1

XYZs CCNA Internetwork Challenge

Introduction

Company XYZ is a US-based, plumbing company that has its main headquarters stationed at San
Francisco, and two remote sites at Houston and Florida. Over the years, the company has experienced
intermittent connectivity and poor service from its previous network specialists.

Geared towards excellence, the company has outsourced your company, Network Experts - East, in
ensuring the networks security and stability.

Initially, the network has a mixture of Cisco and non-Cisco routers / switches. But, after presenting the
advantages of using Cisco devices (such as having SMARTNET and TAC within our disposal), the company
has decided to eliminate all non-Cisco equipment and has bought three new routers, two new switches
and one wireless router for you to configure - HOUSTON, FLORIDA, EDGERTR, HSTN-SW1, HSTN-SW2
and HSTN-WR1.

Objective

Knowing that you are a promising CCNA practitioner, the company has ensured that all their
requirements are within the bounds of the curriculum. Your task is to ensure that all their network
requirements are met, as well as make sure that the new devices can work hand in hand with their
existing devices(enclosed in orange boxes).



NOTE TO USER: This activity is created using Packet Tracer 5.3.1.

Best viewed when the Always show port labels check box under Preferences Options is unchecked.

COMPLETION TIME: 60 minutes
2



XYZs Network Topology
3


IP Addressing Table

Device Interface IP Address Subnet Mask Default Gateway
SANFRAN
S0/0/0 192.168.100.1 255.255.255.252 N/A
S0/0/1 192.168.100.5 255.255.255.252 N/A
Fa0/0 180.20.40.2 255.255.255.248 N/A
HOUSTON
S0/0/0 192.168.100.2 255.255.255.252 N/A
Fa0/0.50

N/A
Fa0/0.75

N/A
Fa0/0.100

N/A
FLORIDA
S0/0/1 192.168.100.6 255.255.255.252 N/A
Fa0/0 10.10.50.1 255.255.255.224 N/A
EDGERTR
Fa0/0 50.74.56.9 255.255.255.252 N/A
Fa0/1 180.20.40.1 255.255.255.248 N/A
ISP
Fa0/0 50.74.56.10 255.255.255.252 N/A
Fa0/1 207.184.30.161 255.255.255.224 N/A
HSTN-SW1 VLAN75
HSTN-SW2 VLAN75
HDServer NIC 10.10.50.10 255.255.255.224 255.255.255.224
SMTPServer NIC 10.10.50.20 255.255.255.224 255.255.255.224
OutsideServer NIC 207.184.30.167 255.255.255.224 207.184.30.161
GUEST-LT NIC DHCP DHCP DHCP
EMPLOYEE-PC NIC DHCP DHCP DHCP
ADMIN-PC NIC DHCP DHCP DHCP

Use VLSM in calculating for the Network addresses of the HOUSTON Networks.

Note: The IP addresses in the green boxes are already assigned in their respective interfaces.
The IP addresses in the yellow boxes needs to be assigned in their respective interfaces.
The IP addresses in the blue boxes needs to be computed for, and needs to be assigned in their respective
interfaces.

Network Name VLAN Host Requirement
EMPLOYEES 50 100 hosts
ADMINISTRATORS 75 15 hosts
WLINK 100 Point-to-point
GUESTS (Wireless) - 50 hosts
4


IP address assignments:
For all the HOUSTON FastEthernet subinterfaces, configure it with the first usable IP address of the
network where the port belongs to.

Configure the IP address of the remaining FastEthernet/Serial ports of the routers as indicated in the IP
Addressing Table.

For the switch HSTN-SW1s management interface, use the 2nd usable IP address of the
ADMINISTRATORS network. The switch must be able to communicate with devices from the other
networks.

For the switch HSTN-SW2s management interface, use the 3rd usable IP address of the
ADMINISTRATORS network. The switch must be able to communicate with devices from the other
networks.

For the wireless router HSTN-WR1s internet interface, configure it with the last usable IP address of the
WLINK network.

For the wireless router HSTN-WR1s LAN interface, configure it with the first usable IP address of the
GUESTS network.

For the ADMIN-PC, create a DHCP pool named ADMINISTRATORS in the HOUSTON router to provide IP
address on the devices in that network. Exclude the first five IP addresses in the DHCP pool. The primary
DNS server of the devices should be 10.10.50.10.

For the EMPLOYEE-PC, create a DHCP pool named EMPLOYEES in the HOUSTON router to provide IP
address on the devices in that network. Exclude the first five IP addresses in the DHCP pool. The primary
DNS server of the devices should be 10.10.50.10.

For the GUEST-LT, create the DHCP pool in the HSTN-WR1 router to provide IP address on the devices in
that network. The primary DNS server of the devices should be 10.10.50.10.

5


Configuration Requirements:

Configure the device hostnames as shown in the device label.

Configure the password networkeast as the enable secret password, console password, and vty password on
all the configurable routers/switches. Also, secure the devices by encrypting all plain-text passwords using the
type 7 encryption.

Configure a default route on the router EDGERTR, pointing to the ISP router. Use the exit-interface in defining
the route.

Configure a static route on the router HOUSTON, pointing to the HSTN-WR1 wireless router. Use the next-hop
address in defining the route.

Enable OSPF on the routers HOUSTON and EDGERTR. Using the process id of 23, appropriately configure these
networks on the routers where they are supposed to be configured:

o EMPLOYEES network
o ADMINISTRATORS network
o WLINK network
o 192.168.100.0 network
o 189.20.40.0 network

Using OSPF, propagate the static route in the HOUSTON router to all the routers in the network. Make sure that
you propagate the subnet mask with it.

Using OSPF, propagate the default route in the EDGERTR router to all the routers in the network.

Ensure that the FastEthernet interface of the EDGERTR will never be the DR/BDR of its network.

Change the OSPF hello timer in the S0/0/0 interface of the HOUSTON router to 5 seconds and the OSPF dead
timer in the S0/0/0 interface of the HOUSTON router to 20 seconds.

Enable EIGRP in the FLORIDA router. Using autonomous system 23, define all the networks directly connected
to the router and ensure that summarization is disabled.

Change the EIGRP K-values in the FLORIDA router, where:

o k1 = 2
o k2 = 0
o k3 = 1
o k4 = 0
o k5 = 0

Create the following VLANs in HSTN-SW1:

o VLAN50 = EMPLOYEES
o VLAN75 = ADMINISTRATORS
o VLAN100 = WLINK

In the HSTN-SW1 and HSTN-SW2 switches, ports Fa0/1 to Fa0/4 must be configured as access ports and should
be assigned to VLAN75.

6


In the HSTN-SW1 and HSTN-SW2 switches, ports Fa0/5 to Fa0/20 must be configured as access ports and
should be assigned to VLAN50.

In the HSTN-SW1 and HSTN-SW2 switches, ports Fa0/21 to Fa0/22 must be configured as access ports and
should be assigned to VLAN100.

In the HSTN-SW1 and HSTN-SW2 switches, ports Fa0/23 to Fa0/24 should be configured as trunk ports.

In the HSTN-SW1 and HSTN-SW2 switches, ports Fa0/1 to Fa0/20 should automatically be functioning in the
STP Forwarding state when the port comes up.

Enable port-security in HSTN-SW1 and HSTN-SW2 switches.
Ports Fa0/1 to Fa0/20 can only have a maximum of 3 MAC addresses per port that are dynamically learned, and
are stored in the running-config.

Configure the VTP domain named HSTN on HSTN-SW1 and HSTN-SW2.
HSTN-SW1 should act as the server while HSTN-SW2 should act as the client.
The password for the VTP process should be !Hou5t0n.

Make HSTN-SW1 the root bridge of VLAN50 and VLAN75 by changing VLAN50s priority to 8192 and VLAN75s
priority to 16384. Make HSTN-SW2 the root bridge of VLAN100 by changing VLAN100s priority to 4096.

Change the SSID of the wireless router to HOUSTONGUESTS, and utilize WPA2 Personal the wireless security
mode. AES will be encryption technique, and the pre-shared key will be !H0u5t0n.

Configure NAT overloading on the EDGERTR router by overloading the Fa0/1 interface of the router, defining
the inside/outside interfaces accordingly, and creating a standard, named access-list called NAT. Create the list
in the following order:

o EMPLOYEES network
o ADMINISTRATORS network
o WLINK network
o Florida LAN

Enable public HTTP access for HDSERVER by configuring static NAT on the EDGERTR. Devices accessing the http
port of the outside IP of EDGERTR should be automatically redirected to the HDSERVER.

Enable public SMTP access for SMTPSERVER by configuring static NAT on the EDGERTR. Devices accessing the
smtp port of the outside IP of EDGERTR should be automatically redirected to the SMTPSERVER.

Configure PPP on the HOUSTON router. Use CHAP as the mode of authentication. SANFRAN router is
configured with the username SANFRAN, the password c15c04353r.

Create an extended, named access-list called ACLIN in the HOUSTON router and configure the following
requirements(in order):
Note: The wireless router in PT automatically uses NAT. As such, use its internet IP address as the
source IP address to be used in your access-list statements.

a. Allow the GUEST network to access both the TCP and UDP DNS service of the HDServer in the
Florida LAN.
7


b. Prevent the GUEST network from accessing the Florida LAN.
c. Prevent the GUEST network from accessing the EMPLOYEES network.
d. Prevent the GUEST network from accessing the ADMINISTRATORS network.
e. Prevent the EMPLOYEES network from accessing the ADMINISTRATORS network.
Apply the access-list ACLIN, in the inbound direction, on the Fa0/0.50 and Fa0/0.100 interface of the
HOUSTON router.