ethernet Interface of the Router.3. Display the interface information of the Ethernet interface of the router.4. Verify the connectivity of the Router with the switch & PC.

2950-SWA

Fast Ethernet 0/1

Host A

IP Address 10.0.0.20

R1

IP Address 10.0.0.10

IP Address 10.0.0.1

CCNA Lab Manual 43



Configuration

Step 1: Check for the Interfaces summary of the Router.

R1#show ip interface brief





Step 2: Assign the IP Address on the Ethernet Interface of the Router.R1(config)#interface ethernet 0R1(config-if)#no ip addressR1(config-if)#ip address 10.0.0.20 255.0.0.0R1(config-if)#no shutdown

Step 3: Display the interface information of the Ethernet interface of the Router.R1#show interfaces ethernet 0

Ethernet0 is up, line protocol is up Hardware is Lance, address is 0000.0c3e.93e1 (bia 0000.0c3e.93e1) Internet address is 10.0.0.20/8 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never

CCNA Lab Manual 44



Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops

Step 4(A): Check for the Interfaces summary of the Router.R1#show ip interface brief


Ethernet0 10.0.0.20 YES manual up up



Step 4(B): Verify the connectivity of the Router with the Switch.R1#ping 10.0.0.10

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.0.0.20, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Step 4(C): Verify the connectivity of the Router with the PC.R1#ping 10.0.0.1


CCNA Lab Manual 45



iii. Assign the IP Address on the SerialInterfaces of the Router.

Diagram

Procedure

1) Check for the interfaces summary of the Router R1 & R22) Check for the DCE & DTE interfaces of the Router R1 & R23) Assign the IP Address on the Serial Interfaces of the Router R1 & R2.4) Display the interface information of the Serial interface of the Router R1 & R2.5) Verify the connectivity of the Router R1 & R2.

IP Address 15.0.0.1Serial 0

DCE


DTE

WAN

R1 R2

CCNA Lab Manual 46



Configuration

Step 1: Check for the Interfaces summary of the Routers.R1#show ip interface brief





Step 2(A): Check for the DCE cable of the Router R1.R1#show controllers serial 0

HD unit 0, idb = 0x10DB04, driver structure at 0x1139D8buffer size 1524 HD unit 0, RS-232 DCE cablecpb = 0x22, eda = 0x4140, cda = 0x4000

0 missed datagrams, 0 overruns0 bad datagram encapsulations, 0 memory errors0 transmitter underruns0 residual bit errors

Step 2(B): Check for the DTE cable of the Router R2.R2#show controllers serial 0

HD unit 0, idb = 0x160118, driver structure at 0x165478buffer size 1524 HD unit 0, RS-232 DTE cablecpb = 0x22, eda = 0x412C, cda = 0x4140

0 missed datagrams, 0 overruns0 bad datagram encapsulations, 0 memory errors

CCNA Lab Manual 47



0 transmitter underruns0 residual bit errors

Step 3(A): Assign the IP Address on the Serial Interface of the Router R1.R1(config)#interface serial 0R1(config-if)#ip address 15.0.0.1 255.0.0.0R1(config-if)#no shutdownR1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)R1(config-if)#end

Step 3(A): Assign the IP Address on the Serial Interface of the Router R2.R2(config)#interface serial 0R2(config-if)#ip address 15.0.0.2 255.0.0.0R2(config-if)#no shutdownR2(config-if)#end

Step 4: Display the interface information of the Serial interface of the Router.R1#show interfaces serial 0

Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 15.0.0.1/8 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10 sec) Last input 00:00:04, output 00:00:00, output hang never Last clearing of "show interface" counters 01:48:12Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

CCNA Lab Manual 48



Step 5(A): Check for the Interfaces summary of the Router R1.R1#show ip interface brief


Ethernet0 unassigned YES unset administratively down down

Serial0 15.0.0.1 YES manual up up


Step 5(B): Verify the connectivity of the Router R1 & R2.R1#ping 15.0.0.2


CCNA Lab Manual 49



Lab # 6

Accessing Router through Telnet(Telnet between 2 Routers)

Objective

Understanding the telnet operations. In this lab Router R1 is going to be telnet to RouterR2.

Diagram


DCE


DTE

WAN

R1 R2

(R1 is Telneting R2)

CCNA Lab Manual 50



Procedure

1) Check the Connectivity between 2 routers.2) Set the Privilege mode password on Router R2.3) Set the TELNET (line VTY) password on Router R2.4) Verify the telnet Session from Router R1 to Router R2.5) Disconnect the telnet Session.

Configuration

Step 1: Check the Connectivity between 2 routers.

R1#ping 15.0.0.2


Step 2: Set the Telnet (Line VTY)password on Router R2.R2(config)#line vty 0 4R2(config-line)#password ciscoR2(config-line)#login

Step 3: Set the Privilege mode password on Router R2.

R2(config)#enable password cisco

Step 4: Verify the telnet Session from Router R1 to Router R2.R1#telnet 15.0.0.2Trying 15.0.0.2 ... Open

User Access Verification

CCNA Lab Manual 51



Password:R2>enablePassword:R2#

Step 5(A): Verify the telnet line on Router R2.R2#show line

Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns 0 CTY - - - - - 0 1 0/0 1 AUX 9600/9600 - - - - - 0 0 0/0* 2 VTY - - - - - 5 0 0/0 3 VTY - - - - - 0 0 0/0 4 VTY - - - - - 0 0 0/0 5 VTY - - - - - 0 0 0/0 6 VTY - - - - - 0 0 0/0

Step 5(B): Verify the telnet User on Router R2.R2#show users Line User Host(s) Idle Location* 2 vty 0 idle 00:00:00 15.0.0.1

Step 5(C): Verify the telnet sessions from Router R1.R1#sh sessions

Conn Host Address Byte Idle Conn Name* 1 15.0.0.2 15.0.0.2 0 0 15.0.0.2

Step 6: Switch the telnet session from Router R2 to Router R1.R2#Press [ Ctrl+Shift+6 and then x ]R1#

(Note: And then Resume connection by just Enter Key.)

CCNA Lab Manual 52



Step 7(A): Disconnect the telnet session from Router R1 (Gracefully).R1#disconnectClosing connection to 15.0.0.2 [confirm]R1#

Step 7(B): Disconnect the telnet session from Router R2 (Disgracefully).R2#Clear line 2[Connection to 15.0.0.2 closed by foreign host]R1#

CCNA Lab Manual 53



Lab # 7

STATIC RoutesObjectiveUnderstanding the Operation of Static Routes. Static Routes are administratively definedroutes that specify the address or interface of the next hop in the path that packets musttake while moving between a source & destination.

Diagram



WANR1 R2

Host A Host B

IP Address 20.0.0.20Ethernet 0


IP Address 20.0.0.1IP Address 10.0.0.1

CCNA Lab Manual 54



Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Administratively define the Static Routes on both routers so that hosts on the both

routers can communicate with each other.4. Check the routing table on both the routers after defining the Static Routes on

both sides.5. Verifying the connection of both hosts.

Configuration

Step 1(A): Assigning the IP addresses on the Router R1.R1(config)#interface serial 0R1(config-if)#ip address 15.0.0.1 255.0.0.0R1(config-if)#no shutdownR1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)

R1(config)#interface ethernet 0R1(config-if)#ip address 10.0.0.20 255.0.0.0R1(config-if)#no shutdown

Step 1(B): Assigning the IP addresses on the Router R2.R2(config)#interface serial 0R2(config-if)#ip address 15.0.0.2 255.0.0.0R2(config-if)#no shutdown

R2(config)#interface ethernet 0R2(config-if)#ip address 20.0.0.2 255.0.0.0R2(config-if)#no shutdown

CCNA Lab Manual 55



Step 2(A): Check the Routing table of the Router R1.R1#sh ip route

C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0

Step 2(B): Check the Routing table of the Router R2.R2#sh ip route


Step 3(A): Administratively define the Static Route on the Router R1.R1(config)#ip route 20.0.0.0 255.0.0.0 15.0.0.2 (Desired destination networks)

Step 3(B): Administratively define the Static Route on the Router R2.R2(config)#ip route 10.0.0.0 255.0.0.0 15.0.0.1 (Desired destination networks)

Step 4(A): Check the Routing table of the Router R1 after enabling RIP.R1#sh ip route

S 20.0.0.0/8 [1/0] via 15.0.0.2C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0

CCNA Lab Manual 56



Step 4(B): Check the Routing table of the Router R2 after enabling RIP.R2#sh ip route

C 20.0.0.0/8 is directly connected, Ethernet0S 10.0.0.0/8 [1/0] via 15.0.0.1C 15.0.0.0/8 is directly connected, Serial0

Step 5: Verifying the connection of Host A & Host B.C:\>ping 20.0.0.1

Pinging 20.0.0.1 with 32 bytes of data:Reply from 20.0.0.1: bytes=32 time=20ms TTL=254Reply from 20.0.0.1: bytes=32 time=20ms TTL=254Reply from 20.0.0.1: bytes=32 time=10ms TTL=254Reply from 20.0.0.1: bytes=32 time=10ms TTL=254

Ping statistics for 20.0.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 10ms, Maximum = 20ms, Average = 15ms

CCNA Lab Manual 57



Lab # 8 (i)

Routing Protocols(RIP Configuration)

ObjectiveUnderstanding the Dynamic Routing table Updates using the Routing Protocol (RIP).

Diagram



WANR1 R2

Host B


IP Address 20.0.0.1IP Address 10.0.0.1Host A


CCNA Lab Manual 58



Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Enable the RIP protocol on both routers so that hosts on the both routers can

communicate with each other.4. Verifying the Routing protocols on the Router.5. Check the routing table on both the routers after enabling the RIP on both sides.6. Verifying the connection of both hosts.

Configuration

Step 1(A): Assigning the IP addresses on the Ethernet & Serial Interfaces ofRouter R1 as shown in figure.

Step 1(B): Assigning the IP addresses on the Ethernet & Serial Interfaces ofRouter R2 as shown in figure.





CCNA Lab Manual 59



Step 3(A): Enable the RIP protocol on the Router R1.R1(config)#router ripR1(config-router)#network 10.0.0.0 (Network to be advertised which is Directly Connected)R1(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)

Step 3(B): Enable the RIP protocol on the Router R2.R2(config)#router ripR2(config-router)#network 20.0.0.0 (Network to be advertised which is Directly Connected)R2(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)

Step 4(A): Check the Routing Protocol on the Router R1.R1#show ip protocols

Routing Protocol is "rip" Sending updates every 30 seconds, next due in 3 seconds Invalid after 180 seconds, hold down 180, flushed after 240

Routing for Networks: 10.0.0.0 15.0.0.0 Routing Information Sources: Gateway Distance Last Update 15.0.0.2 120 00:00:26 Distance: (default is 120)

Step 4(B): Check the Routing Protocol on the Router R2.R2#show ip protocols

Routing Protocol is "rip" Sending updates every 30 seconds, next due in 5 seconds Invalid after 180 seconds, hold down 180, flushed after 240

Routing for Networks: 15.0.0.0

CCNA Lab Manual 60



20.0.0.0

Routing Information Sources: Gateway Distance Last Update 15.0.0.1 120 00:00:18

Distance: (default is 120)


R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:00:19, Serial0C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0


C 20.0.0.0/8 is directly connected, Ethernet0R 10.0.0.0/8 [120/1] via 15.0.0.1, 00:00:22, Serial0C 15.0.0.0/8 is directly connected, Serial0

Step 6: Verifying the connection of Host A & Host B.

C:\>ping 20.0.0.1

Pinging 20.0.0.1 with 32 bytes of data:

Reply from 20.0.0.1: bytes=32 time=20ms TTL=254Reply from 20.0.0.1: bytes=32 time=20ms TTL=254Reply from 20.0.0.1: bytes=32 time=10ms TTL=254Reply from 20.0.0.1: bytes=32 time=10ms TTL=254


CCNA Lab Manual 61



Lab # 8 (ii)

Routing Protocols(IGRP Configuration)

ObjectiveUnderstanding the d ynamic Routing table updates using the Interior Gatewa y Routing Protocol(IGRP).

DiagramIP Address 15.0.0.1

Serial 0IP Address 15.0.0.2

Serial 0

WANR1 R2

Host B




CCNA Lab Manual 62



Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Enable the IGRP protocol on both routers so that hosts on the both routers can

communicate with each other.4. Verifying the Routing protocols on the Router.5. Check the routing table on both the routers after enabling the IGRP on both sides.6. Verifying the connection of both hosts.

Configuration







Step 3(A): Enable the IGRP protocol on the Router R1.R1(config)#router igrp 10R1(config-router)#network 10.0.0.0 (Network to be advertised which is Directly Connected)R1(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)

CCNA Lab Manual 63



Step 3(B): Enable the IGRP protocol on the Router R2.R2(config)#router igrp 10R2(config-router)#network 20.0.0.0 (Network to be advertised which is Directly Connected)R2(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)


Routing Protocol is "igrp 10" Sending updates every 90 seconds, next due in 38 seconds Invalid after 270 seconds, hold down 280, flushed after 630

IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

IGRP maximum hopcount 100

IGRP maximum metric variance 1

Redistributing: igrp 10 Routing for Networks: 10.0.0.0 15.0.0.0




Routing Protocol is "igrp 10" Sending updates every 90 seconds, next due in 4 seconds Invalid after 270 seconds, hold down 280, flushed after 630

CCNA Lab Manual 64



IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

IGRP maximum hop count 100

IGRP maximum metric variance 1

Redistributing: igrp 10

Routing for Networks: 15.0.0.0 20.0.0.0



Step 5(A): Check the Routing table of the Router R1 after enabling IGRP.R1#sh ip route

I 20.0.0.0/8 [100/8576] via 15.0.0.2, 00:01:09, Serial0C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0

Step 5(B): Check the Routing table of the Router R2 after enabling IGRP.R2#sh ip route

C 20.0.0.0/8 is directly connected, Ethernet0I 10.0.0.0/8 [100/8576] via 15.0.0.1, 00:01:00, Serial0C 15.0.0.0/8 is directly connected, Serial0

CCNA Lab Manual 65




C:\>ping 20.0.0.1




CCNA Lab Manual 66



Lab # 8 (iii)

Routing Protocols(EIGRP Configuration)

ObjectiveUnderstanding the Routing Updates processs using Enhanced Interior Gateway Routing Protocol (EIGRP).

DiagramIP Address 15.0.0.1

Serial 0IP Address 15.0.0.2

Serial 0

WANR1 R2

Host B




CCNA Lab Manual 67



Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Enable the EIGRP protocol on both routers so that hosts on the both routers can

communicate with each other.4. Verifying the Routing protocols on the Router.5. Check the routing table on both the routers after enabling the EIGRP on both

sides.6. Verifying the connection of both hosts.

Configuration







CCNA Lab Manual 68



Step 3(A): Enable the EIGRP protocol on the Router R1.R1(config)#router eigrp 10R1(config-router)#network 10.0.0.0 (Network to be advertised which is Directly Connected)R1(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)

Step 3(B): Enable the EIGRP protocol on the Router R2.R2(config)#router eigrp 10R2(config-router)#network 20.0.0.0 (Network to be advertised which is Directly Connected)R2(config-router)#network 15.0.0.0 (Network to be advertised which is Directly Connected)


Routing Protocol is "eigrp 10"

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100 EIGRP maximum metric variance 1 Redistributing: eigrp 10

Automatic network summarization is in effect Automatic address summarization: 15.0.0.0/8 for Ethernet0

Routing for Networks: 10.0.0.0 15.0.0.0


Distance: internal 90 external 170

CCNA Lab Manual 69




Routing Protocol is "eigrp 10"

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100

EIGRP maximum metric variance 1

Redistributing: eigrp 10

Automatic network summarization is in effect

Automatic address summarization: 15.0.0.0/8 for Ethernet0 20.0.0.0/8 for Serial0 Routing for Networks: 15.0.0.0 20.0.0.0 Routing Information Sources: Gateway Distance Last Update 15.0.0.1 90 00:02:47

Distance: internal 90 external 170

Step 5(A): Check the Routing table of the Router R1 after enabling EIGRP.R1#sh ip route

D 20.0.0.0/8 [90/2195456] via 15.0.0.2, 00:04:42, Serial0C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0

CCNA Lab Manual 70



Step 5(B): Check the Routing table of the Router R2 after enabling EIGRP.R2#sh ip route

C 20.0.0.0/8 is directly connected, Ethernet0D 10.0.0.0/8 [90/2195456] via 15.0.0.1, 00:01:12, Serial0C 15.0.0.0/8 is directly connected, Serial0


C:\>ping 20.0.0.1




CCNA Lab Manual 71



Lab # 8 (iv)

Routing Protocols(OSPF)

Single Area Configuration

ObjectiveUnderstanding the Routing Updates process using the Open Shortest Path First (OSPF) in a singlearea.

Diagram

Backbone Area / Area 0

WANR1 R2



IP Address 10.0.0.20 Ethernet 0

IP Address 10.0.0.1

IP Address 20.0.0.20 Ethernet 0

WAN

Host A

IP Address 20.0.0.1

Host B

CCNA Lab Manual 72



Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Enable the OSPF protocol on both routers so that hosts on the both routers can

communicate with each other.4. Verifying the Routing protocols on the Router.5. Check the routing table on both the routers after enabling the OSPF on both sides.6. Verifying the OSPF neighbors on the routers.7. Verifying the OSPF interfaces on the routers.8. Verifying the OSPF database on the routers.9. Verifying the connection of both hosts.

Configuration







CCNA Lab Manual 73



Step 3(A): Enable the OSPF protocol on the Router R1.R1(config)#router ospf 64R1(config-router)#network 10.0.0.0 0.255.255.255 area 0

(Directly Connected Network, its Wild card mask, & a rea ID)R1(config-router)#network 15.0.0.0 0.255.255.255 area 0

(Directly Co nnected Network, its Wild card mask, & area ID )

Step 3(B): Enable the OSPF protocol on the Router R2.R2(config)#router ospf 65R2(config-router)#network 15.0.0.0 0.255.255.255 area 0

(Directly Connected Network, its Wild card mask, & a rea ID)

R2(config-router)#network 20.0.0.0 0.255.255.255 area 0(Directly Connected Network, its Wild card mask, & a rea ID)


Routing Protocol is "ospf 64" Redistributing: ospf 64 Routing for Networks: 10.0.0.0 15.0.0.0 Routing Information Sources: Gateway Distance Last Update 20.0.0.20 110 00:10:52 Distance: (default is 110)


Routing Protocol is "ospf 65" Redistributing: ospf 64 Routing for Networks:

CCNA Lab Manual 74



15.0.0.0 20.0.0.0 Routing Information Sources: Gateway Distance Last Update 15.0.0.1 110 00:12:17 Distance: (default is 110)

Step 5(A): Check the Routing table of the Router R1 after enabling OSPF.R1#sh ip route

O 20.0.0.0/8 [110/74] via 15.0.0.2, 00:22:17, Serial0C 10.0.0.0/8 is directly connected, Ethernet0C 15.0.0.0/8 is directly connected, Serial0

Step 5(B): Check the Routing table of the Router R2 after enabling OSPF.R2#sh ip route

C 20.0.0.0/8 is directly connected, Ethernet0O 10.0.0.0/8 [110/74] via 15.0.0.1, 00:20:57, Serial0C 15.0.0.0/8 is directly connected, Serial0

Step 6: Verifying the OSPF neighbors on the RouterR#show ip ospf neighbor

Step 7: Verifying the OSPF interfaces on the RouterR#show ip ospf interface

Step 8: Verifying the OSPF database on the Router

R1#show ip ospf database

Step 9: Verifying the connection of Host A & Host B.C:\>ping 20.0.0.1

CCNA Lab Manual 75






CCNA Lab Manual 76



Section 3

IPTraffic

Management

CCNA Lab Manual 77



Lab # 9

Access Control ListObjectiveUnderstanding the Packet Filtering capabilities of Router. Router can pass or filter the iptraffic as per required.

The demonstrations include:

1. Standard Access List (1-99).2. Extended Access List (100-199).

i. STANDARD ACL

Standard IP lists (1-99) test conditions of all IP packets from source addresses.

In this lab scenario, initially both the Hosts A & B are accessing the Web &Ftp services but then apply the Standard ACL so that the Host A could notaccess the Web & Ftp Services.

It is recommended that place the Standard ACL near the destination.

CCNA Lab Manual 78



Diagram

Procedure

1. Configuring & Assigning the IP addresses on the routers R1 & R2.2. Check the routing table on both the routers.3. Enable the routing protocol on both routers so that hosts on the both routers can

communicate with each other.4. Check the routing table on both the routers after enabling the routing protocol on

both sides.5. Make a web server & ftp server.6. Verifying the access of web server & ftp server by the hosts A & B respectively.7. Apply the Standard ACL on the router R1, so that Host A can not access these

services.8. Verifying the Standard ACL by accessing the web & ftp server from Host A.

R1 R2


DCE


DTE WAN


IP Address 20.0.0.1

IP Address 10.0.0.1

Host A


Host B

IP Address 10.0.0.2

Web Server

FTP Server

IP Address 20.0.0.2

CCNA Lab Manual 79



Configuration









CCNA Lab Manual 80







Step 5(A): Make a Web Server.1. Make a Web Page & Save it on Desktop.2. Go to Start Button > All Programs > Administrative Tool > Internet Service

Manager3. Right Click on the Computer name & goes to New tab > Web Site.4. Follow the wizard and make the Web Server.

Step 5(B): Make a Ftp Server.1. Make a Web Page & Save it on Desktop.2. Go to Start Button > All Programs > Administrative Tool > Internet Service

Manager3. Right Click on the Computer name & goes to New tab > FTP Site.4. Follow the wizard and make the FTP Server.

Step 6(A): Verifying the Access of Web Server on Host A by giving ( http://20.0.0.1 ) in the Address bar of Internet explorer.

(Host A will be accessing Web Server)

CCNA Lab Manual 81



Step 6(B): Verifying the Access of Ftp Server by the Host A by giving ( ftp://20.0.0.1 ) in the Address bar of Internet explorer.

(Host A will be accessing FTP Server)

Step 6(C): Verifying the Access of Web Server on Host B by giving ( http://20.0.0.1 ) in the Address bar of Internet explorer.

(Host B will be accessing Web Server)

Step 6(D): Verifying the Access of Ftp Server by the Host B by giving ( ftp://20.0.0.1 ) in the Address bar of Internet explorer.

(Host B will be accessing FTP Server)

Step 7(A): Make the Standard ACL on the Router R1 so that Host A can notaccesses the Web & Ftp Server.

R1(config)#access-list 10 deny host 10.0.0.1R1(config)#access-list 10 permit any

Step 7(B): Apply the Standard ACL on the Router (R1) Serial Interface.R1(config)#interface serial 0R1(config-if)#ip access-group 10 out

Step 8(A): Verifying the Standard ACL from Host A by accessing Web Server.(Host A wont be accessing Web Server)

Step 8(B): Verifying the Standard ACL from Host A by accessing FTP Server.(Host A wont be accessing FTP Server)

Step 8(C): Verifying the Standard ACL from Host B by accessing Web Server.

CCNA Lab Manual 82




Step 8(D): Verifying the Standard ACL from Host B by accessing FTP Server.(Host B will be accessing FTP Server)

ii. EXTENDED ACLExtended IP lists (100-199) test conditions of source and destination addresses, specificTCP/IP protocols, and destination ports.

In this lab scenario, initially both the Hosts A & B are accessing the Web & Ftpservices but then apply the Extended ACL in such a way that Host A can be access onlythe web services & and Host B could be access the Ftp Services only.

It is recommended that place the Extended ACL near the source.

Diagram

R1 R2


DCE


DTE WAN


IP Address 20.0.0.1

IP Address 10.0.0.1

Host A


Host B

IP Address 10.0.0.2

Web Server

FTP Server

IP Address 20.0.0.2

CCNA Lab Manual 83



Procedure



both sides.5. Make a web server & ftp server.6. Verifying the access of web server & ftp server by the hosts A & B respectively.7. Make & Apply the Extended ACL on the router R1, so that Host A can not

access the Web services & Host B can not access the Ftp services.8. Verifying the ACL by accessing the Web & Ftp services from Host A & Host B.

Configuration





CCNA Lab Manual 84











CCNA Lab Manual 85






Manager7. Right Click on the Computer name & goes to New tab > FTP Site.8. Follow the wizard and make the FTP Server.

Step 6(A): Verifying the Access of Web Server on Host A by giving ( http://20.0.0.1 ) in the Address bar of Internet explorer.

(Host A will be accessing Web Server)

Step 6(B): Verifying the Access of Ftp Server by the Host A by giving ( ftp://20.0.0.1 ) in the Address bar of Internet explorer.

(Host A will be accessing FTP Server)

Step 6(C): Verifying the Access of Web Server on Host B by giving ( http://20.0.0.1 ) in the Address bar of Internet explorer.


Step 6(D): Verifying the Access of Ftp Server by the Host B by giving ( ftp://20.0.0.1 ) in the Address bar of Internet explorer.

(Host B will be accessing FTP Server)

Step 7(A): Make the Extended ACL on the Router R1 so that Host A can notaccess the Web Server & Host B can not access the Ftp Server.

CCNA Lab Manual 86



R1(config)#access-list 110 deny tcp host 10.0.0.1 host 20.0.0.1 eq wwwR1(config)#access-list 110 deny tcp host 10.0.0.2 host 20.0.0.2 eq ftpR1(config)#access-list 110 permit ip any any

Step 7(B): Apply the Extended ACL on the Router (R1) Ethernet Interface.R1(config)#interface Ethernet 0R1(config-if)#ip access-group 110 in

Step 8(A): Verifying the Extended ACL from Host A by accessing Web Server.(Host A wont be accessing Web Server)

Step 8(B): Verifying the Extended ACL from Host A by accessing FTP Server.(Host A will be accessing FTP Server)

Step 8(C): Verifying the Extended ACL from Host B by accessing Web Server.(Host B will be accessing Web Server)

Step 8(D): Verifying the Extended ACL from Host B by accessing FTP Server.(Host B wont be accessing FTP Server)

CCNA Lab Manual 87



Lab # 10 (i)

Network Address Translation(NAT)

ObjectiveUnderstanding the operation of Network Address Translation.

1. Static NAT. 2. Dynamic NAT. 3.Overload NAT (PAT)

i. STATIC NATIn the Static NAT, we map the 1 Private IP Address to 1 reserved Public IP Address.

Diagram

Host B IP Address 20.0.0.1

20.0.0.20Ethernet 0

Web Server

FTP Server

IP Address 20.0.0.2

15.0.0.1Serial 0

DCE

Inside Local Outside Local

Inside Global Outside Global

NAT Translation Table of

R110.0.0.115.0.0.1110.0.0.215.0.0.22

10.0.0.20Ethernet 0

R1 R2

IP Address 10.0.0.2

15.0.0.2Serial 0

DTE

IP Address 10.0.0.1

WAN

Host A

CCNA Lab Manual 88



Procedure



both sides.5. Make web & FTP servers.6. Establishes Static NAT Translation between an inside local address and an inside

global address.7. Marks the interface as connected to the inside & outside networks.8. Verifying the Standard Static NAT Translation by commands.

Configuration







CCNA Lab Manual 89










Manager3. Right Click on the Computer name & go to New tab > Web Site.4. Follow the wizard and make the Web Server.

CCNA Lab Manual 90




Manager3. Right Click on the Computer name & go to New tab > FTP Site.4. Follow the wizard and make the FTP Server.

Step 6: Establishes Static NAT Translation between an inside local addressand an inside global address.

R1(config)#ip nat inside source static 10.0.0.1 15.0.0.11R1(config)#ip nat inside source static 10.0.0.2 15.0.0.22

Step 7(A): Marks the interface as connected to the Inside Network.

R1(config)#int Ethernet 0R1(config-if)#ip nat inside

Step 7(B): Marks the interface as connected to the Outside Network.

R1(config)#int serial 0R1(config-if)#ip nat outside

Step 8(A): Verifying the Static NAT Translation on Router R1 by translationtable command.

R1#show ip nat translations

Pro Inside global Inside local Outside local Outside global--- 15.0.0.11 10.0.0.1 --- ------ 15.0.0.22 10.0.0.2 --- ---

CCNA Lab Manual 91



Step 8(B): Verifying the Static NAT Translation on Router R1 by debug.

R1#debug ip natIP NAT debugging is on

When Host A pings to web server:

00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [34]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [34]

00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [35]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [35]

00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [36]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [36]

When Host B pings to web server:

00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [37]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [37]

00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [38]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [38]

00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [39]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [39]

CCNA Lab Manual 92



ii. Dynamic NATIn the Dynamic NAT, we map the many Private IP Addresses to many Public IP Address.

Diagram

Procedure


communicate with each other.


20.0.0.20Ethernet 0

Web Server

FTP Server

IP Address 20.0.0.2

15.0.0.1Serial 0

DCE



NAT Translation Table of

R110.0.0.1,10.0.0.2(15.0.0.41

15.0.0.45)

10.0.0.20Ethernet 0

R1 R2

IP Address 10.0.0.2

15.0.0.2Serial 0

DTE

IP Address 10.0.0.1

WAN

Host A

CCNA Lab Manual 93



4. Check the routing table on both the routers after enabling the routing protocol onboth sides.

5. Make web & FTP servers.6. Defines a pool of global addresses to be allocated as needed.7. Defines a standard IP access list permitting those inside local addresses that are to

be translated.8. Establishes dynamic source translation, specifying the access list defined in the

prior step.9. Marks the interface as connected to the inside & outside networks.10. Verifying the Standard Dynamic translation by commands.

Configuration







CCNA Lab Manual 94











CCNA Lab Manual 95





Step 6: Defines a pool of global addresses to be allocated as needed.

R1(config)#ip nat pool abc 15.0.0.41 15.0.0.45 netmask 255.0.0.0

Step 7: Defines a standard IP access list permitting those inside local addressesthat are to be translated.

R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255

Step 8: Establishes dynamic source translation, specifying the access list definedin the prior step.

R1(config)#ip nat inside source list 1 pool abc





CCNA Lab Manual 96



Step 10(A): Verifying the Dynamic NAT Translation on Router R1 bydebugging command.



00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [34]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [34]

00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [35]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [35]

00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [36]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [36]


00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [37]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [37]

00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [38]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [38]

00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [39]00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [39]

Step 10(B): Verifying the Dynamic NAT Translation on Router R1 bytranslation table.


Pro Inside global Inside local Outside local Outside global--- 15.0.0.41 10.0.0.1 --- ------ 15.0.0.42 10.0.0.2 --- ---

CCNA Lab Manual 97



iii. Overload NAT (PAT)In the Overload NAT, we map the many Private IP Addresses to 1 Public IP Address.

Diagram

Procedure


communicate with each other.


20.0.0.20Ethernet 0

Web Server

FTP Server

IP Address 20.0.0.2

15.0.0.1Serial 0

DCE



PAT Table ofR1

10.0.0.115.0.0.200 + Dyn. Port10.0.0.215.0.0.200 + Dyn. Port

10.0.0.20Ethernet 0

R1 R2

IP Address 10.0.0.2

15.0.0.2Serial 0

DTE

IP Address 10.0.0.1

WAN

Host A

CCNA Lab Manual 98



4. Check the routing table on both the routers after enabling the routing protocol onboth sides.

5. Make web & FTP servers.6. Defines a pool of global addresses to be allocated as needed.7. Defines a standard IP access list permitting those inside local addresses that are to

be translated.8. Establishes dynamic source translation, specifying the access list defined in the

prior step along with the keyword overload.9. Marks the interface as connected to the inside & outside networks.10. Verifying the Standard Dynamic translation by commands.

Configuration







CCNA Lab Manual 99










Manager3. Right Click on the Computer name & go to New tab > Web Site.4. Follow the wizard and make the Web Server.

CCNA Lab Manual 100





Step 6: Defines a pool of global addresses to be allocated as needed.

R1(config)#ip nat pool abc 15.0.0.200 15.0.0.200 netmask 255.0.0.0

Step 7: Defines a standard IP access list permitting those inside local addressesthat are to be translated.

R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255

Step 8: Establishes dynamic source translation, specifying the access list definedin the prior step.

R1(config)#ip nat inside source list 1 pool abc overload





CCNA Lab Manual 101



Step 10(A): Verifying the Dynamic NAT Translation on Router R1 bydebugging command.



00:38:03: NAT: s=10.0.0.1->15.0.0.200, d=20.0.0.1 [440]00:38:03: NAT: s=20.0.0.1, d=15.0.0.200->10.0.0.1 [406]

00:38:03: NAT*: s=10.0.0.1->15.0.0.200, d=20.0.0.1 [442]00:38:03: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.1 [407]

00:38:03: NAT*: s=10.0.0.1->15.0.0.200, d=20.0.0.1 [443]00:38:04: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.1 [408]

00:38:05: NAT*: s=10.0.0.1->15.0.0.200, d=20.0.0.1 [445]00:38:06: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.1 [409]


00:38:34: NAT*: s=10.0.0.2->15.0.0.200, d=20.0.0.1 [499]00:38:34: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.2 [415]

00:38:34: NAT*: s=10.0.0.2->15.0.0.200, d=20.0.0.1 [500]00:38:34: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.2 [416]

00:38:34: NAT*: s=10.0.0.2->15.0.0.200, d=20.0.0.1 [502]00:38:39: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.2 [417]

00:38:39: NAT*: s=10.0.0.2->15.0.0.200, d=20.0.0.1 [509]00:38:39: NAT*: s=20.0.0.1, d=15.0.0.200->10.0.0.2 [418]

Step 10(B): Verifying the Dynamic PAT Translation on Router R1 bytranslation table.


Pro Inside global Inside local Outside local Outside globaltcp 15.0.0.200:1041 10.0.0.1:1041 20.0.0.1:80 20.0.0.1:80tcp 15.0.0.200:1042 10.0.0.2:1042 20.0.0.1:80 20.0.0.1:80

CCNA Lab Manual 102



Section 4

Switching

CCNA Lab Manual 103



Lab # 11

2950 Switch Basic Native IOS

ObjectiveThis lab includes basic commands of Native IOS on 2950 and 3550.

Diagram

2950


Host A

2950


Host A

CCNA Lab Manual 104



Configuration

Step 1: After connecting your PC to the Console Port.Switch con0 is now available


Switch> (User Mode)

Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & Vice-Versa.

Switch>enableSwitch#

Switch#disableSwitch>

Step 3: To Enter Into Global Configuration Mode.

Switch#config tSwitch(config)#

Step 4: To change the Host Name of Switch.

Switch(config)#hostname 2950-SWA2950-SWA(config)#

Step 5: Set the Message of the Day BannerSwitch(config)#banner motd # HELLO & WELCOME TO CISCO WORLD #

CCNA Lab Manual 105



Step 6: Display the Version Information of the Switch.2950-SWA#show version

Cisco Internetwork Operating System SoftwareIOS (tm) C2950 Software (C2950-I5Q3L2-M), Version 12.1(20)EA2, RELEASESOFTWARE(fc1)Copyright (c) 1986-2004 by cisco Systems, Inc.Compiled Wed 19-May-04 05:06 by antoninoImage text-base: 0x00003000, data-base: 0x0082D44C

ROM: Bootstrap program is C2950 boot loader

2950 uptime is 7 hours, 11 minutesSystem returned to ROM by power-on

System image file is "flash:c2950-i5q3l2-mz.121-20.EA2.bin"

cisco WS-C2950-24 (PowerPC) processor (revision L0) with 65526K/8192K bytes ofmemory.Processor board ID CAT0805Z0CWLast reset from warm-resetBridging software.Running Layer2/3 Switching Image

Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface

Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface

24 FastEthernet/IEEE 802.3 interface(s)2 Gigabit Ethernet/IEEE 802.3 interface(s)

The password-recovery mechanism is enabled.384K bytes of flash-simulated non-volatile configuration memory.

CCNA Lab Manual 106



Base ethernet MAC Address: 00:0F:24:68:05:00Motherboard assembly number: 73-5700-11Power supply part number: 34-0966-04Motherboard serial number: CAT08050JCXPower supply serial number: DTH08042TFGModel revision number: L0Motherboard revision number: A0Model number: WS-C2950-24-SMISystem serial number: CAT0805Z0CW

Configuration register is 0x10F

Step 7: Show contents of Current Configuration (RAM).

2950-SWA#show running-config

Building configuration...

Current configuration : 2146 bytes!version 12.1no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname 2950-SWA! ip subnet-zero!!spanning-tree mode pvstspanning-tree extend system-id!interface FastEthernet0/1 switchport mode dynamic desirable!

CCNA Lab Manual 107



interface FastEthernet0/2 switchport mode dynamic desirable!

!interface FastEthernet0/23 switchport mode dynamic desirable!interface FastEthernet0/24 switchport mode dynamic desirable!interface GigabitEthernet0/1 switchport mode dynamic desirable!interface GigabitEthernet0/2 switchport mode dynamic desirable!interface Vlan1 no ip address shutdown!ip classlessip http server!

!end

Step 8: Display the Flash Information.2950-SWA#dir

OR

2950-SWA#show flash:

Directory of flash: /

2 -rwx 556 Mar 1 1993 00:18:07 +00:00 vlan.dat 3 -rwx 4219426 Mar 1 1993 00:44:10 +00:00 c2950-i5q3l2-mz.121-20.EA2.bin

CCNA Lab Manual 108



4 -rwx 315 Mar 1 1993 00:45:44 +00:00 system_env_vars 5 -rwx 0 Mar 1 1993 00:45:43 +00:00 env_vars 8 drwx 192 Mar 1 1993 00:04:07 +00:00 c2950-i9q3l2-mz.121-14.EA1a 87 -rwx 744 Mar 1 1993 00:26:17 +00:00 debug.text

15998976 bytes total (6026752 bytes free)

Step 9: To give the IP Address of Management Domain Interface OF 2950.2950-SWA(config)#int vlan 12950-SWA(config-if)#ip address 10.0.0.10 255.0.0.02950-SWA(config-if)#no shutdown

Step 10: Display the information of Management VLAN Interface.2950-SWA#sh int vlan 1

Vlan1 is up, line protocol is up Hardware is EtherSVI, address is 000f.2468.0500 (bia 000f.2468.0500)

Internet address is 10.0.0.10/8 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00

Queueing strategy: fifo Output queue: 0/40 (size/max)

CCNA Lab Manual 109



Step 11: Display the information of All Interfaces on the switch.2950-SWA#sh ip int brief

Interface IP-Address OK Method Status Protocol

Vlan1 10.0.0.10 YES manual up down

FastEthernet0/1 unassigned YES unset down down




GigabitEthernet0/1 unassigned YES unset down down

GigabitEthernet0/2 unassigned YES unset down down

Step 12: Set a IP Default Network In a Switched Network.2950-SWA(co

CCNA Lab Manual by ESP

Documents

Transcript of CCNA Lab Manual by ESP