cnet

Lab 4.5: Using Shortcut Commands and Tab Completion in Gathering Basic Router Information

In this lab you will learn about shortcut commands and the tab completion function. You will use these concepts and commands used to gather basic information about a Cisco router.

Network Layout: Load the network layout you have been working with for labs in section 4.

Lab Steps1. On the Network Visualizer screen, double-click on 2811 Router A. This will bring up a console screen.

2. Press enter and the Router> prompt will appear. You are now in the user mode.

3. Change to the privileged mode.

Router>

Router>en

Shortcut CommandsMost Cisco IOS commands do not have to be completely spelled out. To facilitate being able to more quickly enter commands, you only have to enter part of a command, plus, each word in a command can be abbreviated. For example the command enable can the

shortened to en. Another example is the command show running-configurations. You can abbreviate that and just type in sh run. A final example is when you have the command show interfaces. You only need to type in sh int. The router or switch knows what you mean and correctly interprets and carries out that command.

You do need to type in enough letters for each word in a command for the router or switch to correctly understand and interpret what you are trying to do. If you do not, you will receive feedback that one or more of your words are ambiguous. The reason for that is that letters in one or more of the words in your command can be used to spell out different words. In that case the device does not know what you want to do, there are too many possibilities.

For example, type the following:

Router>#s ver

Router>A#s v% Ambiguous command: "show v"

The 2811 A router recognized "s" to mean "show" but it did not recognize "v".

Enter the following command:

Router>#s v?

vc-group version vlan-range vlan-switchvlans voice voip vpdnvrrp vsp vtemplate vtp

In this case "v" could be the first letter in 12 different words.

Try this:

2811A#s ve?version

Now you only have one word, so, the command s ve will work, along with sh ver, show ver, etc.

4. The command show version will provide basic configuration for the system hardware as well as the software version, the names and sources of configuration files, and the boot images.

Router#sh ver [press the tab key]

Router#sh versionCisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(12), RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2006 by Cisco Systems, Inc.Compiled Fri 17-Nov-06 12:02 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

Router uptime is 4 weeks, 6 days, 18 hours, 29 minutesSystem returned to ROM by power-onSystem image file is "flash:c2800nm-advipservicesk9-mz.124-12.bin"

This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email [email protected].

Cisco 2811 (revision 53.51) with 249856K/12288K bytes of memory.Processor board ID FTX1048A54G2 FastEthernet interfaces4 Serial(sync/async) interfacesDRAM configuration is 64 bits wide with parity enabled.239K bytes of non-volatile configuration memory.62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

Router#

The version number can be found on the first line of ouput ...

Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(12), RELEASE SOFTWARE (fc1).

Tab Completion FunctionMost of the time you will use shortcut commands to configure devices because they are quick and convenient. However, for any reason you want to enter all the words in a command, there is an alternative to manually entering every character. You can use the Tab Completion function to spell out any word. Just type part of the word and then press your tab key. It will complete the word. As shown in the earlier command in this lab you can type

"sh ver" and press the tab key. The word "version" will be spelled out.

The show version command gives you how long the router has been running, how it was restarted, the IOS filename running, the model hardware and processor versions, and the amount of DRAM. Also, the configuration register value is listed last.The above router has 32 megs of RAM and 8 megs of Flash.

5. You can view the router files by typing the command show running-config or show startup-config from privileged mode. The sh run command, which is the shortcut for show running-config, tells us that we are viewing the current configuration.

Router#sh runBuilding configuration...

Current configuration : 874 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router

[cut]

6. The sh start command, which is the shortcut for the show startup-config command, shows us the configuration that will be used the next time the router is reloaded and also shows us the amount of NVRAM used to store the startup-config file.

Router#sh startBuilding configuration...

Current configuration : 874 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router[cut]

7. You can delete the startup-config file by using the command erase startup-config. Once you perform this command, you will receive an error if you try to view the startup-config file.

Router#erase startup-configErasing the nvram file system will remove all configuration files! Continue? [confirm] (press enter)[OK]

Erase of nvram: complete

Router#

00:13:30: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of ...

[cut]

8. Verify that you have erased the startup configuration.

Router#sh startstartup-config is not present

Router#

Lab 4.6: Setting PasswordsThere are five passwords used to secure Cisco routers.

The first two passwords discussed in this lab are used to set your enable password, which is used to secure privileged mode. This will prompt a user for a password when the enable command is used.

The other three are used to configure a password when user mode is accessed either through the console port, the auxiliary port, or Telnet.





Router>

Router>enable4. Set the two enable passwords on your router. You set the enable passwords from global configuration mode.

Router(config)#enable ?last-resort Define enable action if no TACACS servers respond

password Assign the privileged level password

secret Assign the privileged level secret

use-tacacs Use TACACS to check enable passwords

The enable secret and enable password commands are the only enable passwords that are supported in our program at this time

Router(config)#enable secret toddRouter(config)#enable password ciscoSince the enable secret supercedes the enable password, don�t bother to use the enable password since it will never be used if the enable secret is set.

5. Set your user mode passwords by using the line command.

Router(config)#line ?<0-70> First Line number

aux Auxiliary line

console Primary terminal line

tty Terminal controller

vty Virtual terminal

x/y Slot/Port for Modems

Aux is used to set the user-mode password for the auxiliary port. This is typically used for configuring a modem on the router but can be used as a console as well.

Console is used to set a console user-mode password

Vty is used to set a Telnet password on the router. If the password is not set, then Telnet cannot be used by default.

This program does not support the tty and x/y modem line commands

To configure the user mode passwords, you configure the line you want and use either the login or no login command to tell the router to prompt for authentication.

6. Set the auxiliary password on your router. To configure the auxiliary password, go to global configuration mode and type line aux?. Notice that you only get a choice of 0�0 because there is only one port.

Router#config t

Enter configuration commands, one per line. End with CTRL/Z.

Router(config)#line aux ? <0-0> First Line number

Router(config)#line aux 0Router(config-line)#login % Login disabled on line 65, until 'password' is set

Router(config-line)#password toddRouter(config-line)#loginIt is important to remember the login command, or the auxiliary port won�t prompt for authentication. However, in the newer IOS that we are now running, the login command cannot be set until you set a password. The reason they added this feature is because if you set the login command and not a password, you are locked out from that line.

7. Set your console password on your router. To set the console password, use the line console 0 command. However, notice that when we tried to type line console 0 ? from the aux line configuration, we got an error. You can still type line console 0 and it will accept it; however, the help screens do not work from that prompt. Type �exit� to get back one level if you want to use the help option.

Router(config-line)#line console ?% Unrecognized command

Router(config-line)#exitRouter(config)#line console ? <0-0> First Line number

Router(config)#line console 0Router(config-line)#login % Login disabled on line 0, until 'password' is set

Router(config-line)#password todd1 Router(config-line)#loginSince there is only one console port, we can only choose line console 0. The new login �feature� works on the console line too.

8. Set the optional console port commands on your router. There are a few other important commands to know for the console port.

The exec-timeout 0 0 command sets the timeout for the console EXEC session to zero, or to never time out. To have fun with your friends at work, set it to 0 1, which makes the console time out in 1 second! The way to fix that is to continually press the down arrow key while changing the timeout time with your free hand.

Logging synchronous is a nice command, and I think it should be a default command, but it is not. What this command provides is to stop console messages from popping up and disrupting input you are trying to type. This command makes reading your input messages much easier.

Here is an example of how to configure both commands:

Router(config)#line con 0Router(config-line)#exec-timeout ? <0-35791> Timeout in minutes

Router(config-line)#exec-timeout 0 ? <0-2147483> Timeout in seconds

<cr>

Router(config-line)#exec-timeout 0 0Router(config-line)#logging synchronous9. Set your Telnet password on your router. To set the user-mode password for Telnet access into the router, use the line vty command.

Router(config)#line vty 0 ? <1-4> Last Line number

<cr>

Router(config)#line vty 0 1180Router(config-line)#password todd2Notice we did not use the login command with this line configuration. The login command is set by default on the VTY lines, which stops anyone telneting into the router until you set a password.

If you try to telnet into a router that does not have a VTY password set, you will receive an error stating that the connection is refused because the password is not set. You can tell the router to allow Telnet connections without a password by using the no login command.

By setting this next command, you will not be prompted for password when telneting into the router. This is not recommended, but this is how you would do that:

Router(config-line)#line vty 0 4Router(config-line)#no loginRouter(config-line)#ctrl+zRouter#

After your routers are configured with an IP address, you can use the Telnet program to configure and check your routers. You can use the Telnet program by typing telnet from any command prompt (DOS or Cisco)

Lab 4.7: Encrypting Your PasswordsOnly the enable secret password is encrypted by default. You need to manually configure the user mode and enable passwords.



2. Press enter and the Router> prompt will appear. You are now in the user mode. Change to the privileged mode.

Router>Router>enable3. Notice that you can see all the passwords except the enable secret when performing a show running-config command on a router.

Router#sh runBuilding configuration...

Current configuration : 874 bytes!version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Router

!

enable secret 5 $1$F/gZ$mNTwylb4ZJ4J1WW97nUJG.

enable password cisco

!

[output cut]

line con 0

password todd1

logging synchronous

login

line aux 0

password todd

login

line vty 0 4

password todd2

login

line vty 5 15

password todd2

login

!

!

end

Router#

The line ... enable secret 5 $1$F/gZ$mNTwylb4ZJ4J1WW97nUJG shows an encrypted enable password.

4. To manually encrypt your passwords, use the service password-encryption command. Here is an example of how to perform manual password encryption.

Router#config tEnter configuration commands, one per line. End with CTRL/Z.

Router(config)#service password-encryptionRouter(config)#exit5. The show running-config command, you can see the enable password and the line passwords are all encrypted. If you don�t type show running-config, it does not encrypt the passwords. We�ll call this a �feature�.

Router#show running-config[cut]

hostname Router

!

enable secret 5 $1$F/gZ$mNTwylb4ZJ4J1WW97nUJG.

enable password 7 05080F1C2243

!

[cut]

!

line con 0

password 7 111D16011343

logging synchronous

login

line aux 0

password 7 044F04020B

login

line vty 0 4

password 7 051F090B251E

login

line vty 5 15

password 7 105A061D0145

login

!

6. Since the service password-encryption is a router process, you do not want to keep this running in the background. Once you perform a show running-config and see the encrypted passwords, turn off the process. After entering the command no service password-encryption, your passwords will still be encrypted until they are reset.

Router#config tRouter(config)#no service password-encryptionRouter(config)#ctrl+z

Lab 4.8: Saving Your ConfigurationsIf you have made changes to a device you will want to permanently save the configurations. Your running configuration is only in memory and if something happend, for example, you lost power to a device, you would lose all unsaved entries. That is why you want to save your running configurations (DRAM) to the permanently stored startup configurations (NVRAM). You can manually save the file from DRAM to NVRAM by using the copy running-config startup-config command. You can also use the shortcut copy run start.Network Layout: Load the network layout you have been working with for labs in section 4.

Lab Steps1. Save the configuration on 2811 Router A.

Router#copy run startDestination filename [startup-config]?enterBuilding configuration...

This will now place the file you created into NVRAM, which will be used the next time the router is booted up.

2. You can view this file with the show startup config command.

Router#show start

Lab 4.9: Setting Router BannersYou can set a banner on a Cisco® router so that when either a user logs into the router or an administrator telnets into the router, for example, a banner will give them information you want them to have. Another reason for having a banner is to add a security notice to users dialing into your internetwork.


The command to use is from global configuration mode and shown below:

Router(config)#banner ? LINE c banner-text c, where 'c' is a delimiting character

exec Set EXEC process creation banner

incoming Set incoming terminal line banner

login Set login banner

motd Set Message of the Day banner

prompt-timeout Set Message for login authentication timeout

slip-ppp Set Message for SLIP/PPP

Please Note: CCENT™ Network Visualizer® 6.0 only supports the MOTD banner

1. On the Network Visualizer screen, double-click on 2811 Router A. This will bring up a console screen.

2. The Message of the Day is the most used and gives a message to every person dialing in or connecting to the router, via Telnet, auxiliary port, or console port.

Router(config)#banner motd ? LINE c banner-text c, where 'c' is a delimiting character

Router(config)#banner motd #Enter TEXT message. End with the character '#'.

If you are not authorized to be in RouterSim.com network, then you must disconnect immediately.

#

Router(config)#ctrl+zRouter#

00:25:12: %SYS-5-CONFIG_I: Configured from console by console

Router#exitRouter con0 is now available

Press RETURN to get started.

If you are not authorized to be in RouterSim.com network, then you must disconnect immediately.

Router>

Please Note: For information on the other available banners, please see the Sybex CCNA Study Guide, 6th Edition.

Lab 4.10: Configuring Interfaces for the 2621 Router

Interface configuration is one of the most important configurations of the router. Without interfaces, the router is useless. Interface configurations must be exact to be able to communicate with other devices. Interface configuration will be presented for three different devices (in labs 4.10 - 4.12) so that you can see differences among the interfaces:

2621 Router

2811 Router

3560 Switch


Interfaces correspond to the physical ports available on a device. In this instance the 2621 router has two serial ports and two Fast Ethernet ports:

s0/0

s0/1

fa0/0

fa0/1

As you read through the following steps you will notice a correspondence between interface and port names. This means you have to use the same names or shortcut commands as the names of the ports.




Router>

Router>enable4. Change to the global configuration mode.

Router#configConfiguring from terminal, memory, or network [terminal]?enterEnter configuration commands, one per line. End with CTRL/Z.

Router(config)#

5. Type interface ? to see all the interfaces available on the router.

Router(config)#interface ? Async Async interface

BRI ISDN Basic Rate Interface

BVI Bridge-Group Virtual Interface

CTunnel CTunnel interface

Dialer Dialer interface

FastEthernet FastEthernet IEEE 802.3

Group-Async Async Group interface

Lex Lex interface

Loopback Loopback interface

MFR Multilink Frame Relay bundle interface

Multilink Multilink-group interface

Null Null interface

Tunnel Tunnel interface

Vif PGM Multicast Host interface

Virtual-Template Virtual Template interface

Virtual-TokenRing Virtual TokenRing

range interface range command

The output will vary depending on the type of router device you are connected to.

6. Type the command interface serial ?. To configure the 2621 router interfaces, the configuration would be interface type slot/port. The output below shows a 2621 router with 2 serial interfaces, which are labeled 0/0 and 0/1. The first option is the slot and the second option is the port. Each 2621 has two slots that can be filled with physical interfaces. The routers we use in this program only has interfaces in slot 0.

Router(config)#interface serial ? <0-1> Serial interface number

Router(config)#int serial 0% Incomplete command.

Router(config)#int serial 0?/

Router(config)#int serial 0/? <0-1> Serial interface number

7. At this point you must choose the interface you want to configure. Once you do that, you will be in interface configuration for that interface. The command to choose serial port 1, for example, would be:

Router(config)#interface serial 0/1Router(config-if)#exit8. The 2621 router also has two FastEthernet 10/100BaseT ports. For example, the FastEthernet interface configuration is shown below:

Router(config)#interface fastethernet ? <0-1> FastEthernet interface number

Router(config)#int fastethernet 0% Incomplete command.

Router(config)#int fastethernet 0?/

Router(config)#int fastethernet 0/? <0-1> FastEthernet interface number

Notice that you cannot type int fastethernet 0/. You must type the full command, which is type slot/port, or int fastethernet 0/0. You can type the shortcut int fa 0/0 as well.

9. At this point you must choose the interface you want to configure. Once you do that, you will be in interface configuration for that interface. The command to choose Fast Ethernet port 1, for example, would be:

Router(config)#int fasthernet 0/1Router(config-if)#exitRouter(config)#>ctrl+z

Lab 4.11: Configuring Interfaces for the 2811 Router

Interface configuration is one of the most important configurations of the router. Without interfaces, the router is useless. Interface configurations must be exact to be able to communicate with other devices. Interface configuration will be presented for three different devices (in labs 4.10 - 4.12) so that you can see differences among the interfaces:

2621 Router

2811 Router

3560 Switch


Interfaces correspond to the physical ports available on a device. In this instance the 2811 router has four serial ports and two Fast Ethernet ports:

s0/0/0

s0/0/1

s0/1/0

s0/1/1

fe0/0

fe0/1

As you read through the following steps you will notice a correspondence between interface and port names. This means you have to use the same names or shortcut commands as the names of the ports.




Router>

Router>enable4. Change to the global configuration mode.

Router#configConfiguring from terminal, memory, or network [terminal]?enterEnter configuration commands, one per line. End with CTRL/Z.

Router(config)#


Router(config)#interface ?Async Async interfaceBVI Bridge-Group Virtual InterfaceCDMA-Ix CDMA Ix interfaceCTunnel CTunnel interfaceDialer Dialer interfaceFastEthernet FastEthernet IEEE 802.3Group-Async Async Group interfaceLex Lex interfaceLoopback Loopback interfaceMFR Multilink Frame Relay bundle interfaceMultilink Multilink-group interfaceNull Null interfacePort-channel Ethernet Channel of interfacesSerial SerialTunnel Tunnel interfaceVif PGM Multicast Host interfaceVirtual-PPP Virtual PPP interfaceVirtual-Template Virtual Template interfaceVirtual-TokenRing Virtual TokenRingXTagATM Extended Tag ATM interfacerange interface range command


6. Type the command interface serial ?. To configure the 2811 router interfaces, the configuration would be interface type router/slot/port. The output below shows a 2811 router with 2 serial interfaces, which are labeled 0/0/0 and 0/0/1. The first option is the router, the second option is the slot, and the third option is the port. Each 2811 has two slots that can be filled with physical interfaces.

Router(config)#interface serial ?

<0-2> Serial interface number

Router(config)#int serial 0% Incomplete command.

Router(config)#int serial 0?/

Router(config)#int serial 0/?<0-1> Serial interface number

Router(config)#int serial 0/0? . / : <0-19>

Router(config)#int serial 0/0/<0-1> Serial interface number

7. At this point you must choose the interface you want to configure. Once you do that, you will be in interface configuration for that interface. The command to choose serial port 1, for example, would be:

Router(config)#interface serial 0/0/1Router(config-if)#exit8. The 2811 router also has two FastEthernet 10/100BaseT ports. For example, the FastEthernet interface configuration is shown below:

Router(config)#interface fastethernet ? <0-2> FastEthernet interface number

Router(config)#int fastethernet 0% Incomplete command.

Router(config)#int fastethernet 0?/

Router(config)#int fastethernet 0/? <0-1> FastEthernet interface number


9. At this point you must choose the interface you want to configure. Once you do that, you will be in interface configuration for that interface. The command to choose Fast Ethernet port 1, for example, would be:

Router(config)#int fastethernet 0/1Router(config-if)#exitRouter(config)#>ctrl+z

Lab 4.12: Configuring Interfaces for the 3560 Switch

Interface configuration is one of the most important configurations of the switch. Without interfaces, the switch is useless. Interface configurations must be exact to be able to communicate with other devices. Interface configuration will be presented for three different devices (in labs 4.10 - 4.12) so that you can see differences among the interfaces:

2621 Router

2811 Router

3560 Switch


Interfaces correspond to the physical ports available on a device. In this instance the 3560 switch has eight fast ethernet ports. As you read through the following steps you will notice a correspondence between interface and port names. This means you have to use the same names or shortcut commands as the names of the ports.

Lab Steps1. On the Network Visualizer screen, double-click on 3560 Switch A. This will bring up a console screen.

2. Press enter and the Switch> prompt will appear. You are now in the user mode.


Switch>

Switch>enable4. Change to the global configuration mode.

Switch#configConfiguring from terminal, memory, or network [terminal]?enterEnter configuration commands, one per line. End with CTRL/Z.

Switch(config)#


Switch(config)#interface ?Async Async interfaceBVI Bridge-Group Virtual InterfaceCTunnel CTunnel interfaceDialer Dialer interfaceFastEthernet FastEthernet IEEE 802.3Filter Filter interfaceFiltergroup Filter Group interfaceGigabitEthernet GigabitEthernet IEEE 802.3zGroup-Async Async Group interfaceLex Lex interfaceLoopback Loopback interfaceNull Null interfacePort-channel Ethernet Channel of interfacesPortgroup Portgroup interfacePos-channel POS Channel of interfacesTunnel Tunnel interfaceVif PGM Multicast Host interfaceVirtual-Template Virtual Template interfaceVirtual-TokenRing Virtual TokenRingVlan Catalyst Vlansfcpa Fiber Channelrange interface range command


6. The 3560 switch has eight Fast Ethernet 10/100BaseT ports. For example, the Fast Ethernet interface configuration is shown below:

Switchconfig)#interface fastethernet ?

<0-0> FastEthernet interface number

Switch(config)#int fastethernet 0% Incomplete command.

Switch(config)#int fastethernet 0?/

Switch(config)#int fastethernet 0/? <1-8> FastEthernet interface number


7. At this point you must choose the interface you want to configure. Once you do that, you will be in interface configuration for that interface. The command to choose fasthethernet port 1, for example, would be:

Switch(config)#int fasthernet 0/1Switch(config-if)#exitSwitch(config)#>ctrl+z

Lab 4.13: Bringing Up an InterfaceBy default, interfaces are shut down and turned off. That means that packets cannot travel through the device to another connected device. You can turn an interface on with the no shutdown command. You can turn off or shut down an interface with the shutdown command. You can check the status of an interface by using the show interface command. If an interface is shut down, it will display administratively down when using the show interface command, and the show running-config command will also show the interface as shut down.





Router>

Router>enable4. Type show interface fastethernet 0 and see that it is administratively down.

Router#sh int fa0/0FastEthernet0/0 is administratively down, line protocol is up

[output cut]

5. Bring up the interface Fastethernet 0/0 with the no shutdown command.


Router(config)#int fa0/0Router(config-if)#no shutdownRouter(config-if)#ctrl+z00:57:08: %LINK-3-UPDOWN: Interface Fastethernet 0/0, changed state to up

00:57:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Fastethernet 0/0, changed state to up

Router#sh int fa0/0

Fastethernet 0/0 is up, line protocol is up

6. Configure the router to enable all interfaces by issuing the no shutdown command on all interfaces.

Interface and Connection StatesThere are four possible states that you can have in examining if interfaces are turned on and devices properly connected.

FastEthernet InterfaceFastEthernet0/0 is administratively down, line protocol is down - There are a couple possibilities with this current state.

The two devices are not connected and each f0/0 interface on both routers are explicitly shutdown.

The two devices are connected and each f0/0 interface on both routers are explicitly shutdown.

FastEthernet0/0 is up, line protocol is down - If the two devices are connected this output means that one interface is turned up and the other interface f0/0 is shut down.

Router(config)#int f0/0Router(config-if)#no shut23:03:18 %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up23:03:18 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

FastEthernet0/0 is up, line protocol is up - this means that the routers are connected and the interfaces are turned on for both routers with the no shut command.

Serial InterfaceSerial0/0 is administratively down, line protocol is down - There are a couple possibilities with this current state.

The two devices are not connected and each s0/0 interface on both routers are explicitly shutdown.

The two devices are connected and each s0/0 interface on both routers are explicitly shutdown.

Serial0/0 is down, line protocol is down - If the two devices are connected this output means that one interface is turned up and the other interface s0/0 is shut down.

Router(config)#int s0/0Router(config-if)#no shut23:03:18 %LINK-3-UPDOWN: Interface Serial0/0, changed state to up23:03:18 %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up

Serial0/0 is up, line protocol is up - this means that the routers are connected and the interfaces are turned on for both routers with the no shut command.

Lab 4.14: Configuring an IP Address on an Interface

You don�t have to use IP on your routers; however, IP is typically used on all routers and it certainly is used in this program. To configure IP addresses on an interface, use the ip address command from interface configuration mode.


Lab Steps1. Configure the Fast Ethernet 0/0 interface on router 2621 A with the IP address of 172.16.10.2/24.

Router#config tRouter(config)#int fa0/0Router(config-if)#ip address 172.16.10.2 255.255.255.0Router(config-if)#no shutNotice that in order to enable an interface, we use the no shut command. Remember to look at the command show interface fa0/0, for example, which will show you if it administratively shut down or not. Show running-config will also show you if the interface is shut down.

IP address - unique identification number for a device that is located on a network. An IP address is equivalent to the address of your home. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 172.16.10.6 could be an IP address.

2. If you want to add a second subnet address to an interface, then you must use the secondary command.

subnet address - is a range of logical addresses within the address space of an organization. This allows you to take one network and turn it into many more, smaller networks. This allows for less network traffic on each network and faster and more efficient networks. See the section Subnetting Basics in the Sybex CCNA Study Guide, 6th edition.

If you type another IP address and press enter, it will replace the existing IP address and mask. To add a secondary IP address, use the secondary command.

Router(config-if)#ip address 172.16.20.2 255.255.255.0 secondary

Router(config-if)#ctrl+z3. You can verify both addresses are configured on the interface with the show running-config command (sh run for short).

Router#sh run

Building configuration...

Current configuration:

[output cut]

!

interface Fastethernet 0/0

ip address 172.16.20.2 255.255.255.0 secondary

ip address 172.16.10.2 255.255.255.0

Lab 4.15: Serial Interface CommandsTo configure a serial interface, there are a couple of specifics that need to be discussed.

serial interface - you have a connection between two devices where data is sent between the two, one bit at a time. This occurs in only one direction at a time.

Typically, when in production, the interface will be attached to a CSU/DSU type of device that provides clocking for the line. However, if you have a back-to-back configuration used in a lab environment, for example, one end must provide clocking. This would be the DCE end of the cable. Cisco routers, by default, are all DTE devices, and you must tell an interface to provide clocking if it is to act as a DCE device. If you don�t completely understand this right now, don�t worry, you will. Just run through the commands below for now and I promise it will become clear to you later.

CSU/DSU - a telecommunication device used to connect a carrier circuit to a router. The carrier circuit can be a DS1 or DS3, T1 or T3. The CSU/DSU converts the DS1 signal in to signal that the local network can understand. The CSU/DSU also converts the signal from

the local network in to a DS1 signal so it can be carried back across the DS1 circuit.Network Layout: Load the network layout you have been working with for labs in section 4.

Lab Steps1. Double-click on router 2621 A to bring up the console. Go to the priviledged mode.

2. You can configure a DCE serial interface with the clock rate command. Configure an interface that has a DCE connection.


Router(config)#int s0/0Router(config-if)#clock rate ?Speed (bits per second)

1200

2400

4800

9600

19200

38400

56000

64000

72000

125000

148000

250000

500000

800000

1000000

1300000

2000000

4000000

<300-4000000> Choose clockrate from list above

Router(config-if)#clock rate 64000Router(config-if)#int s0/1Router(config-if)#clock rate 64000It does not hurt anything to try and put a clock rate on an interface. Notice that the clock rate command is in bits per second.

Please Note: If you are not on an interface that is set to DCE than you will receive an error when trying this command.

finding DCE - DCE (data communications equipment) is the side of the connection that provides the clocking. Unless it is a 2811 router, you would enter the clock rate on the DCE side of a connection between routers. If you cannot remember what side of your connection is DCE, you can use the show controllers command. Here is an example:

2811#show controllers s0/1/1

Interface Serial0/1/1Hardware is GT96KDCE V.35, clock rate 2000000idb at 0x454E69C8, driver data structure at 0x454EE0ECwic_info 0x454EE6E8Physical Port 0, SCC Num 0

[output cut]

The DCE connection is associated with s0/1/1 and a clockrate of 2000000

3. The next command you need to understand is the bandwidth command. Every Cisco router ships with a default serial link bandwidth of a T1, or 1.544Mbps. However, understand that this has nothing to do with how data is transferred over a link. The bandwidth of a serial link is used by routing protocols such as IGRP, EIGRP, and OSPF to calculate the best cost to a remote network. If you are using RIP routing, then the bandwidth setting of a serial link is irrelevant.

Router(config-if)#bandwidth ?

<1-10000000> Bandwidth in kilobits

Router(config-if)#bandwidth 644. Notice that unlike the clock rate command, the bandwidth command is configured in kilobits.

Lab 4.16: Setting the Router HostnamesYou can uniquely identify a device by giving it a hostname; you use the hostname command. This is only locally significant for the administrator, which means it has no bearing on how the router performs name lookups on the internetwork.

Please Note: On a router the default hostname is Router and Switch on switches. This stays in effect until you intentionally change the hostname.


Lab Steps1. Set the hostname of router 2621 A.

Router(config-if)#ctrl+zRouter#config tEnter configuration commands, one per line. End with CTRL/Z.

Router(config)#hostname 2621A2621A(config)#

2. Notice that when you press enter the command takes effect immediately.

Lab 4.17: Setting Interface DescriptionsSetting descriptions on an interface is helpful to the administrator and, like the hostname, only locally significant. For example, this is a helpful command because it can be used to keep track of circuit numbers.


Lab Steps1. On router 2621 A, set the description of the interface Fast Ethernet 0/0 to Sales LAN and the serial 0/0 interface to WAN to Miami with a circuit number of 6fdda4321.

2621A(config)#int fa0/02621A(config-if)#description Sales LAN2621A(config-if)#int s0/02621A(config-if)#desc Wan to Miami circuit:6fdda43212. You can view the description of an interface either with the show running-config command or the show interface command.

2621A#sh run[output cut]

interface FastEthernet0/0

description Sales LAN

ip address 172.16.20.2 255.255.255.0 secondary

ip address 172.16.10.2 255.255.255.0

no ip directed-broadcast

!

interface Serial0/0

description Wan to Miami circuit:6fdda4321

no ip address

no ip directed-broadcast

shutdown

2621A#sh int fa0/0FastEthernet 0/0 is up, line protocol is up

Hardware is AmdFE, address is 00b0.6483.2120 (bia 00b0.6483.2120)

Description: Sales LAN

[cut]

2621A#sh int s0/0Serial 0/0 is administratively down, line protocol is down

Hardware is HD64570

Description: Wan to Miami circuit:6fdda4321

[cut]

2621A#

Lab 4.18: Verifying Your ConfigurationOnce you take a look at the running-config, and it appears that everything is in order, you can verify your configuration with utilities, like Ping and Telnet.

troubleshooting tip - if you have a local host, to remote host connection issue ...

Use the ping command to ping your PC’s local ip address

Use the ping command to ping your PC’s default gateway

Ping the ip address of the machine or webpage you are trying to reach

Traceroute the ip address of the machine or webpage you are trying to reach

Depending on which of the above tasks fail is where you should begin your search for the connection issue. Always make sure to check if your subnets and mask are correct from end to end.


Lab Steps1. Go to router 2621 A.

2. You can ping with different protocols, and you can see this by typing ping ? at the router user mode or privileged mode prompt, but not configuration mode.

ping - a diagnostic program that sees if a specific IP address is accessible. Packets are sent to the specified location and if they return correctly, communications was successful. This is used to verify connection to a remote host. Ping works at layer 3 of the OSI model.

2621A#ping ?WORD Ping destination address or hostnameclns CLNS echoip IP echotag Tag encapsulated IP echo<cr>

CCENT™ Network Visualizer® 6.0 only supports IP ping at this time.

3. You can also use the traceroute program to find the path a packet takes as it traverses an internetwork. Traceroute can also be used with multiple protocols.

traceroute - a TCP/IP utility that allows a user to determine if two computers are communicating successfully with each other. This network tool is used to determine the route taken by packets across an IP network. The time and location of the route taken to reach its destination computer is displayed. Traceroute works at layer 3 of the OSI model.

2621A#traceroute ? WORD Trace route to destination address or hostname

appletalk AppleTalk Trace

clns ISO CLNS Trace

ip IP Trace

oldvines Vines Trace (Cisco)

vines Vines Trace (Banyan)

<cr>

CCENT™ Network Visualizer® 6.0 only supports IP with the trace command.

4. Telnet can be used to test IP connectivity and to gain access into remote routers. Once you gain access into the remote router you can interact with the device as though you are physically in front of it. From the router prompt, you do not need to type the telnet command. If you just type a hostname or IP address, it will assume you want to telnet. The following example shows how to use telnet from a router prompt. However, you need to have a configured a working network and destination host for telnet to be successful. We�ll use telnet more in other labs.

2621A#telnet ? WORD IP address or hostname of a remote system

<cr>

5. Another way to verify your configuration is by typing show interface commands. The first command is show interface?, which shows us all the available configured or physical interfaces for a device. The only interfaces that are not logical are FastEthernet and Serial.

2621A#sh int ?FastEthernet FastEthernet IEEE 802.3Loopback Loopback interfaceNull Null interfaceSerial Serialaccounting Show interface accountingcrb Show interface routing/bridging infofair-queue Show interface Weighted Fair Queueing (WFQ) infoirb Show interface routing/bridging infomac-accounting Show interface MAC accounting infoprecedence Show interface precedence accounting inforandom-detect Show interface Weighted Random Early Detection (WRED) inforate-limit Show interface rate-limit infotype Show vlan types| Output modifiers<cr>

6. You can be specific with the command and use show interface FastEthernet 0/0, or serial 0/0.

2621A#sh int fa0/0FastEthernet0/0 is up, line protocol is upHardware is AmdFE, address is 00b0.af40.3e18 (bia 00b0.af40.3e18)

Description: Sales LanInternet address is 172.16.10.2/24MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,reliablility 255/255, txload 1/255, rxload 1/255Encapsulation ARPA, loopback not setKeepalive set (10 sec)Full -duplex, 100Mb/s, 100BaseTX/FXARP type: ARPA, ARP Timeout 04:00:00Last input 00:00:50, output 00:00:04, output hang neverLast clearing of "show interface" counters neverQueueing strategy: fifoOutput queue 0/40, 0 drops; input queue 0/75, 0 drops5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 1000 bits/sec, 0 packets/sec 588 packets input, 74628 bytes Received 588 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast 0 input packets with dribble condition detected 231 packets output, 53712 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out--More--

[output cut]

7. Use the show controllers command to display information about the physical interface itself. It will also give you the type of serial cable plugged into a serial port. Typically this will only be a DTE cable, which then plugs into a type of Data Service Unit (DSU).

2621A#sh controllers s 0/0Interface Serial0/0Hardware is PowerQUICC MPC860DCE V.35, clock rate 64000idb at 0x813CA7B4, driver data structure at 0x813D1CE8

[output cut]

8. Clear all configurations. You will want to clear the configurations for any router that you have entered information, up to this point. This will allow you to configure the devices according to the suggested labs without any extraneous information.

2621A#erase startup-configErasing the nvram filesystem will remove all configuration files! Continue? [con

firm]enter[OK]


2621A#

01:58:09: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

2621A#reloadSystem configuration has been modified. Save? [yes/no]: noProceed with reload? [confirm] enterWould you like to enter the initial configuration dialog? [yes/no]: n

Lab 4.19: do CommandThe do command allows you ping other devices and view configurations while in the global configuration mode. Before IOS version 12.3, you could not use the do command. You had to be in user or privileged mode in order to ping other devices or view configurations. However, beginning with IOS version 12.3 you can use the do command in the configuration mode to accomplish this. With IOS version 12.2 you can also use the do command if you have the IOS Special Edition (SE). The do command is convenient because you do not have to exit the current configuration mode and perform the command in the privileged mode.

With CCENT™ Network Visualizer® 6.0 there are three devices that will allow you to use the do command in global configuration mode:

2811 router

2960 switch

3560 switch





Router>

Router>enable4. Change to the global configuration mode. Perform the do show run command and the do show int s /0/0/0 comamnd.

Router#

Router#config tRouter(config)#do show runBuilding configuration...

Current configuration : 3401 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!

[output cut]

Router(config)#do show int s 0/0/0Serial0/0/0 is administratively down, line protocol is down Hardware is GT96K Serial MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set Keepalive set (10) Last input 00:00:02, output 00:00:06, output hang never Last clearing of "show interface" counters 02:41:59 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1645 packets input, 100265 bytes, 0 no buffer Received 1139 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

1662 packets output, 105842 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 2 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

5. On the Network Visualizer screen, double-click on 3560 Switch A. This will bring up a console screen.

6. Press enter and the Switch> prompt will appear. You are now in the user mode.


Switch>

Switch>enable8. Change to the global configuration mode. Perform the do show run command.

Switch#

Switchconfig t3560A(config)#do show runBuilding configuration...

Current configuration : 898 bytes!version 12.2no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!no aaa new-modelsystem mtu routing 1500ip subnet-zero!!!!no file verify autospanning-tree mode pvstspanning-tree extend system-id!vlan internal allocation policy ascending!interface FastEthernet0/1

[output cut]

Introduction to IP RoutingThis section will discuss the IP routing process. This is an important subject to understand as it pertains to all routers and configurations that use IP. IP routing is the process of moving packets from one network to another network and delivering the packets to hosts. This section will give you the background on how to configure and verify IP routing with Cisco routers.

Suggested Reading: Please read chapter 4 (on SDM) and chapter 6 in the Sybex CCNA Study Guide, Sixth Edition, before performing the following labs.

The following labs are covered in this section:

5.1: Configuring the SDM for the 2811 Router

5.2: Connecting to the SDM using the 2811 Router

5.3: Configuring an Interface with SDM

5.4: Configuring DHCP with SDM

5.5: Configuring Other Items with SDM

5.6: Verifying Configurations with SDM

5.7: Configuring the Routers

5.8: Verifying the Configurations

5.9: Configuring Static Routing

5.10: Verifying Static Routing

5.11: Configuring and Verifying Hosts

5.12: Configuring Default Routing

5.13: Verifying Default Routing

5.14: Configuring RIP Routing

5.15: Verifying RIP Routing

5.16: Configuring RIPv2

5.17: Verifying RIPv2

5.18: Configuring IGRP

5.19: Verifying IGRP

The following commands are used in this section:

Command Meaning

debug ip igrp events Provides a summary of the IGRP routing information running on the network

debug ip igrp transactions

Shows message requests from neighbor routers asking for an update and the broadcasts sent from your router towards that neighbor router

debug ip rip Sends console messages displaying information about RIP packets being sent

and received on a router interface

ip classless Global configuration command used to tell a router to forward packets to a default route when the destination network is not in the routing table

ip route Creates static and default routes on a router

network Tells the routing protocol what network to advertise

no auto-summarization

Disable auto summarization

no ip route Removes a static or default route

router eigrp as Turns on IP EIGRP routing on a router

router igrp as Turns on IP IGRP routing on a router

router RIP Turns on IP RIP routing on a router

show ip protocols Shows the routing protocols and timers associated with each routing protocol configured on a router

show ip route Displays the IP routing table

show protocols Shows the routed protocols and network addresses configured on each interface

version 2 Enables rip version 2

Lab 5.1: Configuring the SDM for the 2811 Router

Cisco® SDM is a Web-based device-management tool for routers. The SDM is a graphical user interface that allows you to quickly configure the 2811 router. After the initial setup, no interaction with the command line interface (CLI) is required.

Please Note: Before you can use SDM, you must first manually configure router 2811 A with the CLI. In this lab we will configure router 2811 A. Then, there are two more steps that must be finished before you can launch the SDM:

Configure Host A because that is where we will launching SDM

Set up https services on the router so you can configure the 2811A router via a secure web browser

Network Layout: Load SDM Layout.rsm before going through the following lab.

1. On the Network Visualizer screen, click on the File menu and then click Open.

2. When the dialog box appears, make sure you are in the Networks folder.

3. Click on the file SDM Layout.rsm and click OK.

Lab Steps1. Double-click 2811 Router A. After the console screen comes up set the hostname and IP addresses of each interface.

Router>enableRouter#config tRouter(config)#hostname 2811A2811A(config-line)#interface fastethernet 0/02811A(config-if)#ip address 172.16.10.1 255.255.255.02811A(config-if)#no shutdownRouter(config-if)#interface fastethernet0/12811A(config-if)#ip address 172.16.20.1 255.255.255.02811A(config-if)#no shutdown2811A(config)#exit2811A#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]2811A#

2. Close the console screen.

3. Right-click on Host A.

4. Click on the Configs button.

5. On Host A configure:

IP Address

Subnet Mask

Default Gateway

IP Address: 172.16.10.5Subnet Mask: 255.255.255.0Default Gateway: 172.16.10.16. Click the OK button and then the Close button.

7. Bring up the console screen for router 2811 A by double clicking on the router. Verify you can reach Host A.

2811A#ping 172.16.10.5If all is well, you should get the following output from the router!

Sending 5, 100-byte ICMP Echos to 172.16.10.5, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms2811A#

8. Configure HTTPS on the router 2811 A and verify your configurations.

2811A(config-if)#exit2811A(config)#ip http server2811A(config)#ip http secure-server% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]2811A(config)#ip http authentication local2811A(config)#username cisco privilege 15 password 0 cisco2811A(config)#line console 02811A(config-line)#login local

2811A(config-line)#line vty 0 11802811A(config-line)#privilege level 152811A(config-line)#login local2811A(config-line)#transport input telnet2811A(config-line)#transport input telnet ssh2811A(config-line)#exit2811A(config)#do show runNote: Before IOS version 12.3, you could not use the do command. You had to be in user or privileged mode in order to ping other devices or view configurations. However, beginning with IOS version 12.3 you can use the do command in the configuration mode to accomplish this.

You should now be able to launch the SDM.

Rename and Save Your File: Make sure you save the actual network layout file that you have been working with. You might want to save it to another file name than SDM Layout.rsm. This allows you to start over with a non-configured network if you wish.

1. There are two ways you can save a network layout. The first way is by clicking on the Diskette button on the button bar, at the top of the Network Visualizer screen. You can also click File on the menu and choose Save from the drop down menu.

2. A dialog box will appear. At the bottom you will see the file name SDM Layout.rsm. Rename the file. For example, you could name it My SDM Layout.rsm.

3. Click the Save button. At this point your network layout has been saved to a new name. You then have the option of reloading SDM Layout.rsm which is non-configured.

4.

Lab 5.2: Connecting to the SDM using the 2811 Router

Now that we have configured router 2811 A with HTTPS, we can launch SDM via Host A.

Network Layout: Load SDM Layout.rsm or whatever you named the file when you saved your work.

Lab Steps1. Put your cusor over Host A and click your right mouse button.

2. Click the Web Browser button.

3. When the web browser appears, enter the URL https://172.16.10.1 and press enter.4. Select Yes when the Security Alert Dialog appears.

Please Note: The following screen may be different, depending on the web browser that you use.

5. When the username and password dialog appears, enter the username and password that you created, in lab 5.1, Step 8.

Username: cisco

Password: cisco

6. The SDM Launch screen will appear.

Please Note: Do not close this window, it will shut down the SDM. Just minimize the window until you shut down SDM.

7. When the Warning Security Dialog appears, check the Always trust content from publisher option and then select Yes.

8. When the username and password dialog appears again, enter the username and password that you created, in lab 5.1, Step 8.

Username: cisco

Password: cisco

9. When the Change Default User Name and Password dialog screen appears, change your username and password.

Please Note: You will not see the following screen after your initial launch of the SDM.

You will be prompted to enter the new username and password that you just created. The SDM will load the configuration from router 2811A and you should now be connected to the router via the SDM application.

10. When you are finished with the SDM, close the SDM application, SDM launch page, and the Web browser.

Lab 5.3: Configuring an Interface with SDMIn this lab you will learn how to configure an IP address on a router interface of 2811 A, using the SDM.

Please Note: You must manually configure the interface of the 2811 A router before using the SDM to modify it. See Lab 5.1 on how to configure router 2811 A. If the SDM is not running, refer to lab 5.2 on how to load it.


Now that you have the SDM application up and running, you will see the main SDM window.

Lab Steps1. Click on the Configure button (upper left corner of the screen) and a configuration window is displayed.

2. Then click on the Interface and Connections button.

3. Click the Edit Interface/Connection tab, and the Edit Interface connection tab is displayed.

4. Double click on the line that displays FastEthernet0/1

. . . and the Interface Feature Edit Dialog screen appears:

5. With the Interface Feature Edit dialog open, you can enter a new IP Address and subnet mask in the appropriate fields.

6. Click the OK button to change the IP Address and subnet mask or click the Cancel button to exit. When a new configuration is sent to the router a Command Delivery Status dialog appears.

Please Note: When a new configuration is sent to the router a Command deliver window appears.

7. Save your configuration by clicking the Save button at the top of the screen.

You will see the following dialog box. Click the Yes button to continue.

Lab 5.4: Configuring a DHCP Pool with SDMThis lab will have you use the SDM to configure a DHCP Pool on your 2811 A router.



Lab Steps1. Click on the Additional Tasks button located on the sidebar menu at the bottom left of the screen. If the Additional Task button is not visible, scroll the side bar menu down until it appears. The Additional Task window will appear

2. Expand the DHCP tree item by clicking the plus sign next to DHCP.

3. Click on DHCP Pools and the DHCP Pools window will appear.

4. Click the Add button and the DHCP Pool Dialog screen will appear.

5. Configure your DHCP pool and then select the OK button.

Please Note: When a new configuration is sent to the router a Command Delivery Status window appears.

6. Save your configuration by clicking the Save button.

Lab 5.5: Configuring Other Items with SDMThis lab will have you use the SDM to configure the hostname, the banner (message of the day), the IP domain-name, and the enable secret password.



Lab Steps1. Click on the Router Properties tree item and the Device Properties screen will appear.

2. Click the Edit button on the upper right side of the screen and the Device Properties dialog screen will appear.

3. Enter a hostname, an IP domain-name, and the message of the day banner.

4. With the Device Properties dialog still open, click on the Secret Password tab and configure your new password and then click OK.

Please Note:When a new configuration is sent to the router a Command Delivery Status dialog appears.

5. Save your configuration by clicking the Save button.

Lab 5.6: Verify Your Configurations with SDM

This lab will have you verify your new router configurations.



Lab Steps1. From your current SDM window, click on the Home button located at the top of the screen. You should see the following screen:

2. Click on the View Running Config button on the middle right area of the screen. The Show Running

Configuration screen will appear.

3. Scroll through the running configuration so you can view your configurations.

4. Click the Close button when you are finished.

5. Close the SDM application.

6.

Lab 5.7: Configuring the RoutersIn this lab you will interact with routers, starting with 2621 A and working through 2811 A, and then finishing with router 2621 B. After the configurations are complete, we will then build the routing tables.

Suggested Reading: Please read chapter 6 in the Sybex CCNA Study Guide, Sixth Edition, before performing the following labs.

Network Layout: Load Standard Layout.rsm before going through the following lab.



3. Click on the file Standard Layout.rsm and click OK.

Lab Steps1. Double-click 2621 Router A. After the console screen comes up set the

Hostname

Passwords

Interface descriptions

Banners

IP addresses of each interface

Router>enableRouter#config tRouter(config)#hostname 2621A2621A(config)#enable secret todd2621A(config)#line console 02621A(config-line)#password todd2621A(config-line)#login2621A(config-line)#line aux 02621A(config-line)#password todd2621A(config-line)#login2621A(config-line)#line vty 0 42621A(config-line)#password todd2621A(config-line)#login2621A(config-line)#interface fastethernet 0/02621A(config-if)#ip address 172.16.40.1 255.255.255.02621A(config-if)#description connection to LAN 402621A(config-if)#no shutdown2621A(config-if)#interface serial 0/0

2621A(config-if)#ip address 172.16.20.2 255.255.255.02621A(config-if)#description connection to 2811A2621A(config-if)#no shutdown2621A(config-if)#exit2621A(config)#banner motd #This is the router 2621A#

2621A(config)#exit2621A#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]2621A#

2. Double-click 2811 Router A. After the console screen comes up set the

Hostname

Passwords


Banners


Router>enableRouter#config tRouter(config)#hostname 2811A2811A(config)#enable secret todd2811A(config)#line console 02811A(config-line)#password todd2811A(config-line)#login2811A(config-line)#line aux 02811A(config-line)#password todd2811A(config-line)#login2811A(config-line)#line vty 0 11802811A(config-line)#password todd2811A(config-line)#login2811A(config-line)#interface fastethernet 0/0

2811A(config-if)#ip address 172.16.10.1 255.255.255.02811A(config-if)#description connection to LAN 102811A(config-if)#no shutdown2811A(config-if)#interface serial 0/1/12811A(config-if)#ip address 172.16.20.1 255.255.255.02811A(config-if)#description connection to 2621A2811A(config-if)#no shutdown2811A(config-if)#interface serial 0/0/12811A(config-if)#ip address 172.16.30.1 255.255.255.02811A(config-if)#description connection to 2621B2811A(config-if)#no shutdown2811A(config-if)#exit2811A(config)#banner motd #This is the router 2811A#

2811A(config)#exit2811A#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]2811A#

clock rate - it is important to understand clocking on and interface. On a real connection, clocking issues will typically cause data loss and or packet errors. You will also see framing slips on a carrier circuit when there is a clocking issue.

You do not have to set a clock rate if the DCE side of your connection is a 2811 router. The clock rate for the serial interface is set by default to 2000000. However, on the 2621 router you still need to explicity set the clock rate. In our lab the DCE side of the connection is interface serial 0/1/1 and serial 0/0/1.

finding DCE - DCE (data communications equipment) is the side of the connection that provides the clocking. Unless it is a 2811 router, you would enter the clock rate on the DCE side of a connection between routers. If you cannot remember what side of your connection is DCE, you can use the show controllers command. Here is an example:

2811#show controllers s0/1/1Interface Serial0/1/1Hardware is GT96KDCE V.35, clock rate 2000000idb at 0x454E69C8, driver data structure at 0x454EE0ECwic_info 0x454EE6E8Physical Port 0, SCC Num 0[output cut]

The DCE connection is associated with s0/1/1 and a clockrate of 2000000

3. Double-click 2621 Router B. After the console screen comes up set the

Hostname

Passwords


Banners


Router>enableRouter#config tRouter(config)#hostname 2621B2621B(config)#enable secret todd2621B(config)#line console 02621B(config-line)#password todd2621B(config-line)#login2621B(config-line)#line aux 02621B(config-line)#password todd2621B(config-line)#login2621B(config-line)#line vty 0 42621B(config-line)#password todd2621B(config-line)#login2621B(config-line)#interface fastethernet 0/12621B(config-if)#ip address 172.16.50.1 255.255.255.02621B(config-if)#description connection to LAN 502621B(config-if)#no shutdown2621Bconfig-if)#interface serial 0/02621B(config-if)#ip address 172.16.30.2 255.255.255.0

2621B(config-if)#description connection to 2811A2621B(config-if)#no shutdown2621B(config-if)#exit2621B(config)#banner motd #This is the router 2621B#

2621B(config)#exit2621B#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]2621B#

Rename and Save Your File: Make sure you save the actual network layout file that you have been working with. You might want to save it to another file name than Standard Layout.rsm. This allows you to start over with a non-configured network if you wish.

1. There are two ways you can save a network layout. The first way is by clicking on the Diskette button on the button bar, at the top of the Network Visualizer screen. You can also click File on the menu and choose Save from the drop down menu.

2. A dialog box will appear. At the bottom you will see the file name Standard Layout.rsm. Rename the file. In the following example it is renamed My Standard Layout.rsm.

3. Click the Save button. At this point your network layout has been saved to a new name. You then have the option of reloading Standard Layout.rsm which is non-configured.

4.

Lab 5.8: Verifying the ConfigurationsUnderstanding how to configure routers is very important. But just as important as the understanding of configuring routers is the process of verifying your configurations. This lab will provide you with the commands to verify your routers configurations.

Network Layout: Load Standard Layout.rsm or whatever you named the file when you saved your work.

Lab Steps1. Starting at the 2621 A router and finishing at the 2621 B router, run the following two commands:

2621A#show running-configBuilding configuration...Current configuration : 625 bytes!version 12.2service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname 2621A!enable secret 5 $1$u76B$IOFVJ7VxfVXYVpGDrFTcI0!ip subnet-zero!!!!!interface FastEthernet0/0 description connection to LAN 40

[output cut]

2621A#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR, P - periodic downloaded static route T - traffic engineered route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 2 subnetsC 172.16.40.0 is directly connected, FastEthernet0/0C 172.16.20.0 is directly connected, Serial0/0

2621A#

show ip route - is used to see the routing table on your router. It is important to notice that only the directly connected networks are showing in the routing tables being displayed. This means the routers can only route to directly connected networks. In order to send packets to another network not in the current routing table, we must configure the router with static or dynamic routing so that the router knows how to get to the remote network.

Notice that the running-config shows the complete configuration your router is running.

2. Run through the verification commands on the other routers.

2811A#show running-config2811A#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR, P - periodic downloaded static route T - traffic engineered route


172.16.0.0/24 is subnetted, 3 subnetsC 172.16.30.0 is directly connected, Serial0/0/1C 172.16.20.0 is directly connected, Serial0/1/1C 172.16.10.0 is directly connected, FastEthernet0/02811A#

2621B#show running-config2621B#show ip route

Practice Scenario: IP Addressing Scheme and IP Services

Configure DHCP

Now that you have learned about some concepts and completed some hands-on work, try your problem-solving and troubleshooting skills with the following task. To complete your task you will need a network to interfact with a scenario and the task(s) at hand.

When you have finished with this lab ...You can check your work by clicking the Grade Me button in the upper right hand corner of the Network Visualizer screen.

You will see a report that will display:

The name of the command entered for this lab

The expected configuration

Your configuration

The result for each command. You will see a green check mark (meaning that you got it correct) or a red X

A score of the number of correct answers out of the total possible

Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, IP Addressing Scheme and IP Services, and Configure DHCP.

Turn On Hostnames:In some of the practice labs we refer to the hostname of a device. Therefore, we need to make sure that Hostnames is turned on for this lab. On the Network Visualizer screen click View and then click Hostnames so that it has a checkmark next to it.

Scenario:The senior network administrator at Green Product Inc has asked you, the junior network administrator to configure a DHCP address pool.

Task:Configure a DHCP address pool on the InterVlan-RTR router

The DHCP pool name is Fabrication_Network

The DHCP pool network is 192.168.10.0/24

Exclude the first 50 addresses from the pool

The default router is 192.168.10.1

The domain name is Green_Products_Inc.com

The DNS server is 192.168.10.50

The DHCP lease time is 80 hours

Lab 5.9: Configuring Static RoutingThis lab will have you build the routing tables by hand, which means you will create static routing tables on each router. This will allow you to route throughout the entire network. At this point you can only route to directly connected networks of each router. Remember that the routing will not work until all static routes are configured in all routers.

static route - is a manually hard coded routing statement that creates a route in the routing table of a router. The static route specifies how the router will get to a certain network by using a certain path. Static routing refers to the manual method used to set up routing. This method has the advantage of being simple to create and predictable in its functionality. It is easy to manage in small networks but in larger ones it is difficult to set up and manage all possible static routes. Static routes are not dynamically responsive to topology changes in a network.


Lab Steps1. From the 2621 A router, use the ip route command to configure static routing. The 2621 A router is connected to networks 172.16.20.0 and 172.16.40.0 and a static route must be configured for EVERY network that is not directly connected. The next hop gateway is always 172.16.20.1 (router 2811 A).

2621A#config t2621A(config)#ip route 172.16.10.0 255.255.255.0 172.16.20.12621A(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.12621A(config)#ip route 172.16.50.0 255.255.255.0 172.16.20.12621A(config)#exit2621A#copy run start

anatomy of a command:ip route 172.16.10.0 255.255.255.0 172.16.20.1

ip route - tells the system we are entering a static route

172.16.10.0 - this is the destination ip network address, where we want to send packets

255.255.255.0 - the mask of the destination ip network

172.16.20.1 - the IP address of the next hop used to reach the destination address

2. From the 2621 B router, use the ip route command to configure static routing. The 2621 B router is connected to networks 172.16.30.0 and 172.16.50.0 and a static route must be configured for EVERY network that is not directly connected. The next hop gateway is always 172.16.30.1 (router 2811 A).

2621B#config t2621B(config)#ip route 172.16.10.0 255.255.255.0 172.16.30.12621B(config)#ip route 172.16.20.0 255.255.255.0 172.16.30.12621B(config)#ip route 172.16.40.0 255.255.255.0 172.16.30.1

2621B(config)#exit2621B#copy run start3. From the 2811 A router, use the ip route command to configure static routing. The 2811 A router is connected to networks 172.16.10.0, 172.16.20.0 and 172.16.30.0 and a static route must be configured for EVERY network that is not directly connected. The next hop gateway will be either to the 2621 A router or the 2621 B router.

2811A#config t2811A(config)#ip route 172.16.40.0 255.255.255.0 172.16.20.22811A(config)#ip route 172.16.50.0 255.255.255.0 172.16.30.22811A(config)#exit2811A#copy run start

directly connected routes - In the preceding set of ip route commands for router 2811 A, routes are not established for networks 20 and 30. The 2811 A router knows about these networks (routes) because they are directly connected to the router. Therefore you do not have to enter ip route commands for these two networks; only for networks that are not directly connected to the 2811 A router, such as networks 40 and 50.

Save Your File: Make sure you save the network layout file that you have been working with.

Lab 5.10: Verifying Static RoutingIt is important to be able to verify your configurations. The best command to use is show ip route. However, if a route is not in your routing table, make sure it is correctly configured in the running-config. If you see a routing entry in the running-config but it is not in the routing table, check the entry for a typo. If it is correct, then make sure the link to that network is up.


Lab Steps1. From the 2621 A router, use the show ip route command to verify your routing table.

2621A#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR, P - periodic downloaded static route T - traffic engineered route


172.16.0.0/24 is subnetted, 5 subnetsS 172.16.30.0 [1/0] via 172.16.20.1C 172.16.40.0 is directly connected, FastEthernet0/0S 172.16.50.0 [1/0] via 172.16.20.1C 172.16.20.0 is directly connected, Serial0/0S 172.16.10.0 [1/0] via 172.16.20.12621A#

Anatomy of a Routing Table

Output Description Metric

172.16.0.0/24 is subnetted, 5 subnets

class B network 172.16.0.0 is subnetted into 5 class C networks.

/24 means a class C networkThe 5 subnetted Class C networks are:172.16.50.0172.16.40.0172.16.30.0 172.16.20.0172.16.10.0

S 172.16.30.0 [1/0] via 172.16.20.1

any packets destined for network 172.16.30.0 are forwarded to the next hop router with the ip address of 172.16.20.1

S means the route is a static route and was manually added using the “ip route command”

[1/0] is the administrative distance (1) and routing metric (0)

C 172.16.40.0 is directly connected, FastEthernet0/0

any packets destined for network 172.16.40.0 are forwarded to the ip address assigned to the FastEthernet0/0

C means the route is directly connected to the local router’s FastEthernet0/0 interface The route is automatically added to the local routing table when

interfaceF0/0 is assigned an ip address, has a physical cable connection, and is turned up for service.

S 172.16.50.0 [1/0] via 172.16.20.1


S means the route is a static route and was manually added using the "ip route command”


C 172.16.20.0 is directly connected, Serial0/0

any packets destined for network 172.16.20.0 are forwarded to ip address assigned to the Serial0/0 interface

C means the route is directly connected to the local router's Serial0/0 interface The route is automatically added to the local routing table when S0/0 is assigned an ip address, has a physical cable connection, and is turned up for service.

S 172.16.10.0 [1/0] via 172.16.20.1


S means the route is a static route and was manually added using the “ip route command”


2. From the 2621 B router, use the show ip route command to verify your routing table.

2621B#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR, P - periodic downloaded static route T - traffic engineered route


172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0S 172.16.40.0 [1/0] via 172.16.30.1C 172.16.50.0 is directly connected, FastEthernet0/0S 172.16.20.0 [1/0] via 172.16.30.1S 172.16.10.0 [1/0] via 172.16.30.12621B#

3. From the 2811 A router, use the show ip route command to verify your routing table. We will purposely go into the global configuration mode in order to use the do command.

2811A#config t2811A(config#)do show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR, P - periodic downloaded static route T - traffic engineered route


172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0/1S 172.16.40.0 [1/0] via 172.16.20.2S 172.16.50.0 [1/0] via 172.16.30.2C 172.16.20.0 is directly connected, Serial0/1/1C 172.16.10.0 is directly connected, FastEthernet0/02811A#

4. Once you verify the routing tables in all routers, use the ping command to verify IP connectivity between routers.

2621A#ping 172.16.50.12621A#ping 172.16.30.2

2621B#ping 172.16.40.12621B#ping 172.16.20.2

Practice Scenario: Basic Cisco Router Operations

Configure Static or Default Routes






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure Static or Default Routes - 1.


Scenario:The senior network administrator at Smoke-Alarm Inc would like you to setup static routing on all network routers.

Task:Configure static routing on the R&D_R1 router

Configure static routing on the MARKETING_R1 router

Configure static routing on the Plant-1 router








Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure Static or Default Routes - 2 .


Scenario:The senior network administrator at Widget Inc would like you to setup default routing.

Task:Configure default routing on the R&D_R1 router

Configure default routing on the Plant-1 router

Lab 5.11: Configuring and Verifying the HostsWe will now configure all the hosts in the network and then verify the configurations.


Lab Steps1. Right-click on Host A.

2. Click on the Configs button.

3. On Host A configure:

IP address

Subnet Mask

Default Gateway

IP address - unique identification number for a device that is located on a network. An IP address is equivalent to the address of your home. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 172.16.10.6 could be an IP address.

subnet mask - when you split up an IP network it is used to determine what section or subnet the ip address of networked device belongs to. An IP address has two parts, the network address and the host address.

Let's examine IP address 172.16.10.6. Assuming this is part of a Class B network, the first two numbers (172.16) represent the Class B network address, and the second two numbers (10.6) identify a particular host on this network.

default gateway - ip address configured on a networked device that allows that device to communicate outside of its own subnet. A default gateway is usually a layer 3 device like a router. When a network device wants to get to the Internet, it uses a default gateway. A default gateway ip address is equivalent to the on ramp of a highway.

IP Address: 172.16.10.5Subnet Mask: 255.255.255.0

Default Gateway: 172.16.10.14. Click the OK button and then the Close button.

5. On Host B configure:

IP address

Subnet Mask

Default Gateway


7. On Host C configure:

IP address

Subnet Mask

Default Gateway


9. On Host D configure:

IP address

Subnet Mask

Default Gateway


11. On Host E configure:

IP address

Subnet Mask

Default Gateway


13. On Host F configure:

IP address

Subnet Mask

Default Gateway


15. From each host, ping all other hosts. Here is an example where we ping all others hosts from Host.

Double-click Host D on the network.

C:\>ping 172.16.10.5C:\>ping 172.16.10.6C:\>ping 172.16.10.7C:\>ping 172.16.40.3C:\>ping 172.16.50.3Save Your File: Make sure you save the network layout file that you have been working with.

Lab 5.12: Configuring Default RoutingStatic routing is great in small networks, and is even better when you are trying to learn IP routing since you really have to understand how the network works to make static routing perform correctly. Configuring default routing on a router is not like setting the default gateway on a host. Remember that a router is the default gateway and you cannot set a default gateway on a router. However, you can set what is called a Gateway of Last Resort.

Gateway of Last Resort - if a packet is destined for a network that is not listed in the routing table, the router will forward the packet to the default route.

You can only configure default routing on a router that is connected to a stub network, which means that there is not another router on the connected networks. In other words, there is only one way in and out. Routers 2621 A and 2621 B are stub routers to the LANs because they are the only way in and out of the LAN. Router 2811 A cannot use default routing because it is connected to multiple routes.

To configure default routing, use the ip route command, but instead of using the network and subnet mask, you use all zero (0�s), which mean all networks all masks. You must also use the ip classless command when using default routing. This tells the router to not drop packets, but instead to forward them to the default route address.

Instead of typing all the commands by hand, you can use your up-arrow key to get the command you want to remove. Then press ctrll+a to move your cursor to the beggining of the line, then type no and press enter. This is just an easier way to remove the static routes.


Lab Steps1. Before configuring routers 2621 A and B with default routing, you must remove the static routes we created in lab 5.8. Use the no ip route command.

2621A#config t2621A(config)#no ip route 172.16.10.0 255.255.255.0 172.16.20.12621A(config)#no ip route 172.16.30.0 255.255.255.0 172.16.20.12621A(config)#no ip route 172.16.50.0 255.255.255.0 172.16.20.12621A(config)#exit2621A#copy run start

Anatomy of a command: no ip route 172.16.10.0 255.255.255.0 172.16.20.1

no ip route - tells the system we are removing a static route

172.16.10.0 - this is the destination ip network address, where we want to send packets

255.255.255.0 - the mask of the destination ip network

172.16.20.1 - the IP address of the next hop used to reach the destination address

2. Remove the static routes from the 2621 B router.

2621B#config t2621B(config)#no ip route 172.16.10.0 255.255.255.0 172.16.30.12621B(config)#no ip route 172.16.20.0 255.255.255.0 172.16.30.12621B(config)#no ip route 172.16.40.0 255.255.255.0 172.16.30.12621B(config)#exit2621B#copy run start3. Verify the 2621A and B routers only have the directly connected networks in the routing table.

2621A#show ip route[output cut]



2621B#show ip route[output cut]


172.16.0.0/24 is subnetted, 2 subnetsC 172.16.30.0 is directly connected, Serial0/0C 172.16.50.0 is directly connected, FastEthernet0/0

4. From the 2621 A router, add the default route to router 2811 A. The default route command will tell the router to send all packets destined for any network not in the routing table to the router 2811 A, which will then route the packet.

2621A#config t2621A(config)#ip route 0.0.0.0 0.0.0.0 172.16.20.12621A(config)#ip classless2621A(config)#exit

Anatomy of a command: [default] ip route 0.0.0.0 0.0.0.0 172.16.20.1

ip route - tells the system we are removing a static route

0.0.0.0 - this is a destination ip network address prefix that is not in the local routing table

0.0.0.0 - this is a destination ip network mask prefix that is not in the local routing table

172.16.20.1 - the IP address of the next hop router where packets destined for networks that have no local routing table entry will be forwarded

5. From the 2621 B router, add the default route to router 2811 A. The default route command will tell the router to send all packets destined for any network not in the routing table to the router 2811 A, which will then route the packet.

2621B#config t2621B(config)#ip route 0.0.0.0 0.0.0.0 172.16.30.12621B(config)#ip classless2621B(config)#exitSave Your File: Make sure you save the network layout file that you have been working with.

Lab 5.13: Verifying Default RoutingTo verify the configurations of the default route, use the show ip route and ping commands.


1. Verify that the network is working by using the show ip route command on router 2611 A to verify the routing tables.


Gateway of last resort is 172.16.20.1 to network 0.0.0.0

172.16.0.0/24 is subnetted, 2 subnetsC 172.16.40.0 is directly connected, FastEthernet0/0C 172.16.20.0 is directly connected, Serial0/0S* 0.0.0.0 [1/0] via 172.16.20.1


Gateway of last resort is 172.16.30.1 to network 0.0.0.0

172.16.0.0/24 is subnetted, 2 subnetsC 172.16.30.0 is directly connected, Serial0/0C 172.16.50.0 is directly connected, FastEthernet0/0S* 0.0.0.0 [1/0] via 172.16.30.1

Please Note: The Gateway of Last Resort has now been set because a default route was configured for each router. In router 2621 B, for example, it is denoted by the routing table entry S* 0.0.0.0 [1/0] via 172.16.30.1.

2. Verify your network is working. Ping each host from Host D. Double-click Host D on the network.

C:\>ping 172.16.10.5C:\>ping 172.16.10.6C:\>ping 172.16.10.7C:\>ping 172.16.40.3C:\>ping 172.16.50.3Save Your File: Make sure you save the network layout file that you have been working with.

Lab 5.14: Configuring RIP RoutingConfiguring the routers with static and default routing is interesting to say the least. However, it is not very often that you would use just static and default routing in a network these days. This lab will configure Routing Information Protocol (RIP), one of the first dynamic routing protocols created. It is easy and works pretty well in small to medium size networks.

dynamic routing - the process of routers in an intranet or internet advertising route information automatically between each other. There is typically a common dynamic routing protocol configured on each router. RIP Version 1 and 2, OSPF, EIGRP, and BGP are some examples of dynamic routing protocols. When all routers have received routing updates and have updated routing tables, the network is said to have converged. Convergence means that all routers in the internetwork have the same routing information. At this point, a routed protocol, IP for example, can send user data throughout the internetwork.

Suggested Reading: Please read about RIP in chapter 6 of the Sybex CCNA Study Guide, Sixth Edition.


Lab StepsTo configure RIP routing, you first have to remove the static and default routes configured on the routers. If not, you will have connectivity throughout the network and will not know if you have correctly set up RIP. Removing static and default routes will help you clearly determine when and if you have set up RIP throughout the network. Then use the router rip command to configure RIP. Then tell the routers which networks are advertised with RIP.

1. From the 2621 A router, delete the default route and then verify the routing table with the show ip route command. Only the directly connected networks should be in the routing table.

2621A#config t2621A(config)#no ip route 0.0.0.0 0.0.0.0 172.16.20.12621A(config)#exit2621A#show ip route[output cut]



2. From the 2621 B router, delete the default route and then verify the routing table with the show ip route command. Only the directly connected networks should be in the routing table.

2621B#config t2621B(config)#no ip route 0.0.0.0 0.0.0.0 172.16.30.12621B(config)#exit2621B#show ip route[output cut]


172.16.0.0/24 is subnetted, 2 subnetsC 172.16.30.0 is directly connected, Serial0/0

C 172.16.50.0 is directly connected, FastEthernet0/0

3. From router 2811 A, delete the static routes and then verify the routing table with the show ip route command. Only the directly connected networks should be in the routing table.

2811A#config t2811A(config)#no ip route 172.16.40.0 255.255.255.0 172.16.20.22811A(config)#no ip route 172.16.50.0 255.255.255.0 172.16.30.22811A(config)#do show ip route[output cut]


172.16.0.0/24 is subnetted, 3 subnetsC 172.16.30.0 is directly connected, Serial0/0/1C 172.16.20.0 is directly connected, Serial0/1/1C 172.16.10.0 is directly connected, FastEthernet0/0

Deleting the static and default routes was the hardest part of configuring RIP routing! Now, configure each router with RIP.

4. From the 2621 A router, configure RIP routing and tell RIP the network you want to advertise.

RIP

Stands for routing information protocol

Sends routing-update messages at regular intervals (usually every 30 seconds) and when the network topology changes.

Uses a single metric called a hop, which measures the distance between the source and destination.

Is limited to a hop count of 15. It has a maximum hop count. This means a network cannot be more than 15 hops from the source to the destination. Otherwise the destination is deemed as unreachable.

Has a timeout timer is used so that on a period basis (usually every 30 seconds) for each known route. If the timer times out this usually means that path is no longer available. Therefore that route is removed from routing tables.

Does not support VLSM

router rip command - turns on RIP routing.

network command - should be entered for each of the networks that the router is connected to and is a part of the RIP network. In our network we have only one network, network 172.16.0.0.

2621A#config t2621A(config)#router rip2621A(config-router)#network 172.16.0.02621A(config-router)#ctrl+zThat�s all there is to it! Dynamic routing is easy on small networks. The important thing to notice here is that the network address is a classful address, which means you use the classful boundary.

classful routing - routing protocols (i.e., RIPv1 and IGRP) where subnet masks (routing masks) are not sent in the periodic routing updates. For example, we use 172.16.0.0 class B network address and subnet that network with 24 bits of subnetting. This means the third octet is used for subnets and the fourth octet is the host addresses for each subnet. RIP is a classful routing protocol, which means that you do not type in any subnet addresses, only the class B address. When using a classful network protocol like RIP, make sure that all networked devices have the same subnet mask.

Suggested Reading: Please read about classful routing protocols in chapter 6 of the Sybex CCNA Study Guide, Sixth Edition.

5. From the 2621 B router, configure RIP routing and tell RIP the network you want to advertise.

2621B#config t2621B(config)#router rip2621B(config-router)#network 172.16.0.02621B(config-router)#ctrl+z6. From the 2811 A router, configure RIP routing and tell RIP the network you want to advertise.

2811A#config t2811A(config)#router rip2811A(config-router)#network 172.16.0.02811A(config-router)#ctrl+z


Lab 5.15: Verifying RIP RoutingConfiguring RIP is pretty easy, especially in small networks. It is important to be able to verify RIP on Cisco® routers. This lab will provide you with the commands to verify RIP.


Lab Steps1. From the 2621 A router, use the show ip route command to verify the routing table.

2621A#show ip route172.16.0.0/24 is subnetted, 4 subnets

R 172.16.30.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0C 172.16.40.0 is directly connected, FastEthernet0/0C 172.16.20.0 is directly connected, Serial0/0R 172.16.10.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0R 172.16.50.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0

Notice the R, which means it is a RIP found route. The C is a directly connected network. You should see two directly connected routes and three RIP routes.

2. From the 2621 B router, use the show ip route command to verify the routing table.

2621B#show ip route 172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0R 172.16.40.0 [120/2] via 172.16.30.1, 00:00:21, Serial0/0C 172.16.50.0 is directly connected, FastEthernet0/0R 172.16.20.0 [120/1] via 172.16.30.1, 00:00:21, Serial0/0R 172.16.10.0 [120/1] via 172.16.30.1, 00:00:21, Serial0/0

3. From the 2811 A router, use the show ip route command to verify the routing table.

2811A#show ip route 172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0/1R 172.16.40.0 [120/1] via 172.16.20.2, 00:00:27, Serial0/1/1R 172.16.50.0 [120/1] via 172.16.30.2, 00:00:27, Serial0/0/1C 172.16.20.0 is directly connected, Serial0/1/1C 172.16.10.0 is directly connected, FastEthernet0/0

4. From the 2621 B router, use the debug ip rip command to see RIP updates being sent and received on the router.

2621B#debug ip ripRIP protocol debugging is on2621B#

then after a few seconds ....

*Oct 13 17:19:25.906: RIP: received v1 update from 172.16.30.1 on Serial0/0*Oct 13 17:19:25.906: 172.16.40.0 in 2 hops*Oct 13 17:19:25.906: 172.16.20.0 in 2 hops*Oct 13 17:19:25.906: RIP: received v1 update from 172.16.30.1 on Serial0/0*Oct 13 17:19:25.906: 172.16.40.0 in 3 hops*Oct 13 17:19:25.906: 172.16.20.0 in 3 hops*Oct 13 17:19:25.906: RIP: received v1 update from 172.16.30.1 on Serial0/0*Oct 13 17:19:25.906: 172.16.40.0 in 4 hops*Oct 13 17:19:25.906: 172.16.20.0 in 4 hops*Oct 13 17:19:25.906: RIP: received v1 update from 172.16.30.1 on Serial0/0*Oct 13 17:19:25.906: 172.16.40.0 in 5 hops

[output cut]

5. To turn off debugging, use the no debug ip rip command, or the undebug all command.

2621B#undebug all6. To see detailed information about currently configured protocols on a router, use the show ip protocols command.

2621B#show ip protocolsRouting Protocol is "rip" Sending updates every 30 seconds, next due in 27 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 1, receive any version Interface Send Recv Triggered RIP Key-chain Serial0/0 1 1 2 FastEthernet0/0 1 1 2 Automatic network summarization is in effect Maximum path: 4 Routing for networks: 172.16.0.0 Routing information sources: Gateway Distance Last Update 172.16.30.1 120 00:00:03 Distance: <default is 120>

2621B#

Notice the timers. RIP is sent out every 30 seconds by default. The administrative distance for RIP is 120 by default.

administrative distance - is a measure of the trustworthiness of the source of the routing information. It is reported as a number between 0 and 255. The smaller the number, the more reliable the protocol. If you have, for example, two protocols IGRP and RIP configured on a router, the IGRP routes will be preferred over the RIP routes. This is because you have an administrative distance of 120 for RIP and 100 for IGRP.

Source Default Distance Value

Connected interface 0

Static route 1

Enhanced Interior Gateway Routing Protocol (EIGRP) summary route 5

External Border Gateway Protocol (BGP) 20

Internal EIGRP 90

IGRP 100

OSPF 110

Intermediate System-to-Intermediate System (IS-IS) 115

Routing Information Protocol (RIP) 120

Exterior Gateway Protocol (EGP) 140

On Demand Routing (ODR) 160

External EIGRP 170

Internal BGP 200

Unknown 255

7. Another really good command is the show protocols command, which shows you the routed protocol configuration of each interface.

2621B#show protocolsGlobal values: Internet protocol routing is enabledSerial0/1 is administratively down, line protocol is downSerial0/0 is up, line protocol is up Internet address is 172.16.30.2/24FastEthernet0/1 is administratively down, line protocol is downFastEthernet0/0 is up, line protocol is up Internet address is 172.16.50.1/24

8. From the 2811 A router, use the show protocols command.

2811A#show protocolsGlobal values: Internet protocol routing is enabledSerial0/0/0 is administratively down, line protocol is downSerial0/0/1 is up, line protocol is up Internet address is 172.16.30.1/24Serial0/1/0 is administratively down, line protocol is downSerial0/1/1 is up, line protocol is up Internet address is 172.16.20.1/24FastEthernet0/0 is up, line protocol is up Internet address is 172.16.10.1/24

Lab 5.16: Configuring RIPv2This lab will have you configure RIPv2.

RIPv2 - RIP does not carry subnet information. To overcome this, RIPv2 was created in 1994 to address some deficiencies in RIP. RIPv2 can carry subnet information. RIPv2 sends routing updates via multicast address 224.0.0.9. It also provides support for variable length subnet masks (VLSM) and discontiguous networking. RIPv2 is not automatically turned on with the router rip command. You must also specify it and use the version 2 command.

VLSM (Variable Length Subnet Mask) - the network ip address 192.168.10.0/24 can be used to create subnets that have different subnet masks. You can create subnets 192.168.10.36/30 and 192.168.10.80/29 out of the 192.168.10.0/24 network ip address. You can use the 192.168.10.36/30 networks on your WAN links and 192.168.10.80/29 on one of your LAN segments. It is useful to use VLSM when you have different numbers of networked devices at each of your branch offices. VLSM helps ip administrators use their ip

address resources more efficiently.

discontiguous networking - when a major network like 192.168.10.0 is separated by a different major network like 10.0.0.0. Example: The 192.168.10.0/24 network can be subnetted into two or more networks. The networks 192.168.10.36/30 and 192.168.10.80/29 are configured on different routers. The routers are using the 10.0.0.0 network to connect to each other, thus one major network being separated by another major network.


Lab Steps1. From the 2621 A router, configure RIP routing to use version 2.

2621A#config t2621A(config)#router rip2621A(config-router)#version 22621A(config-router)#ctrl+zThat�s all there is to it! Since we have already added our directly connected networks under router rip in our last lab, we now just have to tell it to run version 2.

2. From the 2621 B router, configure RIP routing to use version 2.

2621B#config t2621B(config)#router rip2621B(config-router)#version 22621B(config-router)#ctrl+z3. From the 2811 A router, configure RIP routing to user version 2.

2811A#config t2811Aconfig)#router rip

2811A(config-router)#version 22811A(config-router)#ctrl+z

Lab 5.17: Verifying the RIPv2 ConfigurationsNow, understand that we did not save bandwidth or CPU cycles on our routers by turning on version 2. The only new feature that is now provided is VLSM support.


Lab Steps1. From the 2621 A router, use the show ip route command to verify the routing table.

2621A#show ip route 172.16.0.0/24 is subnetted, 4 subnets

R 172.16.30.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0C 172.16.40.0 is directly connected, FastEthernet0/0C 172.16.20.0 is directly connected, Serial0/0R 172.16.10.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0R 172.16.50.0 [120/1] via 172.16.20.1, 00:00:13, Serial0/0

Notice the R, which means it is a RIP found route. The C is a directly connected network. The routing tables will look the same as version 1 unless you have VLSM networks configured.

2. From the 2621 B router, use the show ip route command to verify the routing table.

2621B#show ip route 172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0R 172.16.40.0 [120/2] via 172.16.30.1, 00:00:09, Serial0/0C 172.16.50.0 is directly connected, FastEthernet0/0R 172.16.20.0 [120/1] via 172.16.30.1, 00:00:09, Serial0/0R 172.16.10.0 [120/1] via 172.16.30.1, 00:00:09, Serial0/0

3. From the 2811 A router, use the show ip route command to verify the routing table.

2811A#show ip route172.16.0.0/24 is subnetted, 5 subnetsC 172.16.30.0 is directly connected, Serial0/0/1R 172.16.40.0 [120/1] via 172.16.20.2, 00:00:09, Serial0/1/1R 172.16.50.0 [120/1] via 172.16.30.2, 00:00:09, Serial0/0/1C 172.16.20.0 is directly connected, Serial0/1/1C 172.16.10.0 is directly connected, FastEthernet0/0

4. From the 2621A router, use the debug ip rip command to see RIP updates being sent and received on the router.

2621A#debug ip rip5. To turn off debugging, use the no debug ip rip command, or the undebug all command.

2621A#undebug all6. To see the routing protocol timers, use the show ip protocols command.

2621A#show ip protocolsNotice the timers. RIP is sent out every 30 seconds by default. The administrative distance is 120 by default. Both RIPv1 and RIPv2 use the same timers.

7. Another really good command is the show protocols command, which shows you the routed protocol configuration of each interface.

2621A#show protocolsRouting Protocol is "rip" Sending updates every 30 seconds, next due in 27 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 1, version 2 Interface Send Recv Triggered RIP Key-chain Serial0/0 1 1 2 FastEthernet0/0 1 1 2 Automatic network summarization is in effect Maximum path: 4 Routing for networks: 172.16.0.0 Routing information sources: Gateway Distance Last Update 172.16.30.1 120 00:00:03 Distance: <default is 120>

2621B#


Configure RIP Version 2






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure RIP V2 .


Scenario:CAMALOT Research Company has a simple inter-network. The senior network administrator has asked you, the junior network administrator to configure the RIP V2 routing protocol so that the simple inter-network can communicates.

Task:Configure RIP V2 on all routers.

Network Addresses

KING_ARTHUR192.168.100.0/24192.168.200.0/24192.168.80.0/24

PHOENIX 192.168.100.0/24192.168.90.0/24

MERLIN 192.168.200.0/24192.168.70.0/24

Lab 6: Introduction to Managing a Cisco Internetwork

In this section, you will learn how to manage Cisco routers in an internetwork. The Internetworking Operating System (IOS) and configuration files reside in different locations in a Cisco device, and it is important to understand where these files are located and how they work.

Host E is running a TFTP server daemon and will be used in this section to both back up and restore the Cisco IOS and configuration of the 2621 A router.


The following labs are covered:

Lab 6.1: Password Recovery Techniques

Lab 6.2: Backing up a Cisco IOS to a TFTP server

Lab 6.3: Upgrading or restoring a Cisco IOS from a TFTP server

Lab 6.4: Backing up a Cisco router configuration using a TFTP server

Lab 6.5: Restoring a Cisco router configuration from a TFTP server

Lab 6.6: Using the Cisco Discovery Protocol to gather information about neighbor devices

Lab 6.7: Using Telnet

Lab 6.8: Using Secure Shell in Place of Telnet

Lab 6.9: Verifying Secure Shell in Place of Telnet

Lab 6.10: Create a hosts table on a router and resolve host names to IP addresses

The commands covered in this chapter are as follows:

Command Description cdp enable Turns on CDP on an individual interfacecdp holdtime Changes the holdtime of CDP packetscdp run Turns on CDP on a routercdp timer Changes the CDP update timerconfig-register (confreg) Tells the router how to boot and to change the configuration register

settingcopy flash tftp Copies a file from flash memory to a tftp hostcopy run start Copies the running-config file to the startup-config filecopy run tftp Copies the running-config file to a tftp hostcopy tftp flash Copies a file from a tftp host to flash memorycopy tftp run Copies a configuration from a tftp host to the running-config filectrl+shift+6, then X (keyboard combination)

Used to take you back to the originating router when you telnet to numerous routers

disconnect Disconnects a connection to a remote router from the originating routererase startup-config Deletes the contents of NVRAM on a routerexit Disconnects a connection to a remote router via Telnetip host Creates a host table on a routerno cdp enable Turns off CDP on an individual interfaceno cdp run Turns off CDP completely on a routerno ip host Removes a hostname from a host tableo/r 0x2142 Changes a router to boot without using the contents of NVRAMshow cdp Displays the CDP timer and holdtime frequenciesshow cdp entry * Same as show cdp neighbor detail, but does not work on a 1900 switchshow cdp neighbor Shows the directly connected neighbor and the details about themshow cdp neighbor detail Shows the IP address and IOS version and type, and includes all of the

information from the show cdp neighbor command. show cdp traffic Shows the CDP packets sent and received on a device and any errorsshow flash Views the files in flash memoryshow hosts Shows the contents of the host tableshow run Displays the running-config fileshow sessions Shows your connections via Telnet to remote devicesshow start Displays the startup-config fileshow version Displays the IOS type and version as well as the configuration register

Lab 6.1: Password Recovery TechniquesAll Cisco® routers have a 16-bit software register, which is written into NVRAM. By default, the configuration register is set to load the Cisco IOS from flash memory and to look for and load the startup-config file from NVRAM.

By changing the configuration register, you can perform password recovery on a Cisco router.

If you are locked out of a router because you forgot the password, you can change the configuration register to help you recover. Bit 6 in the configuration register is used to tell the router whether or not to use the contents of NVRAM to load a router configuration. The default configuration register value for bit 6 is 0x2102 (the 0 is bit 6), which means that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6, which will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0x2142.

Network Layout: Load Standard Layout.rsm or whatever you named the file when you saved your work while working in section 5.

Lab Steps1. You can see the current value of the configuration register by using the show version command (sh version or show ver for short), as in the following example on the 2621 A router:

2621A#show version Cisco Internetwork Operating System Software

IOS (tm) C2621 Software (C2621-BIN-M), Version 12.2(13)T1, RELEASE SOFTWARE (fc1)

[output cut]

Configuration register is 0x2102

The last information given from this command is the value of the configuration register. In this example, the value is 0x2102, which is the default setting.

2. You can change the configuration register by using the config-register command. For example, the following commands tell the router to boot from ROM monitor mode and then to verify the current configuration register value:

2621A(config)#config-register 0x01012621A(config)#ctrl+z2621A#sh ver[output cut]

Configuration register is 0x2102 (will be 0x0101 at next reload)

Notice that the show version command shows the current configuration register value, as well as what it will be when the router reboots. Any change to the configuration register will not take effect until the router is reloaded.

Suggested Reading: Please see chapter 5 in the Sybex CCNA Study Guide, Sixth Edition, for a complete listing of configuration-register commands.

3. From the 2621 A router, type reload at the privileged mode prompt.

2621A#copy running-config startup-config2621A#reload

4. When the router is rebooting, press and hold ctrl+break on the keyboard, until it takes you into rom monitor mode.

System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)

Copyright (c) 1999 by cisco Systems, Inc.

TAC:Home:SW:IOS:Specials for info

PC = 0xfff0a530, Vector = 0x500, SP = 0x680127b0

C2621 platform with 32768 Kbytes of main memory

PC = 0xfff0a530, Vector = 0x500, SP = 0x80004374

monitor: command "boot" aborted due to user interrupt rommon 1 >

5. To change the bit value on a Cisco 2621 series router, simply enter the confreg (meaning config register) command at the >rommon 1> prompt:

rommon 1 >confreg 0x2142You must reset or power cycle for new config to take effect.

6. At this point, reset the router.

rommon 1 >reset7. When the router reloads, say no to entering setup mode.

8. Enter privledged mode and then type copy startup-config running-config.

9. Change your passwords and then save your configuration with the copy run start command.

10. Change your configuration register back to 0x2102.

rommon 1 > confreg 0x2102

Viewing Passwords on Net Configs screenIf you want to take a peak at all the passwords set for the currently loaded network, you can view these on the Net Configs screen.

1. Click Tools on the main menu of the Network Visualizer screen. Then click the Net Configs sub-menu selection. Or, right mouse click on the Network Visualizer screen and choose Net Configs from the pop-up menu.

From the main menu From the pop-up window

The following information will appear on the Net Configs screen, displaying passwords for every network device.

Lab 6.2: Backing Up the Cisco IOSBefore you upgrade or restore a Cisco® IOS, you should copy the existing file to a tftp host as a backup in case the new image does not work. You can use any tftp host to perform this function. By default, the flash memory in a router is used to store the Cisco® IOS. The following sections describe how to check the amount of flash memory, copy the Cisco® IOS from flash memory to a tftp host, and then copy the IOS from a tftp host to flash memory.

flash memory - is computer memory that can hold information even when the device is powered down. Information can be be written to and stored in this memory.


Lab Steps1. Before you attempt to upgrade the Cisco® IOS on your router with a new IOS file, you should verify that your flash memory has enough room to hold the new image. You can verify the amount of flash memory and the file or files being stored in flash memory by using the show flash command (sh fla for short):

2621A#show flashSystem flash directory:

File Length Name/status

1 6973004 c2621-bin-mz.122-13.T1.bin

[6973068 bytes used, 1415540 available, 8388608 total]

8192K bytes of processor board System flash (Read/Write)

2. The last line in the router output shows that the flash is 8192K or 8MB, which is plenty of room for a new file that we want to use that is 6MB in size. Once you verify that the flash memory can hold the IOS you want to copy into flash memory, you can continue with your backup operation.

3. The key to success in this backup routine is to make sure you have good connectivity to the tftp host. You can check this by pinging the device from the router console prompt, as in the following example:

2621A#ping 172.16.40.3Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.60.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms

4. After you ping the tftp host to make sure that IP is working, you can use the copy flash tftp command to copy the IOS to the tftp host, as shown below. Notice that after you enter the command, the name of the file in flash memory is displayed. This makes it easy for you.

2621A#copy flash tftpSource filename []? c2621-bin-mz.122-13.T1.bin

Address or name of remote host []? 172.16.40.3Destination filename [c2621-bin-mz.122-13.T1.bin]?(press enter)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [output cut]

6973004 bytes copied in 57.704 secs (120841 bytes/sec)

2621A#

5. In this example, the content of flash memory was copied successfully to the tftp host. The address of the remote host is the IP address of the tftp host. The source filename is the file in flash memory. This was a pretty simple process as long as your router can talk to the tftp host.

Lab 6.3: Restoring or Upgrading the Cisco Router IOS

You may need to restore the Cisco® IOS to flash memory to replace an original file that has been damaged or to upgrade the IOS. You can download the file from a tftp host to flash memory by using the copy tftp flash command. This command requires the IP address of the tftp host and the name of the file you want to download to flash memory.

Please Note: No real files are used in this lab. This is just an exercise to show how it is done.

Lab Steps1. Type copy tftp flash command from the 2621A privileged mode prompt. You will see a message informing you that the router must reboot and run a ROM-based IOS image to perform this operation:

2621A#copy tftp flashAddress or name of remote host []? 172.16.40.3Source filename []? c2621-bin-mz.122-13.T1.binDestination filename [c2621-bin-mz.122-13.T1.bin]? (press enter)%Warning:There is a file already existing with this name

Do you want to over write? [confirm] (press enter)Accessing tftp://172.16.40.3/c2621-bin-mz.122-13.T1.bin...

Erase flash: before copying? [confirm] (press enter)Erasing the flash filesystem will remove all files! Continue? [confirm] (press enter)Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased

Erase of flash: complete

Loading c2621-bin-mz.122-13.T1.bin from 1.1.1.1 (via FastEthernet0/0): !!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [output cut]

2. After you tell the router where the file is and the filename, it asks you to confirm that you understand the contents of flash memory will be erased as shown in the output above. You are prompted twice, just to make sure that you really want to proceed with erasing flash memory.

3. The row of e characters shows the contents of flash memory being erased. Each exclamation point (!) means that one UDP segment has been successfully transferred.

Lab 6.4: Backing Up the Cisco ConfigurationAny changes that you make to the router configuration are stored in the running-config file. If you do not perform a copy run start command after you make a change to running-config, that change will be gone if the router reboots or gets powered down. You may want to make another backup of the configuration information as an extra precaution in case the router or switch completely dies or for documentation. The following lab describes how to copy the configuration of a router to a tftp host.


Lab Steps1. To copy the router�s configuration from a router to a tftp host, you can use either the copy running-config tftp or copy starting-config tftp command. Either command will back up the router configuration that is currently running in DRAM or that is stored in NVRAM.

2. To verify the configuration in DRAM, use the show running-config command (sh run for short), as follows:

2621A#sh runBuilding configuration...

Current configuration:

!

version 12.2

[output cut]

The current configuration information indicates that the router is now running version 12.2 of the IOS.

3. Next, you should check the configuration stored in NVRAM. To see this, use the show startup-config command (sh start for short), as follows:

2621A#sh start

Using 781 out of 32762 bytes

!

version 12.2

[output cut]

The second line shows how much room your backup configuration is using. In this example, NVRAM is 32KB and only 781 bytes of it are used. Notice that the version of configuration in NVRAM is 12.2

If you are not sure that the files are the same, and the running-config file is what you want to use, then use the copy running-config startup-config to make sure both files are the same. By copying running-config to NVRAM as a backup, as shown below, you are assured that your running-config will always be reloaded if the router gets rebooted.

2621A#copy run startDestination filename [startup-config]?(press enter)

Building configuration...

[OK]

4. Now when you enter the show starting-config command, the version shows the latest configuration.

2621A#show startup-configUsing 781 out of 32762 bytes

!

version 12.2

5. Once the file is copied to NVRAM, you can make a second backup to a tftp host by using the copy running-config tftp command (copy run tftp for short), as follows:

2621A#copy run tftpAddress or name of remote host []? 172.16.40.3Destination filename [2621A-confg]? enter!!


2621A#

6. Notice that this took only two exclamation points (!), which are two UDP acknowledgments. If you have a hostname configured, the command will automatically use the hostname plus the extension �confg as the name of the file.

Lab 6.5: Restoring the Cisco Router Configuration from a TFTP Server

If you have changed your router�s running-config and want to restore the configuration to the version in startup-config, the easiest way to do this is to use the copy startup-config running-config command (copy start run for short). You can also use the older Cisco® command, config mem, to restore a

configuration. Of course, this will work only if you first copied running-config into NVRAM before making any changes.


Lab Steps1. If you copied the router�s configuration to a tftp host as a second backup, you can restore the configuration using the copy tftp running-config command (copy tftp run for short) or the copy tftp startup-config command (copy tftp start for short), as shown below.

2621A#copy tftp runAddress or name of remote host []? 172.16.40.3Source filename []? 2621A-confgDestination filename [running-config]?(press enter)Accessing tftp://172.16.40.3/2621A-confg...

Loading 2621A-confg from 172.16.40.3 (via Fastethernet 0/0):

!!

[OK - 487/4096 bytes]


2621A#

00:38:31: %SYS-5-CONFIG: Configured from tftp://172.16.40.3/2621A-confg

2621A#

2. After you copy your configuration from a tftp host to your router, you must then enable your interfaces as they are automatically shut down.

3.

Lab 6.6: Using the Cisco Discovery Protocol to Gather Information about Neighbor Devices

Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. You can gather hardware information, as well as protocol information about neighbor devices. This information is useful for troubleshooting and documenting the network.


Lab StepsPlease Note: The 2621 A router and router 2621 B need to be configured in order for output to appear when you go through this lab.

1. First gather CDP information on your router by getting CDP Timers and Holdtime Information. Use the show cdp command (sh cdp for short) which shows information about two CDP global parameters that can be configured on Cisco devices. The output on a router looks like this:

2811A#sh cdpGlobal CDP information: Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Sending CDPv2 advertisements is enabled2811A#

CDP timer is how often CDP packets are transmitted to all active interfaces.

CDP holdtime is the amount of time that the device will hold packets received from neighbor devices.

Both the Cisco routers and the Cisco switches use the same parameters.

2. Use the global commands cdp holdtime and cdp timer to configure the CDP holdtime and timer on a router.

2811A#config t

Enter configuration commands, one per line. End with CTRL/Z.

2811A(config)#cdp ? advertise-v2 CDP sends version-2 advertisements holdtime Specify the holdtime (in sec) to be sent in packets log Log messages generated by CDP run Enable CDP source-interface Insert the interface's IP in all CDP packets timer Specify rate (in sec) at which CDP packets are sent>

2811A(config)#cdp timer 902811A(config)#cdp holdtime 2402811A(config)#ctrl+z3. You can turn off CDP completely on the router with the no cdp run command from global configuration mode of a router. Enable CDP with the cdp run command.

2811A(config)#no cdp run2811 (config)#cdp run2811A(config)#ctrl+z4. To turn off or on CDP on a router interface, use the no cdp enable and cdp enable commands. Enable CDP on the interface with the cdp enable command.

2811A(config)#interface fastethernet 0/02811A(config-if)#no cdp enable2811A(config-if)#cdp enable2811A(config)#ctrl+z5. The show cdp neighbor command (sh cdp nei for short) shows information about directly connected devices. It is important to remember that CDP packets are not passed through a Cisco switch, and you only see what is directly attached. On a router connected to a switch, you will not see the other devices connected to the switch. The following output shows the show cdp neighbor command used on the 2811 A router.

2811A#sh cdp neiDevice ID Local Intrfce Holdtme Capability Platform Port ID2621B Ser 0/0 170 R 2621 Ser 0/0/12621A Ser 0/0 170 R 2621 Ser 0/1/1

2811A#

The following table summarizes the information displayed by the show cdp neighbor command for each device.

Field Description

Device ID The hostname of the device directly connected.

Local The port or interface on which you are receiving the CDP packet.

Interface

Holdtime The amount of time the router will hold the information before discarding it if no more CDP packets are received.

Capability The neighbor�s capability, such as router, switch, or repeater. The capability codes are listed at the top of the command output.

Platform The type of Cisco device. In the above output, a 2811 router , two 2621 routers, a 3550 switch, and a 3560 switch are attached.

Port ID The neighbor device�s port or interface on which the CDP packets are broadcasted out.

6. Another command that provides neighbor information is the show cdp neighbor detail command (show cdp nei de for short), which also can be run on the router or switch. This command shows detailed information about each device connected to the device, as in the router output below.

2811A#sh cdp neighbor detail-------------------------Device ID: 2621BEntry address(es): IP Address: 172.16.30.2Platform: cisco 2621, Capabilities: RouterInterface: Serial0/0, Port ID (outgoing port): Serial0/0/1Holdtime : 146 secVersion :Cisco Internetwork Operating System SoftwareIOS (tm) C2600 Software (C2600-BIN-M), Version 12.2(13)T1, RELEASE SOFTWARE (fc1)TAC Support: http://www.cisco.com/tacCopyright (c) 1986-2003 by Cisco Systems, Inc.Compiled Sat 04-Jan-03 05:58 by ccaiadvertisement version: 2-------------------------Device ID: 2621AEntry address(es): IP Address: 172.16.20.2Platform: cisco 2621, Capabilities: RouterInterface: Serial0/0, Port ID (outgoing port): Serial0/1/1Holdtime : 146 secVersion :Cisco Internetwork Operating System SoftwareIOS (tm) C2600 Software (C2600-BIN-M), Version 12.2(13)T1, RELEASE SOFTWARE (fc1)TAC Support: http://www.cisco.com/tacCopyright (c) 1986-2003 by Cisco Systems, Inc.Compiled Sat 04-Jan-03 05:58 by ccaiadvertisement version: 2-------------------------

2811A#

The output above shows the hostname and IP address of the directly connected devices. In addition to the same information displayed by the show cdp neighbor command, the show cdp neighbor detail command also shows the IOS version of the neighbor device.

7. The show cdp entry * command displays the same information as the show cdp neighbor details command. The following is an example of the router output of the show cdp entry * command.

2811A#sh cdp entry *-------------------------Device ID: 2621BEntry address(es): IP Address: 172.16.30.2Platform: cisco 2621, Capabilities: RouterInterface: Serial0/0, Port ID (outgoing port): Serial0/0/1Holdtime : 146 secVersion :Cisco Internetwork Operating System SoftwareIOS (tm) C2600 Software (C2600-BIN-M), Version 12.2(13)T1, RELEASE SOFTWARE (fc1)TAC Support: http://www.cisco.com/tacCopyright (c) 1986-2003 by Cisco Systems, Inc.Compiled Sat 04-Jan-03 05:58 by ccaiadvertisement version: 2-------------------------Device ID: 2621AEntry address(es): IP Address: 172.16.20.2Platform: cisco 2621, Capabilities: RouterInterface: Serial0/0, Port ID (outgoing port): Serial0/1/1Holdtime : 146 secVersion :Cisco Internetwork Operating System SoftwareIOS (tm) C2600 Software (C2600-BIN-M), Version 12.2(13)T1, RELEASE SOFTWARE (fc1)TAC Support: http://www.cisco.com/tacCopyright (c) 1986-2003 by Cisco Systems, Inc.Compiled Sat 04-Jan-03 05:58 by ccaiadvertisement version: 2-------------------------

2811A#

8. The show cdp traffic command displays information about interface traffic, including the number of CDP packets sent and received and the errors with CDP. The following output shows the show cdp traffic command used on a router.

2811A#sh cdp trafficCDP counters :

Total packets output: 14556, Input: 7366 Hdr syntax: 0, Chksum error: 0, Encaps failed: 0 No memory: 0, Invalid packet: 0, Fragmented: 0

CDP version 1 advertisements output: 0, Input: 0 CDP version 2 advertisements output: 14556, Input: 7366

2811A#

Lab 6.7: Using Telnettelnet - is a virtual terminal protocol that is part of the TCP/IP protocol suite. Telnet allows you to make connections to remote devices and gather information and run programs. To start a Telnet session, logging into a another device requires a valid username and password on the destination hardware.

After your routers and switches are configured, you can use the Telnet program to configure and check your routers and switches instead of needing to use a console cable. You use the Telnet program by typing telnet from any command prompt (DOS or Cisco). VTY passwords must be set on the routers for this to work.

You cannot use CDP to gather information about routers and switches that are not directly connected to your device. However, you can use the Telnet application to connect to your neighbor devices and then run CDP on those remote devices to gather CDP information about remote devices.

In this lab we will telnet from router 2621 B into router 2621 A and switch 3550 A. In a prior lab we have configured router 2621 A but now we need to configure switch 3550 A at the start of this lab.

Network Layout: Load Standard Layout.rsm or whatever you named the file when you saved your work while working in section 5. You need a configured network in order to complete this lab.

Lab Steps1. Double-click switch 3550 A in order to bring up the console screen.

2. Perform the following commands:

Switch>enSwitch#config tEnter configuration commands, one per line. End with CNTL/ZSwitch(config)#

3. To set the IP configuration on a 3550 switch, use the ip address command. However, this is set under the VLAN1 interface, not at global configuration mode like on a 1900 switch. Remember that by default all interfaces are members of VLAN1, which is why the VLAN1 interface is configured by default. Let's also set the hostname so that we can more clearly identify this device when we telnet into in subsquent steps.

Switch(config)#hostname 3550A3550A(config)#interface vlan 13550A(config-if)#ip address 172.16.10.17 255.255.255.04. The default gateway should also be set using the ip default-gateway command. However, unlike the IP address, this is completed at global configuration mode.

3550A(config-if)#exit3550A(config)#ip default-gateway 172.16.10.15. We need to set up a VTY password for the 3550 A switch.

3550A(config)#line vty 0 153550A(config-line)#password todd3550A(config-line)#ctrl+z6. Switch to the 2621 A router via the console menu.

7. For this lab, remove the telnet and enable passwords from the 2621 A router.

2621A>enable2621A#config tEnter configuration commands, one per line. End with CTRL/Z.

2621A(config)#no enable secret2621A(config)#no enable password2621A(config)#line vty 0 42621A(config-line)#no password2621A(config-line)#ctrl+z2621A#

8. You can issue the telnet command from any router prompt, as in the following example from 2621 B to 2621 A:

2621B#telnet 172.16.20.2Trying 172.16.10.2 ... Open

Password required, but none set

[Connection to 172.16.20.2 closed by foreign host]

2621B#

Remember that the VTY ports on a router are configured as login, which means that you must either set the VTY passwords or use the no login command.

9. On a Cisco router, you do not need to use the telnet command. If you just type in an IP address from a command prompt, the router will assume you want to telnet to the device, as shown below:

2621B#172.16.20.2Trying 172.16.10.2 ... Open

Password required, but none set

[Connection to 172.16.20.2 closed by foreign host]

2621B#

10. It�s time to set VTY passwords on the router I want to telnet into. Here is an example of what I did:

2621A#config tEnter configuration commands, one per line. End with CTRL/Z.

2621A(config)#line vty 0 42621A(config-line)#password todd2621A(config-line)#ctrl+z2621A#

11. Now, let�s try connecting to the router again (from the 2621 B router console).

2621B#172.16.20.2Trying 172.16.20.2 ... Open

User Access Verification

Password:

2621A>

12. Remember that the VTY password is the user mode password, not the enable password. Watch what happens when I try to go into privileged mode after telneting into router 2621 A:

2621A>en% No password set

2621A>

This is a good security feature. You don�t want anyone just telneting onto your device and then being able to just type the enable command to get into privileged mode. You must set your enable password or enable secret password to use telnet to configure remote devices.

13. Now, exit out of the 2621 A router.

2621A>exit[Connection to 172.16.20.2 closed by foreign host]2621B#

14. If you telnet to a router or switch, you can end the connection by typing exit at any time. However, what if you want to keep your connection to a remote device but still come back to your original router console? To keep the connection, you can press the Ctrl+Shift+6 key combination, release it, and then press X.

Here�s an example of connecting to multiple devices from the 2621 B router console:



Password:

2621A> [press ctrl+shift+6 then x]2621B#

In the example above, I telneted to the 2621 A router, then typed the password to enter user mode. I then pressed Ctrl+Shift+6, then x (this doesn�t show on the screen output). Notice the command prompt is now back at the 2621 B router.

15. You can also telnet into a switch. In the following example, we telnet to switch 3550 A.



Password:

3550A>

16. At this point, press Ctrl+Shift+6, then X, which will take you back to the 2621 B router console.

2621B#

17. To see the connections made from your router to a remote device, use the show sessions command, as shown below.

2621B#show sessionsConn Host Address Byte Idle Conn Name

1 172.16.20.2 172.16.20.2 0 0 172.16.20.2 * 2 172.16.10.17 172.16.10.17 0 0 172.16.10.17

2621B#

18. Notice the asterisk (*) next to connection 2. This means that session 2 was the last session. You can return to your last session by pressing enter twice. You can also return to any session by typing the number of the connection and pressing enter twice. Here is an example:

2621B#1[Resuming connection 1 to 172.16.20.2 ... ] [press enter]

2621A>

Please Note: When changing windows from Router to Router do not close the window with the x or the telnet information will be lost.

19. You can list all active consoles and VTY ports in use on your router with the show users command. Type show users from the 2621 A router, which the 2621 B router had telneted into.

2621A>show users Line User Host(s) Idle Location 0 con 0 idle 00:00:00* 2 vty 0 idle 00:25:12 172.16.30.2

Interface User Mode Idle Peer Address

2621A>

In the command�s output, the con represents the local console. In this example, the console is connected to two remote IP addresses, or devices. This output shows that the console is active and that VTY port 0 is being used. The asterisk represents the current terminal session user.

20. You can end Telnet sessions a few different ways. Typing exit or disconnect is probably the easiest and quickest. To end a session from a remote device, use the exit command, as shown below.

2621A#exit[Connection to 172.16.20.2 closed by foreign host]

2621B#

21. To end a session from a local device, use the disconnect command, as shown below.

2621B#show sessionsConn Host Address Byte Idle Conn Name* 2 172.16.10.17 172.16.10.17 0 0 172.16.10.17

2621B#disconnect 2Closing connection to 172.16.10.17 [confirm] [enter]

2621B#

In this example, we used the session number 2 because that was the connection to the switch 3550 A that we wanted to end. As explained earlier, you can use the show sessions command to see the connection number.


Lab 6.10: Create a Hosts Table on a Router and Resolve Host Names to IP Addresses

You can use a hostname to connect to a remote device rather than use an IP address. The device that you are using to make the connection from must be able to translate the hostname to an IP address. This lab will show you how to create a hosts table on your router to resolve host names to IP addresses.

Network Layout: Work with the saved network that you used to configure devices in lab 6.7. You need a configured network in order to complete this lab.

Lab Steps1. A host table provides name resolution only on the router on which it was built. The command to build a host table on a router is:

ip host name ip_address2. Here is an example of configuring a host table on the 2621 B router with two entries to resolve the names for the 2621 A router and the 3550 A switch:

2621B#config tEnter configuration commands, one per line. End with CTRL/Z.

2621B(config)#ip host ? WORD Name of host

2621B(config)#ip host 2621A ? <0-65535> Default telnet port number A.B.C.D Host IP address additional Append addresses

2621B(config)#ip host 2621A 172.16.20.2 ? A.B.C.D Host IP address (maximum of 8)

<cr>

2621B(config)#ip host 2621A 172.16.20.22621B(config)#ip host 3550A 172.16.10.172621B(config)#ctrl+z3. To see the host table, use the show hosts command, as shown below .

2621B#sh hostsDefault domain is not setName/address lookup uses domain serviceName servers are 255.255.255.255

Host Flags Age Type Address(es)2621A (perm, OK) 0 IP 172.16.20.2 3550A (perm, OK) 0 IP 172.16.10.17

2621B#

In the router output above, you can see the two hostnames and their associated IP addresses. The perm in the Flags column means the entry is manually configured. If it said temp, it would be an entry resolved by DNS.

4. To verify that the host table resolves names, try typing the hostnames at a router prompt. Remember that if you don�t specify the command, the router assumes you want to telnet. Use the hostnames we just created to telnet into the remote devices and then press Ctrl+Shift+6, then X to return to the main console of the 2621B router.

2621B#2621ATrying 2621A (172.16.20.2)... Open


Password:

2621A>(control+shift+6,then x)2621B#

2621B#3550ATrying 3550A (172.16.40.2)... Open


Password:

3550A#

5. Notice in the entries in the show session output below that the hostname now shows up instead of the IP address because the IP addresses has been resolved.

3550A#sh sessConn Host Address Byte Idle Conn Name

1 2621A 172.16.20.2 0 0 2621A * 2 3550A 172.16.10.17 0 0 3550A

6. You can remove a hostname from the table by using the no ip host command, as in the following example:

3550A>(control+shift+6,then x)2621B#

2621B#config tEnter configuration commands, one per line. End with CTRL/Z.

2621B(config)#no ip host 2621A7. Now remove the other hostname from the table by using the no ip host command.

2621B(config)#no ip host 3550A

Chapter 8: Introduction to Configuring the Catalyst Switch

The following labs will teach you how to connect to the Catalyst 2950 switch and configure LAN switching.


The labs covered in this section include:

8.12: Setting Passwords on the 2950 Switch

8.14: Setting the Hostname on the 2960 Switch

8.16: Configuring the IP address information on a 2960 Switch

8.18: Configuring 2960 Switch Interfaces

8.19: Verifying the 2950 and 2960 Switch IP Connectivity

8.20: Saving and Erasing the 2950 and 2960 Switch Configuration

Lab 8.12: Setting Passwords on the 2960 Switch

This lab will have you work with a 2960 switch, enter global configuration mode and then set the

passwords.


Lab Steps1. Double-click switch 2960 A to open the console screen

OR

Use the console menu to bring up the console for the 2960 A switch.

2. Press enter to connect to the console.

Switch>

3. Enter the enable mode by using the enable command and then enter global configuration mode by using the config t command.

Switch>enableSwitch#config tEnter configuration commands, one per line. End with CTRL/Z

Switch(config)#

4. Once you are in global configuration mode, you can set the user mode and enable mode passwords by using the enable password and enable secret command. The switches output below shows the configuration of both the user mode and enable mode passwords.

Switch(config)#enable password todd

Switch(config)#enable secret ciscoSwitch(config)

Please Note: if you set your enable secret, the enable password is superceded and not used, just like in a router.

5. In addition to the enable password and enable secret, the 2960 switch allows you to set a console and telnet password as well using the line commands, just like in a router.

Switch(config)#line console 0Switch(config-line)#password consoleSwitch(config-line)#login6. Remember that just like in a router, you cannot get help for a line command from within line configuration mode. Type exit to go back one step.

Switch(config-line)#exitSwitch(config)#line vty 0 15Switch(config-line)#password telnetSwitch(config-line)#loginSwitch(config-line)#ctrl+zSwitch#

7. You can use show running-config (show run for short) to see the current configuration on the switch.

Switch#show runBuilding configuration...

Current configuration : 918 bytes!version 12.2no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!enable secret 5 $1$u76B$IOFVJ7VxfVXYVpGDrFTcI0enable password todd!no aaa new-modelsystem mtu routing 1500no ip subnet-zero

[output cut]

Notice the enable mode password is not encrypted by default, but the enable secret is. This is the same password configuration technique that you will find on a router.


Lab 8.14: Setting the Hostname on a 2960 Switch

The hostnames on a switch, as well as on a router, are only locally significant. This means that it doesn�t have any function on the network or used for name resolution whatsoever. However, it is helpful to set a hostname on a switch so that you can identify the switch when connecting to it. A good rule of thumb is to name the switch after the location it is serving.

Network Layout: Work with the saved network that you used to configure devices in lab 8.12.

Lab Steps1. The 2960 switch command to set the hostname is exactly like any router: you use the hostname command. From global configuration mode, type the command hostname hostname.

Switch>enableEnter password: ****Switch#config tEnter configuration commands, one per line. End with CTRL/Z

Switch(config)#hostname 2960A2960A(config)#exit2960A#

Any changes you make in this mode take effect immediately.

Lab 8.16: Configuring IP Address Information on a 2960 Switch

You do not have to set any IP configuration on the switch to make it work. You can just plug in devices and they should start working, just like they would on a hub. The reason you would set the IP address information on the switch is so you can either manage the switch via Telnet or other management software, or you wanted to configure the switch with different VLANs and other network functions.

VLANs are discussed later labs.


Lab Steps1. To set the IP configuration on a 2960 switch, use the ip address command. However, this is set under the VLAN1 interface, not at global configuration mode like on a 1900 switch. Remember that by default all interfaces are members of VLAN1, which is why the VLAN1 interface is configured by default.

2960A#config tEnter configuration commands, one per line. End with CTRL/Z

2960A(config)#interface vlan12960A(config-if)#ip address 172.16.50.2 255.255.255.02960A(config-if)#exit2960A(config)#

2. The default gateway should also be set using the ip default-gateway command. However, unlike the IP address, this is completed at global configuration mode.

2960A(config)#ip default-gateway 172.16.50.12960A(config)#exit2960A#

To change the IP address and default-gateway on the switch, you can either type in new addresses or remove the IP information with the no ip address and no ip default-gateway commands, at the appropriate configuration prompt.

Lab 8.18: Configuring 2960 Switch InterfacesIt is important to understand how to access switch ports. The 2960 switch uses the type slot/port command, just like a 2621 router and just like the 2960 switch. For example, Fastethernet 0/3 is 10/100BaseT port 3.

The 2960 switch type slot/port command can be used with either the interface command or the show command. The interface command allows you to set interface specific configurations. The 2960 switch has only one slot: zero (0), just like the 1900.


Lab Steps1. To configure an interface on a 2960 switch, go to global configuration mode and use the interface command as shown. Since the 2960 switch is not modular, there is only one slot, which is 0, although it lists 0-2 for some odd reason. However, you can only type in �0� as the slot in this program. Any other slot number will give you an error. The next output gives us a slash (/) to separate the slot/port configuration.

2960A#config t2960A(config)#interface fastethernet ? <0-2> FastEthernet interface number

2960A(config)#interface fastethernet 0?/

2960A(config)#interface fastethernet 0/? <0-12> FastEthernet interface number

2. After the 0/configuration command, the above output shows the amount of ports you can configure. The output below shows the completed command.

2960A(config)#interface fastethernet 0/12960A(config-if)#

3. Once you are in interface configuration, the prompt changes to (config-if). You can switch between interface configurations by using the int fa 0/# command at any time from global configuration mode. There are a couple of interface commands that you can configure on the switch. The commands we are interested in are the duplex command and the port fast command.

2960A(config)#int fa0/12960A(config-if)#duplex ? auto Enable AUTO duplex configuration

full Force full duplex operation

half Force half-duplex operation

2960A(config-if)#

4. Since the switch ports are set to �auto� by default, you can change each of the switch ports to always be in full-duplex mode for better performance. This is recommended.

2960A(config-if)#duplex fullDuplex will not be set until speed is set to non-auto value

2960A(config-if)#speed 1005. Notice in the above command that to run full duplex, you must set the speed to 100Mbps. Both the speed and the duplex are set to auto-detect by default, which basically means �not work by default�. It is recommended that you set the speed and duplex of every port.

6. In addition to the duplex commands that can be configured on the switch ports, you also can turn on what is called portfast. This enables a switch port to come up quickly and not to wait the typical 50 seconds for spannign-tree to go through its �I gotta make sure there are no loops!� cycle. However, if you turn portfast on, then you better be sure you do not create a physical loop on the switch network or it will bring your network down. You are basically telling the switch to not check for loops using these ports. Here is how you would enable portfast on a switch port.

2960A(config-if)#spanning-tree ? bpdufilter Don't send or receive BPDUs on this interface

bpduguard Don't accept BPDUs on this interface

cost Change an interface's spanning tree port path cost

guard Change an interface's spanning tree guard mode

link-type Specify a link type for spanning tree protocol use

port-priority Change an interface's spanning tree port priority

portfast Enable an interface to move directly to forwarding on link up

stack-port Enable stack port

vlan VLAN Switch Spanning Tree

7. The command above shows the available options for the spanning-tree command. We want to use the portfast command.

2960A(config-if)#spanning-tree portfast%Warning: portfast should only be enabled on ports connected to a single

host. Connecting hubs, concentrators, switches, bridges, etc... to this

interface when portfast is enabled, can cause temporary bridging loops.

Use with CAUTION

%Portfast has been configured on FastEthernet0/1 but will only

have effect when the interface is in a non-trunking mode.

2960A(config-if)#

8. Notice the message the switch provides when enabling portfast. Although it seems like the command didn�t take effect, as long as the port is in access mode (discussed in a minute), the port will now be in portfast mode.

9. After you make any changes you want to the interfaces, you can view the different interfaces with the show interface command. The switch output below shows the command used to view a 10/100BaseT interface on the 2960 switch.

2960A(config-if)#ctrl+z2960A#sh int f0/1FastEthernet0/1 is down line protocol is down (notconnect) Hardware is FastEthernet, address is 00b0.9eb1.bcd0 (bia 00b0.9eb1.bcd0) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s, media type is 10/100BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:02, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 1000 bits/sec, 1 packets/sec 1097702 packets input, 71821315 bytes, 0 no buffer Received 488076 broadcasts, 0 runts, 0 giants, 0 throttles 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 3752639 multicast, 0 pause input 0 input packets with dribble condition detected 1590235 packets output, 290473092 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out

10. In addition to the show interface command, you can use the show running-config command to see the interface configuration as well.

[output cut]

!


duplex full

speed 100

spanning-tree portfast

!


[output cut]

11. You can administratively set a name for each interface on the 2960 switch. Like the hostname, the descriptions are only locally significant. For the 2960 series switch, use the description command. You can use spaces with the description command, but you can use underlines if you need to.

To set the descriptions, you need to be in interface configuration mode. From interface configuration mode, use the description command to describe each interface.

2960A#config tEnter configuration commands, one per line. End with CTRL/Z

2960A(config)#int fa 0/12960A(config-if)#description Sales VLAN2960A(config-if)#int fa 0/82960A(config-if)#description trunk to Building 82960A(config-if)#

In the configuration example above, we set the description on both port 1 and 12.

12. Once you have configured the descriptions you want on each interface, you can then view the descriptions with either the show interface command, or show running-config command. View the configuration of the Fast Ethernet interface 0/1 by using the show interface fastethernet 0/1 command.

2960A#sh int fa 0/1FastEthernet0/1 is down line protocol is down (notconnect) Hardware is FastEthernet, address is 00b0.9eb1.bcd0 (bia 00b0.9eb1.bcd0) Description: Sales VLAN MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s, media type is 10/100BaseTX

(output cut)

13. Use the show running-config command to view the interface configurations as well.

2960A#sh run[output cut]

!interface FastEthernet0/1 description "Sales VLAN" duplex full speed 100 spanning-tree portfast!

[output cut]

Notice in the above switch output that the sh int fa0/1 command and the show run command both show the description command set on an interface.

Lab 8.19: Verifying the 2960 Switch IP Connectivity

It is important to test the switch IP configuration. You can use the ping program, and you can telnet into the 2960 switch. However, you cannot telnet from the 2960 switch or use traceroute.


1. In the following example, ping Host F on the network from the 2960 A switch.

2960A#ping 172.16.50.3Sending 5, 100-byte ICMP Echos to 172.16.50.3, time out is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max 0/2/10/ ms

Lab 8.20: Saving and Erasing the 2960 Switch Configuration

The switch configuration is stored in NVRAM, just as any router and placed in RAM when the switch boots. The file in RAM is called the running-config and the file in NVRAM is called the startup-config. You can view the startup-config, also called the backup configuration, with the show startup-config command.

1. To save the switch configuration, you type copy running-config startup-config, or copy run start, just like on a router.

2960A#copy run start Destination filename [startup-config]?press enter Building configuration...

[OK]

2960A#

2. To delete the contents of NVRAM on a 2960 switch, use the erase startup-config command as shown. However, you still need to reload the switch to erase the running-config.

2960A#erase startup-config

Erasing the nvram filesystem will remove all files! Continue? [confirm] press enter [OK]


2960A#sh start %% Non-volatile configuration memory is not present

2960A#

Lab 11.5: NAT/PAT Final Configuration Exercise

In this lab, you will configure two routers and a host so that the inside network can communicate with the outside network using Port Address Translation. You will not use the network layout used previously. You have six public IP address assigned to your company: 198.18.194.73 -78. There are 30 hosts that need to access the Internet simultaneously.

Hosts range on the inside network is 192.168.35.65- 94

Inside global addresses is 198.18.194.73-78/29

Inside local addresses is 192.168.35.65-94/27


Network Layout: Load Nat-Pat Final Layout.rsm before going through the following lab.



3. Click on the file Nat-Pat Final Layout and click OK.

Lab Steps1. Double-click router 2811 B to open the console screen.

2. Configure router 2811 B.

Router>enRouter#config tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#hostname 2811B2811B(config)#int f0/02811B(config-if)#ip address 192.168.35.94 255.255.255.2242811B(config-if)#no shut2811B(config-if)#int s0/0/02811B(config-if)#ip address 192.0.2.157 255.255.255.2522811B(config-if)#clock rate 10000002811B(config-if)#no shut2811B(config-if)#ctrl+z2811B#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]2811B#

3. Configure router 2811 A with IP addresses and default routing.

Router>enRouter#config tRouter(config)#hostname 2811A2811A(config)#int s0/0/12811A(config-if)#ip address 192.0.2.158 255.255.255.252

2811A(config-if)#no shut2811A(config-if)#exit2811A(config)#ip route 0.0.0.0 0.0.0.0 192.0.2.1574. Configure your host with the IP address 192.168.35.65/27. Don’t forget to set your default-gateway.

5. Create an inside source list that will allow the inside hosts to access the NAT pool and allow the use of PAT.

2811B#config t2811B(config)#ip nat inside source list 10 pool 2811B overload6. Next, create an access-list for ip range 192.168.35.65-94/27.

2811B(config)#access-list 10 permit 192.168.35.64 0.0.0.317. Verify your access-list.

2811B(config)#do show runBuilding configuration...!Current configuration : 960 bytes!access-list 10 permit 192.168.35.64 0.0.0.31[output cut]

2811B(config)#do show access-listsStandard IP access list 10 10 permit 192.168.35.64, wildcard bits 0.0.0.312811B(config)#

8. Create the pool with the six available global hosts IP addresses.

2811B(config)#ip nat pool 2811B 198.18.194.73 198.18.194.78 netmask 255.255.255.2489. Configure the interfaces for use with NAT.

2811B(config)#interface f0/02811B(config-if)#ip nat inside2811B(config-if)#int s0/0/02811B(config-if)#ip nat outside2811B(config-if)#exit2811B(config)#exit2811B#copy run startDestination filename [startup-config]? [enter]Building configuration...[OK]

2811B#

10. Change the console screen to Host A and then ping router 2811 A.

C:\ping 192.0.2.15811. Change to router 2811 B and verify your NAT/PAT configuration by enabling debug ip nat.2811B#debug ip nat

IP NAT debugging is onDec 3 16:48:09.484: NAT*: s=192.168.35.65->198.18.194.73, d=192.0.2.158 [1] Dec 3 16:48:09.500: NAT*: s=192.0.2.158->198.18.194.73, d=192.168.35.65 [1]2811B#

12. Verify your NAT table with the following command:

2811B#sh ip nat translationsPro Inside global Inside local Outside local Outside globalicmp 198.18.194.74:1 192.168.35.65:1 192.0.2.158:1 192.0.2.158:1

2811B#

13. Delete the NAT/PAT configuration on your routers.

14. Reconfigure the router with the following IP addresses on the 2811 B router (try to configure this without looking at the answers for the NAT/PAT configuration we just finished):

Interface f0/0: 192.168.76.94/27Interface s0/0: 192.0.2.165/30Inside global: 198.18.149.113-118/29Inside local: 102.168.76.65-94/27

15. Verify your NAT configuration.

Practice Scenario: NAT and ACLs

Configure NAT






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, NAT and ACLs, and Configure NAT.


Scenario:The senior network administrator at Gadget research company needs you to setup NAT. Make sure that all internal users can get to the internet.You have a company of 20 people that need continuous access to the internet. EIGRP has been configured on both internal routers.

Task:Using subnet 40.0.0.16/28 configure Dynamic NAT/PAT on NAT-Router-1

On NAT-Router-1 configure a NAT pool named GADGET-NAT-POOL

On NAT-Router-1 configure an access list for NAT

On NAT-Router-1 configure a default route for NAT

On the GADET-1 router configure a default route for NAT

On the ISP-UUCOM configure static routing for network 40.0.0.16/28


Troubleshoot NAT


When you have finished with this lab ...

You can check your work by clicking the Grade Me button in the upper right hand corner of the Network Visualizer screen.




Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, NAT and ACLs, and Troubleshoot NAT.

Scenario:The senior network administrator at the Round Table company utilizes NAT in her network. NAT was working yesterday but after readdressing the internal network NAT no longer works.

Task:You have been asked to resolve the issue.

Lab 14: Introduction to Cisco Wide Area Network Support

The Cisco IOS WAN can support many different WAN protocols that can help you extend your LANs to other LANs at remote sites. Connecting company sites together so information can be exchanged is imperative in this economy. However, it would take a truckload of money to put in your own cable or dedicated connections to network all of your company�s remote locations. Service providers allow you to lease or share connections that the service provider already has installed, which can save money and time.

Although this chapter does not cover every type of Cisco WAN support, it does cover the HDLC, PPP, and Frame Relay.

The labs covered in this section are as follows:

Lab 14.1: Configuring PPP Encapsulation

Lab 14.2: Verifying PPP Encapsulation

Lab 14.3: Configuring PPP Authentication with CHAP

Lab 14.4: Verifying PPP with Authentication

Lab 14.5: Understanding Frame Relay Configuration

Lab 14.6: Configuring Frame Relay Switching

Lab 14.7: Configuring Frame Relay with Subinterfaces

Lab 14.8: Verifying Frame Relay

The commands covered in this chapter are as follows:

Command Meaning

encapsulation ppp Changes the encapsulation on a serial link to PPP

encapsulation hdlc Restores the default encapsulation of HDLC on a serial link

encapsulation frame-relay Changes the encapsulation to frame-relay on a serial link

username name password password

Creates usernames and passwords used for authentication on a Cisco router

ppp authentication chap Tells PPP to use Chap authentication

frame-relay interface-dlci Configures the PVC address on a serial interface or subinterface

frame-relay lmi-type Configures the LMI type on a serial link

iInterface s0.16 point-to-point

Creates a point-to-point subinterface on a serial link that can be used with frame-relay

encapsulation frame-relay ietf

Sets the encapsulation type to the Internet Engineering Task Force (IETF). Used to connect Cisco routers to off-brand routers.

show frame-relay lmi Sets the LMI type on a serial interface

show frame-relay pvc Shows the configured PVC�s and DLCI numbers configured on a router

show frame-relay map Shows the static and dynamic Network layer to PVC mappings

Practice Scenario: WAN Links

Configure Basic WAN Connection

Try your problem-solving and troubleshooting skills with the following task. To complete your task you will need a network to interfact with, a scenario, and the task(s) at hand.





Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure Basic WAN Connection.


Scenario:The local real-estate company NEW-MAX has a simple WAN. Configure both, the OHIO_HQ and OHIO_SALES_OFFICE routers using Cisco’s default WAN protocol.

Task:Configure HDLC as the WAN protocol for both routers

On the OHIO_HQ router configure Serial 0/0/0 with an IP address of 1.1.1.1/30

On the OHIO_HQ router configure Serial 0/0/0 with a description of Conn-to OHIO_SALES_OFFICE

On the OHIO_SALES_OFFICE router configure Serial 0/0/0 with an IP address of 1.1.1.2/30

On the OHIO_SALES_OFFICE router configure Serial 0/0/0 with a description of Conn-to OHIO_H

Lab 14.1: Configuring PPP EncapsulationThe High-Level Data-Link Control protocol (HDLC) is a point-to-point protocol used on leased lines. No authentication can be used with HDLC and is the default encapsulation used by Cisco routers over synchronous serial links. Cisco�s HDLC is proprietary�it won�t communicate with any other vendor�s HDLC implementation. If you wanted to either offer authentication on a serial link or to connect from a Cisco router to another vendor router, then we need to configure PPP on the serial interfaces.

PPP (Point-to-Point Protocol) - is a data-link protocol that can be used over asynchronous serial (dial-up) media and uses the LCP (Link Control Protocol) to build and maintain data-link connections. The basic purpose of PPP is to transport layer-3 packets across a data link layer point-to-point link.

This lab will have you configure PPP on all four serial networks, and replace HDLC as the encapsulation method on our serial links.


Network Layout: Load Standard Layout.rsm or whatever you named the file when you saved your work in earlier labs.

Lab Steps1. Connect to the 2811 B router and change the encapsulation on the serial links from HDLC to PPP.

2811A>enable

2811A#config t2811A(config)#interface serial 0/0/12811A(config-if)#encapsulation ppp2811A(config-if)#interface serial 0/1/12811A(config-if)#encapsulation ppp2811A(config-if)#ctrl+z2811A#

2. Connect to the 2621 B router and change the encapsulation on the serial links from HDLC to PPP.

2621B>enable2621B#config t2621B(config)#interface serial 0/02621B(config-if)#encapsulation ppp2621B(config-if)#ctrl+z2621B#

3. Connect to the 2621 A router and change the encapsulation on the serial link from HDLC to PPP.

2621A>enable2621A#config t2621A(config)#interface serial 0/02621A(config-if)#encapsulation ppp2621A(config-if)#ctrl+z2621A#

That is all there is to it. This part is easy.


Lab 14.2: Verifying PPP EncapsulationOnce you have replaced HDLC as the serial encapsulation method, then you need to verify your network is still working properly.

The first command to use is the show ip route command to make sure all your IP routes are still present.


Lab Steps1. From the 2621 A router, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 6 subnets, 2 masksO 172.16.30.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/0C 172.16.20.1/32 is directly connected, Serial0/0C 172.16.40.0/24 is directly connected, FastEthernet0/0O 172.16.50.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/0C 172.16.20.0/24 is directly connected, Serial0/0O 172.16.10.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/02621A#

2. From the 2621 B router, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 6 subnets, 2 masksC 172.16.30.1/32 is directly connected, Serial0/0C 172.16.30.0/24 is directly connected, Serial0/0O 172.16.40.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/0C 172.16.50.0/24 is directly connected, FastEthernet0/0O 172.16.20.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/0O 172.16.10.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/02621B#

3. From the 2811 A router, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 7 subnets, 2 masksC 172.16.30.2/32 is directly connected, Serial0/0/1C 172.16.30.0/24 is directly connected, Serial0/0/1

O 172.16.40.0/24 [110/74] via 172.16.20.2, 22:22:18, Serial0/1/1C 172.16.20.2/32 is directly connected, Serial0/1/1O 172.16.50.0/24 [110/74] via 172.16.30.2, 22:22:18, Serial0/0/1C 172.16.20.0/24 is directly connected, Serial0/1/1C 172.16.10.0/24 is directly connected, FastEthernet0/02811A#

4. From the 2811 A router, use the show interface command to see the serial link encapsulation.

2811A#show interface s0/0/1Serial0/0/1 is up, line protocol is up Hardware is GT96K Serial Description: connection to 2621B Internet address is 172.16.30.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set

[output cut]

2811A#show interface s0/1/1Serial0/1/1 is up, line protocol is up Hardware is GT96K Serial Description: connection to 2621A Internet address is 172.16.20.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set

Lab 14.3: Configuring PPP Authentication with CHAP

Now that the network should be up and working with PPP, you can use PPP authentication to stop unwanted users from connected to your network. Although, this is typically used with dial-up, it still can be used with serial interfaces.

This lab will have you configure PPP authentication on all routers serial interfaces using the CHAP protocol.

Challenge Authentication Protocol (CHAP) - is used at the initial startup of a link and at period checkups on the link to make sure the router is still communicating with the same host. After PPP finishes its initial phase, the local router sends a challenge request to the remote device. The remote device sends a value calculated using a one-way hash function called MD5. The local router checks this hash value to make sure it matches. If the values don�t match, the link is immediately terminated.

To configure PPP authentication, first set the hostname of the router if it is not already set (this is not an option!). Then set the username and password for the remote router connecting to your router. For

example, if you are connected to the 2621 A router and want to configure authentication, you would set the hostname and then create a username that consists of the router you are going to connect to, in this example, router 2811 A.

This is shown below:


Router(config)#hostname 2621A2621A(config)#username 2811A password ciscoWhen using the hostname command, remember that the username is the hostname of the remote router connecting to your router. It is case-sensitive. Also, the password on both routers must be the same. It is a plain-text password and can be seen with a show run command.

You must have a username and password configured for each remote system you are going to connect to. The remote routers must also be configured with usernames and passwords.

After you set the hostname, usernames, and passwords, choose the authentication as shown in the following example:

2621A#config tEnter configuration commands, one per line. End with CTRL/Z.

2621A(config)#interface serial 0/02621A(config-if)#ppp authentication chap2621A(config-if)#ctrl+z2621A#


Lab Steps1. Open a console to the 2621 A router and create a username of router 2811 A and with a password of cisco. Then configure the serial interface 0/0 to use ppp authentication of chap.

2621A#config t2621A(config)#username 2811A password cisco2621A(config)#interface serial 0/02621A(config-if)#ppp authentication chap2621A(config-if)#ctrl+z2621A#

2. Open a console to router 2621 B and create a username of router 2811 Aand with a password of cisco. Then configure the serial interface 0/0 to use ppp authentication of chap.

2621B#config t2621B(config)#username 2811A password cisco2621B(config)#interface serial 0/02621B(config-if)#ppp authentication chap2621B(config-if)#ctrl+z2621B#

3. Open a console to the 2811 A router and create a username of router 2621 A and 2621 B and with a password of cisco. Then configure the serial interfaces 0/0/1 and 0/1/1 to use ppp authentication of chap.

2811A#config t2811A(config)#username 2621A password cisco2811A(config)#username 2621B password cisco2811A(config)#interface serial 0/0/12811A(config-if)#ppp authentication chap2811A(config)#interface serial 0/1/12811A(config-if)#ppp authentication chap2811A(config-if)#ctrl+zSave Your File: Make sure you save the network layout file that you have been working with.

Lab 14.4: Verifying PPP with AuthenticationOnce you have configured PPP with authentication as the serial encapsulation method, then you need to verify your network is still working properly.

The first command to use is the show ip route command to make sure all your IP routes are still present. The next command to use is the show interface command.


Lab Steps1. From router 2621 A router, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 6 subnets, 2 masksO 172.16.30.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/0C 172.16.20.1/32 is directly connected, Serial0/0C 172.16.40.0/24 is directly connected, FastEthernet0/0O 172.16.50.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/0C 172.16.20.0/24 is directly connected, Serial0/0O 172.16.10.0/24 [110/74] via 172.16.20.1, 22:22:18, Serial0/02621A#

2. From router 2621 B router, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 6 subnets, 2 masksC 172.16.30.1/32 is directly connected, Serial0/0C 172.16.30.0/24 is directly connected, Serial0/0O 172.16.40.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/0C 172.16.50.0/24 is directly connected, FastEthernet0/0O 172.16.20.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/0O 172.16.10.0/24 [110/74] via 172.16.30.1, 22:22:18, Serial0/02621B#

3. From router 2811A, use the show ip route command to verify the network is still running.


172.16.0.0/16 is variably subnetted, 7 subnets, 2 masksC 172.16.30.2/32 is directly connected, Serial0/0/1C 172.16.30.0/24 is directly connected, Serial0/0/1

O 172.16.40.0/24 [110/74] via 172.16.20.2, 22:22:18, Serial0/1/1C 172.16.20.2/32 is directly connected, Serial0/1/1O 172.16.50.0/24 [110/74] via 172.16.30.2, 22:22:18, Serial0/0/1C 172.16.20.0/24 is directly connected, Serial0/1/1C 172.16.10.0/24 is directly connected, FastEthernet0/02811A#

4. From the 2811 A router, use the show interface command to see the serial link encapsulation.

2811A#show interface s0/0/1Serial0/0/1 is up, line protocol is up Hardware is GT96K Serial Description: connection to 2621B Internet address is 172.16.30.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10) Last input 00:00:02, output 00:00:06, output hang never Last clearing of "show interface" counters 02:41:59 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1645 packets input, 100265 bytes, 0 no buffer Received 1139 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1662 packets output, 105842 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 2 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

2811A#

2811A#show interface s0/1/1Serial0/1/1 is up, line protocol is up Hardware is GT96K Serial Description: connection to 2621A Internet address is 172.16.20.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set Keepalive set (10) Last input 00:00:02, output 00:00:06, output hang never

Last clearing of "show interface" counters 02:41:59 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 1645 packets input, 100265 bytes, 0 no buffer Received 1139 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 1662 packets output, 105842 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 output buffer failures, 0 output buffers swapped out 2 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up


Configure PPP

Now that you have learned about some concepts and completed some hands-on work, try your problem-solving and troubleshooting skills with the following task. To complete your task you will need a network to interact with, a scenario, and the task(s) at hand.

When you have finished with this scenario ...You can check your work by clicking the Grade Me button in the upper right hand corner of the Network Visualizer screen.


The name of the command entered for this scenario


Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure PPP.


Scenario:The local car dealership OHIO_SUV has a simple WAN. Configure both, the R1 and R2 routers using the Point-to-Point Protocol (PPP)

Task:Configure PPP as the WAN protocol on both routers

Configure PPP CHAP authentication on both routers

On router R1, configure a host name of OHIO_HQ.

On router R1, configure IP address 1.1.1.1/30 on Serial 0/0/0

On router R1, configure a user name of OHIO_SALES_OFFICE

On router R1, configure a user name password of passthetoken

On router R2, configure a host name of OHIO_SALES_OFFICE

On router R2, configure IP address 1.1.1.2/30 on Serial 0/1

On router R2, configure a username of OHIO_HQ

On router R2, configure a username password of passthetoken

Lab 14.5: Understanding Frame Relay Configuration

Frame Relay - provides a communications interface between DTE (data terminal equipment) and DCE (data circuit-terminating equipment, such as packet switches) devices. DTE consists of terminals, PCs, routers, and bridges�customer-owned end-node and internetworking devices. DCE consists of carrier-owned

internetworking devices.

Frame Relay sends packets at the data link layer (layer 2) of the OSI model rather than at the network layer (layer 3). A frame can incorporate packets from different protocols.

Frame Relay Uses Virtual CircuitsFrame Relay provides connection-oriented, Data Link layer communication via virtual circuits. These virtual circuits are logical connections created between two DTE�s across a packet-switched network, which is identified by a DLCI, or Data Link Connection Identifier.Also, Frame Relay uses both PVCs (Permanent Virtual Circuits) and SVC�s (Switched Virtual Circuits which is a form of dialup), although most Frame Relay networks use only PVCs. This virtual circuit provides the complete path to the destination network prior to the sending of the first frame.

Configuring Frame Relay EncapsulationWhen configuring Frame Relay on Cisco routers, you need to specify it as an encapsulation on serial interfaces. There are only two encapsulation types: Cisco and IETF (Internet Engineering Task Force). The following router output shows the two different encapsulation methods when choosing Frame Relay on your Cisco router:

2621A#config t2621A(config)#interface s0/02621A(config-if)#encapsulation frame-relay ? ietf Use RFC1490 encapsulation

<cr>

The default encapsulation is Cisco unless you manually type in IETF, and Cisco is the type used when connecting two Cisco devices. You�d opt for the IETF-type encapsulation if you needed to connect a Cisco device to a non-Cisco device with Frame Relay.

Frame Relay DLCIFrame Relay virtual circuits (PVCs) are identified by Data Link Connection Identifiers (DLCIs). A Frame Relay service provider, such as the telephone company, typically assigns DLCI values, which are used by Frame Relay to distinguish between different virtual circuits on the network. Because many virtual circuits can be terminated on one multipoint Frame Relay interface, many DLCIs are often affiliated with it.

For the IP devices at each end of a virtual circuit to communicate, their IP addresses need to be mapped to DLCIs. This mapping can function as a multipoint device�one that can identify to the Frame Relay network the appropriate destination virtual circuit for each packet that is sent over the single physical interface. The mappings can be done dynamically through IARP (Inverse ARP) or manually through the fame relay map command.

DLCI numbers, used to identify a PVC, are typically assigned by the provider and start at 16. Configuring a DLCI number to be applied to an interface is shown below:

2621A(config-if)#frame-relay interface-dlci ? <16-1007> Define a DLCI as part of the current subinterface

2621A(config-if)#frame-relay interface-dlci 16

Frame Relay LMIThe Local Management Interface (LMI) was developed in 1990 by Cisco Systems, StrataCom, Northern Telecom, and Digital Equipment Corporation and became known as the Gang-of-Four LMI or Cisco LMI. This gang took the basic Frame Relay protocol from the CCIT and added extensions onto the protocol features that allow internetworking devices to communicate easily with a Frame Relay network.

The LMI is a signaling standard between a CPE device (router) and a frame switch. The LMI is responsible for managing and maintaining status between these devices.

If you�re not going to use the auto-sense feature of LMI, you�ll need to check with your Frame Relay provider to find out which type to use instead. The default type is Cisco, but you may need to change to ANSI or Q.933A. The three different LMI types are depicted in the router output below.

2621A(config-if)#frame-relay lmi-type ? cisco

ansi

q933a

2621A(config-if)#frame-relay lmi-type ansiYou can have multiple virtual circuits on a single serial interface and yet treat each as a separate interface. These are known as subinterfaces. Think of a subinterface as a hardware interface defined by the IOS software. An advantage gained through using subinterfaces is the ability to assign different Network layer characteristics to each subinterface and virtual circuit, such as IP routing on one virtual circuit and IPX on another.

Subinterfaces with Frame RelayYou define subinterfaces with the int s0.subinterface number command as shown below. You first set the encapsulation on the serial interface, and then you can define the subinterfaces.

2621A(config-int)#encapsulation frame-relay2621A(config-int)#exit2621A(config)#int s0/0.? <0-4294967295> Serial interface number

2621A(config)#int s0/0.16 ? multipoint Treat as a multipoint link

point-to-point Treat as a point-to-point link

2621A(config)#int s0/0.16 point-to-point2621A(config-subif)#

You can define an almost limitless number of subinterfaces on a given physical interface (keeping router memory in mind). In the above example, we chose to use subinterface 16 because that represents the DLCI number assigned to that interface. However, you can choose any number between 0 and 4,292,967,295.

Lab 14.6: Configuring Frame Relay SwitchingNow that you should have a background on how to configure basic Frame Relay on a Cisco router, this lab will have you configure router 2811 A as a Frame relay switch. Then you will configure routers 2621 A and 2621 B as remote Frame Relay connections.

To perform this lab, you need to delete the configurations on router 2811 A first since the Frame Relay switching configuration is completely different then what we have now.


Lab Steps1. From the 2811 A router, type erase start then reload.

2811A#erase startErasing the nvram filesystem will remove all configuration files!Continue? [confirm] [press enter]

[OK]Erase of nvram: complete*Oct 27 19:30:52.640: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram2811A#

2811A#reloadSystem configuration has been modified. Save? [yes/no]: n Proceed with reload? [confirm] (press enter)

*Nov 15 16:11:07.406: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.

System Bootstrap, Version 12.4(1r) [hqluong 1r], RELEASE SOFTWARE (fc1)Copyright (c) 2005 by cisco Systems, Inc.

Initializing memory for ECC

c2811 processor with 262144 Kbytes of main memoryMain memory is configured to 64 bit mode with ECC enabled

Readonly ROMMON initialized

program load complete, entry point: 0x8000f000, size: 0xc940program load complete, entry point: 0x8000f000, size: 0xc940

program load complete, entry point: 0x8000f000, size: 0x228d9f8Self decompressing the image : ########################################################################################################################## [OK]Smart Init is enabledsmart init is sizing iomem ID MEMORY_REQ TYPE0003E7 0X003DA000 C2811 Mainboard 0X00263F50 Onboard VPN 0X000021B8 Onboard USB 0X002C29F0 public buffer pools 0X00211000 public particle poolsTOTAL: 0X00B13AF8

If any of the above Memory Requirements are"UNKNOWN", you may be using an unsupportedconfiguration or there is a software problem andsystem operation may be compromised.Rounded IOMEM up to: 12Mb.Using 4 percent iomem. [12Mb/256Mb]

Restricted Rights Legend

Use, duplication, or disclosure by the Government issubject to restrictions as set forth in subparagraph(c) of the Commercial Computer Software - RestrictedRights clause at FAR sec. 52.227-19 and subparagraph(c) (1) (ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS sec. 252.227-7013.

cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706

Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(12), RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2006 by Cisco Systems, Inc.Compiled Fri 17-Nov-06 12:02 by prod_rel_teamImage text-base: 0x40093160, data-base: 0x42B00000

This product contains cryptographic features and is subject to UnitedStates and local country laws governing import, export, transfer anduse. Delivery of Cisco cryptographic products does not implythird-party authority to import, export, distribute or use encryption.Importers, exporters, distributors and users are responsible forcompliance with U.S. and local country laws. By using this product youagree to comply with applicable laws and regulations. If you are unableto comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email [email protected].

Cisco 2811 (revision 49.46) with 249856K/12288K bytes of memory.Processor board ID FTX0952C3EG2 FastEthernet interfaces4 Serial(sync/async) interfaces1 Virtual Private Network (VPN) ModuleDRAM configuration is 64 bits wide with parity enabled.239K bytes of non-volatile configuration memory.125440K bytes of ATA CompactFlash (Read/Write)

--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: (press n)

2. Open a console for 2811 A and configure the hostname.

Router>enableRouter#config tRouter(config)#hostname 2811A2811A(config-line)#exit2811A(config)#

Once your router is clear, you can now make them a frame relay switch with the frame-relay switching command. However, that is the easy part. You need to map every DLCI on the switch. Of course the router only has two connections, so it is not too time consuming, but if you had dozens of PVC�s, this could take a while.

2811 Aserial 0/0/1 DLCI 16

serial 0/1/1 DLCI 17

3. On the frame relay switch, use the frame relay route command to map each and every DLCI. Here is an example:

2811A(config)#interface serial 0/0/12811A(config-if)#frame-relay route 17 interface serial 0/1/1 162811A(config-if)#exit2811A(config)#

This command tells the switch that if it receives a frame on serial 0/0/1 with a PVC of 16, then send it out serial 0/1/1 using a PVC of 17. Again, in our network, this configuration will only be two routes so it�s not a big deal.

4. On the 2811 A router configure the Frame Switching. No IP addresses are assigned to the routes interfaces. Remember, this is a Data Link layer function only, so IP is irrelevant to this configuration.

2811A(config)#frame-relay switching2811A(config)#interface serial 0/0/1

2811A(config)#encapsulation frame-relay2811A(config-if)#no shut2811A(config-if)#frame intf-type dce2811A(config-if)#frame-relay route 17 interface serial 0/1/1 162811A(config-if)#interface serial 0/1/12811A(config)#encapsulation frame-relay2811A(config-if)#no shut2811A(config-if)#frame intf-type dce2811A(config-if)#frame-relay route 16 interface serial 0/0/1 172811A(config-if)#ctrl+z2811A#

5. Save you configurations.

2811A#copy run start6. Now that the frame-relay switching router is configured, you need to configure the remote routers.


Lab 14.7: Configuring Frame Relay with Subinterfaces

This lab will have you bring up the console for routers 2621 A and 2621 B and configure them for frame relay configuration using subinterfaces.

Since the Frame-Relay switches are not using IP addressing, connecting from routers 2621 A to 2621 B, for example, will use one subnet and appear like a direct connection. Use subnet 172.16.100.0.


Lab Steps1. Open a console on the 2621 A router and configure the serial 0/0 interface with a Frame Relay subinterface. To perform this, you must remove the IP address from the serial interface.

2621A#config t2621A(config)#interface serial 0/02621A(config-if)#no ip address2621A(config-if)#no shut2621A(config-if)#encapsulation frame-relay2621A(config-if)#interface serial 0/0.16 point-to-point2621A(config-subif)#ip address 172.16.100.1 255.255.255.02621A(config-subif)#frame-relay interface-dlci 162621A(config-subif)#ctrl+z2621A#

2. Open a console on the 2621 B router and configure the serial 0/0 interface with a Frame Relay subinterface.

2621B#config t2621B(config)#interface serial 0/02621B(config-if)#no ip address2621B(config-if)#no shut2621B(config-if)#encapsulation frame-relay2621B(config-if)#interface serial 0/0.17 point-to-point2621B(config-subif)#ip address 172.16.100.2 255.255.255.02621B(config-subif)#frame-relay interface-dlci 172621B(config-subif)#ctrl+z2621B#

3. Verify the Frame-Relay connection is up and running. Ping from the 2621 A router to the 2621 B router.

2621A#ping 172.16.100.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.16.100.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms2621A#

Lab 14.8: Verifying Frame RelayThere are several ways to check the status of your interfaces and PVCs once you have Frame Relay encapsulation set up and running. You can use the show frame-relay command with a question mark (?) to get the command options:

2621A#sho frame ? ip show frame relay IP statistics

lapf show frame relay lapf status/statistics

lmi show frame relay lmi statistics

map Frame-Relay map table

pvc show frame relay pvc statistics

qos-autosense show frame relay qos-autosense information

route show frame relay route

rtp show frame relay RTP statistics

svc show frame relay SVC stuff

traffic Frame-Relay protocol statistics

vofr show frame relay VoFR statistics


Lab Steps1. Change to the console for router 2621 A.

2. The show frame-relay lmi command will give you the LMI traffic statistics exchanged between the local router and the Frame Relay switch.

2621A#sh frame lmiLMI Statistics for interface Serial0/0 (Frame Relay DTE) LMI TYPE = ANSI Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0

Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Rcvd 1748 Num Status msgs Sent 1748 Num Update Status Sent 0 Num St Enq. Timeouts 0

2621A#

The router output from the show frame-relay lmi command shows you LMI errors as well as the LMI type.

3. The show frame pvc will list all configured PVCs and DLCI numbers. It provides the status of each PVC connection and traffic statistics. It will also give you the number of BECN and FECN packets received on the router.

2621A#sho frame pvcPVC Statistics for interface Serial0/0 (Frame Relay DTE)

DLCI = 16 , DLCI USAGE = LOCAL , PVC STATUS = ACTIVE , INTERFACE = Serial0/0.16

input pkts 11290 output pkts 11277 in bytes 898590 out bytes 899156 dropped pkts 2 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 11264 out bcast bytes 898468 pvc create time 13:25:57, last time pvc status changed 13:25:39

2621A#

4. You can also use the show interface command to check for LMI traffic. The show interface command displays information about the encapsulation as well as layer-2 and layer-3 information.

The LMI DLCI is used to define the type of LMI being used. If it is 1023, it is the default LMI type of Cisco. If the LMI DLCI is zero, then it is the ANSI LMI type.

2621A#sho int s0/0Serial0/0 is up, line protocol is up Hardware is PowerQUICC Serial Description: connection to 2811A MTU 1500 bytes, BW 1544 Kbit, DLY 20000 0. reliablility 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10) FR SVC disabled, LAPF state down LMI enq sent 41, LMI stat recvd 22, LMI upd recvd 0, DTE LMI down LMI enq recvd 4, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0[output cut]

2621A#

The show interface command displays line, protocol, DLCI and LMI information.

5. The show frame map command will show you the Network layer-to-DLCI mappings.

2621A#show frame map

Serial0/0 (up):ip dlci 16(0x66,0x1860), broadcast status defined, activeSerial0/0.16 (up): point-to-point dlci, dlci 16(0x66,0x1860), broadcast status defined, active2621A#


Configure Frame Relay






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure Frame Relay.


Scenario:XYZ Widget Company has a simple WAN. The senior network administrator has asked you, the junior network administrator to configure both, the RENO and the Washington routers.

Task:Configure Frame Relay as the WAN protocol

On the RENO router, use a lmi type of cisco

On the RENO router, use DLCI 17

On the RENO router, use sub interface S0/0/0.17

On the RENO router, use IP address 10.189.25.5/30

On the Washington router, use a lmi type of cisco

On the Washington router, use DLCI 16

On the Washington router, use sub interface S0/1.16

On the Washington router, use IP address 10.189.25.6/3

Practice Scenario: IP Addressing Scheme and IP Services

Configure DHCP






Your configuration

The result for each command. You will see a green check mark (meaning that you got it correct) or a

red X


Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, IP Addressing Scheme and IP Services, and Configure DHCP.


Scenario:The senior network administrator at Green Product Inc has asked you, the junior network administrator to configure a DHCP address pool.

Task:Configure a DHCP address pool on the InterVlan-RTR router

The DHCP pool name is Fabrication_Network

The DHCP pool network is 192.168.10.0/24

Exclude the first 50 addresses from the pool

The default router is 192.168.10.1

The domain name is Green_Products_Inc.com

The DNS server is 192.168.10.50

The DHCP lease time is 80 hours








Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure Static or Default Routes - 1.


Scenario:The senior network administrator at Smoke-Alarm Inc would like you to setup static routing on all network routers.

Task:Configure static routing on the R&D_R1 router

Configure static routing on the MARKETING_R1 router

Configure static routing on the Plant-1 router








Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure Static or Default Routes - 2 .


Scenario:The senior network administrator at Widget Inc would like you to setup default routing.

Task:Configure default routing on the R&D_R1 router

Configure default routing on the Plant-1 router


Configure RIP Version 2






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, Basic Cisco Router Operations, and Configure RIP V2 .


Scenario:CAMALOT Research Company has a simple inter-network. The senior network administrator has asked you, the junior network administrator to configure the RIP V2 routing protocol so that the simple inter-network can communicates.

Task:Configure RIP V2 on all routers.

Network Addresses

KING_ARTHUR192.168.100.0/24192.168.200.0/24192.168.80.0/24

PHOENIX 192.168.100.0/24192.168.90.0/24

MERLIN 192.168.200.0/24192.168.70.0/24


Configure NAT






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, NAT and ACLs, and Configure NAT.


Scenario:The senior network administrator at Gadget research company needs you to setup NAT. Make sure that all internal users can get to the internet.You have a company of 20 people that need continuous access to the internet. EIGRP has been configured on both internal routers.

Task:Using subnet 40.0.0.16/28 configure Dynamic NAT/PAT on NAT-Router-1

On NAT-Router-1 configure a NAT pool named GADGET-NAT-POOL

On NAT-Router-1 configure an access list for NAT

On NAT-Router-1 configure a default route for NAT

On the GADET-1 router configure a default route for NAT

On the ISP-UUCOM configure static routing for network 40.0.0.16/28


Troubleshoot NAT






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, NAT and ACLs, and Troubleshoot NAT.

Scenario:The senior network administrator at the Round Table company utilizes NAT in her network. NAT was working yesterday but after readdressing the internal network NAT no longer works.

Task:You have been asked to resolve the issue.


Configure Basic WAN Connection

Try your problem-solving and troubleshooting skills with the following task. To complete your task you will need a network to interfact with, a scenario, and the task(s) at hand.





Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure Basic WAN Connection.


Scenario:The local real-estate company NEW-MAX has a simple WAN. Configure both, the OHIO_HQ and OHIO_SALES_OFFICE routers using Cisco’s default WAN protocol.

Task:Configure HDLC as the WAN protocol for both routers

On the OHIO_HQ router configure Serial 0/0/0 with an IP address of 1.1.1.1/30

On the OHIO_HQ router configure Serial 0/0/0 with a description of Conn-to OHIO_SALES_OFFICE

On the OHIO_SALES_OFFICE router configure Serial 0/0/0 with an IP address of 1.1.1.2/30

On the OHIO_SALES_OFFICE router configure Serial 0/0/0 with a description of Conn-to OHIO_H


Configure PPP

Now that you have learned about some concepts and completed some hands-on work, try your problem-solving and troubleshooting skills with the following task. To complete your task you will need a network to interact with, a scenario, and the task(s) at hand.

When you have finished with this scenario ...You can check your work by clicking the Grade Me button in the upper right hand corner of the Network Visualizer screen.


The name of the command entered for this scenario


Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure PPP.


Scenario:The local car dealership OHIO_SUV has a simple WAN. Configure both, the R1 and R2 routers using the Point-to-Point Protocol (PPP)

Task:Configure PPP as the WAN protocol on both routers

Configure PPP CHAP authentication on both routers

On router R1, configure a host name of OHIO_HQ.

On router R1, configure IP address 1.1.1.1/30 on Serial 0/0/0

On router R1, configure a user name of OHIO_SALES_OFFICE

On router R1, configure a user name password of passthetoken

On router R2, configure a host name of OHIO_SALES_OFFICE

On router R2, configure IP address 1.1.1.2/30 on Serial 0/1

On router R2, configure a username of OHIO_HQ

On router R2, configure a username password of passthetoken


Configure Frame Relay






Your configuration



Network Layout:On the Network Visualizer screen, click on the Labs menu then choose Practice Scenarios, WAN Links, and Configure Frame Relay.


Scenario:XYZ Widget Company has a simple WAN. The senior network administrator has asked you, the junior network administrator to configure both, the RENO and the Washington routers.

Task:Configure Frame Relay as the WAN protocol

On the RENO router, use a lmi type of cisco

On the RENO router, use DLCI 17

On the RENO router, use sub interface S0/0/0.17

On the RENO router, use IP address 10.189.25.5/30

On the Washington router, use a lmi type of cisco

On the Washington router, use DLCI 16

On the Washington router, use sub interface S0/1.16

On the Washington router, use IP address 10.189.25.6/3

cnet

Documents

2621a show ip route

2621b show ip route

2811a show ip route

channel ethernet channel

byte icmp echos

gadget research company

camalot research company

reserved conversations 0 0