Ad Blocker Detected
Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.
CCNA 2 RSE Practice Skills Assessment – PT
CCNA Routing and Switching
Routing and Switching Essentials
Practice Skills Assessment – Packet Tracer
A few things to keep in mind while completing this activity:
- Do not use the browser Back button or close or reload any exam windows during the exam.
- Do not close Packet Tracer when you are done. It will close automatically.
- Click the Submit Assessment button in the browser window to submit your work.
Introduction
In this practice skills assessment, you will configure the Our Town network with single-area OSPFv2. In addition, you will configure router-on-a-stick routing between VLANs. You will also implement NAT, DHCP and access lists.
All IOS device configurations should be completed from a direct terminal connection to the device console.
Some values that are required to complete the configurations have not been given to you. In those cases, create the values that you need to complete the requirements. These values may include certain IP addresses, passwords, interface descriptions, banner text, and other values.
For the sake of time, many repetitive but important configuration tasks have been omitted from this activity. Many of these tasks, especially those related to device security, are essential elements of a network configuration. The intent of this activity is not to diminish the importance of full device configurations.
You will practice and be assessed on the following skills:
- Configuration of initial device settings
- IPv4 address assignment
- Configuration and addressing of router interfaces
- Configuration of a router as a DHCP server
- Implementation of static and dynamic NAT
- Configuration of the single-area OSPFv2 routing protocol
- Configuration of a default route and static summary routes
- Configuration of VLANs and trunks
- Configuration of routing between VLANs
- Configuration of ACL to limit device access
You are required to configure the following:
Police:
- Configuration of initial router settings
- Interface configuration and IPv4 addressing
- Configuration of DHCP
- Configuration of multiarea OSPFv2
- Configuration of routing between VLANs
Central:
- Interface configuration and IPv4 addressing
- Configuration of multiarea OSPFv2
- Configuration of IPv4 route summarization
- Configuration and propagation of a default route
- Configuration of static summary routes
- Configuration of static and dynamic NAT
- Configuration of ACLs
Fire:
- Interface configuration and IPv4 addressing
- Configuration of multiarea OSPFv2
- Configuration of a static summary route
Police-SW1:
- Configuration of VLANs
- Assignment of switch ports to VLANs
- Configuration of trunking
- Configuration of unused switch ports
Police-SW2:
- Configuration of VLANs
- Assignment of switch ports to VLANs
- Configuration of trunking
- Configuration of unused switch ports
Internal PC hosts:
- Configuration as DHCP clients
Addressing Tables
Note: You are provided with the networks that interfaces should be configured on. Unless you are told to do differently in the detailed instructions below, you are free to choose the host addresses to assign.
Addressing Table:
|
Device |
Interface |
Network |
Comments |
|
Police |
S0/0/0 |
192.168.10.104/30 |
any address in the network |
|
Gi0/0.45 |
192.168.45.0/24 |
first address in the network |
|
|
Gi0/0.47 |
192.168.47.0/24 |
first address in the network |
|
|
Gi0/0.101 |
192.168.101.0/24 |
first address in the network |
|
|
Central |
S0/0/0 |
192.168.10.104/30 |
any address in the network |
|
S0/0/1 |
192.168.10.112/30 |
any address in the network |
|
|
S0/1/0 |
198.51.100.0/28 |
first address in the network |
|
|
Gi0/0 |
192.168.18.40/29 |
first address in the network |
|
|
Fire |
S0/0/0 |
192.168.10.124/30 |
second address in the network |
|
S0/0/1 |
192.168.10.112/30 |
any address in the network |
|
|
Police-SW1 |
VLAN 101 |
192.168.101.0/24 |
any address in the network |
|
Police-SW2 |
VLAN 101 |
192.168.101.0/24 |
any address in the network |
Pre-configured addresses for reference:
|
Device |
Address |
|
Town Server |
192.168.18.46/29 |
|
NetAdmin Host |
203.0.113.18 |
|
Outside Host |
203.0.113.128 |
|
Public Server |
209.165.201.235 |
|
S3 Host |
192.168.200.10/24 |
|
S6 Host |
192.168.201.10/24 |
|
S5 Host |
192.168.202.10/24 |
VLAN Table:
|
VLAN Number |
VLAN Name |
VLAN Network |
Device:Port |
|
45 |
HR |
192.168.45.0/24 |
Police-SW1: Fa0/10 Police-SW2: Fa0/3 |
|
47 |
records |
192.168.47.0/24 |
Police-SW1: Fa0/15 Police-SW2: Fa0/21 |
|
101 |
comm |
192.168.101.0/24 |
SVI |
Instructions
All configurations must be performed through a direct terminal connection to the device consoles.
Step 1: Determine the Addresses to Assign
Determine the IP addresses that you will use for the required interfaces on the three routers and two switches. Use the information in the Addressing Table and follow the guidelines below:
- Assign the first IP addresses in the networks that are provided in the Addressing Table to the LAN interfaces.
- Assign the first address in the Central subnet to the interface that is connected to the Internet.
- Assign any valid host address in the networks that are provided in the Addressing Table to the serial interfaces.
- The host PCs will receive IP addresses over DHCP.
Step 2: Configure Police
- Configure Police with the following:
- Configure the router host name: PoliceDept
Router(config)# hostname PoliceDept
- Prevent the router from attempting to resolve command line entries to IP addresses.
PoliceDept(config)# no ip domain-lookup
- Protect privileged EXEC mode from unauthorized access with the MD5 encrypted password.
PoliceDept(config)# enable secret [password]
- Prevent device status messages from interrupting command line entries at the device console.
PoliceDept(config)# line con 0
PoliceDept(config-line)# logging synchronous
- Secure the router console and terminal lines.
PoliceDept(config)# line console 0
password [password]
login
PoliceDept(config)# line vty 0 4
password [password]
login
- Prevent all passwords from being viewed in clear text in the device configuration file.
PoliceDept(config)# service password-encryption
- Configure a message-of-the-day banner.
PoliceDept(config)# banner motd “message-of-the-day”
Step 3: Configure the Router Physical Interfaces
Configure the interfaces of the routers for full connectivity with the following:
- IP addresses as shown in the addressing table.
- Describe the operational Police serial interface. The Police Ethernet interfaces will be configured at the end of this assessment.
- DCE settings where appropriate. Use a rate of 128000.
PoliceDept(config)# interface Serial0/0/0
PoliceDept(config-if)#bandwidth 128
PoliceDept(config-if)#ip address 192.168.10.105 255.255.255.252
PoliceDept(config-if)#description Police and Central
PoliceDept(config-if)#clock rate 128000
PoliceDept(config-if)#no shutdown
Central(config)# interface Serial0/0/0
Central(config-if)#bandwidth 128
Central(config-if)#ip address 192.168.10.106 255.255.255.252
Central(config-if)#no shutdown
Central(config)# interface Serial0/0/1
Central(config-if)#bandwidth 128
Central(config-if)#ip address 192.168.10.114 255.255.255.252
Central(config-if)#clock rate 128000
Central(config-if)#no shutdown
Central(config)# interface g0/0
Central(config-if)#ip address 192.168.18.41 255.255.255.248
Central(config-if)#no shutdown
Central(config)# interface Serial0/1/0
Central(config-if)#ip address 198.51.100.1 255.255.255.240
Central(config-if)#no shutdown
Fire(config)# interface Serial0/0/1
Fire(config-if)#bandwidth 128
Fire(config-if)#ip address 198.51.100.1 255.255.255.240
Fire(config-if)#no shutdown
Step 4: Configure static and default routing
Configure the following static routes:
- Manually configure default routes to the Internet. Use the exit interface argument. All hosts on the internal LANs and School Network networks should be able to reach the Internet.
PoliceDept(config)#ip route 0.0.0.0 0.0.0.0 s0/0/0
Central(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0
Fire(config)#ip route 0.0.0.0 0.0.0.0 s0/0/1
- It has been decided to use static routes to reach the branch networks that are connected to Fire. Use a single summary to represent the branch networks in the most efficient way possible. Configure the summary static route onCentral and Fire using the exit interface argument.
Central(config)#ip route 192.168.200.0 255.255.252.0 s0/0/1
Fire(config)#ip route 192.168.200.0 255.255.252.0 s0/0/0
Step 5: Configure OSPF Routing
Configure single-area OSPFv2 to route between all internal networks. The branch networks are not routed with OSPFv2.
- Use a process ID of 10.The routers should be configured in area 0.
- Use the correct inverse masks for all network statements. Do not use quad zero masks (0.0.0.0).
Step 6: Customize single-area OSPFv2
Customize single-area OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of the serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
- Police: 1.1.1.1
- Central: 2.2.2.2
- Fire: 3.3.3.3
c. Configure the OSPF cost of the link between Police and Central to 7500.
d. Prevent routing updates from being sent out of any of the LAN interfaces that are routed with OSPFv2. Do not use the default keyword in the commands you use to do this.
Configuration step 5 and step 6
PoliceDept(config)#router ospf 10
PoliceDept(config-router)#router-id 1.1.1.1
PoliceDept(config-router)#network 192.168.10.104 0.0.0.3 area 0
PoliceDept(config-router)#network 192.168.45.0 0.0.0.255 area 0
PoliceDept(config-router)#network 192.168.47.0 0.0.0.255 area 0
PoliceDept(config-router)#network 192.168.101.0 0.0.0.255 area 0
PoliceDept(config-router)#passive-interface g0/0.45
PoliceDept(config-router)#passive-interface g0/0.47
PoliceDept(config-router)#passive-interface g0/0.101
PoliceDept(config)#interface s0/0/0
PoliceDept(config-if)#bandwidth 128
PoliceDept(config-if)#ip ospf cost 7500
Central(config)#router ospf 10
Central(config-router)#router-id 2.2.2.2
Central(config-router)#network 192.168.10.104 0.0.0.3 area 0
Central(config-router)#network 192.168.10.112 0.0.0.3 area 0
Central(config-router)#network 192.168.18.40 0.0.0.7 area 0
Central(config-router)#passive-interface g0/0
Central(config)#interface s0/0/0
Central(config-if)#bandwidth 128
Central(config-if)#ip ospf cost 7500
Central(config)#interface s0/0/1
Central(config-if)#bandwidth 128
Fire(config)#router ospf 10
Fire(config-router)#router-id 3.3.3.3
Fire(config-router)#network 192.168.10.112 0.0.0.3 area 0
Fire(config)#interface s0/0/1
Fire(config-if)#bandwidth 128
Step 7: Configure VLANs and Trunking
Configure Police-SW1 and Police-SW2 with VLANs and trunk ports as follows:
- Refer to the VLAN table above for the VLAN numbers and names that should be configured on both switches.
- Configure names for the VLANs. The VLAN names must be configured to match the names in the VLAN Table exactly (case and spelling).
On Police-SW1
Police-SW1(config)#vlan 45
Police-SW1(config-vlan)#name HR
Police-SW1(config)#vlan 47
Police-SW1(config-vlan)#name records
Police-SW1(config)#vlan 101
Police-SW1(config-vlan)#name comm
On Police-SW2
Police-SW2(config)#vlan 45
Police-SW2(config-vlan)#name HR
Police-SW2(config)#vlan 47
Police-SW2(config-vlan)#name records
Police-SW2(config)#vlan 101
Police-SW2(config-vlan)#name comm
- Configure the appropriate ports that link the switches and Police with the router as functioning trunk ports.
Police-SW1(config)#int g1/1
Police-SW1(config-if)#switchport mode trunk
Police-SW1(config-if)#no shutdown
Police-SW1(config)#int g1/2
Police-SW1(config-if)#switchport mode trunk
Police-SW1(config-if)#no shutdown
Police-SW2(config)#int g1/1
Police-SW2(config-if)#switchport mode trunk
Police-SW2(config-if)#no shutdown
- Assign the switch ports shown in the table as access ports in the VLANs as indicated in the VLAN Table.
Police-SW1(config)#int fa0/10
Police-SW1(config-if)#switchport mode access
Police-SW1(config-if)#switchport access vlan 45
Police-SW1(config-if)#exit
Police-SW1(config)#int fa0/15
Police-SW1(config-if)#switchport mode access
Police-SW1(config-if)#switchport access vlan 47
Police-SW1(config-if)#exit
Police-SW2(config)#int fa0/3
Police-SW2(config-if)#switchport mode access
Police-SW2(config-if)#switchport access vlan 45
Police-SW2(config-if)#exit
Police-SW2(config)#int fa0/21
Police-SW2(config-if)#switchport mode access
Police-SW2(config-if)#switchport access vlan 47
Police-SW2(config-if)#exit
- Address VLAN 101 on the network indicated in the VLAN Table. Note that the first address in this network will be assigned to the router in a later step in this assessment. The management interfaces of both switches should configured to be reachable by hosts on other networks.
Police-SW1(config)#ip default-gateway 192.168.101.1
Police-SW1(config)#interface vlan 101
Police-SW1(config-if)#ip address 192.168.101.2 255.255.255.0
Police-SW2(config)#ip default-gateway 192.168.101.1
Police-SW2(config)#interface vlan 101
Police-SW2(config-if)#ip address 192.168.101.3 255.255.255.0
- Configure all unused switch ports as access ports, and shutdown the unused ports.
Police-SW1(config)#int range fa0/1-9, fa0/11-14, fa0/16-24
Police-SW1(config-if-range)#switchport mode access
Police-SW1(config-if-range)#shutdown
Police-SW2(config)#int range fa0/1-2, fa0/4-20, fa0/22-24
Police-SW2(config-if-range)#switchport mode access
Police-SW2(config-if-range)#shutdown
Step 8: Configure DHCP
Police should be configured as a DHCP server that provides addressing to the hosts attached to Police-SW1 and Police-SW2. The requirements are as follows:
- Use VLAN45 and VLAN47 as the pool names. Note that the pool names must match the names given here exactly, all capital letters and exact spelling.
- Addresses .1 to .20 should be reserved for static assignment from each pool.
- The first address in each network will be assigned to the router interface attached to the networks as shown in the addressing table.
- Use a DNS server address of 192.168.18.100. This server has not yet been added to the network, but the address must be configured.
- Ensure that hosts in each LAN are able to communicate with hosts on remote networks.
PoliceDept(config)#ip dhcp excluded-address 192.168.45.1 192.168.45.20
PoliceDept(config)#ip dhcp excluded-address 192.168.47.1 192.168.47.20
PoliceDept(config)#ip dhcp pool VLAN45
PoliceDept(dhcp-config)#network 192.168.45.0 255.255.255.0
PoliceDept(dhcp-config)#default-router 192.168.45.1
PoliceDept(dhcp-config)#dns-server 192.168.18.100
PoliceDept(config)#ip dhcp pool VLAN47
PoliceDept(dhcp-config)#network 192.168.47.0 255.255.255.0
PoliceDept(dhcp-config)#default-router 192.168.47.1
PoliceDept(dhcp-config)#dns-server 192.168.18.100
*Set Clients to DHCP*
PC1, PC2, PC3, PC4
Step 9: Configure NAT
Configure NAT to translate internal private addresses into public addresses for the Internet. The requirements are:
a. Configure static NAT to the Town Server.
- Translate the internal address of the server to the address 198.51.100.14.
- Configure the correct interfaces to perform this NAT translation.
Central(config)#ip nat inside source static 192.168.18.46 198.51.100.14
Central(config)#interface g0/0
Central(config-if)#ip nat inside
Central(config)#interface s0/1/0
Central(config-if)#ip nat outside
b.Configure dynamic NAT (not NAT with overload, or PAT).
- Use the addresses remaining in the public address subnet of 198.51.100.0/28. The first two addresses in the subnet have already been assigned to the Central and ISP serial interfaces. Also, another address has already been used in the static mapping in the step above.
- Use a pool name of INTERNET. Note that the pool name must match this name exactly, in spelling and capitalization.
- Hosts on each of the internal LANs shown in the topology and on all of the branch networks should be permitted to use the NAT addresses to access the Internet.
- Use a source list number of 1.
- Your source list should consist of three entries, one each for the LANs and one for the branch networks.
BY Boogie
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
Step 10: Configure Access Control Lists
You will configure two access control lists to limit device access on Central. You should use the any and host keywords in the ACL statements as required. The ACL requirements are:
a. Restrict access to the vty lines on Central:
- Create a named standard ACL using the name MANAGE. Be sure that you use this name exactly as it appears in these instructions (case and spelling).
- Allow only the NetAdmin Host to access the vty lines of Central.
- No other Internet hosts (including Internet hosts not visible in the topology) should be able to access the vty lines of Central.
- Your solution should consist of a single ACL statement.
b.Allow outside access to the Town Server while controlling other traffic from the outside. Create the ACL as directed below:
- Use access list number 101.
- First, allow NetAdmin Host full access to all network hosts and devices.
- Then, allow outside hosts to access the Town Server over HTTP only.
- Allow traffic that is in response to data requests from the internal and School Network hosts to enter the network.
- Add a statement so that counts of all denied traffic will be shown in the show access-lists command output.
- Your ACL should have only four statements.
Your ACL should be placed in the most efficient location possible to conserve network bandwidth and device processing resources.
Step 11: Configure Router-on-a-Stick Inter-VLAN Routing.
Configure Police to provide routing between the VLANs configured on the switches. As follows:
- Use the VLAN numbers for the required interface numbers.
- Use the first addresses in the VLAN networks for the interfaces.
PoliceDept(config)# interface g0/0
PoliceDept(config-if)#no sh
PoliceDept(config)# interface g0/0.45
PoliceDept(config-subif)#encapsulation dot1Q 45
PoliceDept(config-subif)#ip address 192.168.45.1 255.255.255.0
PoliceDept(config)# interface g0/0.47
PoliceDept(config-subif)#encapsulation dot1Q 47
PoliceDept(config-subif)#ip address 192.168.47.1 255.255.255.0
PoliceDept(config)# interface g0/0.101
PoliceDept(config-subif)#encapsulation dot1Q 101
PoliceDept(config-subif)#ip address 192.168.101.1 255.255.255.0
Step 12: Test and Troubleshoot Connectivity.
Ensure that the hosts attached to the VLANs can reach hosts on the School Network and the Internet.
Last Updated: November, 2013
Leonard
Hello!
Thanks for this.
Are you sure it is the Pratical Skills Exam ?
Can you share also the text of it and the network topology?
Thank you
Mubiru
I was going to ask the same question and I believe the above commands must be mastered because the Practical Skills Exam can be changed any time.
Thank you.
Matt
Hello, you guys ended up figuring out the network topology because there’s a few things that i cant get ..
Masud Rana
My Score was 96%
================
[[Building-1]]
enable
conf t
hostname Building-1
no ip domain-lookup
enable secret cisco
line con 0
logging synchronous
password cisco
login
exit
line vty 0 4
password cisco
login
exit
service password-encryption
banner motd “Warning!!!”
int s0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
description Building-1 and Main
clock rate 128000
no shutdown
exit
ip route 0.0.0.0 0.0.0.0 s0/0/0
[[Main]]
enable
conf t
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.106 255.255.255.252
no shutdown
exit
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
clock rate 128000
no shutdown
exit
interface g0/0
ip address 192.168.18.41 255.255.255.248
no shutdown
exit
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
no shutdown
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.200.0 255.255.252.0 s0/0/1
[[Building 2]]
enable
conf t
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no shutdown
ip route 0.0.0.0 0.0.0.0 s0/0/1
ip route 192.168.200.0 255.255.252.0 s0/0/0
[[Building-1]]
router ospf 10
router-id 1.1.1.1
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
passive-interface g0/0.45
passive-interface g0/0.47
passive-interface g0/0.101
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
[[Main]]
router ospf 10
router-id 2.2.2.2
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
passive-interface g0/0
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
interface s0/0/1
bandwidth 128
exit
[[Building 2]]
router ospf 10
router-id 3.3.3.3
network 192.168.10.112 0.0.0.3 area 0
exit
interface s0/0/1
bandwidth 128
exit
[[SW1]]
enable
conf t
vlan 45
name finance
exit
vlan 47
name sales
exit
vlan 101
name netadmin
exit
int g0/1
switchport mode trunk
no shutdown
exit
int g0/2
switchport mode trunk
no shutdown
exit
int fa0/10
switchport mode access
switchport access vlan 45
exit
int fa0/15
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.2 255.255.255.0
exit
int range fa0/1-9, fa0/11-14, fa0/16-24
switchport mode access
shutdown
exit
[[SW2]]
enable
conf t
vlan 45
name HR
exit
vlan 47
name records
exit
vlan 101
name comm
exit
int g0/1
switchport mode trunk
no shutdown
exit
int fa0/3
switchport mode access
switchport access vlan 45
exit
int fa0/21
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.3 255.255.255.0
exit
int range fa0/1-2, fa0/4-20, fa0/22-24
switchport mode access
shutdown
exit
[[Building-1]]
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
exit
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
exit
*****SET CLIENTS TO DHCP*****
[[Main]]
ip nat inside source static 192.168.18.46 198.51.100.14
interface g0/0
ip nat inside
exit
interface s0/1/0
ip nat outside
exit
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
exit
interface Serial0/1/0
ip access-group 101 in
exit
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
exit
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line vty 0 15
access-class MANAGE in
password cisco
login
exit
[[Building-1]]
interface g0/0
no sh
exit
interface g0/0.45
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
exit
interface g0/0.47
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
exit
interface g0/0.101
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
exit
nghinhquan
Hello, you can let me ask is this contest PT how many to borrow.
Thank you
bipulkuet
Can anybody to solve Step 10 ? I have already obtained 9 points within 13 points of Step 10.
croco
Must be something like this:
!
interface Serial0/1/0
bandwidth 128
ip address 198.51.100.1 255.255.255.240
ip access-group 101 in
ip nat outside
!
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
!
line vty 0 4
access-class MANAGE in
password cisco
login
line vty 5 15
access-class MANAGE in
password cisco
login
!
will
Can anybody help solve step 9b please?
Boogie
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
tom
Part 10)
ip access-group 101 in
ip nat outside
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
Ason
Tom thnx for writing the solution , but i want to know where i want to configure this (step 10 ) ??
Thank you
Zar
can anyone help me… i accidentally disconnect the port connected from the central to the internet.. does anyone know what is the port connected to the internet??? T_T
alex
Can someone please reupload the topology image ? Thank you
Tuk
Do you have the skills exams for CCNA3?
CCNA5.NET
yes
WAYNEN
Do you have Chapter 6 Practice Skills Assessment exam please?
Asyriel
Here is a script you can copy and paste. Copy to Wordpad first. Scored a 94% with these exact commands. Adjust port ranges if you want that 100% haha
[[Site1]]
enable
conf t
hostname Site-1
enable secret cisco
line con 0
logging synchronous
password cisco
login
exit
line vty 0 15
login
exit
service password-encryption
banner motd “Warning!”
int s0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
description [Police and Central]
clock rate 128000
no shutdown
exit
ip route 0.0.0.0 0.0.0.0 s0/0/0
[[HQ]]
enable
conf t
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.106 255.255.255.252
no shutdown
exit
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
clock rate 128000
no shutdown
exit
interface g0/0
ip address 192.168.18.41 255.255.255.248
no shutdown
exit
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
no shutdown
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.200.0 255.255.252.0 s0/0/1
[[Site2]]
enable
conf t
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no shutdown
ip route 0.0.0.0 0.0.0.0 s0/0/1
ip route 192.168.200.0 255.255.252.0 s0/0/0
[[Site1]]
router ospf 10
router-id 1.1.1.1
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
passive-interface g0/0.45
passive-interface g0/0.47
passive-interface g0/0.101
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
[[HQ]]
router ospf 10
router-id 2.2.2.2
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
passive-interface g0/0
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
interface s0/0/1
bandwidth 128
exit
[[Site2]]
router ospf 10
router-id 3.3.3.3
network 192.168.10.112 0.0.0.3 area 0
exit
interface s0/0/1
bandwidth 128
exit
[[SW1]]
enable
conf t
vlan 45
name finance
exit
vlan 47
name sales
exit
vlan 101
name netadmin
exit
int g1/1
switchport mode trunk
no shutdown
exit
int g1/2
switchport mode trunk
no shutdown
exit
int fa0/10
switchport mode access
switchport access vlan 45
exit
int fa0/15
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.2 255.255.255.0
exit
int range fa0/1-9, fa0/11-14, fa0/16-24
switchport mode access
shutdown
exit
[[SW2]]
enable
conf t
vlan 45
Police-SW2(config-vlan)#name HR
exit
vlan 47
Police-SW2(config-vlan)#name records
exit
vlan 101
Police-SW2(config-vlan)#name comm
exit
int g1/1
switchport mode trunk
no shutdown
exit
int fa0/3
switchport mode access
switchport access vlan 45
exit
int fa0/21
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.3 255.255.255.0
exit
int range fa0/1-2, fa0/4-20, fa0/22-24
switchport mode access
shutdown
exit
[[Site1]]
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
exit
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
exit
*****SET CLIENTS TO DHCP*****
[[HQ]]
ip nat inside source static 192.168.18.46 198.51.100.14
interface g0/0
ip nat inside
exit
interface s0/1/0
ip nat outside
exit
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
exit
interface Serial0/1/0
ip access-group 101 in
exit
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
exit
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line vty 0 15
access-class MANAGE in
password cisco
login
exit
[[Site1]]
interface g0/0
no sh
exit
interface g0/0.45
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
exit
interface g0/0.47
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
exit
interface g0/0.101
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
exit
Laura
Hello how to copy them directly i mean how to paste the commands
all the way to the router ?
jim
Do you have Chapter 6 Practice Skills Assessment exam?
CCNA5.NET
https://www.ccna5.net/ccna-2-rse-chapter-6-practice-skills-assessment-packet-tracer/1723/
KILOTTT
how to get the file .pkt ???
Secret
Do anyone have a link for the answer for this PT skills??
For the newer version of cisco v5
CCNA 4
Chapter 7 Practice Skills Assessment – PT
NB_ITN Practice Skills Assessment – PT
ScaN Practice Skills Exam EIGRP – PT
ScaN Practice Skills Exam OSPF – PT
Please pm if there is available thanks
olfat.ibrahim.946
Hello,
Any one know the answer for CCNA 4
Chapter 7 Practice Skills Assessment – PT
Thanks
CCNA5.NET
https://dl.dropboxusercontent.com/s/xg5sz84d0viib3p/answer%20Chapter%207%20Practice%20Skills%20Assessment%20-%20PT%20.zip?dl=1&token_hash=AAH3zBQesAtuue-IgkCE0Vpy03UTbFHLh7Y-Nr05eGSKjw&expiry=1400621543
D.P.G.
Can anybody help me with step 1 please ?
larry
where can i download the packet tracer activity?
vlad
Is there a pka file to solv? How do I know what is inside the cloud?
Can anyone send it to me by mail?
Samantha
It would be fantastic if someone could provide the .pkt file. Anyone?
Thanks
John
Here?!?!? I think is that in description. https://www.youtube.com/watch?v=2r8oR8rkbIM
ibrahim
https://www.dropbox.com/s/uelp80yg0hgcnzf/Examen%20Final%20PT%20CCNA%202%20(Routing%20and%20Switching).pka?dl=0
VLAN 1
can any one explain step 1?
anon
step 10
interface Serial0/1/0
ip access-group 101 in
exit
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
exit
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line vty 0 15
access-class MANAGE in
password cisco
login
exiten
Jocker_Punk
Why didn’t anyone shutdown g0/2 interface on SW2?
NORRISCHUCK
Took exam PT last week and the scenario was same. There were only different names for routers and switches, but IP and steps were same..
Freddi
I have managed to get 97% so far.
In the initial set-up of router Site 2/Building-2/Fire
I lost 3 marks for not setting an ip-address for the gigabit interface g0/0.
What would you suggest?
James
I completed the exam yesterday and it was exactly the same. The name of the routers and switches may vary but the IP addresses and such are all exactly the same!
My score was 100%
Tonye
The configuration for
Fire
int s 0/0/1
bandwidth 128
ip address 198.51.100.1 255.255.255.240
no shut
the correct ip should be
ip address 192.168.10.113 255.255.255.252
julius gitahi
CCNA2 RSE Practice Skills Assessment – PT Type C answers
Pinx
Tipe A
98%
HQ
hostname HQ
ip cef
no ipv6 cef
spanning-tree mode pvst
interface GigabitEthernet0/0
ip address 192.168.18.41 255.255.255.248
no sh
ip nat inside
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
no sh
ip ospf cost 7500
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no sh
clock rate 128000
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
no sh
ip access-group 101 in
ip nat outside
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
interface Vlan1
no ip address
shutdown
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
passive-interface GigabitEthernet0/0
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 192.168.200.0 255.255.252.0 Serial0/0/1
ip flow-export version 9
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line con 0
line aux 0
line vty 0 4
access-class MANAGE in
password class
login
end
SITE 1
hostname Site-1
enable secret cisco
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
ip cef
no ipv6 cef
no ip domain-lookup
spanning-tree mode pvst
interface GigabitEthernet0/0
no sh
no ip address
duplex auto
speed auto
interface GigabitEthernet0/0.45
description any_text
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
interface GigabitEthernet0/0.47
description any_text
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
interface GigabitEthernet0/0.101
description any_text
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
interface Serial0/0/0
description any_text
bandwidth 128
ip address 192.168.10.105 255.255.255.252
ip ospf cost 7500
clock rate 128000
no sh
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
interface Vlan1
no ip address
shutdown
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
passive-interface GigabitEthernet0/0.45
passive-interface GigabitEthernet0/0.47
passive-interface GigabitEthernet0/0.101
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
ip flow-export version 9
banner motd *welcome*
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
end
SITE 2
hostname Site-2
ip cef
no ipv6 cef
spanning-tree mode pvst
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
interface Serial0/0/0
ip address 192.168.10.126 255.255.255.252
no sh
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
no sh
interface Vlan1
no ip address
shutdown
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
redistribute static
network 192.168.10.112 0.0.0.3 area 0
ip classless
ip route 192.168.200.0 255.255.252.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
ip flow-export version 9
line con 0
line aux 0
line vty 0 4
password class
login
end
SITE1- SW1
hostname Site1-SW1
spanning-tree mode pvst
interface FastEthernet0/1
switchport mode access
shutdown
interface FastEthernet0/2
switchport mode access
shutdown
interface FastEthernet0/3
switchport mode access
shutdown
interface FastEthernet0/4
switchport mode access
shutdown
interface FastEthernet0/5
switchport mode access
shutdown
interface FastEthernet0/6
switchport mode access
shutdown
interface FastEthernet0/7
switchport mode access
shutdown
interface FastEthernet0/8
switchport mode access
shutdown
interface FastEthernet0/9
switchport mode access
shutdown
interface FastEthernet0/10
switchport access vlan 45
switchport mode access
no sh
interface FastEthernet0/11
switchport mode access
shutdown
interface FastEthernet0/12
switchport mode access
shutdown
interface FastEthernet0/13
switchport mode access
shutdown
interface FastEthernet0/14
switchport mode access
shutdown
interface FastEthernet0/15
switchport access vlan 47
switchport mode access
no sh
interface FastEthernet0/16
switchport mode access
shutdown
interface FastEthernet0/17
switchport mode access
shutdown
interface FastEthernet0/18
switchport mode access
shutdown
interface FastEthernet0/19
switchport mode access
shutdown
interface FastEthernet0/20
switchport mode access
shutdown
interface FastEthernet0/21
switchport mode access
shutdown
interface FastEthernet0/22
switchport mode access
shutdown
interface FastEthernet0/23
switchport mode access
shutdown
interface FastEthernet0/24
switchport mode access
shutdown
interface GigabitEthernet0/1
switchport mode trunk
no sh
interface GigabitEthernet0/2
switchport mode trunk
no sh
interface Vlan1
no ip address
shutdown
interface Vlan101
ip address 192.168.101.10 255.255.255.0
ip default-gateway 192.168.101.1
vl 45
na finance
vl 47
na sales
vl 101
na netadmin
line con 0
line vty 0 4
login
line vty 5 15
login
end
SITE1 – SW 2
hostname Site1-SW2
spanning-tree mode pvst
interface FastEthernet0/1
switchport mode access
shutdown
interface FastEthernet0/2
switchport mode access
shutdown
interface FastEthernet0/3
switchport access vlan 45
switchport mode access
no sh
interface FastEthernet0/4
switchport mode access
shutdown
interface FastEthernet0/5
switchport mode access
shutdown
interface FastEthernet0/6
switchport mode access
shutdown
interface FastEthernet0/7
switchport mode access
shutdown
interface FastEthernet0/8
switchport mode access
shutdown
interface FastEthernet0/9
switchport mode access
shutdown
interface FastEthernet0/10
switchport mode access
shutdown
interface FastEthernet0/11
switchport mode access
shutdown
interface FastEthernet0/12
switchport mode access
shutdown
interface FastEthernet0/13
switchport mode access
shutdown
interface FastEthernet0/14
switchport mode access
shutdown
interface FastEthernet0/15
switchport mode access
shutdown
interface FastEthernet0/16
switchport mode access
shutdown
interface FastEthernet0/17
switchport mode access
shutdown
interface FastEthernet0/18
switchport mode access
shutdown
interface FastEthernet0/19
switchport mode access
shutdown
interface FastEthernet0/20
switchport mode access
shutdown
interface FastEthernet0/21
switchport access vlan 47
switchport mode access
no sh
interface FastEthernet0/22
switchport mode access
shutdown
interface FastEthernet0/23
switchport mode access
shutdown
interface FastEthernet0/24
switchport mode access
shutdown
interface GigabitEthernet0/1
switchport mode trunk
no sh
interface GigabitEthernet0/2
shutdown
interface Vlan1
no ip address
shutdown
interface Vlan101
ip address 192.168.101.15 255.255.255.0
ip default-gateway 192.168.101.1
vl 45
na finance
vl 47
na sales
vl 101
na netadmin
line con 0
line vty 0 4
pas class
login
line vty 5 15
pas class
login
end
At the end enable DHCP client on
Manage-1a
Accts-2f
Sec-2c
Clerk-1c
ALB
I also have a 98% in a practice lab; Type A. Everything seems to work as intended but I can’t figure out the cause of the 2 point deduction? Here is the running configuration. Someone mind taking a look to see if anything jumps out at you?
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname Site1
!
enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
!
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX15245QA9
!
no ip domain-lookup
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.45
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
!
interface GigabitEthernet0/0.47
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
!
interface GigabitEthernet0/0.101
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
description S0/0/0
bandwidth 128
ip address 192.168.10.106 255.255.255.252
ip ospf cost 7500
clock rate 128000
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
passive-interface GigabitEthernet0/0.45
passive-interface GigabitEthernet0/0.47
passive-interface GigabitEthernet0/0.101
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
ip flow-export version 9
!
banner motd ^CAuthorized Personnel Only^C
!
line con 0
password 7 0822455D0A16
logging synchronous
login
!
line aux 0
!
line vty 0 4
password 7 0822455D0A16
logging synchronous
login
line vty 5 15
password 7 0822455D0A16
logging synchronous
login
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname HQ
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX1524Y7OR
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
ip address 192.168.18.41 255.255.255.248
ip nat inside
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
ip ospf cost 7500
ip nat inside
!
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
ip nat inside
clock rate 128000
!
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
ip access-group 101 in
ip nat outside
!
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
passive-interface GigabitEthernet0/0
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
!
ip nat pool INTERNET 198.51.100.3 198.51.100.14 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 192.168.200.0 255.255.252.0 Serial0/0/1
!
ip flow-export version 9
!
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
!
line con 0
!
line aux 0
!
line vty 0 4
access-class MANAGE in
login
line vty 5 15
access-class MANAGE in
login
!
end
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Site2
!
ip cef
no ipv6 cef
!
license udi pid CISCO1941/K9 sn FTX15248687
!
spanning-tree mode pvst
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 192.168.10.126 255.255.255.252
!
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
!
interface Vlan1
no ip address
shutdown
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 192.168.10.124 0.0.0.3 area 0
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
ip route 192.168.200.0 255.255.252.0 Serial0/0/0
!
ip flow-export version 9
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
end
James
This will get you a 99%
[[Police/Building-1]]*********************************************************************************
enable
conf t
ho Building-1
no ip domain-lookup
enable secret cisco
line con 0
loggin sync
password cisco
login
line vty 0 4
password cisco
login
service password-encryption
banner motd #Warning!!!#
int s0/0/0
ip add 192.168.10.105 255.255.255.252
des Building-1 and Main
ip ospf cost 7500
bandwidth 128
clock rate 128000
no shut
exit
int g0/0
no shut
exit
int g0/0.45
encap dot1q 45
ip add 192.168.45.1 255.255.255.0
exit
int g0/0.47
encap dot1q 47
ip add 192.168.47.1 255.255.255.0
exit
int g0/0.101
encap dot1q 101
ip add 192.168.101.1 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 s0/0/0
router ospf 10
router-id 1.1.1.1
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
passive-interface g0/0.45
passive-interface g0/0.47
passive-interface g0/0.101
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
exit
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
exit
*****SET CLIENTS TO DHCP*****
——————————————————————————————–
[[Central/Main]]*********************************************************************************
en
conf t
int s0/0/0
ip add 192.168.10.106 255.255.255.252
bandwidth 128
ip ospf cost 7500
no shut
exit
int s0/0/1
ip add 192.168.10.113 255.255.255.252
clock rate 128000
bandwidth 128
no shut
int s0/1/0
ip add 198.51.100.1 255.255.255.240
no shut
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.200.0 255.255.252.0 s0/0/1
int g0/0
ip add 192.168.18.41 255.255.255.248
no shut
exit
router ospf 10
router-id 2.2.2.2
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.168.18.40 0.0.0.7 area 0
passive-interface g0/0
ip nat inside source static 192.168.18.46 192.51.100.14
int g0/0
ip nat inside
int s0/1/0
ip nat outside
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
int s0/1/0
ip access-group 101 in
exit
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
line vty 0 4
ip access-list standard MANAGE
permit host 203.0.113.18
exit
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
——————————————————————————————–
[[Fire/Building-2]]************************************************************************************
en
conf t
int s0/0/1
ip add 192.168.10.114 255.255.255.252
bandwidth 128
no shut
int s0/0/0
ip add 192.168.10.126 255.255.255.252
bandwidth 128
no shut
ip route 0.0.0.0 0.0.0.0 s0/0/1
ip route 192.168.200.0 255.255.252.0 s0/0/0
router ospf 10
router-id 3.3.3.3
network 192.168.10.112 0.0.0.3 area 0
——————————————————————————————–
[[Police-SW1/Bldg1-SW1]]******************************************************************************
en
conf t
vlan 45
name records
exit
vlan 47
name library
exit
vlan 101
name manage
exit
int g0/1
switchport mode trunk
no shut
exit
int g0/2
switchport mode trunk
no shut
exit
int f0/10
switchport mode trunk
no shut
exit
int f0/15
no shut
exit
int f0/10
switchport mode access
switchport access vlan 45
exit
int f0/15
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
int vlan 101
ip add 192.168.101.2 255.255.255.0
int range f0/1-9, f0/11-14, f0/16-24
switchport mode access
shutdown
exit
——————————————————————————————–
[[Police-SW2/Bldg1-SW2]]******************************************************************************
en
conf t
vlan 45
name records
exit
vlan 47
name library
exit
vlan 101
name manage
exit
int g0/1
switchport mode trunk
no shut
exit
int f0/3
switchport mode trunk
no shut
exit
int f0/21
switchport mode trunk
no shut
exit
int f0/3
switchport mode access
switchport access vlan 45
exit
int f0/21
switchport mode access
switchport access vlan 47
exit
ip default-gateway 192.168.101.1
int vlan 101
ip add 192.168.101.3 255.255.255.0
int range f0/1-2, f0/4-20, f0/22-24, g0/2
switchport mode access
shutdown
exit
Erdnaxela
100%
Building 1
hostname Building-1
no ip domain-lookup
enable secret cisco
line console 0
logging synchronous
password cisco
login
exit
line vty 0 4
password cisco
login
exit
service password-encryption
banner motd “Authorized Access Only”
int s0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
description [Police and Central]
clock rate 128000
no shutdown
exit
ip route 0.0.0.0 0.0.0.0 s0/0/0
interface g0/0
no sh
exit
interface g0/0.45
description LAN
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
exit
interface g0/0.47
description LAN
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
exit
interface g0/0.101
description LAN
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
exit
router ospf 10
router-id 1.1.1.1
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
passive-interface g0/0.45
passive-interface g0/0.47
passive-interface g0/0.101
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
exit
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
exit
HQ
hostname HQ
interface Serial0/0/0
description LAN
bandwidth 128
ip address 192.168.10.106 255.255.255.252
no shutdown
exit
interface Serial0/0/1
description LAN
bandwidth 128
ip address 192.168.10.114 255.255.255.252
clock rate 128000
no shutdown
exit
interface g0/0
description LAN
ip address 192.168.18.41 255.255.255.248
no shutdown
exit
interface Serial0/1/0
description LAN
ip address 198.51.100.1 255.255.255.240
no shutdown
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.200.0 255.255.252.0 s0/0/1
router ospf 10
router-id 2.2.2.2
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 198.51.100.0 0.0.0.15 area 0
network 192.168.18.40 0.0.0.7 area 0
passive-interface g0/0
exit
interface s0/0/0
bandwidth 128
ip ospf cost 7500
exit
interface s0/0/1
bandwidth 128
exit
ip nat inside source static 192.168.18.46 198.51.100.14
interface g0/0
ip nat inside
exit
interface s0/1/0
ip nat outside
exit
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip access-list standard 1
permit 192.168.45.0 0.0.0.255
permit 192.168.47.0 0.0.0.255
permit 192.168.200.0 0.0.3.255
exit
interface Serial0/1/0
ip access-group 101 in
exit
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
exit
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line vty 0 15
access-class MANAGE in
password cisco
login
exit
Site-2
hostname Building-2
interface Serial0/0/1
description LAN
bandwidth 128
ip address 192.168.10.113 255.255.255.252
description LAN
no shutdown
exit
ip route 0.0.0.0 0.0.0.0 s0/0/1
ip route 192.168.200.0 255.255.252.0 s0/0/0
router ospf 10
router-id 3.3.3.3
network 192.168.10.112 0.0.0.3 area 0
network 192.168.10.124 0.0.0.3 area 0
exit
interface s0/0/0
bandwidth 128
ip address 192.168.10.126 255.255.255.252
description LAN
no shutdown
exit
Site1-SW1
hostname Bldg1-SW1
vlan 45
name records
exit
vlan 47
name library
exit
vlan 101
name manage
exit
int g0/1
switchport mode trunk
no shutdown
exit
int g0/2
switchport mode trunk
no shutdown
exit
int fa0/10
switchport mode access
switchport access vlan 45
no shutdown
exit
int fa0/15
switchport mode access
switchport access vlan 47
no shutdown
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.2 255.255.255.0
exit
int range fa0/1-9, fa0/11-14, fa0/16-24
switchport mode access
shutdown
exit
Site1-SW2
hostname Bldg1-SW2
vlan 45
name records
exit
vlan 47
name library
exit
vlan 101
name manage
exit
int g0/1
switchport mode trunk
no shutdown
exit
int fa0/3
switchport mode access
switchport access vlan 45
no shutdown
exit
int fa0/21
switchport mode access
switchport access vlan 47
no shutdown
exit
ip default-gateway 192.168.101.1
interface vlan 101
ip address 192.168.101.3 255.255.255.0
exit
int range fa0/1-2, fa0/4-20, fa0/22-24
switchport mode access
shutdown
exit
AKLOUF Mourad
hi every one , i am an Algerian student from the university of science&technology USTHB , and i just got 100% in the RSE PT CCNA3, here is my config, hope it’ll help u , have a nice day :
# HQ / MAIN:
hostname Central
interface GigabitEthernet0/0
ip address 192.168.18.41 255.255.255.248
no sh
ip nat inside
interface GigabitEthernet0/1
no ip address
shutdown
interface Serial0/0/0
bandwidth 128
ip address 192.168.10.105 255.255.255.252
no sh
ip ospf cost 7500
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.113 255.255.255.252
no sh
clock rate 128000
interface Serial0/1/0
ip address 198.51.100.1 255.255.255.240
no sh
ip access-group 101 in
ip nat outside
interface Serial0/1/1
no ip address
shutdown
interface Vlan1
no ip address
shutdown
router ospf 10
router-id 2.2.2.2
passive-interface GigabitEthernet0/0
network 192.168.10.104 0.0.0.3 area 0
network 192.168.10.112 0.0.0.3 area 0
network 192.51.100.0 0.0.0.15 area 0
network 192.168.18.40 0.0.0.7 area 0
ip nat pool INTERNET 198.51.100.3 198.51.100.13 netmask 255.255.255.240
ip nat inside source list 1 pool INTERNET
ip nat inside source static 192.168.18.46 198.51.100.14
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 192.168.200.0 255.255.252.0 Serial0/0/1
access-list 1 permit 192.168.45.0 0.0.0.255
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 1 permit 192.168.200.0 0.0.3.255
ip access-list standard MANAGE
permit host 203.0.113.18
access-list 101 permit ip host 203.0.113.18 any
access-list 101 permit tcp any host 198.51.100.14 eq www
access-list 101 permit tcp any any established
access-list 101 deny ip any any
line vty 0 15
access-class MANAGE in
password ccna
login
logging syn
# SITE 1 :
hostname PoliceDept
enable secret ccna
no ip domain-lookup
ip dhcp excluded-address 192.168.45.1 192.168.45.20
ip dhcp excluded-address 192.168.47.1 192.168.47.20
ip dhcp pool VLAN45
network 192.168.45.0 255.255.255.0
default-router 192.168.45.1
dns-server 192.168.18.100
ip dhcp pool VLAN47
network 192.168.47.0 255.255.255.0
default-router 192.168.47.1
dns-server 192.168.18.100
interface GigabitEthernet0/0
no sh
interface GigabitEthernet0/0.45
description LANHR
encapsulation dot1Q 45
ip address 192.168.45.1 255.255.255.0
interface GigabitEthernet0/0.47
description LANrecords
encapsulation dot1Q 47
ip address 192.168.47.1 255.255.255.0
interface GigabitEthernet0/0.101
description LANcomm
encapsulation dot1Q 101
ip address 192.168.101.1 255.255.255.0
interface GigabitEthernet0/1
shutdown
interface Serial0/0/0
description ToNet
bandwidth 128
ip address 192.168.10.105 255.255.255.252
ip ospf cost 7500
clock rate 128000
no sh
interface Serial0/0/1
shutdown
router ospf 10
router-id 1.1.1.1
passive-interface GigabitEthernet0/0.45
passive-interface GigabitEthernet0/0.47
passive-interface GigabitEthernet0/0.101
network 192.168.10.104 0.0.0.3 area 0
network 192.168.45.0 0.0.0.255 area 0
network 192.168.47.0 0.0.0.255 area 0
network 192.168.101.0 0.0.0.255 area 0
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
banner motd #welcomeToPoliceDept#
line con 0
password ccna
logging synchronous
login
line aux 0
line vty 0 15
password ccna
login
logging synchronous
# SITE 2 :
hostname Fire
interface GigabitEthernet0/0
shutdown
interface GigabitEthernet0/1
shutdown
interface Serial0/0/0
ip address 192.168.10.126 255.255.255.252
no sh
interface Serial0/0/1
bandwidth 128
ip address 192.168.10.114 255.255.255.252
no sh
router ospf 10
router-id 3.3.3.3
redistribute static
network 192.168.10.112 0.0.0.3 area 0
network 192.168.10.124 0.0.0.3 area 0
ip route 192.168.200.0 255.255.252.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 Serial0/0/1
line vty 0 15
password ccna
login
loggin syn
# SITE1- SW1 :
hostname Police-SW1
int range fa0/1-9, fa0/11-14, fa0/16-24
switchport mode access
shutdown
interface FastEthernet0/10
switchport access vlan 45
switchport mode access
no sh
interface FastEthernet0/15
switchport access vlan 47
switchport mode access
no sh
interface GigabitEthernet0/1
switchport mode trunk
no sh
interface GigabitEthernet0/2
switchport mode trunk
no sh
interface Vlan1
no ip address
shutdown
interface Vlan101
no shut
ip address 192.168.101.10 255.255.255.0
ip default-gateway 192.168.101.1
vl 45
name HR
vl 47
name records
vl 101
na comm
line con 0
line vty 0 4
login
line vty 5 15
login
# SITE1 – SW 2 :
hostname Police-SW2
int range fa0/1-2, fa0/4-20, fa0/22-24
switchport mode access
shutdown
interface FastEthernet0/3
switchport access vlan 45
switchport mode access
no sh
interface FastEthernet0/21
switchport access vlan 47
switchport mode access
no sh
interface GigabitEthernet0/1
switchport mode trunk
no sh
interface GigabitEthernet0/2
shutdown
interface Vlan1
no ip address
shutdown
interface Vlan101
ip address 192.168.101.15 255.255.255.0
ip default-gateway 192.168.101.1
vl 45
na HR
vl 47
na records
vl 101
na comm
line con 0
password ccna
login
logging syn
line vty 0 15
password ccna
login
logging syn
Bits
My practice score is 100%