Professional Documents
Culture Documents
Interconnecting Cisco
Networking Devices
Part 2
Course Administration Guide
Course Management
Cisco CCNA Curriculum Changes in 2007
Designed to Job Tasks
The CCNA® curriculum was revised in 2007 to teach and test on-the-job tasks, skills, and
knowledge that are expected of a CCNA graduate. The following course and exam objectives
were designed from the job tasks.
Describe how a network works
— Describe the purpose and functions of various network devices
— Select the components required to meet a network specification
— Use the OSI and TCP/IP models and their associated protocols to explain how data
flows in a network
— Describe common networked applications including web applications
— Describe the purpose and basic operation of the protocols in the OSI and TCP
models
— Describe the implementation of VoIP in a small network
— Interpret network diagrams
— Determine the path between two hosts across the Internet
— Describe the components required for network and Internet communications
— Identify and correct common network problems at Layers 1, 2, 3, and 7 using a
layered model approach
— Differentiate between LAN and WAN operation and features
Configure, verify, and troubleshoot a switch with VLANs and inter switch communications
— Select the appropriate media, cables, ports, and connectors to connect switches to
other network devices and hosts
— Explain the technology and media access control method for Ethernet networks
— Explain network segmentation and basic traffic management concepts
— Explain basic switching concepts and the operation of Cisco switches
— Perform and verify initial switch configuration tasks including remote access
management
— Verify network status and switch operation using basic utilities (ping, traceroute,
Telnet, SSH, ARP, ipconfig), show and debug commands
— Identify and resolve common switched network media issues, configuration issues,
autonegotiation, and SwitchHardware failures
— Describe enhanced switching technologies (VTP, RSTP, VLAN, PVSTP, 802.1Q)
— Describe how VLANs create logically separate networks and the need for routing
between them
— Configure, verify, and troubleshoot VLANs
— Configure, verify, and troubleshoot trunking on Cisco switches
— Configure, verify, and troubleshoot inter-VLAN routing
— Configure, verify, and troubleshoot VTP
— Configure, verify, and troubleshoot RSTP operation
— Interpret the output of various show and debug commands to verify the operational
status of a Cisco switched network
— Implement basic switch security (port security, unassigned ports, trunk access,
management VLAN other than VLAN 1, and so on)
Implement an IP addressing scheme and IP services to meet network requirements
— Describe the operation and benefits of using private and public IP addressing
— Explain the operation and benefits of using DHCP and DNS
— Configure, verify, and troubleshoot DHCP operation on a router
— Implement static and dynamic addressing services for hosts in a LAN environment.
— Configure a device to support NAT and DHCP
— Calculate and apply a VLSM IP addressing design to a network
— Determine the appropriate classless addressing scheme using VLSM and
summarization to satisfy addressing requirements in LAN and WAN environments
— Describe the technological requirements for running IPv6 (such as, protocols, dual
stack, tunneling, and so on)
— Describe IPv6 addresses
— Identify and correct common problems associated with IP addressing and host
configurations
— Configure, verify, and troubleshoot basic router operation and routing on Cisco
devices
— Describe basic routing concepts (packet forwarding and router lookup process)
— Describe the operation of Cisco routers (router bootup process, POST, and router
components)
— Select the appropriate media, cables, ports, and connectors to connect routers to
other network devices and hosts
— Configure, verify, and troubleshoot RIPv2
2 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
— Access and use the router CLI to set basic parameters
— Connect, configure, and verify the operation status of a device interface
— Verify device configuration and network connectivity using ping, traceroute, telnet,
SSH, or other utilities
— Perform and verify routing configuration tasks for a static or default route given
specific routing requirements
— Manage Cisco IOS configuration files (save, edit, upgrade, and restore)
— Manage Cisco IOS Software images
— Compare and contrast methods of routing and routing protocols
— Configure, verify, and troubleshoot OSPF
— Configure, verify, and troubleshoot EIGRP
— Verify configuration and connectivity using ping, traceroute, and Telnet or SSH
— Troubleshoot routing implementation issues
— Verify router hardware and software operation using show and debug commands.
— Implement basic router security
— Install a small wireless network
— Describe standards associated with wireless media (802.11a, b, g, and n and Wi-Fi)
— Identify and describe the purpose of the components in a small wireless network
— Identify the basic parameters to configure on a wireless network to ensure that
devices connect to the correct access point
— Describe wireless security concerns and explain how to configure WPA security
(open, WEP, WPA1, and WPA2)
— Identify common issues with implementing wireless networks
— Identify security threats to a small network and describe general methods to mitigate
those threats
— Describe modern, increasing network security threats and explain the need to
implement a comprehensive security policy to mitigate the threats
— Explain general methods to mitigate common security threats to network devices,
hosts, and applications
— Describe the functions of common security appliances and applications
— Describe security recommended practices including initial steps to secure network
devices
— Describe the components of a VPN (importance, benefits, role, and impact)
— Identify Cisco VPN Client issues
— Implement and troubleshoot NAT and ACLs.
— Describe the purpose and types of ACLs
— Configure and apply ACLs based on network filtering requirements
— Configure and apply an ACL to limit Telnet and SSH access to the router
— Verify and monitor ACLs in a network environment
The CCNA curriculum was adjusted in mid-2007 to better fit and prepare for the Cisco CCNP®
curriculum, as revised earlier in 2007. Topics and skills are introduced in CCNA as preparation
for further study in the CCNP curriculum. The Course Administration Guides (CAGs) of each
course within the curriculum specify the depth to teach on these topics, and when to
recommend more advanced courses to students.
The Cisco Certified Entry Networking Technician (CCENT™) certification was introduced in
mid-2007. The CCENT certification is attained by passing the Interconnecting Cisco
Networking Devices Part 1 (ICND1) exam. This new certification, which is a step below
CCNA certification, is a preparation and partial-completion of CCNA certification. CCENT
certification may also be used as a prerequisite for specializations that do not require all of the
skills and knowledge of CCNA certification.
During the transition from Introduction to Cisco Networking Technologies (INTRO) and ICND
to ICND1 and ICND2, the CCNA certification website details how to qualify for CCNA
certification by passing combinations of the INTRO, ICND, and CCNA exams and the ICND1,
ICND2, and CCNA exams.
4 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Two Equally Balanced Parts
The CCNA curriculum is now composed of two balanced courses. Each course is a self-
contained course with labs positioned throughout to practice skills soon after discussion. Each
is a five-day course.
ICND1 Goal: Upon completing the ICND1 course, the learner should have the knowledge and
skills necessary to install, operate, and troubleshoot a small branch office enterprise network,
including configuring a switch, a router, and connecting to a WAN and implementing network
security. A learner should be able to complete configuration and implementation of a small
branch office network under supervision.
ICND2 Goal: Upon completing the ICND2 course, the learner should have the knowledge and
skills necessary to install, operate, and troubleshoot a small to medium-size branch office
enterprise network, including configuring several switches and routers, connecting to a WAN,
and implementing network security. A learner should be ready to participate on a team to
implement a small to medium-size branch office network and to serve on a tier-one help desk
or network operating center.
Lessons have been moved from ICND (which is now ICND2) into ICND1. PPP, Network
Address Translation (NAT) and Port Address Translation (PAT), and RIP version 2 (RIPv2)
are introduced, and configuration skills are developed in ICND1. In ICND2, more advanced
skills build on these foundations. This shift of topics results in a more comfortable allotment of
time for ICND2.
ICND1 is a prerequisite to ICND2; a learner cannot participate and complete ICND2 without
mastering the skills and knowledge of ICND1. Unlike INTRO, ICND1 is not simply a
collection of background topics, but it is a complete, self-contained course with frequent lab
practices.
Overview
Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 is a five-day instructor-led
course that focuses on using Cisco Catalyst switches and Cisco routers that are connected in
LANs and WANs and are typically found at medium-sized network sites.
Outline
The Course Management section of the Course Administration Guide includes these topics:
Overview
Course Instruction Details
Course Delta Information
Course Evaluations
Course Version
This course supersedes Interconnecting Cisco Network Devices (ICND) v2.3.
6 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Course Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
Review how to configure and troubleshoot a small network
Expand the switched network from a small LAN to a medium-sized LAN with multiple
switches, supporting VLANs, trunking, and spanning tree
Describe routing concepts as they apply to a medium-sized network and discuss
considerations when implementing routing on the network
Configure, verify, and troubleshoot OSPF
Configure, verify, and troubleshoot EIGRP
Determine how to apply ACLs based on network requirements, and to configure, verify,
and troubleshoot ACLs on a medium-sized network
Describe when to use NAT or PAT on a medium-sized network and configure NAT or
PAT on routers
Identify and implement the appropriate WAN technology based on network requirements
Target Audience
The primary audience for this course is as follows:
Network administrators
Network engineers
Network managers
Systems engineers
Instructor Requirements
To teach this course, instructors must have attended the following training or completed the
following requirements:
An active Cisco Certified Systems Instructor who has been certified to teach INTRO and
ICND must complete the CCNA Instructor Update Briefing.
All other Cisco Certified Systems Instructors in good standing will need to do the
following:
— Complete the ICND1 course as a learner.
— Attend the ICND2 course as a learner.
— Pass the CCNA certification test (or both the ICND1 and ICND2 certification tests).
— For instructors who have yet to take the certification test but have completed the
courses, certifications will be provisional. The guidelines for ICND instructors
apply.
A Cisco Certified Systems Instructor who is certified in technology and is a WAN-certified
instructor is part of a “common pool” and may teach courses in either area. All other Cisco
Certified Systems Instructors may only teach courses in the area of specialization for which
they are certified.
Class Environment
This information describes recommended class size and classroom setup:
Room set up classroom style with chairs and tables large enough for 16 learners
Eight pairs of chairs sharing access to eight laptops or eight PCs
A projector to display course Microsoft PowerPoint slides; projection screen as needed
Sufficient power for all equipment
For local labs, rack and floor space to locate all equipment
For remote lab delivery, access to the Internet for all learners and the instructor
8 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Course Flow
This is the suggested course schedule. You may make adjustments based on the skills,
knowledge, and preferences of the learners in attendance. The presentation of all topics is
optional for noncertification offerings, but you are encouraged to use them because they are
designed to reinforce the lesson concepts and ensure that learners apply some of the concepts.
Day 1: Course Introduction, Small Network Implementation, and Medium-Sized Switched Network
Construction
12:00–1:00 Lunch
(1200–1300)
12:00–1:00 Lunch
(1200–1300)
12:00–1:00 Lunch
(1200–1300)
Day 4: EIGRP Implementation, Access Control Lists, and Address Space Management
12:00–1:00 Lunch
(1200–1300)
12:00–1:00 Lunch
(1200–1300)
10 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
1:00–1:50 Establishing a Point-to-Point WAN Connection with PPP
(1300–1350)
Establishing a WAN connection with Frame Relay
4:30–5:00 Wrap-up
(1630–1700)
Course Introduction
The Course Introduction provides learners with the course objectives and prerequisite learner
skills and knowledge. The Course Introduction presents the course flow diagram and the icons
that are used in the course illustrations and figures. This course component also describes the
curriculum for this course, providing learners with the information that they need to make
decisions regarding their specific learning path.
Overview
— Learner Skills and Knowledge
Course Goal and Objectives
Course Flow
Additional References
— Cisco Glossary of Terms
Your Training Curriculum
12 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 2: Medium-Sized Switched Network Construction
Upon completing this module, the learner will be able to expand a small-sized, switched LAN
to a medium-sized LAN with multiple switches, supporting VLANs, trunking, and spanning
tree.
14 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 3: Medium-Sized Routed Network Construction
Upon completing this module, the learner will be able to describe routing concepts as they
apply to a medium-sized network and discuss considerations when implementing routing on the
network.
16 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lesson 2: Troubleshooting OSPF
This lesson defines how to identify an approach for troubleshooting common OSPF problems
and offer solutions. Upon completing this lesson, the learner will be able to meet these
objectives:
Describe the basic components of OSPF troubleshooting
Identify and resolve errors with OSPF neighbor adjacencies
Identify and resolve errors with OSPF routing tables
Identify and resolve authentication problems
18 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 6: Access Control Lists
Upon completing this module, the learner will be able to determine how to apply ACLs based
on network requirements and configure, verify, and troubleshoot ACLs on a medium-sized
network.
20 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lesson 2: Transitioning to IPv6
This lesson defines how to explain the format of IPv6 addresses and components that are
required to run IPv6, explain the impact of IPv6 on network routing, and configure basic IPv6
parameters. Upon completing this lesson, the learner will be able to meet these objectives:
Explain the need for IPv6
Describe the format of the IPv6 address
Explain the methods that are used to assign an IPv6 address
Explain how IPv6 affects common routing protocols and the necessary modifications you
need to make to these protocols
Explain transition strategies for implementing IPv6
Configure IPv6 with RIPng through an IPv4 network
22 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lesson 3: Establishing a WAN Connection with Frame Relay
This lesson defines how to connect to a service provider over a network and describe the
operation and configuration of Frame Relay. Upon completing this lesson, the learner will be
able to meet these objectives:
Describe the features and functions of Frame Relay
Configure Frame Relay
Verify that Frame Relay is functioning as configured
2. Make sure that the learners input their e-mail address (used only for a follow-up
evaluation).
Note Sixty days following a learning event, learners will receive a brief follow-up evaluation, and,
again, responses will be kept confidential. E-mail addresses will not be used for marketing
purposes. (If learners do not have e-mail addresses, they may type in a “dummy” address.)
3. Instruct the learners to select the appropriate course from the drop-down list.
4. Instruct the learners to complete the course evaluation and click Submit one time only.
5. Advise the learners to wait for “Thank you” to appear on the screen before leaving.
2. Instruct the learners to complete the survey only after completing the course.
3. Collect the evaluations and submit them to your MTM system administrator.
2. Log in using your ID and the password sent to you from MTM or provided by your
company MTM system administrator to ensure confidentiality.
24 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Setup
Overview
The purpose of the “Lab Setup” section is to assist in the setup and configuration of the training
equipment for Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 course. This
section includes these topics:
Lab Topology
Hardware and Software Requirements
Workstation Configuration
Lab Equipment Configuration
General Lab Setup
Lab 1-1: Implementing a Small Network (Review Lab)
Lab 2-1: Configuring Expanded Switched Networks
Lab 2-2: Troubleshooting Switched Networks
Lab 4-1: Implementing OSPF
Lab 4-2: Troubleshooting OSPF
Lab 5-1: Implementing EIGRP
Lab 5-2: Troubleshooting EIGRP
Lab 6-1: Implementing and Troubleshooting ACLs
Lab 7-1: Configuring NAT and PAT
Lab 7-2: Implementing IPv6
Lab 8-1: Establishing a Frame Relay WAN
Lab 8-2: Troubleshooting Frame Relay WANs
Configuration Files Summary
Lab Activity Solutions
Teardown and Restoration
Note The ICND2 course shares a common lab topology with the ICND1 course. However, the
ICND1 course lab uses a third core switch (core switch C), which is not used in ICND2.
26 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
The ICND2 lab consists of eight workgroups, A through H, supporting 16 learners. A
workgroup consists of a workgroup router (for example, RouterA), and a workgroup switch (for
example, SwitchA). Each workgroup has connectivity to the core equipment (for example,
CoreRouter, CoreSwitchA, and CoreSwitchB), which are managed by the instructor.
Due to lab design, lab activities will eventually require an even number of workgroups;
workgroup A will collaborate with workgroup B, C with D, E with F, and G with H.
The IP addressing changes during the course. Check the addressing tables that accompany the
corresponding lab activities.
Learner Pod Equipment: 2 Learners Per Pod, 8 Pods Total Per Class
28 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Software List
The software listed in the following table is suggested for supporting both the ICND1 and
ICND2 course labs.
(C2800NM-ADVIPSERVICESK9-M), Version
12.4(12)
Lab Cabling
Workgroup Routers and Switches
30 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Device Interface Device Interface Remarks
Fa0/9–fa0/12 Unused
Fa0/15–fa0/22 Unused
Fa0/24 TFTP ST
Gi0/1 Unused
Gi0/2 Unused
Core SwitchB
Fa0/9–fa0/12 Unused
Fa0/15–fa0/24 Unused
Gi0/1 Unused
Gi0/2 Unused
32 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Core Router/Frame Relay Switch
Core Router
CoreRouter i2-corero1-dot1Q.txt
CoreSwitchA i2-coreswa1-no-trunk-to-wg.txt
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt
Caution If your ICND2 course is sharing the lab topology that supports the ICND1 course, it is
suggested that all ports on core SwitchC remain disabled for all ICND2 labs. CoreSwitchC is
not used for any ICND2 labs.
34 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 1-1: Implementing a Small Network (Review
Lab)
This topic details the lab activity for Lab 1-1.
Objectives
You will complete these tasks in this lab:
Return your workgroup switch and router to their default configurations
Configure your workgroup switch and router with their proper identities and IP addressing
Provide basic security with passwords and port security
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
A 10.1.1.10 10.1.1.11
B 10.1.1.20 10.1.1.21
C 10.1.1.30 10.1.1.31
D 10.1.1.40 10.1.1.41
E 10.1.1.50 10.1.1.51
F 10.1.1.60 10.1.1.61
G 10.1.1.70 10.1.1.71
H 10.1.1.80 10.1.1.81
(SwitchX) (RouterX)
Instructor Notes
In this lab, the learner removes any previous configuration from the workgroup router and
switches and creates a basic workgroup router and switch configuration, which becomes the
basis for all future labs.
The purpose of this lab is not to introduce new concepts to the learners but to review
prerequisite concepts and commands the learners should understand prior to attending this
course. The instructor should use this lab to gain the following information:
Gauge the prerequisite learner knowledge
Identify the topical strengths and weaknesses of the learners
Help determine learner workgroup partner pairings for future labs
The instructor will also provide the setup information to access the remote lab equipment.
36 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 2-1: Configuring Expanded Switched
Networks
This topic details the lab activity for Lab 2-1.
Objectives
You will complete these tasks in this lab:
Configure the switch to participate in a VTP domain and configure the switch for
transparent mode
Configure trunking on a trunk port to provide access to a router on the network
Configure separate VLANs for separate logical networks
Enable RSTP and configure the root switch and backup root switch
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
If time permits, in optional Task 5, the learner configures a Per VLAN Rapid Spanning Tree
(PVRST) primary and secondary root bridge with a partner workgroup. The instructor may
assign this task to groups that finish the previous tasks and are waiting for the remainder of the
class to complete the lab.
38 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 2-2: Troubleshooting Switched Networks
This topic details the lab activity for Lab 2-2.
Objectives
You will complete this task in this lab:
Discover switched network connectivity issues, follow troubleshooting guidelines to
ascertain switched connectivity problems, and re-establish switched network connectivity
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
A 10.1.1.10 10.2.2.12
B 10.1.1.20 10.3.3.12
C 10.1.1.30 10.4.4.12
D 10.1.1.40 10.5.5.12
E 10.1.1.50 10.6.6.12
F 10.1.1.60 10.7.7.12
G 10.1.1.70 10.8.8.12
H 10.1.1.80 10.9.9.12
Instructor Notes
Learners will download a faulty configuration into their workgroup switches from the TFTP
server and troubleshoot to correct the problems. The problems introduced are as follows:
A VLAN is missing from the VLAN database.
Trunking to the core is turned off and an incorrect trunking mode (dynamic desirable) is
introduced.
A duplex mismatch with the core is configured.
Instructors should remind learners to refrain from simply issuing a show run command and
comparing the problem configuration with the working baseline configuration. One of the
objectives of the lab activity is for the learners to work on their troubleshooting skills by
practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing
that reviews the possible steps learners took to gather symptoms and isolate and correct
problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table
in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the
debriefing process.
40 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 4-1: Implementing OSPF
This topic details the lab activity for Lab 4-1.
Objectives
You will complete these tasks in this lab:
Disable the LAN connections to the core
Enable the serial connections on a workgroup router
Configure OSPF on a workgroup router
Configure plaintext authentication for OSPF
Verify the correct operation and configuration of OSPF routing and OSPF plaintext
authentication
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
With the implementation of OSPF plaintext authentication, instructors may find that learners
have a partial OSPF neighbor table during the lab activity. To have a complete OSPF neighbor
table, the local and peer routers must have successfully configured OSPF with authentication.
42 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 4-2: Troubleshooting OSPF
This topic details the lab activity for Lab 4-2.
Objectives
You will complete this task in this lab:
Discover OSPF network connectivity issues and follow troubleshooting guidelines to
isolate and fix OSPF connectivity problems
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Setup
The table describes how to set up lab configurations with equipment for this lab.
Workgroup routers i2-wg_ro-config-lab4-2.txt Learners download this file as part of the lab.
Instructor Notes
Learners will download a faulty configuration into their workgroup routers from the TFTP
server and troubleshoot to correct the problems. The problems introduced are as follows:
An incorrect wildcard bit mask in the OSPF network statement
An incorrect OSPF authentication key configured with the CoreRouter
Instructors should remind learners to refrain from simply issuing a show run command and
comparing the problem configuration with the working baseline configuration. One of the
objectives of the lab activity is for the learners to work on their troubleshooting skills by
practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing
that reviews the possible steps learners took to gather symptoms and isolate and correct
problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table
in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the
debriefing process.
44 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 5-1: Implementing EIGRP
This topic details the lab activity for Lab 5-1.
Objectives
You will complete these tasks in this lab:
Configure EIGRP on the router
Configure MD5 authentication for EIGRP
Verify the correct operation and configuration of EIGRP routing using show commands,
and verify the correct operation and configuration of EIGRP MD5 authentication
Debug the EIGRP neighbor processes
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
With the implementation of EIGRP Message Digest 5 (MD5) authentication, instructors may
find learners have a partial EIGRP neighbor table during the lab activity. A complete EIGRP
neighbor table requires the local and peer routers to have successfully configured EIGRP with
authentication.
46 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 5-2: Troubleshooting EIGRP
This topic details the lab activity for Lab 5-2.
Objectives
You will complete these tasks in this lab:
Discover EIGRP network connectivity issues and follow troubleshooting guidelines to
isolate and fix EIGRP connectivity problems
Test EIGRP network connectivity
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Setup
The table describes how to set up lab configurations with equipment for this lab.
Instructor Notes
Learners will create a loopback interface in the 172.16.0.0 network causing a discontiguous
network addressing scheme with the core loopback. To provide connectivity from their
loopback network to the core loopback network, learners must configure EIGRP with the no
auto-summary statement.
Instructors should remind learners to refrain from simply issuing a show run command and
comparing the problem configuration with the working baseline configuration. One of the
objectives of the lab activity is for learners to work on their troubleshooting skills by practicing
using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing
that reviews the possible steps learners took to gather symptoms and isolate and correct
problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table
in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the
debriefing process.
48 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 6-1: Implementing and Troubleshooting
ACLs
This topic details the lab activity for Lab 6-1.
Objectives
You will complete these tasks in this lab:
Create an IP extended access list to block Telnet traffic, apply it to an interface, and verify
its operation
Create an IP extended ACL to block TFTP requests from a workgroup
Troubleshoot to isolate and resolve an ACL problem
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
Learners will download a faulty configuration into their workgroup routers from the TFTP
server and troubleshoot to correct the problem. The objective of the ACL is to deny TFTP
traffic from the workgroup but allow all other traffic. The problem introduced is that the ACL
allows all other UDP traffic rather than all other IP traffic.
When testing the effectiveness of the ACL, a learner will attempt to use TFTP to upload a
configuration file from the TFTP server into the workgroup switch. If the TFTP is successful,
meaning that the ACL failed, the workgroup switch will have a new banner displaying the
message, “Your Access List Failed, Please Try Again!”
50 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 7-1: Configuring NAT and PAT
This topic details the lab activity for Lab 7-1.
Objectives
You will complete these tasks in this lab:
Configure inside and outside NAT interfaces and an IP ACL to permit hosts to use PAT
Use show commands to verify the NAT configuration
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
In order to test the NAT effectiveness of the workgroup router, ensure that the learner tests the
configuration by executing a ping from the workgroup switch. If the ping is initiated from the
workgroup router, the source address of the ping will not trigger the translation.
52 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 7-2: Implementing IPv6
This topic details the lab activity for Lab 7-2.
Objectives
You will complete these tasks in this lab:
Determine how to allocate IPv6 addresses for the assigned routers, given an IPv6
numbering scheme and a prefix
Configure router interfaces for IPv6 and assign addresses
Configure RIP to support IPv6 and IPv6 addresses
Configure and verify a dual-stack router configuration
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
Instructor Notes
Task 1 is an information-gathering exercise. The learner should not be configuring the router in
this task but, instead, complete a worksheet identifying the IPv6 addresses that will be used to
configure the router in subsequent tasks.
To better understand the different methods of assigning IPv6 addresses, the learner is asked to
use both a fully defined 128-bit IPv6 address on one interface and an IPv6 address that uses the
EUI-64 interface identifier method on a second interface.
54 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 8-1: Establishing a Frame Relay WAN
This topic details the lab activity for Lab 8-1.
Objectives
You will complete these tasks in this lab:
Configure a serial interface to use Frame Relay encapsulation
Verify the Frame Relay connection using show and ping commands
Configure the debug frame-relay lmi command and interpret the output
Configure a router subinterface and associate it with a specific DLCI
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
A 10.140.1.2
B 10.140.2.2
C 10.140.3.2
D 10.140.4.2
E 10.140.5.2
F 10.140.6.2
G 10.140.7.2
H 10.140.8.2
Instructor Notes
Learners will create a Frame Relay connection to the CoreRouter using the workgroup router
physical serial interface, tear it down, and then re-create the Frame Relay connection to the core
router using a point-to-point subinterface. Occasionally, the interface status remains down, and
rebooting the workgroup router appears to be the only fix.
In order to relearn remote networks through the Frame Relay subinterface via EIGRP, the lab
reminds the learner to reconfigure EIGRP authentication on the subinterface.
56 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab 8-2: Troubleshooting Frame Relay WANs
This topic details the lab activity for Lab 8-2.
Objectives
You will complete this task in this lab:
Discover Frame Relay network connectivity issues and follow troubleshooting guidelines
to determine and fix frame relay connectivity problems
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
A 10.140.1.2
B 10.140.2.2
C 10.140.3.2
D 10.140.4.2
E 10.140.5.2
F 10.140.6.2
G 10.140.7.2
H 10.140.8.2
Instructor Notes
Learners will download a faulty configuration into their workgroup routers from the TFTP
server and troubleshoot to correct the problems. The problem introduced is that an incorrect
Frame Relay DLCI is configured.
Instructors should remind learners to refrain from simply issuing a show run command and
comparing the problem configuration with the working baseline configuration. One of the
objectives of the lab activity is for learners to work on their troubleshooting skills by practicing
using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing
that reviews the possible steps learners took to gather symptoms and isolate and correct
problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table
in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the
debriefing process.
58 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Configuration Files Summary
This topic details the course configuration files, which provide information about the starting
condition of each lab.
i2-corero2-routing.txt The “routing labs” configuration for the core router. All
subinterfaces are removed from the Fast Ethernet
interface. The serial interfaces are enabled for HDLC
connectivity to the workgroups. OSPF and EIGRP are
enabled and configured for authentication.
i2-corero3-frame.txt The “frame relay labs” configuration for the core router.
The core router is configured to also be a Frame Relay
switch. The serial interfaces are enabled for Frame
Relay connectivity to the workgroups EIGRP remains
configured for authentication.
60 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Activity Solutions
This section presents the solutions to the practice activities.
62 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
boot-start-marker
boot-end-marker
!
enable secret 5 $1$HNdR$hOG1GhzoNoHMEgZQU21mo1
!
no aaa new-model
!
!
ip cef
!
!
!
!
voice-card 0
no dspfarm
!
interface FastEthernet0/0
description To SwitchX Fa0/2
ip address 10.1.1.X 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
no ip address
shutdown
!
interface Serial0/0/1
no ip address
shutdown
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
control-plane
!
banner motd ^C
Authorized access only. Unauthorized users disconnect.^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
login
!
scheduler allocate 20000 1000
!
end
64 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
description Management VLAN interface
ip address 10.1.1.X 255.255.255.0
no ip route-cache
!
ip default-gateway 10.1.1.3
ip http server
ip http secure-server
!
control-plane
!
banner motd ^C
Authorized Access Only!
^C
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password sanjose
login
line vty 5 15
no login
!
end
66 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Activity 2-2: Troubleshooting Switched Networks
Workgroup Switch Configuration
When you complete this lab activity, your workgroup switch configuration will be similar to
the following, with differences that are specific to your workgroup:
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SwitchX
!
enable secret 5 $1$.9i2$TbVkDQfzCgf/CeFNEKMm9/
!
no aaa new-model
vtp domain ICND
vtp mode transparent
ip subnet-zero
!
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan X0 priority 24576
spanning-tree vlan X0 priority 28672
!
vlan internal allocation policy ascending
!
vlan X,X0,X0
!
interface FastEthernet0/1
!
interface FastEthernet0/2
description To RouterX Fa0/0
spanning-tree portfast
switchport access vlan X
switchport mode access
switchport port-security
switchport port-security mac-address xxxx.xxxx.xxxx
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
description port connected to CoreSwitchA
switchport mode trunk
speed 100
duplex full
!
interface FastEthernet0/12
description port connected to CoreSwitchB
***************************************************************
wg_sw-config-lab2-2
****************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password sanjose
login
line vty 5 15
no login
68 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
!
end
********************************************************************
wg_ro-config-lab2-2
*******************************************************************
70 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
description port connected to CoreSwitchA
switchport mode trunk
shutdown
speed 100
duplex full
!
interface FastEthernet0/12
description port connected to CoreSwitchB
switchport mode trunk
shutdown
speed 100
duplex full
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
description Management VLAN interface
ip address 10.X.X.11 255.255.255.0
no ip route-cache
!
ip default-gateway 10.X.X.3
ip http server
ip http secure-server
!
control-plane
!
banner motd ^C
wg_sw-config-lab2-2
*****************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password sanjose
login
line vty 5 15
no login
!
end
72 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip ospf authentication
ip ospf authentication-key san-fran
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
!
ip http server
no ip http secure-server
!
control-plane
!
banner motd ^C
********************************************************************
wg_ro-config-lab2-2
********************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
***********************************************************************
wg_ro-config-lab4-2
***********************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
74 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
******************************************************************
wg_ro-config-lab4-2
******************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
76 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
!
hostname RouterX
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/
!
no aaa new-model
!
resource policy
!
ip cef
!
voice-card 0
no dspfarm
!
!
key chain icndchain
key 1
key-string san-fran
!
interface Loopback0
ip address 192.168.X.X 255.255.255.240
!
interface Loopback1
ip address 172.16.X.1 255.255.255.0
!
interface FastEthernet0/0
description To SwitchX F0/2
ip address 10.X.X.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
ip address 10.140.X.2 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
!
router eigrp 100
network 10.0.0.0
network 172.16.0.0
network 192.168.X.0
no auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
***************************************************************
wg_ro-config-lab4-2
***************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
78 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
key-string san-fran
!
interface Loopback0
ip address 192.168.X.X 255.255.255.240
!
interface Loopback1
ip address 172.16.X.1 255.255.255.0
!
interface FastEthernet0/0
description To SwitchX F0/2
ip address 10.X.X.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
ip address 10.140.X.2 255.255.255.0
ip access-group 101 in
ip access-group 175 out
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
shutdown
!
router eigrp 100
network 10.0.0.0
network 172.16.0.0
network 192.168.X.0
auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
!
!
!
ip http server
no ip http secure-server
!
access-list 101 deny tcp any any eq telnet
access-list 101 permit ip any any
access-list 175 deny udp any any eq tftp
access-list 175 permit ip any any
!
control-plane
!
banner motd ^C
wg_ro-config-lab6-1
**************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
================
OR
==============
!
interface Serial0/0/0
bandwidth 64
ip address 10.140.X.2 255.255.255.0
ip access-group KILLTELNET in
ip access-group 175 out
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
!
!
ip access-list extended KILLTELNET
deny tcp any any eq telnet
permit ip any any
!
80 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
!
resource policy
!
ip cef
!
voice-card 0
no dspfarm
!
!
key chain icndchain
key 1
key-string san-fran
!
interface Loopback0
ip address 192.168.X.X 255.255.255.240
!
interface Loopback1
ip address 172.16.X.1 255.255.255.0
!
interface FastEthernet0/0
description To SwitchX F0/2
ip address 10.X.X.3 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
ip address 10.140.X.2 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip nat outside
ip virtual-reassembly
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
shutdown
!
router eigrp 100
network 10.0.0.0
network 172.16.0.0
network 192.168.X.0
auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
!
ip http server
no ip http secure-server
ip nat inside source list 1 interface Serial0/0/0 overload
******************************************************************
wg_ro-config-lab6-1
*******************************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
82 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
key chain icndchain
key 1
key-string san-fran
!
interface Loopback0
ip address 192.168.X.X 255.255.255.252
!
interface Loopback1
ip address 172.16.X.1 255.255.255.0
!
interface Loopback2
ip address 10.XXX.XXX.1 255.255.255.0
ipv6 address 2001:410:4:8::/64 eui-64
ipv6 rip cisco enable
!
interface FastEthernet0/0
description To SwtichX Fa0/2
ip address 10.X.X.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
ip address 10.140.X.2 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
shutdown
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
ipv6 address 2001:410:4:10::/65 eui-64
ipv6 rip cisco enable
!
router eigrp 100
network 10.0.0.0
network 192.168.X.0
auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.XX 0.0.0.0 area 0
!
!
!
ip http server
no ip http secure-server
!
ipv6 router rip cisco
!
control-plane
!
banner motd ^C
wg_ro-config-lab6-1
*******************************************************************
^C
!
banner motd ^C
Authorized access only. Unauthorized users disconnect.^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
login
!
scheduler allocate 20000 1000
!
end
84 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
ip address 172.16.X.1 255.255.255.0
!
interface Loopback2
ip address 10.XXX.XXX.1 255.255.255.0
ipv6 address 2001:410:4:8::/64 eui-64
ipv6 rip cisco enable
!
interface FastEthernet0/0
description To SwitchX F0/2
ip address 10.X.X.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
no ip address
encapsulation frame-relay
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/0.1 point-to-point
ip address 10.140.X.2 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
frame-relay interface-dlci 120
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
shutdown
!
router eigrp 100
network 10.0.0.0
network 172.16.0.0
network 192.168.X.0
no auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
!
ip http server
no ip http secure-server
!
access-list 1 permit 10.X.X.0 0.0.0.255
!
control-plane
!
banner motd ^C
****************************************************************
**********************************************************
^C
!
line con 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password sanjose
logging synchronous
login
!
scheduler allocate 20000 1000
!
end
86 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
!
interface FastEthernet0/0
description To SwitchX F0/2
ip address 10.X.X.3 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0/0
bandwidth 64
no ip address
encapsulation frame-relay IETF
ip ospf authentication
ip ospf authentication-key san-fran
!
interface Serial0/0/0.1 point-to-point
ip address 10.140.X.2 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
frame-relay interface-dlci 120
!
interface Serial0/0/1
bandwidth 64
ip address 10.XX.XX.X 255.255.255.0
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 icndchain
ip ospf authentication
ip ospf authentication-key san-fran
shutdown
!
router eigrp 100
network 10.0.0.0
network 172.16.0.0
network 192.168.X.0
no auto-summary
!
router ospf 100
log-adjacency-changes
network 10.X.X.3 0.0.0.0 area 0
network 10.XX.XX.X 0.0.0.0 area 0
network 10.140.X.2 0.0.0.0 area 0
network 192.168.X.X 0.0.0.0 area 0
!
ip http server
no ip http secure-server
!
access-list 1 permit 20.4.4.0 0.0.0.255
!
control-plane
!
banner motd ^C
**********************************************************************
wg_ro-config-lab8-2
**********************************************************************
end
Step 3 Verify that all of the core devices reload and that the initial prompt appears.
88 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Course Delta Information
This document provides a summary of the differences between Interconnecting Cisco Network
Devices (ICND) v2.3 and Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0.
Executive Summary
Overview
ICND2 content is a minor revision of the ICND v2.3 content, with these new developments:
The foundational, conceptual content of WAN, RIP2, and the PPP lab section are moved to
ICND1.
The “verify” tasks are expanded in lecture and labs in topics such as EIGRP and OSPF to
serve the following purposes:
— Explain more of the commands used to verify the configuration
— Interpret output
— Extend troubleshooting tasks from those performed during installation to those
performed during regular operations
Course Objectives
This table provides a comparison between the previous course objectives and the updated
course objectives.
Module 1: Configure a Catalyst Switch for Basic Module 1: Review how to configure and
Operations troubleshoot a small network
Module 2: Improve the Scalability, Interoperability, Module 2: Expand a small-sized, switched LAN to
and Throughput by Implementing VLANs a medium-sized LAN with multiple switches,
supporting VLANs, trunking, and spanning tree
Module 3: Configure and Troubleshoot RIP, IGRP, Module 3: Describe routing concepts as they apply
EIGRP, and OSPF to a medium-sized network and discuss
considerations when implementing routing on the
network
Module 4: Configure Different Types of IP ACLs in Module 4: Configure, verify, and troubleshoot
Order to Manage IP Traffic OSPF
Module 6: Configure Frame Relay Module 6: Determine how to apply ACLs based on
network requirements and configure, verify, and
troubleshoot ACLs on a medium-sized network
Module 7: Configure DDR between two routers Module 7: Configure NAT or PAT on routers,
with BRI or PRI explain IPv6 addressing, and configure IPv6 on a
Cisco router
Module 1: Configuring Module 2: Medium-Sized Module 2 combines the content of ICND v2.3
Catalyst Switch Switched Network modules 1 and 2.
Operations Construction
Additions:
Module 2: Extending
Switched Networks with Voice VLANs (basics)
Virtual LANs
EtherChannel (basics)
Deletions:
ISL Trunking
Module 3: Determining IP Module 3: Medium-Sized ICND v2.3 module 3 was broken into three
Routes Routed Network modules in ICND2, modules 3, 4, and 5.
Construction
Deletions:
Static routing
OSPF Authentication
EIGRP Authentication
Module 4: Managing IP Module 6: Access Control ICND v2.3 module 4 was broken into two
Traffic with ACLs Lists modules in ICND2, modules 6 and 7.
Additions:
ACL Comments
90 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
ICND v2.3 (previous) ICND2 v1.0 (updated) Changes/Reason
Module 5: Establishing Module 8: LAN Extension Module 8 combines the content of ICND v2.3
Serial Point-to-Point into a WAN modules 5 and 6
Connections
Additions:
Module 6: Establishing
Frame Relay Connections VPN solutions lesson
Deletions:
PPP lab
Module 7: Completing — —
ISDN Calls
0 0 Course Introduction
92 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module Lesson Topic Delta Source
94 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module Lesson Topic Delta Source
MAJ = Existing content from other courses, major edits to existing ICND content