Script good but I am not saying you will get 100% but it will get you a good pass
Set up 2 routers two switches and a cloud, three vlans on each switch, all ip addresses and cabling should be done by your instructor
YOUR TASK
Configuration tasks
Configuration Tasks
Configure OSPF
Use the following values to configure OSPF on the routers:
• Configure Merida with the OSPF router ID of 10.10.10.1.
• Configure Vargas with the OSPF router ID of 10.10.10.2.
• Configure OSPF on Merida and Vargas.
• Configure OSPF so only the following 172.16.0.0 subnets will be routed. In other words, if
another 172.16.0.0 interface were enabled on Merida or Vargas, such as 172.16.3.0/24, those
subnets would not be propagated with OSPF. The only 172.16.0.0 subnets to be routed are:
- 172.16.1.0/24
- 172.16.10.0/24
- 172.16.20.0/24
- 172.16.100.0/30
• Apply OSPF cost values to reflect the actual 64k link between Merida and Vargas.
Configure OSPF Authentication
Authenticate OSPF packets between Merida and Vargas using MD5 encryption.
Configure a Default Route
Configure a default route to the Internet on the Merida router and propagate the default route to Vargas
using OSPF.
VLAN Configuration on Vargas
Configure the Vargas Fa0/0 interface to trunk for VLAN 1, VLAN 10, and VLAN 20 with 802.1Q
encapsulation.
Basic Switch Configuration
Use the following IP addresses to configure the switches:
• Configure Switch 1 with the VLAN 1 IP address of 172.16.1.2/24.
• Configure Switch 2 with the VLAN 1 IP address of 172.16.1.3/24.
• Configure both switches with the default gateway address of 172.16.1.1.
Configure VLANs on the Switches
Use the following values to configure VLANs on Switch 1:
- On Switch 1 configure the interfaces Fa0/5 and Fa0/6 on VLAN 10.
- On Switch 1 configure the interfaces Fa0/7 and Fa0/8 on VLAN 20.
- All other interfaces on Switch 1 are in VLAN1.
Use the following values to configure VLANs on Switch 2:
- On Switch 2 configure the interfaces Fa0/5 and Fa0/6 on VLAN 10.
- On Switch 2 configure the interfaces Fa0/7 and Fa0/8 on VLAN 20.
The solution and full-test script are on this rapidshare link as they are too big to post here sorry
Topology graphic below
http://server6.theimagehosting.com/image.php?img=ccna3.gif MY SOLUTION
//MERIDA CONFIG
enable
configure terminal
ip route 0.0.0.0 0.0.0.0 192.168.1.1
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
default-information originate
ospf router-id 10.10.10.1
network 172.16.1.0 0.0.0.255 area 0
network 172.16.10.0 0.0.0.255 area 0
network 172.16.20.0 0.0.0.255 area 0
network 172.16.100.0 0.0.0.3 area 0
exit
interface serial0/0
clock rate 64000
ip address 172.16.100.1 255.255.255.252
ip ospf message-digest-key 1 md5 8
bandwith 64
no shutdown
exit
interface loopback 0
ip address 10.10.10.1 255.255.255.255
exit
interface fastethernet0/0
ip address 192.168.1.2 255.255.255.0
exit
//VARGAS CONFIG
enable
configure terminal
router ospf 1
log-adjacency-changes
area 0 authentication message-digest
ospf router-id 10.0.0.2
network 172.16.100.0 0.0.0.3 area 0
network 172.16.1.0 0.0.0.255 area 0
network 172.16.10.0 0.0.0.255 area 0
network 172.16.20.0 0.0.0.255 area 0
exit
interface serial0/0
clock rate 64000
ip address 172.16.100.2 255.255.255.252
ip ospf message-digest-key 123 md5 8
bandwith 64
no shutdown
exit
interface loopback 0
ip address 10.10.10.2 255.255.255.255
exit
interface fastethernet0/0
ip address 172.16.1.1 255.255.255.0
interface fastethernet0/0.1
encapsulation dot1q 1
ip address 172.16.1.1 255.255.255.0
interface fastethernet0/0.2
encapsulation dot1q 10
ip address 172.16.10.1 255.255.255.0
interface fastethernet0/0.3
encapsulation dot1q 20
ip address 172.16.20.1 255.255.255.0
end
// Switch 1
enable
configure terminal
interface VLAN 1
ip address 172.16.1.2 255.255.255.0
exit
configure terminal
ip default-gateway 172.16.1.1
exit
configure terminal
vlan database
vtp domain cisco
vtp server
vlan 1 name default
vlan 10 name Faculty
vlan 20 name Student
exit
configure terminal
interface fastethernet0/5
switchport mode access
switchport access vlan 10
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/6
switchport mode access
switchport access vlan 10
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/7
switchport mode access
switchport access vlan 20
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/8
switchport mode access
switchport access vlan 20
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/1
switchport mode trunk
exit
configure terminal
interface fastethernet0/2
switchport mode trunk
exit
// Switch 2
enable
configure terminal
interface VLAN 1
ip address 172.16.1.3 255.255.255.0
exit
configure terminal
ip default-gateway 172.16.1.1
exit
configure terminal
vlan database
vtp domain cisco
vtp server
vlan 1 name default
vlan 10 name Faculty
vlan 20 name Student
exit
configure terminal
interface fastethernet0/5
switchport mode access
switchport access vlan 10
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/6
switchport mode access
switchport access vlan 10
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/7
switchport mode access
switchport access vlan 20
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/8
switchport mode access
switchport access vlan 20
port security max-mac-count 1
port security action shutdown
exit
configure terminal
interface fastethernet0/1
switchport mode trunk
exit
configure terminal
interface fastethernet0/2
switchport mode trunk
exit
Configure OSPF
Use the following values to configure OSPF on the routers:
• Configure Merida with the OSPF router ID of 10.10.10.1.
• Configure Vargas with the OSPF router ID of 10.10.10.2.
• Configure OSPF on Merida and Vargas.
• Configure OSPF so only the following 172.16.0.0 subnets will be routed. In other words, if another 172.16.0.0 interface were enabled on Merida or Vargas, such as 172.16.3.0/24, those subnets would not be propagated with OSPF. The only 172.16.0.0 subnets to be routed are:
- 172.16.1.0/24
- 172.16.10.0/24
- 172.16.20.0/24
- 172.16.100.0/30
• Apply OSPF cost values to reflect the actual 64k link between Merida and Vargas.
Configure OSPF Authentication
Authenticate OSPF packets between Merida and Vargas using MD5 encryption.
Configure a Default Route
Configure a default route to the Internet on the Merida router and propagate the default route to Vargas using OSPF.
VLAN Configuration on Vargas
Configure the Vargas Fa0/0 interface to trunk for VLAN 1, VLAN 10, and VLAN 20 with 802.1Q encapsulation.
Basic Switch Configuration
Use the following IP addresses to configure the switches:
• Configure Switch 1 with the VLAN 1 IP address of 172.16.1.2/24.
• Configure Switch 2 with the VLAN 1 IP address of 172.16.1.3/24.
• Configure both switches with the default gateway address of 172.16.1.1.
Configure VLANs on the Switches
Use the following values to configure VLANs on Switch 1:
- On Switch 1 configure the interfaces Fa0/5 and Fa0/6 on VLAN 10.
- On Switch 1 configure the interfaces Fa0/7 and Fa0/8 on VLAN 20.
- All other interfaces on Switch 1 are in VLAN1.
Use the following values to configure VLANs on Switch 2:
- On Switch 2 configure the interfaces Fa0/5 and Fa0/6 on VLAN 10.
- On Switch 2 configure the interfaces Fa0/7 and Fa0/8 on VLAN 20.
- All other interfaces on Switch 2 are in VLAN 1.
Configure VLAN Trunking
Use the following values to configure VLAN trunking on Switch 1 and 2:
• Configure trunking between Switch 1 and Switch 2 with 802.1Q encapsulation using port Fa0/1 on both switches.
• Configure Switch 1 for trunking between Switch 1 and Vargas with 802.1Q encapsulation using port Fa0/2. (I believe this is a misprint! If you examine the diagram, it is obvious that this relates to Switch 2, not Switch 1)
Configure VTP
Use the following values to configure VTP on Switch 1 and 2:
• Configure both Switch 1 and Switch 2 as part of VTP domain Group1.
• Configure Switch 1 as the VTP server and Switch 2 as the VTP client.
- Create VLAN 10 with the name faculty.
- Create VLAN 20 with the name student.
Configure Switch Port Security
Configure port security on ports Fa0/5 through Fa0/8 to allow only one host, if the port security is violated then shutdown the port.
Verify Port Security
Use the proper show command to verify the following port security settings:
• Port security is enabled
• Port status
• Maximum MAC addresses
Verify Connectivity
All routers and switches should be able to ping the interfaces of the other devices.
Merida Router
Configure consoles and serial / Ethernet interfaces:
config t
hostname Merida
enable secret cisco
line con 0
password cisco
login
exec-timeout 0 0
line vty 0 4
password cisco
login
exit
interface fa0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
interface s0
ip address 172.16.100.1 255.255.255.252
clock rate 56000
no shutdown
exit
Configure loopback address:
interface loopback 0
ip address 10.10.10.1 255.255.255.255
exit
copy running-config startup-config
Configure OSPF:
router ospf 50
network 172.16.100.0 0.0.0.3 area 0
log-adjacency-changes
exit
exit
ping 192.168.1.1
Configure bandwidth:
interface s0
bandwidth 64
Configure authentication:
config t
int s0
ip ospf message-digest-key 1 md5 fred
router ospf 50
area 0 authentication message-digest
Configure default route:
ip route 0.0.0.0 0.0.0.0 fa0/0
router ospf 50
default-information originate
exit
exit
Vargas Router
Configure consoles and serial interface:
config t
hostname Vargas
enable secret cisco
line con 0
password cisco
login
exec-timeout 0 0
line vty 0 4
password cisco
login
exit
interface s0
ip address 172.16.100.2 255.255.255.252
no shutdown
copy running-config startup-config
Configure loopback address:
interface Loopback 0
ip address 10.10.10.2 255.255.255.255
exit
Configure OSPF:
router ospf 50
network 172.16.1.0 0.0.0.255 area 0
network 172.16.10.0 0.0.0.255 area 0
network 172.16.20.0 0.0.0.255 area 0
network 172.16.100.0 0.0.0.3 area 0
log-adjacency-changes
exit
exit
Configure bandwidth:
interface s0
bandwidth 64
Configure authentication:
config t
int s0
ip ospf message-digest-key 1 md5 fred
router ospf 50
area 0 authentication message-digest
Configure VLAN trunk:
interface fa0/0
no ip address
no shutdown
interface fa0/0.1
encapsulation dot1q 1
ip address 172.16.1.1 255.255.255.0
interface fa0/0.10
encapsulation dot1q 10
ip address 172.16.10.1 255.255.255.0
interface fa0/0.20
encapsulation dot1q 20
ip address 172.16.20.1 255.255.255.0
Switch 1
Configure consoles:
config t
hostname Switch1
enable secret cisco
line con 0
password cisco
login
exec-timeout 0 0
line vty 0 15
password cisco
login
Configure layer 3 access to switch:
interface vlan 1
ip address 172.16.1.2 255.255.255.0
no shutdown
exit
ip default-gateway 172.16.1.1
Set switch as server and create / name VLANs:
vlan database
vtp domain group1
vtp server
vlan 10 name Faculty
vlan 20 name Student
exit
Configure trunking on fa0/1 (2950 series switch):
interface fa0/1
switchport mode trunk
(add - switchport trunk encapsulation dot1q - for 2900 series switches)
exit
Assign ports to VLANs:
interface fa0/5
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/6
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/7
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/8
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
Verify port security:
show port-security
Switch2
Configure consoles:
config t
hostname Switch2
enable secret cisco
line con 0
password cisco
login
exec-timeout 0 0
line vty 0 15
password cisco
login
Configure layer 3 access to switch:
interface vlan 1
ip address 172.16.1.3 255.255.255.0
no shutdown
exit
ip default-gateway 172.16.1.1
Set switch as client and create / name VLANs:
vlan database
vtp domain group1
vtp client
vlan 10 name Faculty
vlan 20 name Student
exit
Configure trunking on fa0/1 and fa0/2 (2950 series switch):
interface fa0/1
switchport mode trunk
(add - switchport trunk encapsulation dot1q - for 2900 series switches)
interface fa0/2
switchport mode trunk
(add - switchport trunk encapsulation dot1q - for 2900 series switches)
exit
Assign ports to VLANs:
interface fa0/5
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/6
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/7
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
interface fa0/8
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 1
switchport port-security violation shutdown
Verify port security:
show port-security