EWAN NAT/ACL PT Practice SBA

A few things to keep in mind while completing this activity: 1. Do not use the browser Back button or close or reload any exam windows during the exam. 2. Do not close Packet Tracer when you are done, it will close automatically. 3. Click the Submit Assessment button to submit your work.

Introduction
In this practice Packet Tracer Skills Exam, you are expected to do as follows: Implement the addressing in the network to meet the stated requirements. Configure and verify a DHCP server implementation. Configure and verify WAN technologies. Configure EIGRP to enable communication with the rest of the network. Configure NAT to translate addresses for traffic that is destined to the Internet. Implement access control lists as part of a security policy.

Addressing Table
Device Interface Fa0/0 R1 S0/0/0 S0/0/1.101 S0/0/0 R2 S0/0/1.201 S0/1/0 Fa0/0 R3 S0/0/0 S0/0/1 PC1 PC3 NIC NIC Address 172.16.1.193 172.30.1.1 10.10.10.1 172.30.1.6 10.10.10.2 209.165.201.2 172.16.1.129 172.30.1.2 172.30.1.5 172.16.1.222 DHCP Assigned Subnet Mask 255.255.255.224 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.192 255.255.255.252 255.255.255.252 255.255.255.224 DHCP Assigned Default Gateway n/a n/a n/a n/a n/a n/a n/a n/a n/a 172.16.1.193 DHCP Assigned

NOTE: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

Step 1: Configure and Verify R3 as the DHCP Server.

a. Configure R3 as the DHCP server for the LAN attached to Fa0/0 using the following guidelines: Use the case-sensitive DHCP pool name of R3_LAN. Exclude the first three host addresses in the subnet.

b. Verify that PC3 now has full IP addressing. It may be necessary to toggle between Static and DHCP on the IP Configuration screen for PC3 before PC3 will send a DHCP request. PC3 should be able to ping the default gateway.

Step 2: Configure WAN Technologies.

a. The link between R3 and R2 uses PPP with CHAP. The password isciscochap. Verify that R3 and R2 can ping each other. b. The link between R3 and R1 uses HDLC. R3 should be able to ping the other side of the link. Verify that R3 and R1 can ping each other. c. The link between R1 and R2 uses point-to-point Frame Relay subinterfaces. Verify that R1 and R2 can ping each other.

Step 3: Configure and Verify EIGRP Routing.

a. Configure EIGRP routing on R1, R2, and R3. Use AS number 100. Do not use the wildcard mask argument. Do not advertise the network between R2 and the Internet.

b. Configure R2 with a default route using the outbound interfaceargument. Use one command to propagate the default route into the EIGRP routing process. c. Verify PC1 and PC3 can ping each other as well as R1, R2 and R3. You will not be able to ping Internet hosts yet.

Step 4: Configure R2 with a NAT.

a. Configure NAT on R2 using the following guidelines: Only addresses in the 172.16.1.128/25 address space will be translated. Use the number 1 for the access list. Configure PAT on the R2 S0/1/0 interface.

b. Verify that PC1 and PC3 can ping the Internet hosts.

Step 5: Configure Access Control Lists to Satisfy a Security Policy.

a. Configure and apply an ACL with the number 50 that implements the following policy: Prevent all hosts from the R3 LAN from accessing hosts on the R1 LAN.

b. Verify that ACL 50 is operating as intended. c. Configure and apply a named ACL with the case-sensitive nameFIREWALL that implements the following policy: Deny ping requests sourced from the Internet. Deny Telnet and HTTP traffic sourced from the Internet. Allow all other traffic.

d. Verify that the FIREWALL ACL is operating as intended.

Version 2.0 Created in Packet Tracer 5.3.2.0027 and Marvel 1.0.1 All contents are Copyright 1992 - 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Informatio

General Information
Assessment = EWAN PT Practice SBA Form = FormB-1a EWAN NAT/ACL PT Practice SBA User ID = canvasprod02:435850 Scored Date = Wed Aug 07 04:46:14 GMT+00:00 2013 The time shown is Greenwich Mean Time (GMT). Subtract or add the appropriate number of hours to adjust to your local time. If you do not know the correct number of hours to adjust to GMT, visithttp://www.timeanddate.com/worldclock/search.html.

Feedback
Based on your performance on this assessment, this table reports your preparedness for taking a hands-on skills exam covering similar networking skills. The estimates are based on expert opinion of the knowledge and skills needed to successfully perform these networking tasks on a repeatable basis. Performance Components Proficiency Estimates None Novice Partial Proficient DHCP Configuration

WAN Configuration

Routing Configuration

NAT Configuration

ACL Configuration

You correctly configured some of the DHCP requirements. You correctly performed some of the WAN technology configurations.

See Terminology section for an explanation of terms.

Scoring
Total Points Possible = 100 Total Earned Points = 75

Performance Component: DHCP Configuration

Description: The student can configure and verify a router as a DHCP server. Maximum Points = 15 Earned Points = 10 Work Product Feature DHCP Configuration DHCP Excluded Addresses Network:R3:DHCP:Excluded Addresses:172.16.1.129 172.16.1.131 DHCP Pool Configuration Network:R3:DHCP:Pools:R3_LAN:Name Network:R3:DHCP:Pools:R3_LAN:Start IP address Network:R3:DHCP:Pools:R3_LAN:Subnet mask Network:R3:DHCP:Pools:R3_LAN:Default Gateway PC3 Set to DHCP Network:PC3:Ports:FastEthernet:DHCP client enable PC3 Default Gateway Network:PC3:Default Gateway Student Result Earned Points 10 4 6 Correct Correct Correct Correct 0 Incorrect 0 Incorrect 3 2 Max Points 15 4 6

Correct

Performance Component: WAN Configuration

Description: The student can configure and verify a basic serial connection. The student can configure and verify PPP with CHAP. The student can configure and verify Frame Relay. Maximum Points = 30 Earned Points = 10 Work Product Feature WAN Configuration HDLC Encapsulation Configuration Network:R1:Ports:Serial0/0/0:Encapsulation Network:R3:Ports:Serial0/0/0:Encapsulation PPP Encapsulation Configuration Network:R2:Ports:Serial0/0/0:Encapsulation Network:R3:Ports:Serial0/0/1:Encapsulation PPP CHAP Configuration Network:R2:User Names:Username Network:R2:Ports:Serial0/0/0:PPP:Authentication Network:R3:User Names:Username Network:R3:Ports:Serial0/0/1:PPP:Authentication Frame Relay Configuration Network:R1:Ports:Serial0/0/1:Encapsulation Network:R1:Ports:Serial0/0/1:Power Network:R2:Ports:Serial0/0/1:Power Subinterface IP Addressing Network:R1:Ports:Serial0/0/1.101:IP Address Network:R1:Ports:Serial0/0/1.101:Subnet Mask Network:R2:Ports:Serial0/0/1.201:IP Address Network:R2:Ports:Serial0/0/1.201:Subnet Mask DLCI Configuration Network:R1:Ports:Serial0/0/1.101:DLCI:101 Network:R2:Ports:Serial0/0/1.201:DLCI:201 Student Result Earned Points Max Points 10 30 0 5

Incorrect Incorrect 5 Correct Correct 0 Correct Correct Incorrect Correct 5 Correct Correct Correct 0 Correct Correct Incorrect Incorrect 0 Correct Incorrect 5 5 5 5 5

Performance Component: Routing Configuration

Description: The student can configure and verify EIGRP routing including redistributing a default route. Maximum Points = 15 Earned Points = 15 Work Product Feature Routing Configuration EIGRP Routing Configuration Network:R1:EIGRP:100:Networks:172.16.0.0 0.0.255.255 Network:R1:EIGRP:100:Networks:172.30.0.0 0.0.255.255 Network:R1:EIGRP:100:Networks:10.0.0.0 0.255.255.255 Network:R2:EIGRP:100:Networks:10.0.0.0 0.255.255.255 Network:R2:EIGRP:100:Networks:172.30.0.0 0.0.255.255 Network:R3:EIGRP:100:Networks:172.16.0.0 0.0.255.255 Network:R3:EIGRP:100:Networks:172.30.0.0 0.0.255.255 Default Route Configuration Network:R2:Routes:Static Routes:0.0.0.0-0-Serial0/1/0-0 Network:R2:EIGRP:100:Redistribution:Static Disable Automatic Summarization Network:R1:EIGRP:100:Auto Summary Network:R2:EIGRP:100:Auto Summary Network:R3:EIGRP:100:Auto Summary Student Result Earned Points 15 9 Correct Correct Correct Correct Correct Correct Correct 4 Correct Correct 2 Correct Correct Correct Max Points 15 9

Performance Component: NAT Configuration

Description: The student can configure and verify NAT. Maximum Points = 20 Earned Points = 20 Work Product Feature NAT Configuration NAT ACL Configuration Network:R2:ACL:1 NAT Overload Configuration Network:R2:NAT:Inside Source List:1 NAT Inside S0/0/0 (to R3) Network:R2:Ports:Serial0/0/0:NAT NAT Outside S0/1/0 (to Internet) Network:R2:Ports:Serial0/1/0:NAT Student Result Earned Points 20 5 5 Correct 5 Correct 5 Correct 5 5 Max Points 20 5 5

Correct

Performance Component: ACL Configuration

Description: The student can configure, apply, and verify access control lists. Maximum Points = 20 Earned Points = 20 Work Product Feature ACL Configuration Access List 50 Configuration Network:R1:ACL:50 Access List 50 Application Student Result Earned Points 20 5 5 Max Points 20 5 5

Correct

Network:R1:Ports:FastEthernet0/0:Access- Correct group Out Access List FIREWALL Configuration Network:R2:ACL:FIREWALL Correct Access List FIREWALL Application Network:R2:Ports:Serial0/1/0:Access-group Correct In

5 5

5 5

Terminology
Performance Component - a description of what the student knows and can do about a coherent set of networking knowledge and skills; the level at which the student's work product can be assigned a proficiency estimate. Proficiency Estimate - a description of a student's level of mastery of the performance component. The proficiency estimate is not meant to be a comprehensive statement of what the student knows and can do. Work Product - student performance recorded during this assessment. For example, the submitted activity file, timing statistics, and final running configurations. Work Product Feature - An aspect of the student's work product. The feature can have a name and a value. For example, Name = FastEthernet0/0:IP Address; Value = 192.168.1.1 Individual work product features are combined into performance components and scored based on the complexity of the performance observed. Because the construction of performance components is based on the underlying work product features as well as the unique design of each scenario, strict boundaries for determining a proficiency rating are not possible. In general:

None - 0% to 25% of possible points Novice - 26% to 50% of possible points Partial - 51% to 85% of possible points Proficient - 86% to 100% of possible points