Scribd Logo
Upload

Welcome to Scribd!

  • Bue

    Uploaded by

    Kenner Palacios Collado
    419 views7 pages
    Design an addressing scheme and fill in the Addressing Table based on requirements. Subnet the address space 172.16.1.128 / 25 to provide 50 host addresses for the R3 LAN while wasting the fewest addresses. Assign the first (lowest) address in this subnet to the Fa0 / 0 interface on R3.

    Original Description:

    Original Title

    118510684-Bue

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Design an addressing scheme and fill in the Addressing Table based on requirements. Subnet the address space 172.16.1.128 / 25 to provide 50 host addresses for the R3 LAN while wasting the fewest addresses. Assign the first (lowest) address in this subnet to the Fa0 / 0 interface on R3.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    419 views7 pages

    Bue

    Uploaded by

    Kenner Palacios Collado
    Design an addressing scheme and fill in the Addressing Table based on requirements. Subnet the address space 172.16.1.128 / 25 to provide 50 host addresses for the R3 LAN while wasting the fewest addresses. Assign the first (lowest) address in this subnet to the Fa0 / 0 interface on R3.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    EWAN NAT/ACL PT Practice SBA

    Addressing Table Device R1 Interface Address Subnet Mask Default Gateway Fa0/0 172.16.1.193 255.255.255.224 n/a S0/0/0 172.30.1.1 255.255.255.252 n/a S0/0/1.101 10.10.10.1 255.255.255.252 n/a S0/0/0 172.30.1.6 255.255.255.252 n/a S0/0/1.201 10.10.10.2 255.255.255.252 n/a S0/1/0 209.165.201.2 255.255.255.252 n/a Fa0/0 172.16.1.129 255.255.255.192 n/a S0/0/0 172.30.1.2 255.255.255.252 n/a S0/0/1 172.30.1.5 255.255.255.252 n/a NIC 172.16.1.22 255.255.255.224 n/a NIC DHCP Assigned DHCP Assigned DHCP Assigned

    R2

    R3

    PC1 PC3

    Step 0 Basic Config


    En R1, R2 y R3 en config t hostname R1

    banner motd ^CAuthorized Access Only!^C en secret class logging trap debugging line con 0 exec-timeout 0 0 password cisco logging synchronous login line vty 0 4 exec-timeout 0 0 password cisco logging synchronous login line vty 5 15 exec-timeout 0 0 password cisco logging synchronous login

    Step 1: Finish the IP Addressing Design and Implementation


    Design an addressing scheme and fill in the Addressing Table based on the following requirements: a. Subnet the address space 172.16.1.128/25 to provide 50 host addresses for the R3 LAN while wasting the fewest addresses. IP pool received 172.16.1.128 /25 b. Assign the first available subnet to the R3 LAN. Network 172.16.1.128 /26 c. Assign the first (lowest) address in this subnet to the Fa0/0 interface on R3. Fa0/0 172.16.1.129 255.255.255.192 d. Subnet the remaining address space to provide 30 host addresses for the R1 LAN while wasting the fewest addresses. e. Assign the next available subnet to the R1 LAN. Network 172.16.1.192 /27 f. Assign the first (lowest) address in this subnet to the Fa0/0 interface on R1. FA00 172.16.1.193 255.255.255.224

    g. Assign the last (highest) host address in this subnet to PC1. PC1 172.16.1.222 255.255.255.224 h. Finish the IP addressing configuration: Configure R1 and R3 LAN interfaces with IP addressing. En R1: interface FastEthernet0/0 ip address 172.16.1.193 255.255.255.224 duplex auto speed auto En R3: interface FastEthernet0/0 ip address 172.16.1.129 255.255.255.192 duplex auto speed auto Configure PC1 with IP addressing. PC3 will get its address from the DHCP server on R3 in the next step.

    Step 2: Configure and Verify R3 as the DHCP Server


    a. Configure R3 as the DHCP server for the LAN attached to Fa0/0 using the following guidelines: Use the case-sensitive DHCP pool name of R3_LAN. ip dhcp pool R3_LAN network 172.16.1.128 255.255.255.192 default-router 172.16.1.129 Exclude the first three host addresses in the subnet. ip dhcp excluded-address 172.16.1.129 172.16.1.131 b. Verify that PC3 now has full IP addressing. It may be necessary to toggle between Static and DHCP on the IP Configuration screen for PC3 before PC3 will send a DHCP request. PC3 should be able to ping the default gateway.

    Step 3: Configure WAN Technologies


    a. The link between R3 and R2 uses PPP with CHAP. The password is ciscochap. Verify that R3 and R2 can ping each other. En R2: username R3 password 0 ciscochap

    interface Serial0/0/0 ip address 172.30.1.6 255.255.255.252 encapsulation ppp ppp authentication chap no shut En R3: username R2 password 0 ciscochap interface Serial0/0/1 ip address 172.30.1.5 255.255.255.252 encapsulation ppp ppp authentication chap clock rate 2000000 b. The link between R3 and R1 uses HDLC. R3 should be able to ping the other side of the link. Verify that R3 and R1 can ping each other. En R1: interface Serial0/0/0 encapsulation hdlc no shut En R3: interface Serial0/0/0 encapsulation hdlc no shut c. The link between R1 and R2 uses point-to-point Frame Relay subinterfaces. Verify that R1 and R2 can ping each other. En R1: interface Serial0/0/1 no ip address encapsulation frame-relay interface Serial0/0/1.101 point-to-point ip address 10.10.10.1 255.255.255.252 frame-relay interface-dlci 101 En R2: interface Serial0/0/1 no ip address encapsulation frame-relay interface Serial0/0/1.201 point-to-point ip address 10.10.10.2 255.255.255.252

    frame-relay interface-dlci 201

    Step 4: Configure and Verify EIGRP Routing


    a. Configure EIGRP routing on R1, R2, and R3. Use AS number 100. Do not use the wildcard mask argument. Do not advertise the network between R2 and the Internet. En R1: router eigrp 100 passive-interface FastEthernet0/0 network 172.16.0.0 network 172.30.0.0 network 10.0.0.0 no auto-summary En R2: router eigrp 100 passive-interface Serial0/1/0 network 172.30.0.0 network 10.0.0.0 no auto-summary En R3: router eigrp 100 passive-interface FastEthernet0/0 network 172.16.0.0 network 172.30.0.0 no auto-summary b. Configure R2 with a default route using the outbound interface argument. Use one command to propagate the default route into the EIGRP routing process. En R2: ip route 0.0.0.0 0.0.0.0 Serial0/1/0 redistribute static c. Verify PC1 and PC3 can ping each other as well as R1, R2 and R3. You will not be able to ping Internet hosts yet.

    Step 5: Configure R2 with a NAT


    a. Configure NAT on R2 using the following guidelines: Only addresses in the 172.16.1.128/25 address space will be translated. Use the number 1 for the access list. Configure PAT on the R2 S0/1/0 interface. En R2: access-list 1 permit 172.16.1.128 0.0.0.127 ip nat inside source list 1 interface Serial0/1/0 overload interface Serial0/0/0 ip nat inside interface Serial0/0/1.201 ip nat inside interface Serial0/1/0 ip nat outside b. Verify that PC1 and PC3 can ping the Internet hosts.

    Step 6: Configure Access Control Lists to Satisfy a Security Policy


    a. Configure and apply an ACL with the number 50 that implements the following policy: Deny any host from the R3 LAN from accessing hosts on the R1 LAN. Hosts on the R3 LAN should be able to ping any other destination. En R1: access-list 50 deny 172.16.1.128 0.0.0.63 access-list 50 permit any interface Fa0/0 ip access-group 50 out b. Verify that ACL 50 is operating as intended. c. Configure and apply a named ACL with the case-sensitive name FIREWALL that implements the following policy: Deny ping requests sourced from the Internet. Deny Telnet and HTTP traffic sourced from the Internet. Allow all other traffic. En R2: ip access-list extended FIREWALL deny icmp any any echo

    deny tcp any any eq telnet deny tcp any any eq www permit ip any any interface Serial0/1/0 ip access-group FIREWALL in d. Verify the FIREWALL ACL is operating as intended.

    You might also like