UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
UNiNets CCNA Cisco Certified Network Associate
LAB MANUAL
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Contents: Lab 1: Identifying Router Components and Accessories
Lab 2: Connecting to a Cisco Device via Console
Lab 3: Identifying Cisco Router & Switch IOS
Lab 4: Cisco 2600 Series Password Reset
Lab 5: Initial Configuration Dialog
Lab 6: Navigating the Cisco CLI
Lab 7: Interface IP Address and interface Specific Configuration
Lab 8: Configuring Cisco Banners
Lab 9: Defaulting Specific IOS Config
Lab 10: Basic Password Authentication
Lab 11: Configuring Local User Authentication
Lab 12: Configuring Password Encryption Service
Lab 13: Configuring CDP
Lab 14: Creating Virtual Local Area Networks
Lab 15: Trunk Interface Configuration
Lab 16: VTP Configuration
Lab 17: Transparent VTP and VTP Pruning
Lab 18: Interface Vlan Configuration
Lab 19: Ether channel Configuration
Lab 20: Router on stick Configuration
Lab 21: Spanning Tree Configuration
Lab 22: Configuring Rapid-PVST+
Lab 23: Configuring MST
Lab 24: Configuring Spanning Tree Port fast
Lab 25: Configuring BPDU Guard
Lab 26: Introduction to IP
Lab 27: ARP
Lab 28: Static Routes
Lab 29: Configuring Default Routes
Lab 30: RIP
Lab 31: Configuring RIPv1 and RIPv2
Lab 32: Configuring RIP Timers
Lab 33: Configuring RIP Triggered Updates
Lab 34: Configuring RIP Static Neighbors
Lab 35: RIP Default Information Originate
Lab 36: Configuring EIGRP
Lab 37: Configuring EIGRP Authentication
Lab 38: Configuring EIGRP Static Neighbors
Lab 39: Configuring EIGRP Stub’s
Lab 40: Configuring EIGRP Passive Interface
Lab 41: Configuring OSPF
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 42: Configuring the OSPF Router-ID
Lab 43: Configuring OSPF Timers
Lab 44: Configuring OSPF Cost
Lab 45: Configuring OSPF Passive Interface
Lab 46: Configuring Default Route Propagation
Lab 47: Configuring Telnet
Lab 48: Copy Command
Lab 49: Loading IOS on Router
Lab 50: PPP with CHAP Authentication
Lab 51: Standard Access-List Configuration
Lab 52: Extended Access-List Configuration
Lab 53: Basic NAT Configuration
Lab 54: Dynamic NAT Configuration
Lab 55: HDLC Configuration
Lab 56: The Basics of IPv6
Lab 57: Configuring IPv6 Interface Addressing
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
CCNA TOPOLOGY
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
How to access the RACK (Step by Step Procedure)
Below is the step by Step Procedure to access the LAB:
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 1: Identifying Router Components and Accessories
The Cisco 2600 Series routers, announced in March of 1998 was the next milestone for Cisco Systems
Inc., a new generation Multi-Service router(s) engineered to provide secure, wire-speed delivery of
simultaneous voice, data, video, and wireless services. However, the Cisco 2600 Series platforms lacked
one feature that was available on the Cisco 3600 Series routers which upset several network engineers
throughout the industry which was the PCMCIA flash card slots. Engineers that were familiar with the
3600 Series platforms found that during disaster recover; the restoration of configuration files as well as
IOS images was simple with the change of a PCMCIA Flash card.
Later, with the release of 12.2(8r) bootrom, the 2600XM Series Multi-service Routers physically
supported 256MB RAM. However, when 12.2(8r) was first introduced it only provided the “future-
ability” to use 256MB RAM. At that given time the Cisco IOS for the 2600XM were still limited to 128MB
RAM, however the benefit from using 256MB RAM and the 12.2(8r) bootrom is that the bootrom would
decompress the Cisco IOS image into address space not addressed by IOS kernel. Traditionally when the
images got larger on the 2600XM platform the processor addressable memory space shrunk as the
images are decompressed and loaded into memory upon boot (unlike the 2500 series which are ran
directly from flash) This gave a significant performance boot on the 2600XM platforms.
The Cisco 2691 router was also released at the same time as the 2600XM and it’s the fastest platform in
the 2600 Series portfolio. Designed with higher throughput, scalability, and versatility in mind. The Cisco
2691 Series router was the baby brother to the Cisco 3725 Series router. In a side by side comparison,
they look very similar; however performance and modularity and PRICE set them apart.
The 1800, 2800 and 3800 Series routers support the HWIC (High-speed WAN Interface Card’s) which
supports 400Mbps aggregate (shared among all slots) whereas previous WIC technology only supported
8Mbps aggregate per PCI BUS.
Example: the 2600XM Series has two integrated WIC slots on a shared bus. The 2600XM supports a
single WIC-2T port operating at 8Mbps speed or two ports at 4Mbps but due to the shared bus, the
other WIC slot cannot be used. This limitation also applied to the NM-1FE2W, NM-1FE1R2W, NM-2FE2W
and NM-2W network modules.
The 2800 Series ISR Routers (Excluding 2801) have four HWIC slots supporting 400Mbps aggregate
(400Mbps per all slots on a chassis) and one or more NME (Network Module Enhanced) slots operating
at a shared 1.2Gbps across all slots within the platform whereas its predecessor; Network Module was
only capable of operating at shared speeds up to 600Mbps across all network module slots within the
platform.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 2: Connecting to a Cisco Device via Console
Lab Objectives
• Connect your PC to your Cisco Router or Switch using the blue Cisco Console Cable.
• Execute putty and connect to your Cisco Router or Switch using Serial COM1 or your respective
COM port at the speed of 9600bps. Power on your Cisco device and verify your console session
by watching the device boot up on the terminal emulator.
Lab Instruction
Step 1: Connect your Cisco console cable or terminal adapter to a Serial port on your computer.
Step 2: Connect the RJ45 end of the console cable to the “Console” port on your Cisco Lab Access Server.
Step 3: When first running the Putty executable you will be presented with the Putty Configuration
Window as shown below
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Step 4: After the Putty configuration window appears, move the bullet from SSH to Serial. Once you’ve
verified the COM port and Speed click “Open” and a new window will appear. This window will be the
terminal window. Once the COM# – Putty terminal window has appeared power on your Cisco Device.
After the device has booted; assuming that the NVRAM is clear, you will be prompted with a Setup
Configuration Dialog
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
After you are presented with the Setup Configuration Dialog type “n” for no and press enter. You will
then be prompted to press Return to Get Started!, after pressing Enter you will be at the routers user
mode command line interface which looks like the following
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 3: Identifying Cisco Router & Switch IOS
Lab Objectives
• Identify what IOS Version and Features Set your Cisco device is currently running.
Lab Instruction
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
The most common way of obtaining IOS identification information is by using the show version
command. This command shows various information pertaining to the Cisco IOS Version and Feature Set
as well as hardware information about the router.
As of 2006, Cisco has introduced a new naming convention for feature sets. This new naming convention
started in 12.3 and was implemented as the feature set naming standard in 12.4.
Breaking Down of the Image Name and Extension
Below is a chart comprised of common pre-standing naming convention identification letters
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Below is a feature tree comprised of the new naming convention used for Cisco router images 12.3T and
greater?
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
You can see that IP Base is the basic image, from this image it branches off into IP Voice, Advanced
Security or Enterprise Base.
IP Voice also has an upgrade to Service Provider Services, which includes SP Services Features, IP Voice
Features and IP Base features.
Only “Advanced” Images contain Advanced Encryption Standard (AES) Cryptography
The following categories summarize the new naming convention:
Just like the new naming convention for Cisco Router IOS, Cisco has given the Switch IOS a new naming
convention as well. This naming convention is very similar to the router IOS naming convention. Shown
below is a feature tree of the new switch IOS naming convention
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
IP Base: formally known as Standard Multilayer Image (SMI) on Cisco Catalyst 3550 Series switches
includes advanced quality of service, rate limiting, access control lists (ACL’s) and basic static and RIP
routing functionality.
IP Services: formally known as Enhanced Multilayer Image (EMI) on Cisco Catalyst 3550 Series Switches
has a more feature rich set of enterprise-class routing functionality as well as advanced hardware-based
IP Unicast and IP Multicast routing, policy based routing (PBR).
Advanced IP Services is not available as a pre-installed license but is available as an upgrade license. This
feature set includes IPv6 routing and IPv6 ACL support.
Enterprise Services & Advanced Enterprise Services are the cream of the crop. The images include all
features available to the platform; also these license(s) are the most expensive. These license(s) are only
supported on various modular switches such as the Catalyst 4500, 4900, 6500 and others
Lab 4: Cisco 2600 Series Password Reset
Lab Objectives
• A Cisco 2600 Series router or greater that has an unknown console or enable password.
• An active Serial Console session to the device that you’re unable to log into.
Lab Instruction
• Break the boot sequence when powering on the Cisco 2600 Series router to place yourself in
ROM monitor mode.
• Change the configuration register to 0x2142 to make the router bypass the contents of NVRAM
when booting then reset the router.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
• (Option 1) – Once booted, place yourself into privileged mode and copy the startup-config to the
running config. Afterward, you may change the line password or enable password and write the
configuration by to NVRAM by issuing the copy run start command.
• Now change the configuration register back to 0x2102 to boot set the router to boot normally
and load the NVRAM contents upon boot.
• Now change the configuration register back to 0x2102 to boot set the router to boot normally
and load the NVRAM contents upon boot.
As shown below is a Cisco 2651XM router that has a console password on the device. With such a
password you cannot access exec mode without authenticating this password correctly. When buying
routers used, you may commonly be faced with scenario.
Steps 1 – Power cycle the router or power on the router initially. While the router is booting you’ll need
to break the boot sequence to boot the router into bootrom, you do this by holding down CTRL and
pressing PAUSE BREAK. Do this repeatedly till you are placed at the bootrom prompt
Step 2 – Change the configuration register so that the router will ignore the contents of the NVRAM
when booting into Cisco IOS. Set the configuration register to 0x2142 and boot the router.
Step 3a – (Option 1 – Reset Password) – After the router has booted into Cisco IOS, you’ll be prompted
by the initial configuration dialog, type n here and press enter and you’ll be placed into user mode. Now
you’re able to place yourself into privileged mode by typing enable. Once in privileged mode you can
copy the start-up configuration to the running configuration and then change the passwords manually
then saved the configuration by to NVRAM by typing copy run start.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Once you’ve performed a password reset or NVRAM sanitation, you’ll need to set the configuration
register back to 0x2102 so the router will boot normally and load the NVRAM contents upon a reboot or
power failure.
Lab 5: Initial Configuration Dialog
Lab Objectives
Familiarize yourself with the Initial Configuration Dialog
Lab Instruction
When opening a brand new Cisco box rather it be a Cisco Switch or Router, after booting the device
you’ll be prompted by the Initial Configuration Dialog. You’ll also be prompted by this dialog if you do
the write erase command in privileged mode and reload the device as it erases the contents of NVRAM.
When a Cisco device does not have a startup-config located in NVRAM, the device will prompt you
rather or not to start the Initial Configuration Dialog.
Another reason as to why you may see this is that your configuration register is set to 0x2142 which
ignores the contents of NVRAM upon boot which is commonly used for password recovery.
As shown below in the configuration box you’ll see the Initial Configuration Dialog prompt select yes and
press return.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
After typing yes at the basic management setup prompt you’ll be given the options to configure the
hostname and passwords as shown below:
After configuring the SNMP options you’ll be required to configure a single interface within the
management network, keep in mind you’ll need to type out the entire name of the interface as shown
below
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Once you’ve selected an interface that will participate in the management network, you’re required to
configure the IP parameters for that interface as shown.
Once you’ve set those options the router will display a script of the changes to be made to the running
configuration. Afterwards the router gives you the option to save that configuration, start setup over
again or disregard the setup information you just provided to the initial configuration dialog. For this lab
I’m going to accept the configuration by entering option 2 to save the configuration to NVRAM and exit
to CLI.
Lab 6: Navigating the Cisco CLI
Lab Objectives
• Familiarize yourself with the different modes on a Cisco IOS based Device.
• Familiarize yourself with legacy terminal keystroke combinations for CLI navigation.
Lab Instruction
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Mastering the navigation through the Cisco command line interface is an absolute requirement for any
Cisco engineer. There are several different types of modes in the Cisco CLI. User mode is the mode
you’re first placed into upon pressing return after entering your user authentication information, vty or
line password. Once you’re placed into User Mode, you’re limited as to the commands you’re able to
execute from the CLI.
However, many commands at the user level can be very informative such including but not limited to;
ping, traceroute, show cdp neighbors, show version and show interface command(s).
In privileged mode, you’re given the ability to configure the device and execute management commands
including but not limited to; configure, clear, reload, more, copy, delete, erase and debug.
As shown below in the terminal box you can see that after pressing return you’re placed into Cisco CLI
with the “>” greater then sign next to the hostname. This is called user mode.
When in user mode you can elevate your privileges by issuing the command enable from the user mode
cli prompt. If you have an enable password or enable secret configured then you’ll be prompted to
provide such authentication information to elevate your privileges.
When you’re in privileged mode you can configure the router by entering the command configure
terminal. This command will place you into global configuration mode where you can make device
configuration changes.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Within global configuration mode (denoted by the (config) # prompt) you have access to different
configuration modes such as interface configuration mode, router configuration mode, VLAN Database
configuration mode, access-list configuration mode and many others.
To return to user mode, simply type disable. From user mode, type logout or exit to exit the router.
Router# disable
Router>exit
Router con0 is now available
Press RETURN to get started
Type the command that will allow you to view the available commands in privileged mode.
Router#?
Type the command that will allow you to see all of the show commands.
Router# show?
Type the command that will allow you to see the active, or running, configuration.
Display the active configuration in memory. The currently active configuration script running on the
router is referred to as the running-config in the router’s CLI. Note that privileged mode is required in
order to access the running configuration. The running configuration script is not automatically saved on
a Cisco router and will be lost in the event of power failure. The running configuration must be manually
saved with the copy command (discussed in a later lab).
Router# show running-config
Display flash memory. Flash memory is a special kind of memory that contains the operating system
image fi le(s) on the router. Unlike regular router memory, flash memory continues to maintain the fi le
image even after power is lost.
Router# show flash
By default, the router’s CLI maintains in memory the last 10 commands entered. The show history
command displays simultaneously all of the past commands still in router memory.
Router# show history
Use the show protocols command to view the status of the current Layer 3 routed protocols running on
your router.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Router# show protocols
Lab 7: Interface IP Address and interface Specific
Configuration
Lab Objectives
• Configure the Primary IP Address of 10.234.51.254/24 on interface FastEthernet1/0
• Configure a Secondary IP Address of 172.27.48.254/24 on Interface FastEthernet1/0
• Activate the FastEthernet1/0 Interface.
• Verify your configuration changes via the running-configuration.
• Statically set the speed of interface FastEthernet1/0 to 100.
• Statically set the duplex of interface FastEthernet1/0 to full.
• Configure the bandwidth on interface FastEthernet1/0 to 10Mbps.
• Configure a delay of 10ms on interface FastEthernet1/0.
• Statically set the MAC address on interface FastEthernet1/0 to ca02.0adc.0ef9.
• Disable Keep lives on Interface FastEthernet1/0.
• Disable the Cisco Discovery protocol on interface FastEthernet1/0.
Lab Instruction
To get started, navigate your way into Global configuration mode as shown below
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 8: Configuring Cisco Banners
Lab Objectives
• Configure a login banner so that any attempted connections to the device are prompted with
Legal information.
• Configure an EXEC banner so that when a user establishes an exec session with the device the
device displays the hostname and current line the session was established on.
• Configure a Message of The Day (MOTD) Banner to display current scheduled downtime for
device maintenance.
Lab Instruction
Step 1- For objective one you’re required to configure a Login banner to inform incoming session’s legal
information and privacy information. When configuring a banner you’ll need to use a delimiting
character; which is a character that only appears at the beginning and end of the banner. The ^ is
commonly used. To set a banner you’ll use the banner command followed by the type of banner rather
it be login, exec, motd and the delimiting character. As shown below you can see a basic Login banner is
configured and configuration is verified by ending and reestablishing an exec session with the device.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
As shown below is the login banner configuration verification
Step 2- Requests that you to configure an exec banner so that any authenticated exec sessions will be
shown what the device hostname is and the line the session is established on. In order to configure this
type of banner you’ll need to know what Banner Tokens are. Banner tokens are basically a variable you
can set in a banner that calls particular information from the device and dispatches it into the banner.
The banner tokens that will be used in this objective are $(hostname) and $(line) which display the
hostname and line number.
To configure the exec banner as required by objective 3, use the following text Session established to
$(hostname) on line $(line)
Like the previous Login banner you’ve configured you execute the same command in global
configuration mode but rather executing banner login ^ you’ll execute banner exec ^ as shown below.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
After the exec banner is configured, verify your configuration by terminating your exec session and
reestablishing an exec session to the device as shown below
Step 3- Is the last objective of the lab which is to configure a Message of the Day banner, which is
commonly used to display maintenance information on the Cisco device such as “This router will
undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM”
The MOTD banner is displayed prior to the login banner on a Cisco Router or Switch and is configured
the same was as any other banner which is to execute the banner command followed by the type of
banner and the delimiting character in global configuration mode. As shown below is an example MOTD
banner configuration and verification
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Lab 9: Defaulting Specific IOS Config
Lab Objectives
• Configure interface FastEthernet0/0 with the IP Address of 10.1.1.254/24 and hard code the
Speed to 100Mbps and Duplex to full.
• Reset the configuration previously made on interface FastEthernet0/0 using the default
command in global configuration.
Lab Instruction
Step 1- To simulate a configured interface the first objective states that you need to assign the IP
Address 10.1.1.254/24 to interface FastEthernet0/0 as well as hard code the speed and duplex to
100Mbps/Full Duplex.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Step 2- Now reset the interface Fa0/0 to the default configuration by executing the default command
from global configuration followed by the interface name and number than verify the configuration
Lab 10: Basic Password Authentication
Lab Objectives
• Configure a Console line password so that anyone attempting to establish a console session to
the device will be prompted for a password. Once completed, verify your configuration.
• Configure the VTY line 0-4 password so that anyone attempting to establish a telnet/ssh session
to the device will be prompted for a password. Once completed, verify your configuration.
• Configure an enable password and enable secret. Once completed, verify these configurations.
Lab Instruction
Step 1 – To meet the first objective of protecting the console line with a console password you’ll need to
navigate to the console line configuration mode as shown below.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Simply setting the password does not enable password authentication. You’ll need to tell the router to
prompt incoming sessions on the console line to require a password. This is done by executing the login
command from line configuration mode as shown below.
Now you can test your console line password but first you’ll have to end your exec session by typing end
and exit then attempting to establish a new exec session via console as shown below
Step 2- Now it’s time to configure VTY (Virtual Teletype) lines. The VTY lines are virtual lines used for
establishing an exec session via telnet or ssh. You apply the password to these lines in the same manner
as you previously did the console line as shown below:
Once you’ve established a telnet session to the router, try to gain privileged level access. You’ll
immediately notice that you’ll be prompted for an “enable” password in which case none is set so
therefore you cannot gain privileged level access.
UniNets CCNA LAB MANUAL
UniNets CCNA LAB MANUAL
Step 3- Configure an enable password and secret for the Cisco router to gain privileged level access to
the device via telnet. This configuration is done in global configuration mode. If you still have a telnet
session open from the previous objective verification, type exit. To configure an enable password
execute the enable password passwordgoeshere command.
To configure an enable secret you simply execute the enable secret passwordgoeshere as shown below
As shown above the enable password was set to Cisco1 and the enable secret was set to Cisco2
The enable password and enable secret are used for the same authentication, which is to gain access to
privileged mode however if you have both enable password and enable secret set, the enable secret will
override the enable password.
Once the enable passwords have been set verify the configuration by executing a reverse telnet to
Router and establishing a telnet session using the previously set vty lines password then escalate to
privileged level access.