Scribd Logo
Upload

Welcome to Scribd!

  • Sba D3

    Uploaded by

    Celia King
    51 views5 pages
    Discovery 3_sba_cmds

    Original Title

    SBA_D3.txt

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Discovery 3_sba_cmds

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    51 views5 pages

    Sba D3

    Uploaded by

    Celia King
    Discovery 3_sba_cmds

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    TASK 1: Build Network and Connect Cables _____________________________________ TASK 2: Configure the HQ router !

    Step 1: Cosmetics conf t ho HQ_1 line console 0 no exec timeout password cisco login line vty 0 4 password cisco login exit enable password cisco enable secret class no ip domain-lookup banner motd #Unauthorized use prohibited# !Step 2: configure hq interfaces: int s0/0/0 ip address 192.168.1.1 255.255.255.252 clock rate 64000 no shut int s0/0/1 ip add 209.165.201.2 255.255.255.252 encapsulation ppp ppp authentication chap no shutdown exit int lo 0 ip add 192.168.1. 255.255.255.224 exit !Step 3: username HQ password cisco !Step 4: configure OSPF routing for area 0 on HQ conf t router ospf 1 net 192.168.1.232 0.0.0.3 area 0 net 192.168.1.192. 0.0.0.3 area 0 net 209.165.201.0 0.0.0.3 area 0 !Step 5: configure default route on HQ and propogate route to R2 ip route 0.0.0.0 0.0.0.0 s0/0/1 router ospf 1 default-information originate !Step 6: configure overloaded Nat on HQ int s0/0/0 ip nat inside int lo 0

    ip nat inside int s0/0/1 ip nat outside exit ip nat inside source list 1 int s0/0/1 overload access-list 1 permit 192.168.1.0 0.0.0.255 !Step 7: save config copy run start _________________________________________________________ TASK 3 Configure the Remote Office Router !Step 1: configure cosmetics conf t ho R2 line console 0 no exec timeout password cisco login line vty 0 4 password cisco login exit enable password cisco enable secret class no ip domain-lookup banner motd #Unauthorized use prohibited# !Step 2: configure R2 interfaces int fa0/0 no ip add no shut int fa0/0.1 encapsulation dot1Q 1 ip add 192.168.1.225 255.255.255.248 int fa0/0.11 encapsulation dot1Q 11 ip add 192.168.1.229 255.255.255.192 int fa0/0.12 encapsulation dot1Q 12 ip add 192.168.1.1 255.255.255.128 int s0/0/0 ip add 192.168.1.233 255.255.255.252 no shutdown !Step 3: configure OSPF routing for area 0 router ospf 1 net 192.168.1.0 0.0.0.127 area 0 net 192.168.1.128 0.0.0.63 area 0 net 192.168.1.224 0.0.0.7 area 0 net 192.168.1.232 0.0.0.3 area 0

    !Step 4:save config copy run start _________________________________________________ TASK 4: Configure Remote Office S1 !Step 1: configure cosmetics !Step 2: configure VLANS for S1 vlan 11 name Dept1 vlan12 name Dept2 exit int range fa0/3-11 sw mode acc sw acc vlan 11 int range fa0/12-24 sw mode acc sw acc vlan 12 exit !Assign an IP to Mgt VLAN 1 on S1 int vlan1 ip add 192.168.1.226 255.255.255.248 no shut exit ip default-gateway 192.168.1.225 !Step 4: configure S1 sw int fa0/1 sw mode trunk int fa0/2 sw mode trunk !step 5: configure S1 as root switch for STP spanning-tree vlan 1 priority 4096 !step 6: configure a vtp domain vtp domain AnyCompany1 vtp mode server vtp password cisco !step 7: configure switch port security int fa0/9 shut sw port-security sw port-security mac-add sticky no shut end !step 8:

    copy run start _______________________________________________ TASK 5: configure Remote Office Switch S2 !step 1 : configure cosmetics !step 2 : configure vtp domain vtp domain AnyCompany1 vtp mode client vtp password cisco !step 3: assign ports to the vlans int range fa0/3-11 sw mode acc sw acc vlan 11 int range fa0/12-24 sw mode acc sw acc vlan 12 exit !step 4 : assign ip to mgt VLAN 1 on S2 int vlan1 ip add 192.168.1.227 255.255.255.248 no shut exit ip default-gateway 192.168.1.225 !step 5 : configure switch port fa0/2 as an 802.1Q trunk to carry VLAN info int fa0/1 sw mode trunk int fa0/2 sw mode trunk !step 6 : configure switch port security int fa0/15 shut sw port-security sw port-security mac-address sticky no shut end !step 7: copy run start _______________________________________________ TASK 6: Configure HOST IP addresses ________________________________________________ TASK 7 : verify device cofigurations and basic connectivity

    sh commands - !all of them _______________________________________________ TASK 8 : configure ACL Security on HQ and R2 !step 1 : create and apply numbered extended acl on R2 access-list access-list access-list access-list access-list access-list access-list access-list access-list 101 101 101 101 101 101 101 101 101 remark ALLOW WEB ACCESS FOR R2 INSIDE NET permit tcp 192.168.1.0 0.0.0.255 any eq www remark ALLOW PING FOR R2 INSIDE NET permit icmp 192.168.1.0 0.0.0.255 any remark ALLOW TELNET FOR VLAN 11 permit tcp 192.168.1.128 0.0.0.63 any eq telnet remark ALLOW FTP for VLAN 12 permit tcp 192.168.1.0 0.0.0.127 any eq ftp deny ip any any

    int s0/0/0 ip access-group out !step 2 : create and apply standard acl to control vty access to HQ access-list 2 permit host 192.168.1.130 access-list 2 deny any line vty 0 4 access-class 2 in copy run start sh access-lists

    You might also like