Ccna 200 120

2
Copyright@ CTTC

Copyright
CTTC Professional Development Program.
CCNA Lab Manual (200-120)
Copyright@ CTTC

Published By

CTTC
45-M, Block-6 P.E.C.H.S Karachi-75400 Pakistan.

All rights reserved. No part of this manual may be reproduced or transmitted in any form
or by any means, electronic or mechanical, including photocopying, recording and
information storage or retrieval system without written permission from the publisher,
except for the inclusion of quotation in a review.

Warning and Disclaimer
This manual is designed to provide information about CCNA (200-120). Every effort
Has been made to make this manual as complete and accurate as possible, but no warranty
of fitness is implied.
The information is provided on as basis and CTTC shall have neither
liability nor responsibility to any person or entity with respect to any loss or damage
Arising from the information contained in this manual.

Authors

Mr. Muddasar Sharif
(Network Engineer)

Mr. Tharpal Das
(Associate Network Engineer)

Reviewed By

Mr. Ahmed Saeed
(Head of Department-Cisco Division)

3

Copyright@ CTTC

Table of Contents

Topics page#
Basic Network Using CI SCO Switch 6
Accessing Console of the Switch/Router 7
Modes of CLI 8
How to Set Hostname and Configure Console Password 9
How to Set Privilege level password 10
How to Set User Authentication in Switch 10
Password Recovery 12
How to Set Telnet password 13
How to Enable the Device to Establish Telnet/SSH Session 13
Configuring SSH 13
SWI THCI NG
VLAN Configuration 15
Port security 17
Rapid Spanning Tree Protocol (RSTP) 20
Ether channel Configuration 23
Inter VLAN Routing (IVR)
ROUTI NG
Static Routing 27
Enhanced Interior Gateway Routing Protocol (EIGRP) 30
Open Shortest Path First (OSPF) 33
First Hop Redundancy Protocols
Hot Standby Router Protocol (HSRP) 36
Virtual Router Redundancy Protocol(VRRP) 40
Gateway Load balancing Protocol (GLBP) 43
I PV6
How to Configure IPv6 on CISCO Router 47
Configuring IPv6 Auto configures 49
Configure RIP ng on Router 51
Configuring OSPF V3 55
Configuring EIGRP 59

4

Copyright@ CTTC

WAN Encapsulation 62
Frame Relay 64
Configuring DHCP 68

ACCESS LI ST & N.A.T
Standard Acl 71
Extended Acl 74
Static Nat 76
Dynamic Nat 78
Pat

TROUBLESHOOTI NG OF EI GRP 81

SYSLOG 83

5

Copyright@ CTTC

LAB: Basic Network Using CI SCO Switch

OBJECTIVE: To configure a cisco switch with basic configuration
Accessing Console of the Switch/Router
Modes of CLI
How to Set Hostname and Configure Console Password
How to Set Privilege level password
How to Set User Authentication in Switch
How to Set Telnet password
How to Enable The Device to Establish Telnet/SSH Session
Configuring SSH

6

Copyright@ CTTC

Topology

PC-1 is directly connected to switch with ip address 192.168.1.1
PC-2 is directly connected to switch with ip address 192.168.1.2
Switch being the intermediate device provide the communication path to both
PCs.

Note: Both the PCs must be on the same network.


7

Copyright@ CTTC

RJ-45 to DB-9 adapter is used on the PC (COM port) to the device console
Port through a roll-over cable.
Hyper Terminal is used to access the Command Line Interface (CLI) of the
Device.
(Start --MenuProgramsAccessoriesCommunications--Hyper
Terminal)

Switch Console

Modes of CLI:

User-exec mode Switch>
Privilege mode Switch#
Global Configuration mode Switch(config)#

How to switch in different modes:

Switch> enable
Switch# config terminal
Switch(config)#

Note: To return to the previous mode use Exit command in the current mode.

8

Copyright@ CTTC

How to Set Hostname and Configure Console Password:
Switch(config)# hostname CISCO
CISCO(config)#line console 0
CISCO(config-line)#password cisco123
CISCO(config-line)#login

How to Set Privilege level password:
!!! Clear Text Password not encrypted(less priority)
CISCO(config)#enable password ccna123
!!! Encrypted password (more Priority)
CISCO(config)#enable secret cttc123

Verify the Password
CISCO(config)#exit
CISCO#exit
CISCO con0 is now available
Press RETURN to get started.
User Access Verification
!!! TYPE HERE LINE CONSOLE Password
Password:
CISCO>enable
!!! TYPE HERE Privilege Level Password
Password:
9

Copyright@ CTTC

How to Set User Authentication in Switch
CISCO#config terminal
CISCO(config)#line console 0
CISCO(config-line)# login local
CISCO(config-line)#exit
CISCO(config)#username cttc password ccna123

10

Copyright@ CTTC

Verify the Authentication

CISCO(config)#exit
CISCO#exit

Verify the User Status
CISCO#show users
Line User Host(s) Idle Location
* 0 con 0 cttc idle 00:00:00

11

Copyright@ CTTC

Password Recovery

Configuration on Router
Router>enable
Router#config t
Router(config)#line console 0
Router(config-line)Password cisco
Router(config-line)#Login
Router(config-line)#Exit
For password recovery power cycle the router and press ctrl+break.

After we enter the rommon mode type:
Rommon 1 > confreg 0x2142
Rommon 2 > reset

12

Copyright@ CTTC

How to Set Telnet password:
CISCO(config)#line vty 0 15
CISCO(config-line)#password cisco
CISCO(config-line)#login
CISCO(config-line)#exit

How to Enable The Device to Establish Telnet/SSH
Session:
CISCO(config)#interface vlan 1
CISCO(config-if)#ip address 10.0.0.10 255.0.0.0
CISCO(config-if)#no shutdown
Note: VLAN 1 IP address is used to establish the telnet session. Go to command
prompt and use telnet command to make a telnet session with the device.
C:\>telnet 10.0.0.10

Configuring SSH:
CISCO(config)#username taha password abc123
CISCO(config)#ip domain-name cttc.net
CISCO(config)#crypto key generate rsa
The name for the keys will be: CISCO.cttc.net
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]: 512
% Generating 512 bit RSA keys ...[OK]
CISCO(config)#line vty 0 15
CISCO(config-line)#login local
CISCO(config-line)#transport input ssh
13

Copyright@ CTTC

Note: VLAN 1 must be configured as show in TELNET section. Putty software iscommonly
used to establish SSH session.

Verify Commands:
CISCO(config)#show line vty 0 15
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
1 VTY - -13 0 0/0 -
2 VTY - - - - - 0 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
5 VTY - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -
11 VTY - - - - - 0 0 0/0 -
12 VTY - - - - - 0 0 0/0 -
13 VTY - - - - - 0 0 0/0 -
14 VTY - - - - - 0 0 0/0 -
15 VTY - - - - - 0 0 0/0 -
16 VTY - - - - - 0 0 0/0
!!! * show that one VTY Session is active:

14

Copyright@ CTTC

LAB: VLAN Configuration
Objective: To Create and Configure VLAN

CISCO#config terminal
CISCO(config)#vlan 10
CISCO(config-vlan)#name HR
CISCO(config-vlan)#exit
CISCO(config)#vlan 20
CISCO(config-vlan)#name Sales
CISCO(config-vlan)#exit

Verify VLANs
CISCO#show vlan brief
VLAN Name Status Ports
------- ---------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 HR active
20 Sales active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Note: All ports of the switch are member of VLAN 1 by default.

How to Assign Ports to Different VLANs:
CISCO(config)#interface fa0/1
CISCO(config-if)#switchport mode access
CISCO(config-if)#switchport access vlan 10
CISCO(config-if)#exit
CISCO(config-if)#switchport access vlan 20

15

Copyright@ CTTC

Verify Ports in VLANS
CISCO#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 HR active Fa0/1
20 Sales active Fa0/2

16

Copyright@ CTTC

LAB:PORT SECURI TY
OBJECTIVE: TO IMPLEMENT BASIC PORT SECURITY FEATURES
ON INTERFACE

CISCO(config-if)#switchport port-security
CISCO(config-if)#switchport port-security mac-address sticky
CISCO(config-if)#switchport port-security maximum 1
CISCO(config-if)#switchport port-security violation shutdown
CISCO(config-if)#exit

CISCO(config-if)#switchport port-security
CISCO(config-if)#switchport port-security mac-address sticky
CISCO(config-if)#switchport port-security maximum 1
CISCO(config-if)#switchport port-security violation shutdown

17

Copyright@ CTTC

Verify Port-Security MAC Address:

CISCO#show port-security address
Secure Mac Address Table
-------------------------------------------------------------------------------
Vlan Mac Address Type Ports Remaining Age
(mins)
---- ----------- ---- ----- -------------
1 0060.705E.07CB SecureSticky FastEthernet0/1 -
1 0090.21BD.4810 SecureSticky FastEthernet0/2 -
------------------------------------------------------------------------------
Total Addresses in System (excluding one mac per port) : 0
Max Addresses limit in System (excluding one mac per port) : 1024

Verify Port-Security Interface FastEnthernet Fa0/1:
CISCO#show port-security interface f0/1

Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 0060.705E.07CB:1
Security Violation Count : 0
Note:
Max Addresses value depends upon the model of the device.
Manual MAC address can be entered in port-security instead on using sticky
command.
Violation modes can be set to protect, restrict or shutdown.

What happens if violation occurred:

When a new PC is attached to the port on which port-security is enabled then Switch
will take an action which is set in the violation mode.

18

Copyright@ CTTC

Verify when violation is occurred:
CISCO#show port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action
(Count) (Count) (Count)
-------------------------------------------------------------------------------------------------------------
Fa0/1 1 1 1 Shutdown

Fa0/2 1 1 1 Shutdown

-------------------------------------------------------------------------------------------------------------

19

Copyright@ CTTC

LAB: Rapid Spanning Tree Protocol (RSTP)
OBJECTIVE: To Implement STP, Its Improvement RSTP and To Configure
Root Bridges for Different VLANS.

Verify Root Bridge on Switch-1:
Switch-1#show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0002.16EE.8B7E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Aging Time 20

Interface Role Sts Cost Prio Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p

Note:
If the switch is Root Bridge, it will display the message This bridge is the root.
Root ID Address and Bridge ID Address will be same in case of Root Bridge.
Default priority is 32768. VLAN ID (System Extension ID) is added to the default
priority. VLAN 1 is the default VLAN so the priority for VLAN 1 is 32769
(32768+1).

20

Copyright@ CTTC

Enabling RSTP:
Switch-1(config)#spanning-tree mode rapid-pvst

Note: The above command will be issued on all the switches of the network.

Verify RSTP:
VLAN0001
Spanning tree enabled protocol rstp
Aging Time 20

Changing Switch-2 to Root Bridge:
Switch-2(config)#spanning-tree vlan 1 priority 4096
Note:
Priority must be in the multiple 4096.
To change the root bridge, you can also use the following command:

Switch-2(config)#spanning-tree vlan 1 root primary

Verify Switch-2 as Root Bridge:
VLAN0001
Spanning tree enabled protocol rstp
Address 000C.CF21.CBC1
Address 000C.CF21.CBC1
Aging Time 20

21

Copyright@ CTTC

Enabling Portfast feature on all switches:

Switch-1(config)#spanning-tree portfast default
Note: Above command will be issued to all the switches in the network. By enabling
portfast feature on all the switches, will disable the STP process on all non-trunk ports.
It will cause to take less time to change the state to up on all non-trunking ports. To
verify this feature, connect a PC to the switch and the port will be up within 5 seconds.

22

Copyright@ CTTC

Etherchannel Configuration:

Configuring Switch-1:
Switch-1(config)#interface range fa0/1 - 2
Switch-1(config-if-range)#channel-group 1 mode on
Switch-1(config-if-range)#exit
Switch-1(config)#interface port-channel 1
Switch-1(config-if)#switchport mode trunk

Configuring Switch-2:
Switch-2(config)#interface range fa0/1 - 2
Switch-2(config-if-range)#channel-group 1 mode on
Switch-2(config-if-range)#exit
Switch-2(config)#interface port-channel 1
Switch-2(config-if)#switchport mode trunk

Verify Etherchannel:
Switch-1#show etherchannel summary
<Output omitted>
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
--------+-----------------+------------+-------------------------
1 Po1(SU) - Fa0/1(P) Fa0/2(P)

23

Copyright@ CTTC

LAB:I nterVLAN Routing (I VR):
Objective: To Create Vlans &to show Routing B/W the Vlans

Configuring Switch:
Switch(config)#vlan 10
Switch(config-vlan)#name HR
Switch(config-vlan)#vlan 20
Switch(config-vlan)#name Sales
Switch(config-vlan)#exit
Switch(config)#interface fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#exit
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
Switch(config-if)#exit
Switch(config-if)#switchport mode trunk

24

Copyright@ CTTC

Configuring Router:
Router(config)#interface fa0/0
Router(config-if)#no shutdown
Router(config-if)#exit

Creating sub-interface for VLAN 10 on router:
Router(config)#interface fa0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 10.0.0.100 255.0.0.0
Router(config-subif)#exit

Creating sub-interface for VLAN 20 on router:
Router(config)#interface fa0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 20.0.0.100 255.0.0.0
Router(config-subif)#exit

Configuring IP on PC:

25

Copyright@ CTTC

Verify InterVLAN Routing:

26

Copyright@ CTTC

LAB: Static Routing:
Objective: To Implement Stating Routing in IPversion 4

Configuring R1:
R1(config)#interface fa0/0
R1(config-if)#ip address 10.0.0.100 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface s0/1/0
R1(config-if)#clock rate 64000
R2(config-if)#exit

Note: Interface Serial0/1/0 of Router R1 is a DCE end, so clock rate must be given to this.
Configuring R2:
R2(config-if)#exit
R2(config-if)#exit

Adding static route on R1 for network 20.0.0.0:
R1(config)#ip route 20.0.0.0 255.255.255.0 s0/1/0

Adding static route on R2 for network 10.0.0.0:
R2(config)#ip route 10.0.0.0 255.255.255.0 192.168.1.1

27

Copyright@ CTTC

Note: When configuring the static route on router R1 we used the local interface of the
router R1 i.e s0/1/0, whereas, when configuring router R2 we use the next hop address
as Forwarding router's address.

Verify the routes on Router R1:
R1#show ip route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, FastEthernet0/0
S 20.0.0.0 is directly connected, Serial0/1/0
C 192.168.1.0 is directly connected, Serial0/1/0

R2#show ip route
S 10.0.0.0 [1/0] via 192.168.1.1

28

Copyright@ CTTC

Verifying the ping reply from PC-2 to PC-1:

29

Copyright@ CTTC

LAB: Enhanced I nterior Gateway Routing Protocol (EI GRP):
Objective: To Implement EIGRP in IP version 4

Configuring R1:
R1(config-if)#exit
R2(config-if)#exit

Note: Interface Serial0/1/0 of Router R1 is a DCE end, so clock rate must be given to
this.

Configuring R2:
R2(config-if)#exit
R2(config-if)#exit

30

Copyright@ CTTC

Adding networks for EIGRP on Router R1:
R1(config)#router eigrp 100
R1(config-router)#network 10.0.0.0
R1(config-router)#no auto-summary
R1(config-router)#exit

Note: All directly connected networks will be issued in the router eigrp mode.
Autonomous System number must be same on all the routers in the network.

Adding networks for EIGRP on Router R2:
R1(config)#router eigrp 100

R1#show ip route
D 20.0.0.0 [90/2172416] via 192.168.1.2, 00:00:16, Serial0/1/0

R2#sh ip route
D 10.0.0.0 [90/2172416] via 192.168.1.1, 00:00:05, Serial0/1/0

31

Copyright@ CTTC

Verifying neighbors for R1:
R1#sh ip eigrp neighbors
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q
Seq
(sec) (ms) Cnt
Num
0 192.168.1.2 Se0/1/0 11 0:02:05 40 1000 0 3

Verifying neighbors for R2:
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q
Seq
Num (sec) (ms) Cnt

0 192.168.1.1 Se0/1/0 13 00:03:15 40 1000 0 3

Note: To verify the currently enabled routing protocols, use the following command:
R1#show ip protocols

To view all the routes that has been calculated by EIGRP, use the following
command:

R1#show ip eigrp topology.

32

Copyright@ CTTC

LAB: Open Shortest Path First (OSPF):
Objective: To Implement OSPF in IP version 4

Configuring R1:
R1(config-if)#exit
R2(config-if)#exit

Note: Interface Serial0/1/0 of Router R1 is a DCE end, so clock rate must be given to
this.

Configuring R2:
R2(config-if)#exit
R2(config-if)#exit

33

Copyright@ CTTC

Configuring Central Router (ABR):
ABR(config)#int s0/1/0
ABR(config-if)#ip add
ABR(config-if)#ip address 192.168.1.2 255.255.255.252
ABR(config-if)#no shutdown
ABR(config-if)#exit
ABR(config)#int s0/1/1
ABR(config-if)#ip address 192.168.2.1 255.255.255.252
ABR(config-if)#clock rate 64000
ABR(config-if)#no shutdown
ABR(config-if)#exit

Adding networks for OSPF on Router R1 as Area 0 (Backbone Area):
R1(config)#router ospf 10
R1(config-router)#network 10.0.0.0 0.0.0.255 area 0

Adding networks for OSPF on Router R2 as Area 1 (Regular Area):
R2(config)#router ospf 20

Adding networks for OSPF on Router ABR as Area 0 and Area 1:
ABR(config)#router ospf 50
ABR(config-router)#network 192.168.1.0 0.0.0.3 area 0
ABR(config-router)#network 192.168.2.0 0.0.0.3 area 1
ABR(config-router)#exit

R1#show ip route
O IA 20.0.0.0 [110/129] via 192.168.1.2, 00:09:19, Serial0/1/0
O IA 192.168.2.0 [110/128] via 192.168.1.2, 00:09:19, Serial0/1/0

34

Copyright@ CTTC

R2#show ip route:
O IA 10.0.0.0 [110/129] via 192.168.2.1, 00:11:48, Serial0/1/0
O IA 192.168.1.0 [110/128] via 192.168.2.1, 00:11:48, Serial0/1/0
192.1 68.2.0/30 is subnetted, 1 subnets

Verify the routes on Router ABR:
ABR#show ip route:
O 10.0.0.0 [110/65] via 192.168.1.1, 00:13:30, Serial0/1/0
O 20.0.0.0 [110/65] via 192.168.2.2, 00:13:11, Serial0/1/1
C 1 92.168.2.0 is directly connected, Serial0/1/1

Note: More commands to verify OSPF:
R1#show ip ospf neighbor
R1#show ip ospf database

35

Copyright@ CTTC

LAB: Hot Standby Router Protocol (HSRP):
Objective: How to show Redundancy by using HSRP

Configuring WAN-RT:
WAN-RT(config)#interface Loopback0
WAN-RT(config-if)#ip address 200.0.0.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/0
WAN-RT(config)#router rip
WAN-RT(config-router)#version 2
WAN-RT(config-router)#network 172.16.0.0
WAN-RT(config-router)#no auto-summary
WAN-RT(config-router)#exit

36

Copyright@ CTTC

Configuring Master-RT:
Master-RT(config)#interface FastEthernet0/0
Master-RT(config-if)#ip address 10.0.0.10 255.255.255.0
Master-RT(config-if)#standby 1 ip 10.0.0.100
Master-RT(config-if)#standby 1 priority 110
Master-RT(config-if)#standby 1 preempt
Master-RT(config-if)#standby 1 track FastEthernet0/1
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit

Master-RT(config-if)
Master-RT(config )#interface FastEthernet0/1
Master-RT(config)#router rip
Master-RT(config-router)#version 2
Master-RT(config-router)#network 10.0.0.0
Master-RT(config-router)#no auto-summary

Configuring Backup-RT:
Backup-RT(config)#interface FastEthernet0/0
Backup-RT(config-if)#ip address 10.0.0.9 255.255.255.0
Backup-RT(config-if)#standby 1 ip 10.0.0.100
Backup-RT(config-if)#standby 1 priority 95
Backup-RT(config-if)#standby 1 preempt
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#router rip
Backup-RT(config-router)#version 2
Backup-RT(config-router)#network 10.0.0.0
Backup-RT(config-router)#no auto-summary

37

Copyright@ CTTC

Verify Master-RT:
Master-RT#show standby

Note: When the network is perfectly up, Master-RT must be in Active State. If
FastEthernet port of Master-RT gone down then Backup-RT will become active. Now
check Backup-RT when the Fa0/1 of Master-RT is down

38

Copyright@ CTTC

Verify Backup-RT when Fa0/1 of Master-RT is down:
Backup-RT#show standby

39

Copyright@ CTTC

LAB: Virtual Router Redundancy Protocol(VRRP)
Objective: How to show Redundancy by using VRRP

Configuring WAN-RT:

40

Copyright@ CTTC

Master-RT(config-if)#vrrp 1 ip 10.0.0.100


Backup-RT(config-if)#vrrp 1 ip 10.0.0.100

41

Copyright@ CTTC

Verify Master-RT:
Master-RT# show VRRP

Note: When the network is perfectly up, Master-RT must be in Active State. If
FastEthernet port of Master-RT gone down then Backup-RT will become active. Now
check Backup-RT when the Fa0/1 of Master-RT is down

Backup-RT#show VRRP

42

Copyright@ CTTC

LAB: Gateway Load Balancing Protocol
Objective: How to show Redundancy by using GLBP

Configuring WAN-RT:

43

Copyright@ CTTC

Master-RT(config-if)#glbp 1 ip 10.0.0.100


Backup-RT(config-if)#glbp 1 ip 10.0.0.100

44

Copyright@ CTTC

Verify Master-RT:
Master-RT# show GLBP

45

Copyright@ CTTC

Backup-RT#show GLBP

46

Copyright@ CTTC

LAB: How to Configure I Pv6 on CI SCO Router
Objective: To Implement IP Version 6 on Routers

Configure R1s interface S1/0 with ipv6 address
R1(config)#ipv6 unicast-routing
R1(config)#interface serial 1/0
R1(config-if)#ipv6 address 2001:abad:beef:1::1/64
R2(config)#interface serial 1/0
R2(config-if)#ipv6 address 2001:abad:beef:1::2/64

Verify IPv6 address:
R1#show ipv6 interface

47

Copyright@ CTTC

Verify IPv6 communication between R2 and R1 using ping:

48

Copyright@ CTTC

LAB: Configuring I Pv6 Auto configures
Objective: To Show How Routers Acquire The Ipv6 Address Automatically

Configuring R1#:
R1(config)#int fa0/0
R1(config-if)#ipv6 address 2001:abad:5001:1::1/64
R1(config-if)#ipv6 nd prefix 2001:abad:5001:1::/64

Configuring R2#:
R2(config-if)#ipv6 address autoconfig
R2(config-if)#exit

Configuring R3#:
R3(config-if)#ipv6 address autoconfig
R3(config-if)#end

49

Copyright@ CTTC

Verify Autoconfigure IPv6 on R2s interface Fa0/0:

50

Copyright@ CTTC

LAB: Configure RI Png on Router:
Background:
In this configuration example, routers R1 and R2 are connected via Serial interface and
Loopback addresses are configured to generate networks. All the interfaces are
configured with the IPv6 addresses.

Configure on R1:
R1(config)#int s1/0
R1(config-if)#ipv6 rip cttc enable
R1(config-if)#exit
R1(config)#int Loopback 10
R1(config-if)#ipv6 address 1:1:1:1::1/64
R1(config-if)#exit
R1(config-if)#exit

51

Copyright@ CTTC

Configure on R2:
R2(config)#int s1/0
R2(config-if)#exit
R2(config-if)#exit
R2(config-if)#exit

Note: In the syntax cttc specified the Process, you can run multiple processes on a
Route

52

Copyright@ CTTC

Verify RIPng Routes:
R1#show ipv6 route

53

Copyright@ CTTC

Verify information about the current IPv6 RIP process

Verify the reachability between the routers R1 and R2, use the ping
command:

54

Copyright@ CTTC

LAB: Configuring OSPF V.3.0
OBJECTIVE: TO IMPLEMENT OSPF ROUTING PROTOCOL IN IPV6

Configure R1:
R1(confg)#ipv6 unicast-routing
R1(config)#int s1/0
R1(config-if)#ipv6 ospf 1 area 0
R1(config-if)#exit
R1(config-if)#exit
R1(config-if)#exit
R1(config)#ipv6 router ospf 1
R1(config-rtr)#router-id 1.1.1.1
R1(config-if)#exit

55

Copyright@ CTTC

Configuring R2:
R2(confg)#ipv6 unicast-routing
R2(config)#int s1/0
R2(config-if)#exit
R2(config-if)#exit
R2(config-if)#exit
R2(config)#ipv6 router ospf 1
R2(config-rtr)#router-id 2.2.2.2
R2(config-rtr)#exit

Configure R1s Loopback 10, 20 and R2s Loopback 0, 1 interface to participate in
OSPF Area 0 and ensure that R1 & R2 advertises Lo0 as a /64 subnet and not a host
route (/128).

Note: Loopback interfaces have their own OSPF network type in which case OSPF
advertises a host route to the loopback interface and not the configure subnet mask. To
change OSPF to advertise the subnet assigned to the loopback interface youll need to
change the network type to point-to-point as shown below:

For R1:
R1(config)#interface loopback 10
R1(config-if)#ipv6 ospf network point-to-point
R1(config-if)#exit
R1(config-if)#exit

56

Copyright@ CTTC

For R2:
R2(config-if)#exit
R2(config-if)#exit

Verify R1s Loopback0 network is in the IPv6 routing table of R2:
R1#show ipv6 route ospf

57

Copyright@ CTTC

Verify R1s Loopback10 network has IPv6 connectivity to R2s Loopback0
network using PING:

58

Copyright@ CTTC

LAB: Configuring EI GRP
OBJECTIVE: TO Implement EIGRP in IPV6

Configure R1:
R1(config)#int s1/0
R1(config-if)#ipv6 eigrp 100
R1(config-if)#exit
R1(config)#ipv6 router eigrp 100
R1(config-rtr)#eigrp router-id 1.1.1.1
R1(config-rtr)#exit
R1(config-rtr)#exit
R1(config)#int loopback 20
R1(config-if)#exit

59

Copyright@ CTTC

Configure R2:
R2(config)#int s1/0
R2(config-if)#exit
R2(config)#ipv6 router eigrp 100
R2(config-rtr)#eigrp router-id 2.2.2.2
R2(config-rtr)#exit
R2(config-rtr)#exit
R2(config-if)#exit

60

Copyright@ CTTC

Verify R1s Loopback0 network is in the IPv6 routing table of R2:
R1#show ipv6 route eigrp:

61

Copyright@ CTTC

LAB: WAN Encapsulation
OBJECTIVE: To Implement authentication method and encapsulation
used for WAN

Configuring R1:
R1(config)#int s0/3/0
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication chap pap
R1(config-if)#exit
R1(config)#username R2 password cisco

Configuring R2:
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap pap
R2(config-if)#exit
R2(config)#username R1 password cisco

Note: Username R2 must be created on Router R1 and username R1 must be created
on Router R2, where usernames R1 and R2 are the hostname of their respective
Routers. Passwords on both the routers must be same.

62

Copyright@ CTTC

Verify point-to-point connectivity:
R1#ping 192.168.1.2

63

Copyright@ CTTC

LAB:Frame Relay
OBJECTIVE: To Show How Router Connects With Each Other Over Cloud
Using Frame Relay

Configuring R1:
R1(config-if)#encapsulation frame-relay
R1(config-if)#exit
R1(config)#interface s0/3/0.122 point-to-point
R1(config-subif)#ip address 10.1.2.1 255.255.255.0
R1(config-subif)#frame-relay interface-dlci 122
R1(config-subif)#exit
R1(config)#interface s0/3/0.123 point-to-point
R1(config-subif)#ip address 10.1.3.1 255.255.255.0
R1(config-subif)#frame-relay interface-dlci 123
R1(config-subif)#exit
R1(config)#router rip
R1(config-router)#version 2

64

Copyright@ CTTC

Configuring R2:
R2(config-if)#frame-relay interface-dlci 221
R2(config-if)#exit

Configuring R3:
R3(config-if)#frame-relay interface-dlci 321
R3(config-if)#exit

65

Copyright@ CTTC

Configuring WAN Emulation Cloud:

Note: Click on WAN cloud then click on Config tab. You will see all the interfaces on the
left hand side. Now click on Serial0 button and add the DLCI value and Name as shown
above and press Add button. Serial0 is linked to two DLCI value, therefore both the
DLCI values must be added. Now repeat the same procedure for Serial1 and Serial2.

66

Copyright@ CTTC

Configuring Frame Relay:

Note: Now click on Frame Relay button and map the DLCI accordingly as shown
above and press the Add button.
You can now verify the connectivity by sending ping packets as follows.

On Router R1:
R1#ping 10.1.2.2
R1#ping 10.1.3.2
On Router R2:
R2#ping 10.1.3.2
On Router R3:
R3#ping 10.1.2.2

67

Copyright@ CTTC

LAB: Configuring DHCP on Cisco ROUTER
OBJECTIVE: To Configure DHCP in Order To Show How a Client Can Be
Assigned IP Address Automatically

Configuring Router R1:
R1(config-if)#ip address 192.168.1.1
R1(config-if)#exit
Configuring the DHCP pool:
R1(config)#ip dhcp pool cttc-pool
R1(dhcp-config)#network 192.168.1.0 255.255.255.0
R1(dhcp-config)#default-router 192.168.1.1
R1(dhcp-config)#exit
R1(config)#ip dhcp exclude-address 192.168.1.1 192.168.1.5
R1(config)#end

68

Copyright@ CTTC

Verify DHCP Binding:
R1#show ip dhcp binding

69

Copyright@ CTTC

Configuring PC:

70

Copyright@ CTTC

LAB: Standard ACL
OBJECTIVE: To Implement Standard ACL in Order To Show How It Does
the Filtration Based On Source Address

71

Copyright@ CTTC

Configuration on R1
Router>enable
Router#configure t
Router(config)#interface f0/0
Router(config-if)#ip address 10.0.0.100 255.255.255.0
Router(config-if)#ip add
Router(config-if)#no sh
Router(config-if)#ex

Ping from Pc0 to Pc 1

Router(config)#access-list 50 deny host 10.0.0.1
Router(config)#int f0/0
Router(config-if)#ip access-group 50 in

72

Copyright@ CTTC

Ping after applying Acl

73

Copyright@ CTTC

LAB: Extended ACL
OBJECTIVE: To show How Extended ACL Works by Filtration Based on
Source and Destination Address

74

Copyright@ CTTC

Configuration on R0
Router>enable
Router#configure t
Router(config)#access-list 100 permit tcp host 10.0.0.1 host 200.1.1.1 eq 80
Router(config)#access-list 100 deny tcp host 10.0.0.2 host 200.1.1.1 eq www
Router(config)#access-list 100 permit ip 10.0.0.0 0.0.0.255 any
Router(config)#access-list 100 permit ip any any
Router(config-if)#ip access-group 100 out
Router(config)#ip route 0.0.0.0 0.0.0.0 f0/0

Configuration on R1
Router>enable
Router#configure t

75

Copyright@ CTTC

LAB: Static NAT
Objective: To Show Static Translation from Public Ip Address to Private Ip
Address by Implementing Static Nat

Configuration R0
Router#configure terminal
Router(config)#ip nat inside source static 10.0.0.1 172.16.1.3
Router(config-if)#ip nat outside
Router(config-if)#ip nat inside

76

Copyright@ CTTC

Ping from pc 1 to server 1 after that run the show command
Router(config)#do sh ip nat translation
Pro Inside global Inside local Outside local Outside global
icmp 172.16.1.3:1 10.0.0.1:1 200.1.1.1:1 200.1.1.1:1
icmp 172.16.1.3:2 10.0.0.1:2 200.1.1.1:2 200.1.1.1:2
icmp 172.16.1.3:3 10.0.0.1:3 200.1.1.1:3 200.1.1.1:3
icmp 172.16.1.3:4 10.0.0.1:4 200.1.1.1:4 200.1.1.1:4
icmp 172.16.1.3:5 10.0.0.1:5 200.1.1.1:5 200.1.1.1:5
icmp 172.16.1.3:6 10.0.0.1:6 200.1.1.1:6 200.1.1.1:6
icmp 172.16.1.3:7 10.0.0.1:7 200.1.1.1:7 200.1.1.1:7
icmp 172.16.1.3:8 10.0.0.1:8 200.1.1.1:8 200.1.1.1:8
--- 172.16.1.3 10.0.0.1 --- ---

77

Copyright@ CTTC

LAB: Dynamic NAT
Objective: To Show Dynamic Translation from Public Ip Address to Private
Ip Address by Implementing Dynamic Nat

Router(config)#ip nat pool abc 172.16.1.3 172.16.1.4 netmask 255.255.255.0
Router(config)#ip nat inside source list 10 pool abc
Router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
Router(config-if)#ip access-group 10 out

Ping from Pc1 & from Pc2 but not from Pc3
Router# show ip nat translations
tcp 172.16.1.3:1025 10.0.0.1:1025 200.1.1.1:80 200.1.1.1:80
tcp 172.16.1.4:1025 10.0.0.2:1025 200.1.1.1:80 200.1.1.1:80

78

Copyright@ CTTC

LAB: PAT
Objective: To Show Translation from One Public Ip Address to Many Private
Ip Address by Implementing Pat

Configuration on R1
Router(config)#ip nat pool abc 172.16.1.3 172.16.1.3 netmask 255.255.255.0
Router(config)#ip nat inside source list 10 pool abc overload
Router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
Router(config-if)#ip nat inside
Router(config-if)#ip nat outside

79

Copyright@ CTTC

Ping 200.1.1.1 and then check the router translation
Router(config)#do sh ip nat translation
icmp 172.16.1.3:5 10.0.0.1:5 200.1.1.1:5 200.1.1.1:5
icmp 172.16.1.3:6 10.0.0.1:6 200.1.1.1:6 200.1.1.1:6
icmp 172.16.1.3:7 10.0.0.1:7 200.1.1.1:7 200.1.1.1:7
icmp 172.16.1.3:8 10.0.0.1:8 200.1.1.1:8 200.1.1.1:8

80

Copyright@ CTTC

LAB:Trouble shooting of EI GRP

Configuration on R1
Router>enable
Router(config)# interface s0/3/0
Router(config-if)#clock rate 64000
Router(config)#interface loopback 0
Router(config)#router eigrp 9
Router(config-router)#no auto-summary
Router(config-router)#network 10.0.0.0
Router(config-router)#exit

Configuration on R2
Router>enable
Router(config)#interface s0/3/0
Router(config)#interface loopback 0
Router(config-router)#no auto-summary

81

Copyright@ CTTC

After perform routing there is no ping from Router 1 to loopback 2.2.2.2,
Basically the reason is that , Router 1 have the A.S number is 10 and Router 2 have A.S no: 9,
thats why there is no ping.
Now I have to change the A.S no: of R2.

82

Copyright@ CTTC

LAB:SYSLOG
OBJECTIVE: To Implement Syslog and to Show The Output it Generates On
the Syslog Server

Configuration on Router
Router>enable
Router#conf t
Router(config)#int fa0/0
Router(config-if)#no shut
Router(config-if)#no shut
Router(config)#service timestamps log datetime msec
Router(config)#logging host 20.0.0.2
Router(config)#logging trap debugging
Router(config)#end
*Mar 01, 00:04:47.044: *Mar 01, 00:04:47.044: %SYS-5-CONFIG_I: Configured from console by
console
Enter configuration commands, one per line. End with CNTL/Z.

83

Copyright@ CTTC

In order to generate the log do some configuration as below.
Router(config-if)#shutdown
*Mar 01, 00:05:50.055: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to
administratively down
*Mar 01, 00:05:50.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/0, changed state to down
Router(config-if)#
*Mar 01, 00:05:52.055: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
*Mar 01, 00:05:52.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/0, changed state to up

Now click the server to see the syslog messages.

84

Copyright@ CTTC

Ccna 200 120

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccna 200 120

Uploaded by

Copyright:

Available Formats

2

You might also like