CCNA Lab Manual

- 1-
CABLES
Objective
This lab gives you the better understanding to make an Ethernet Cables.
The types of Ethernet cables available are:
1) Straight-through cable
2) Crossover cable
3) Rolled cable
i. Straight-Through Cable
The straight-through cable is used to connect
1) Host to switch or hub

2) Router to switch or hub
Four wires are used in straight-through cable to connect Ethernet devices. It is relatively
simple to create this type; Figure shows the four wires used in a straight-through Ethernet
cable.
Diagram
Notice that only pins 1, 2, 3, and 6 are used. Just connect 1 to 1, 2 to 2, 3 to 3, and 6 to 6,
and you’ll be up and networking in no time. However, remember that this would be an
Ethernet-only cable and wouldn’t work with Voice, Token Ring, ISDN, etc.
- 2-
ii. Crossover Cable Cable

The crossover cable can be used to connect
1) Switch to switch
2) Hub to hub
3) Host to host
4) Hub to switch
5) Router direct to host
The same four wires are used in this cable as in the straight-through cable; we just
connect different pins together. Figure shows how the four wires are used in a crossover
Ethernet cable.
Notice that instead of connecting 1 to 1, etc., here we connect pins 1 to 3 and 2 to 6 on

each side of the cable.
Diagram
- 3-
iii. Rolled Cable

Although rolled cable isn’t used to connect any Ethernet connections together, you can
use a rolled Ethernet cable to connect a host to a router console serial communication
(com) port.
If you have a Cisco router or switch, you would use this cable to connect your PC
running HyperTerminal to the Cisco hardware.
Eight wires are used in this cable to connect serial devices, although not all eight are used
to send information, just as in Ethernet networking. Figure shows the eight wires used in
a rolled cable.
Diagram
These are probably the easiest cables to make, because you just cut the end off on one
side of a straight-through cable and reverse the end.
Once you have the correct cable connected from your PC to the Cisco router or switch,
you can start HyperTerminal to create a console connection and configure the device
- 4-
How To Create A LAN

Objective
This lab gives you the better understanding to make a LAN Network.
The major concerns are,

1. To connect 2 PC’s with a cross cable.
2. To connect 2 PC’s with a switch by a straight cable.
i. Connecting 2 PC’s via Cross Cable

Diagram
ii. Connecting 2 PC’s via Straight Cable

Diagram
- 5-
Procedure
1. Make sure that either NIC is installed onto your PC’s or not.
2. Assign IP address to your LAN (NIC) card on both PC’s.
3. Check their connectivity by PING command & DATA sharing.
Configuration
Step 1: Make sure that either NIC is installed onto your PC’s or not.
Go to Windows Start Button > Settings > Control Panel
Then go to System
- 6-
Then go to Hardware tab > Device Manager
Expand the SERVER123 (Computer Name) tab > Network Adapters
Note: - If LAN (NIC) card is not installed onto your PC then go to Windows Start
Button > Settings > Control Panel > Add/Remove Hardware.
- 7-
Step 2: Assign IP address to your LAN (NIC) card on both PC’s.

Go to My Network Places, Right Click & take the Properties & open the Network &
Dial-up Connections
Choose your LAN card, & take the Properties,
Go to the TCP/IP, & take the Properties

- 8-
Give the IP Address, & press O.K.
Check the IP Address on the Command Prompt.
D:\>ipconfig
Windows 2000 IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :

IP Address . . . . . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway .........:
D:\>
- 9-
Step 3(A): Check their connectivity by PING command.

D:\>ping 10.0.0.2
Pinging 10.0.0.2 with 32 bytes of data:
Reply from 10.0.0.2: bytes=32 time<10ms TTL=128

Ping statistics for 10.0.0.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
D:\>
Step 3(B): Check their connectivity by Data Sharing.

Type on RUN as: \\10.0.0.2
The following screen will pop-up,

-10-
Open A Hyper Terminal Session

Objective
This lab gives you the better understanding to open a Hyper Terminal session.
Diagram
Procedure
1. Open the Hyper Terminal Session From RUN by giving the command
‘hypertrm’ or from STRART Button -> Programs -> Accessories ->
Communications -> Hyper Terminal.
2. Give the Session name.
3. Define the connection type i-e., COM1.
-11-
Configuration
Step 1: Open the Hyper Terminal Session From RUN by giving the command
‘hypertrm’ or from START Button -> Programs -> Accessories ->
Communications -> Hyper Terminal.
Step 2: Give the Session name.

-12-
Step 3: Define the Connection Type i-e., COM1.
Step 4: Define the Port Settings of COM Port.
Note: Press Restore Defaults Button

-13-
Step 5: Start the Hyper Terminal Session.

-14-
Switch Basic CAT IOS

Objective
This lab includes basic commands of Cat IOS on 1900 Switches.
Diagram
Configuration
Step 1: After connecting your PC to the Console Port.
Catalyst 1900 Management Console
Copyright (c) Cisco Systems, Inc. 1993-1999
All rights reserved.
Enterprise Edition Software
Ethernet Address: 00-03-6B-33-42-C0
PCA Number: 73-3122-04

PCA Serial Number: FAB0435C3XU
Model Number: WS-C1912-EN
System Serial Number: FAB0436U0HF
Power Supply S/N: APR04140107
PCB Serial Number: FAB0435C3XU,73-3122-04
-------------------------------------------------
-15-
1 user(s) now active on Management Console.
User Interface Menu
[M] Menus
[K] Command Line
[I] IP Configuration
[P] Console Password
Enter Selection: K
>
Step 2: To Enter Into Priviledge mode/Executive Mode From User Mode & Vice-
Versa.
>enable
#
#disable
>
Step 3: To Enter Into Global Configuration Mode.

#
#configure terminal
(config)#
Step 4: To change the Host Name of Switch.

# configure terminal
(config)#hostname 1900-SWA
1900-SWA(config)# end
1900-SWA#
Step 5(A): Set the User Password (Level 1) on the 1900 Switch.
1900-SWA#config t
1900-SWA(config)#enable password level 1 cisco
1900-SWA(config)#end
1900-SWA#
Step 5(B): Verification Of User Password on the 1900-SWA.

1900-SWA#exit
-16-
CLI session with the switch is now closed.
Press any key to continue.


-------------------------------------------------
User Interface Menu
[M] Menus
[K] Command Line
[I] IP Configuration
[P] Console Password
Enter Selection: K
Enter password: *****
CLI session with the switch is open.

To end the CLI session, enter [Exit].
1900-SWA>enable
1900-SWA#
Step 6(A): Set the User Password (Level 1) in encrypted form.

1900-SWA(config)#
1900-SWA(config)#enable secret level 1 cisco1
1900-SWA(config)#exit
1900-SWA#
Note: The enable secret password must not be same as your enable password. This
is recommended.
-17-
Step 6(B): Verifying the User Password in encrypted form.


-------------------------------------------------
User Interface Menu
[M] Menus
[K] Command Line
Enter Selection: K
Enter password: ***** (Enter Level 15 Password)
Incorrect password
Enter password: ****** (Enter Level 15 Secret Password)
CLI session with the switch is open.

To end the CLI session, enter [Exit].
1900-SWA>
Step 7(A): Set the Privileged/Administrative Mode Password in Clear Text.

1900-SWA(config)#
1900-SWA#
-18-
Step 7(B): Verifying the privileged mode password in clear text.

1900-SWA#disable
1900-SWA>enable
Password: *****
1900-SWA#
Step 8(A): Set the Privileged Mode password in encrypted form.

1900-SWA(config)#
1900-SWA(config)#enable secret level 15 cisco1
1900-SWA#
Note: The enable secret password must not be same as your enable password. This
is recommended.
Step 7(B): Verifying the Privileged Mode password in encrypted form.

1900-SWA#disable
1900-SWA>enable
Enter password: ***** (Enter Level 15 Password)
Incorrect password
Enter password: ****** (Enter Level 15 Secret Password)

1900-Switch#
Step 8: Show contents of Current Configuration (RAM).

1900-SWA#show running-config
Building configuration...
Current configuration:
!
hostname "1900-SWA"
!
enable secret level 1 5 $1$FNl3$Uqvk0GXXGxW0vuNOeGc601
enable secret 5 $1$0o8Z$R21htpuG96wOl1zbub90X.
enable password level 1 "CISCO"
enable password level 15 "CISCO"
!
interface Ethernet 0/1
!
-19-
!
<Output Omitted>

!
!
!
interface FastEthernet 0/26
!
interface FastEthernet 0/27
!
line console
end
1900-SWA#
Step 9: Remove the User Mode Password (Level 1) in clear form.

1900-SWA#config t
1900-SWA(config)#no enable password level 1 cisco
1900-SWA#
Step 10: Remove the User Mode Password (Level 1) in encrypted form.
1900-SWA#config t
1900-SWA(config)#no enable secret level 1 cisco1
1900-SWA#
Step 11: Remove the Privileged Mode Password (Level 15) in clear form.
1900-SWA#config t
1900-SWA(config)#no enable password level 15 cisco
1900-SWA#
Step 12: Remove the Privileged Mode Secret Password (Level 15) in encrypted
form.
1900-SWA#config t
1900-SWA(config)#no enable secret level 15 cisco1
1900-SWA#
-20-
Step 13(A): To give the IP Address of Management VLAN Of 1900-SWA.

1900-SWA#config t
1900-SWA(config)#ip address 10.0.0.10 255.0.0.0
1900-SWA(config)#ip default-gateway 10.0.0.50
1900-SWA#
Step 13(B): Display the ip address of Management VLAN on 1900 switch.
1900-SWA#show ip
IP Address: 10.0.0.10
Subnet Mask: 255.0.0.0
Default Gateway: 10.0.0.50
Management VLAN: 1
Domain name:
Name server 1: 0.0.0.0
Name server 2: 0.0.0.0
HTTP server : Enabled
HTTP port : 80
RIP : Enabled
1900-SWA#
Step 14: Display the Version Information of the 1900-SWA.

1900-SWA#show version
Cisco Catalyst 1900/2820 Enterprise Edition Software

Version V9.00.04
1900-SWA uptime is 0day(s) 01hour(s) 41minute(s) 20second(s)
cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memory
Hardware board revision is 5
Upgrade Status: No upgrade currently in progress.
Config File Status: No configuration upload/download is in progress
15 Fixed Ethernet/IEEE 802.3 interface(s)
Base Ethernet Address: 00-03-6B-33-42-C0
1900-SWA#
-21-
Step 15: Display the Interfaces information of the 1900-SWA.

1900-SWA#show interfaces ?
Ethernet IEEE 802.3

FastEthernet FastEthernet IEEE 802.3
<cr>
1900-SWA#show interfaces ethernet 0/1
Ethernet 0/1 is Suspended-no-linkbeat

Hardware is Built-in 10Base-T
Address is 0003.6B33.42C1
MTU 1500 bytes, BW 10000 Kbits
802.1d STP State: Forwarding Forward Transitions: 1
Port monitoring: Disabled
Unknown unicast flooding: Enabled
Unregistered multicast flooding: Enabled
Description:
Duplex setting: Half duplex
Back pressure: Disabled
<OutputOmited>
1900-SWA#
1900-SWA#show interfaces fastEthernet 0/26
FastEthernet 0/26 is Suspended-no-linkbeat

Hardware is Built-in 100Base-TX
Address is 0003.6B33.42DA
802.1d STP State: Blocking Forward Transitions: 0
Description:
Duplex/Flow Control setting: Auto-negotiate
Auto-negotiation status: Auto-negotiate
Enhanced Congestion Control: Disabled
-22-
Step 16(A): Setting Of Duplex and Description on Interfaces.

1900-SWA#config t
1900-SWA(config)#interface ethernet 0/1
1900-SWA(config-if)#duplex ?
auto Enable auto duplex configuration

full Force full duplex operation
full-flow-control Force full duplex with flow control
half Force half duplex operation
1900-SWA(config-if)#duplex full
1900-SWA(config-if)#
1900-SWA(config-if)#description This-Interface-Belong-To-Cisco-Lab
1900-SWA(config-if)#end
1900-SWA#
Step 16(B): Display the information of Duplex and Description on Interfaces.

Ethernet 0/1 is Suspended-no-linkbeat

Description: This-Interface-Belong-To-Cisco-Lab
Duplex setting: Full duplex
-23-
Address Learning Mechanism

Of
Switch
Objective
This lab gives you the better understanding of address learning methods of Switch.
1. Dynamic Method (Default Method).

2. Permanent Method.
3. Restricted Static Method.
i. Dynamic Method
It is the by-default learning method of the switches. The entry remains in the table, if the
communication does not exist within the 300 seconds.
Diagram
Procedure
1. Ping from Host ‘A’ to Host ‘B’.
2. Verifying the Mac Addresses of the Hosts by the command.
3. Remove the Dynamic entry of the Hosts
-24-
Configuration
Step 1(A): Ping from Host ‘A’ to Host ‘B’.
D:\>ping 10.0.0.2


D:\>
Step 2: Verifying the Mac Addresses of the Hosts by the command.

1900-SWA#show mac-address-table
Number of permanent addresses : 0

Number of restricted static addresses : 0
Number of dynamic addresses : 2
Address Dest Interface Type Source Interface List

---------------------------------------------------------------------------------------
0050.DA23.C9DD Ethernet 0/1 Dynamic All
0001.0262.FCC4 Ethernet 0/2 Dynamic All
1900-SWA#
Step 3: Remove the Dynamic Entry of the Hosts.

1900-SWA#clear mac-address-table
-25-
ii. Permanent Method

In the permanent method, the Mac-addresses do not age-out. The entry remains in the
table either the device attached to the switch or not.
Diagram
Procedure
1. Define the permanent entry of the both Hosts.
4. Remove the permanent entry of the Hosts.
Configuration
Step 1: Define the permanent entry of the both Hosts.
1900-SWA#configure terminal
1900-SWA(config)#mac-address-table permanent 0050.DA23.C9DD e0/1
1900-SWA(config)#mac-address-table permanent 0001.0262.FCC4 e0/2
1900-SWA#
-26-
Step 2: Ping from Host ‘A’ to Host ‘B’.

D:\>ping 10.0.0.2


D:\>
OR
1900-SWA#show mac-address-table permanent


------------------------------------------------------------------------------------------
0001.0262.FCC4 Ethernet 0/2 Permanent All
0050.DA23.C9DD Ethernet 0/1 Permanent All
1900-SWA#
Step 4: Remove the permanent entry of the Hosts.

1900-SWA#clear mac-address-table permanent
-27-
iii. Restricted Static Method

In the restricted static method, the Mac-addresses do not age-out as well as it define the
list that which source interface can talk/communicate with this destination interface.
Diagram
Procedure
1. Define the restricted static of the both Hosts.
4. Remove the permanent entry of the Hosts.
Configuration
Step 1: Define the Restricted Static entry of the both Hosts.
1900-SWA(config)#mac-address-table restricted static 0050.DA23.C9DD e0/1 e0/2
1900-SWA(config)#mac-address-table restricted static 0001.0262.FCC4 e0/2 e0/1
1900-SWA#
-28-

D:\>ping 10.0.0.2


D:\>

OR
1900-SWA#show mac-address-table restricted static
Step 4: Remove the Restricted Static entry of the Hosts.

1900-SWA#clear mac-address-table restricted static
-29-
Accessing Switch
through
Telnet & Http
Objective
This lab gives you the better understanding of accessing the Switch through the remote
ways e.g. through Telnet & Http.
Diagram
Procedure
1. Set the Privileged Mode Password on Switch.
2. Give the IP Address of Management VLAN Of Switch.
3. Verification of connectivity of PC & Switch by ping command.
4. Telnet to Switch by telnet command on PC.
5. Open Internet Explorer on PC and Type IP Address of Switch.
-30-
Configuration
Step 1: Set the Privileged/Administrative Mode Password in Clear Text.
1900-SWA(config)#
1900-SWA#
Step 2: To give the IP Address of Management VLAN Of 1900-SWA.

1900-SWA#config t
1900-SWA(config)#ip address 10.0.0.10 255.0.0.0
1900-SWA#
Step 3: Verification of connectivity of PC & Switch by ping command.

D:\>ping 10.0.0.10


D:\>
Step 4: Telnet to Switch by telnet command on PC.
Step 5: Open Internet Explorer on PC and Type IP Address of Switch.

Username: Administrator
Password: (Priviledge Mode Password)
-31-
Port Security
Objective
This lab gives you the better understanding of port security mechanism on Switch.
In the port security, we can limit the Mac-address table size for each port and can define
violation method.
Diagram
Procedure
1. Enable the port Security of the Interfaces.
2. Define the Max Mac Addresses on the Interfaces.
3. Verifying the Port Security of the Interfaces by the command.
4. Define the permanent entry of the both Hosts on the switch.
6. Change the interfaces of the Hosts & verifying the Results by the ping command.
-32-
Configuration
Step 1: Enable the port Security of the Interfaces.
1900-SWA(config)#int Ethernet 0/1
1900-SWA(config-if)#port secure
1900-SWA(config-if)#exit
1900-SWA(config-if)#port secure
1900-SWA#
Step 2: Define the Max Mac Addresses on the Interfaces.

1900-SWA(config-if)#port secure max-mac-count 1
1900-SWA(config-if)#port secure max-mac-count 1
1900-SWA#
Step 3: Verifying the Port Security of the Interfaces by the command.

1900-SWA#show mac-address-table security
Step 4: Define the permanent entry of the both Hosts.

1900-SWA#mac-address-table permanent 0050.DA23.C9DD e0/1
1900-SWA#mac-address-table permanent 0001.0262.FCC4 e0/2
1900-SWA#

D:\>ping 10.0.0.2

-33-

D:\>
Step 4: Change the interfaces of the Hosts & verifying the Results by the ping
command.
D:\>ping 10.0.0.2
Request timed out.

Request timed out.
Request timed out.
Request timed out.

D:\>
-34-
VLAN
&
VLAN Trunking Protocol
(VTP)
Objective
Understanding the VLAN & VTP operations in switched environment.
1. To make Vlan’s on 1900 switches & Vlan membership assignments to the ports.
2. VLAN Trunking Protocol (VTP).
i. VLAN
Diagram
Procedure
1. Connecting PC’A’ with 1900-SWA switch and verified by Commands.
2. Display the results that all ports are the members of the Native VLAN (VLAN#1).
3. Create a VLAN # 2 on 1900-SWA Switch.
4. Assign a VLAN Member-ship for a Port on 1900-SWA Switch.
5. Verification of VLAN # 2.
-35-
Configuration
Step 1(A): Connecting PC’A’ with 1900-SWA Switch & verified by the Interface
Command.
Ethernet 0/1 is Enabled

Description:
Duplex setting: Full duplex
<Output Omitted>
1900-SWA#
Step 1(B): Connecting PC with 1900 switch and verified by the MAC Address
Table Command.


-------------------------------------------------------------------------------------
0050.DA23.C9DD Ethernet 0/1 Dynamic All
1900-SWA#
Step 2(A): Display the results that all ports are the members of Native VLAN.
1900-SWA#show vlan
OR
-36-
1900-SWA#show vlan 1
VLAN Name Status Ports

------------------------------------------------------------
1 default Enabled 1-12, AUI, A, B
------------------------------------------------------------
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
--------------------------------------------------------------------------------------------------
1 Ethernet 100001 1500 0 0 0 Unkn 1002 1003
--------------------------------------------------------------------------------------------------
1900-SWA#
Step 2(B): Display the results that all ports are the members of Native VLAN.
1900-SWA#show vlan-membership
Port VLAN Membership Type

----------------------------------------
1 1 Static
2 1 Static
3 1 Static
4 1 Static
5 1 Static
6 1 Static
7 1 Static
8 1 Static
9 1 Static
10 1 Static
11 1 Static
12 1 Static
AUI 1 Static
A 1 Static
B 1 Static
1900-SWA#
Step 3: Create a VLAN # 2 on 1900-SWA Switch by VLAN command.

1900-SWA#config t
1900-SWA(config)#vlan 2 name cttc
1900#
-37-
Step 4: Assign a Member-ship for Fast Ethernet Port 0/1 on 1900-SWA Switch.
1900-SWA#config t
1900-SWA(config)#int ethernet 0/1
1900-SWA(config-if)#vlan-membership ?
dynamic Set VLAN membership type as dynamic

static Set VLAN membership type as static
1900-SWA(config-if)#vlan-membership static ?
<1-1005> ISL VLAN index
1900-SWA(config-if)#vlan-membership static 2
1900-SWA#
Step 5: Verification of VLAN # 2.

1900-SWA#show vlan
OR
1900-SWA#sh vlan 2

--------------------------------------------
2 cttc Enabled 1
--------------------------------------------
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
-------------------------------------------------------------------------------------------------------
2 Ethernet 100002 1500 0 1 1 Unkn 0 0
-------------------------------------------------------------------------------------------------------
1900-SWA#
-38-
ii. VLAN Trunking Protocol (VTP)

Diagram
Procedure
1. Make a VTP domain CISCO on switches.
2. Make a VTP server to 1900-SWA and client to 1900-SWB.
3. Enable a Trunking on the fastEthernet ports 0/26 of the switches.
4. Verifying with VTP commands on switches.
5. Verifying the ISL trunking on switches.
6. Verifying the VTP Advertisements By Trigger Updates ( make vlan’s) On 1900-
SWA switch.
7. Verifying the VTP database on switches after triggered update.
8. Verifying the VLAN datatbase on 1900-SWA switch after making VLAN’s.
9. Verifying the VLAN datatbase consistency on 1900 switch after making VLAN’s
on 1900-SWB switch.
-39-
Configuration
Step 1(A): Make a VTP Domain CISCO on 1900-SWA Switch.
1900-SWA#config t
1900-SWA(config)#vtp ?
client VTP client

domain Set VTP domain name
password Set VTP password
pruning VTP pruning
server VTP server
transparent VTP transparent
trap VTP trap
1900-SWA(config)#vtp domain
1900-SWA(config)#vtp domain ?
WORD Name of the VTP management domain
1900-SWA(config)#vtp domain CISCO

1900-SWA#
Step 1(B): Make a VTP Domain CISCO on 1900-SWB Switch.

1900-SWB#config t
1900-SWB(config)#vtp domain CISCO
1900-SWB(config)#exit
1900#
Step 2(A): Make a VTP Server to 1900-SWA Switch.

1900-SWA#config t
1900-SWA(config)#vtp server
1900-SWA#
Step 2(B): Make a VTP Client to 1900-SWB Switch.

1900-SWB#config t
1900-SWB(config)#vtp client
1900-SWB(config)#end
1900-SWB#
-40-
Step 3(A): Enable an ISL Trunking on the fastEthernet port 0/26 of 1900-SWA.
1900-SWA#config t
1900-SWA(config)#int fastEthernet 0/26
1900-SWA(config-if)#trunk on
1900-SWA#
Step 3(B): Enable an ISL Trunking on the fastEthernet ports 0/26 of 1900-SWB.
1900-SWB#config t
1900-SWB(config)#int fastEthernet 0/26
1900-SWB(config-if)#trunk on
1900-SWB(config-if)#end
1900-SWB#
Step 4(A): Verifying the VTP Status on 1900-SWA Switch.

1900-SWA#show vtp
VTP version: 1
Configuration revision: 11
Maximum VLANs supported locally: 1005
Number of existing VLANs: 9
VTP domain name : CISCO
VTP password :
VTP operating mode : Server
VTP pruning mode : Disabled
VTP traps generation : Enabled
Configuration last modified by: 10.0.0.10 at 00-00-0000 00:00:00
1900-SWA#
Step 4(B): Verifying the VTP Status on 1900-SWB Switch.

1900-SWB#show vtp
VTP version: 1
VTP password :
VTP operating mode : Client
-41-

1900-SWB#
Step 5(A): Verifying the ISL Trunking on 1900-SWA switch.

1900-SWA#show trunk a
DISL state: On, Trunking: On, Encapsulation type: ISL

1900-SWA#
Step 5(B): Verifying the ISL Trunking on 1900-SWB switch.

1900-SWB#show trunk a
DISL state: On, Trunking: On, Encapsulation type: ISL

1900-SWB#
Step 6: Verifying the VTP Advertisements By Trigger Updates ( make vlan’s) On

1900 switch.
1900-SWA#config t
1900-SWA(config)#vlan 25
1900-SWA#
Step 7(A): Verifying the VTP Status on 1900-SWA switch after triggered update.
1900-SWA#show vtp
VTP version: 1
VTP password :
VTP operating mode : Server
1900-SWA#
-42-
Step 7(B): Verifying the VTP Status on 1900-SWB switch after triggered update.
1900-SWB#show vtp
VTP version: 1
VTP password :
VTP operating mode : Client
1900-SWB#
Step 8: Verifying the VLAN datatbase on 1900-SWA switch.

1900-SWA#show vlan

------------------------------------------------------------------
2 cttc Enabled 1
3 VLAN0003 Suspended
25 VLAN0025 Enabled
50 VLAN0050 Enabled
75 VLAN0075 Enabled
100 VLAN0100 Enabled
1002 fddi-default Suspended
1003 token-ring-defau Suspended
1004 fddinet-default Suspended
1005 trnet-default Suspended
-------------------------------------------------------------------
1900-SWA#
-43-
Step 9: Verifying the VLAN datatbase consistency on 1900 switch after

making VLAN’s on 1900 switch.
1900-SWB#show vlan

------------------------------------------------------------------
2 cttc Enabled 1
25 VLAN0025 Enabled
50 VLAN0050 Enabled
75 VLAN0075 Enabled
100 VLAN0100 Enabled
1002 fddi-default Suspended
1003 token-ring-defau Suspended
1004 fddinet-default Suspended
1005 trnet-default Suspended
-------------------------------------------------------------------
1900-SWB#
-44-
Spanning Tree Protocol

Objective
Understanding the Spanning tree protocol operation in switched environment by creating
a multiple or redundant link between switches.
Diagram With Redundant Link
Procedure
1. Verifying the Spanning Tree Protocol on the 1900-SWA switch.
2. Verifying the Spanning Tree Protocol on the 1900-SWB switch.
3. Select Root Port By Changing Priority Of Ports On 1900-SWA (Root Switch).
4. Verifying the results by changing Priority of ports on 1900-SWA & 1900-SWB.
5. Change 1900-SWB (Non-Root Switch) to Root Switch.
6. Verifying the results on 1900-SWA & 1900-SWB.
7. Select Root Port By Changing Cost Of Ports On 1900-SWANon-Root Switch).
8. Verifying the results by changing cost on 1900-SWA
-45-
Configuration
Step 1(A): Verifying the Spanning Tree Protocol on the 1900-SWA Switch.
1900-SWA#show spantree
OR
1900-SWA#show spantree 1
VLAN1 is executing the IEEE compatible Spanning Tree Protocol

Bridge Identifier has priority 32768, address 0003.6B33.42C0
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address 0003.6B33.42C0
Root port is N/A, cost of root path is 0
Topology change flag not set, detected flag not set
Topology changes 1, last topology change occured 0d00h12m04s ago
Times: hold 1, topology change 8960
hello 2, max age 20, forward delay 15
Timers: hello 2, topology change 35, notification 2
<Output Omitted>
Port FastEthernet 0/26 of VLAN1 is Forwarding

Port path cost 10, Port priority 128
Designated root has priority 32768, address 0003.6B33.42C0
Designated bridge has priority 32768, address 0003.6B33.42C0
Designated port is 26, path cost 0
Timers: message age 20, forward delay 15, hold 1

1900-SWA#
-46-
Step 1(B): Verifying the information of Spanning Tree Protocol on the

FastEthernet0/26 interface of 1900-SWA Switch.
FastEthernet 0/26 is Enabled

Address is 0003.6B33.42DA
Description:
Auto-negotiation status: Full duplex
<Output Omitted>
1900-SWA#
Step 1(C): Verifying the information of Spanning Tree Protocol on the

FastEthernet0/27 interface of 1900-SWA Switch.

Address is 0003.6B33.42DB
Description:
<Output Omitted>
1900-SWA#
-47-
Step 2(A): Verifying the Spanning Tree Protocol on the 1900-SWB Switch.
1900-SWB#show spantree
OR
1900-SWB#show spantree 1

Bridge Identifier has priority 32768, address 0004.C1DD.5780
Root port is FastEthernet 0/26, cost of root path is 10
<Output Omitted>

Port FastEthernet 0/27 of VLAN1 is Blocking

1900-SWB#
-48-
Step 2(B): Verifying the information of Spanning Tree Protocol on the

FastEthernet0/26 interface of 1900-SWB Switch.
1900-SWB#show interfaces fastEthernet 0/26

Address is 0004.C1DD.579A
Description:
<Output Omitted>
1900-SWB#
Step 2(C): Verifying the information of Spanning Tree Protocol on the

FastEthernet0/27 interface of 1900-SWB Switch.

Address is 0003.6B33.42DB
Description:
<Output Omitted>
1900-SWA#
-49-
Step 3: Select Root Port By Changing Priority Of Ports On 1900-SWA (Root

Switch).
1900-SWA#config t
1900-SWA(config)#interface fastEthernet 0/27
1900-SWA(config-if)#spantree priority 112
1900-SWA#
Step 4(A): Verifying the results by Changing Priority Of Ports On 1900-SWA

(Root Switch).
Note: After 50 sec’s, the port will be forwarded after taking part into election.
OR

<Output Omitted>


1900-SWA#
-50-
Step 4(B): Verifying the results by changing Priority Of Ports On 1900-SWB

(Non-Root Switch).
OR
1900-SWB#show spantree 1

<Output Omitted>


1900-SWB#
Step 5: Change the 1900-SWB (Non-Root Switch) to a Root Switch.

1900-SWB#config t
1900-SWB(config)#spantree-template 1 priority 28672
1900-SWB(config)#end
1900-SWB#
-51-
Step 6(A): Verifying the results of new Root Switch on 1900-SWA ( Old Root
Switch).

Current root has priority 28672, address 0004.C1DD.5780
<Output Omitted>

Designated root has priority 28672, address 0004.C1DD.5780
Designated bridge has priority 28672, address 0004.C1DD.5780

1900-SWA#
Step 6(B): Verifying the results of new Root Switch on 1900-SWB ( New Root
Switch).

-52-

<Output Omitted>


1900-SWB#
Step 7: Select Root Port By Changing Cost Of Ports On 1900-SWA (Non-Root

Switch).
1900-SWA#config t
1900-SWA(config)#interface fastEthernet 0/27
1900-SWA(config-if)#spantree cost 9
1900-SWA#
Step 8(A): Verifying the results by changing cost on 1900-SWA (Non-Root

Switch).
OR

-53-

<Output Omitted>


1900-SWA#
-54-
Router Basic IOS

Objective
This lab includes basic commands of Router IOS on 2500 Series.
Diagram
Configuration
Step 1: After connecting your PC to the Console Port.
Router con0 is now available
Press RETURN to get started.

Router>
Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & Vice-
Versa.
Router>enable
Router#
Router#disable
Router>
Step 3: To change the Host Name of Router.

-55-
Router#setup
--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: y
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Basic management setup configures only enough connectivity

for management of the system, extended setup will ask you
to configure each interface on the system
Would you like to enter basic management setup? [yes/no]: y
Configuring global parameters:

Enter host name [Router]: R1
The enable secret is a password used to protect access to

privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret: cisco1
The enable password is used when you do not specify an

enable secret password, with some older software versions, and
some boot images.
Enter enable password: cisco
The virtual terminal password is used to protect

access to the router over a network interface.
Enter virtual terminal password: cisco
Configure SNMP Network Management? [no]:
Current interface summary
Interface IP-Address OK? Method Status Protocol
Ethernet0 unassigned YES NVRAM administratively down down
Serial0 unassigned YES NVRAM administratively down down
Enter interface name used to connect to the

management network from the above interface summary: Ethernet0
-56-
Configuring interface Ethernet0:

Configure IP on this interface? [no]: yes
IP address for this inerface: 10.0.0.20

Subnet mask for this interface [255.0.0.0] : 255.0.0.0
Class A network is 10.0.0.0, 8 subnet bits; mask is /8
The following configuration command script was created:
hostname R1
enable secret 5 $1$ZFA2$ZR288i7VkOufhqSdIyiOs.
enable password cisco
line vty 0 4
password cisco
no snmp-server
!
no ip routing
!
interface Ethernet0
no shutdown
ip address 10.0.0.20 255.0.0.0
!
interface Serial0
shutdown
no ip address
!
!
interface Serial1
shutdown
no ip address
!
end
[0] Go to the IOS command prompt without saving this config.

[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.
Enter your selection [2]: 0
% You can enter the setup, by typing setup at IOS command prompt
Router#
-57-
Step 4: To Enter Into Global Configuration Mode.

Router#configure terminal
Router(config)#
Step 4: To change the Host Name of Router.

Router(config)#
Router(config)#hostname R1
R1(config)#
Step 5(A): Set the Line Console Password on the Router.

R1#config t
R1(config)#
R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#end
R1#
Step 5(B): Verification Line Console Password on the switch.

R1 con0 is now available
User Access Verification
Password:
R1>enable
R1#
Step 6(A): Set the privileged mode password in clear text.

R1(config)#
R1(config)#enable password cisco
R1(config)#exit
R1#
-58-
Step 6(B): Verifying the privileged mode password in clear text.

R1#disable
R1>enable
Password:
R1#
Step 7(A): Set the Privileged Mode password in encrypted form.

R1(config)#
R1(config)#enable secret cisco
The enable secret you have chosen is the same as your enable password.
This is not recommended. Re-enter the enable secret.
R1(config)#enable secret cisco1

R1(config)#
Step 7(B): Verifying the Privileged Mode password in encrypted form.

R1#disable
R1>enable
Password: (Enter Clear Text Password)
Password: (Enter Encrypted Password)
R1#
Step 8: Set the Line VTY Password on the Router.

R1#configure terminal
R1(config)#line vty 0 4
R1(config-line)#end
R1#
Step 9: Set the Line Auxiliary Password on the Router.

R1(config)#line aux 0
R1(config-line)#end
R1#
-59-
Step 10(A): Set the System Clock, Date & Time on the Router
R1#clock set ?
hh:mm:ss Current Time
R1#clock set 6:30:45 ?
<1-31> Day of the month

MONTH Month of the year
R1#clock set 6:30:45 1 JAN ?
<1993-2035> Year
R1#clock set 6:30:45 1 JAN 2005

R1#
Step 10(B): Verify the System Clock, Date & Time on the Router
R1#show clock
06:32:33.527 UTC Sat Jan 1 2005

R1#
Step 11(A): Set the Message of the Day Banner on the Router.
R1(config)#
R1(config)#banner motd # HELLO & WELCOME TO CISCO WORLD #
R1(config)#end
R1#
Step 11(B): Verify the Message of the Day Banner on the Router.
R1 con0 is now available
HELLO & WELCOME TO CISCO WORLD
Password:
R1>enable
Password:
-60-
R1#
Step 12: Show contents of Current Configuration (RAM).

R1#show running-config
Building configuration...
Current configuration:
!
! Last configuration change at 06:35:33 UTC Sat Jan 1 2005
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
enable secret 5 $1$AuWm$zCssEZ4eNAqcED9e.qUE9.
enable password cisco
!
ip subnet-zero
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
no ip address
no ip mroute-cache
shutdown
no fair-queue
!
interface Serial1
no ip address
shutdown
!
ip classless
no ip http server
!
banner motd ^C HELLO & WELCOME TO CISCO WORLD ^C
!
-61-
line con 0
password cisco
login
transport input none
line aux 0
password cisco
login
line vty 0 4
password cisco
login
end
R1#
Step 13: Remove the Privileged Mode Password (Level 15) in clear form.
1900-SWA#config t
1900-SWA(config)#no enable password cisco
1900-SWA#
Step 14: Remove the Privileged Mode Secret Password (Level 15) in encrypted
form.
1900-SWA#config t
1900-SWA(config)#no enable secret cisco1
1900-SWA#
Step 15: Display the Flash Information.

R1#dir
OR
R1#show flash:
System flash directory:

File Length Name/status
1 7432656 c2500-i-l[1].120-7.T.bin
[7432720 bytes used, 955888 available, 8388608 total]
8192K bytes of processor board System flash (Read ONLY)
R1#
Step 16: Display the Version Information of the Switch.

-62-
R1#show version
Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-I-L), Version 12.0(7)T, RELEASE SOFTWARE
(fc2)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Mon 06-Dec-99 14:50 by phanguye
Image text-base: 0x0303C728, data-base: 0x00001000
ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE

BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE
SOFTWARE (fc1)
R1 uptime is 1 minute
System returned to ROM by reload
System image file is "flash:c2500-i-l[1].120-7.T.bin"
cisco 2500 (68030) processor (revision F) with 16384K/2048K bytes of memory.

Processor board ID 04851445, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
Configuration register is 0x2102

R1#
Step 17: Display the information of All Interfaces on the Router.

R1#show ip interface brief

R1#
Step 18(A): Display the Detailed Information of the Ethernet Interface on the
Router.
-63-
R1#show interfaces ethernet 0
Ethernet0 is administratively down, line protocol is down

Hardware is Lance, address is 00e0.b055.3d29 (bia 00e0.b055.3d29)
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 252/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:19:04, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
<Output Omitted>
R1#
Step 18(B): Display the Detailed Information of the Serial Interface on the
Router.
R1#show interfaces serial 0

Serial0 is administratively down, line protocol is down
Hardware is HD64570
Encapsulation HDLC, loopback not set
Last input never, output never, output hang never
<Output Omitted>
R1#
-64-
i. Assign the IP Address on the Ethernet

Interface of the Router.
Diagram
Procedure
1. Check for the interfaces summary of the Router.
2. Assign the IP Address on the Ethernet Interface of the Router.
3. Display the interface information of the Ethernet interface of the router.
4. Verify the connectivity of the Router with the switch & PC.
-65-
Configuration
Step 1: Check for the Interfaces summary of the Router.

R1#
Step 2: Assign the IP Address on the Ethernet Interface of the Router.

R1#config t
R1(config)#interface ethernet 0
R1(config-if)#no ip address
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 3: Display the interface information of the Ethernet interface of the Router.
R1#show interfaces ethernet 0
Ethernet0 is up, line protocol is up

Hardware is Lance, address is 0000.0c3e.93e1 (bia 0000.0c3e.93e1)
Internet address is 10.0.0.20/8
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
<Output Omitted>
R1#
-66-
Step 4(A): Check for the Interfaces summary of the Router.

Ethernet0 10.0.0.10 YES manual up up

R1#
Step 4(B): Verify the connectivity of the Router with the Switch.
R1#ping 10.0.0.20
Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Step 4(C): Verify the connectivity of the Router with the PC.
R1#ping 10.0.0.1

!!!!!
R1#
-67-
ii. Assign the IP Address on the Serial

Interfaces of the Router.
Diagram
Procedure
1) Check for the interfaces summary of the Router R1 & R2
2) Check for the DCE & DTE interfaces of the Router R1 & R2
3) Assign the IP Address on the Serial Interfaces of the Router R1 & R2.
4) Display the interface information of the Serial interface of the Router R1 & R2.
5) Verify the connectivity of the Router R1 & R2.
-68-
Configuration
Step 1: Check for the Interfaces summary of the Routers.


R1#
Step 2(A): Check for the DCE cable of the Router R1.
R1#show controllers serial 0
HD unit 0, idb = 0x10DB04, driver structure at 0x1139D8

buffer size 1524 HD unit 0, RS-232 DCE cable
cpb = 0x22, eda = 0x4140, cda = 0x4000
<Output Omitted>
0 missed datagrams, 0 overruns
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
0 residual bit errors
R1#
Step 2(B): Check for the DTE cable of the Router R2.
R2#show controllers serial 0
HD unit 0, idb = 0x160118, driver structure at 0x165478

buffer size 1524 HD unit 0, RS-232 DTE cable
cpb = 0x22, eda = 0x412C, cda = 0x4140
<Output Omitted>
0 missed datagrams, 0 overruns
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
0 residual bit errors
R2#
-69-
Step 3(A): Assign the IP Address on the Serial Interface of the Router R1.
R1(config)#interface serial 0
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#end
R1#
Step 3(A): Assign the IP Address on the Serial Interface of the Router R2.
R2(config-if)#end
R2#
Step 4: Display the interface information of the Serial interface of the Router.
R1#show interfaces serial 0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 15.0.0.1/8
Encapsulation HDLC, loopback not set
Last input 00:00:04, output 00:00:00, output hang never
Last clearing of "show interface" counters 01:48:12
<Output Omitted>
Step 5(A): Check for the Interfaces summary of the Router R1.
Ethernet0 unassigned YES unset administratively down down
Serial0 15.0.0.1 YES manual up up

-70-
Step 5(B): Verify the connectivity of the Router R1 & R2.

R1#ping 15.0.0.2

!!!!!
R1#
Accessing Router Through A Telnet

(Telnet between 2 Routers)
Objective
Understanding the telnet operations. In this lab Router R1 is going to be telnet to Router
R2.
Diagram
Procedure
1) Check the Connectivity between 2 routers.
2) Set the Privilege mode password on Router R2.
3) Set the TELNET (line VTY) password on Router R2.
4) Verify the telnet Session from Router R1 to Router R2.
5) Disconnect the telnet Session.
-71-
Configuration
Step 1: Check the Connectivity between 2 routers.
R1#ping 15.0.0.2

!!!!!
R1#
Step 2: Set the Privilege mode password on Router R2.
R2#config t
R2(config)#enable password cisco
R2(config)#end
R2#
Step 3: Set the Telnet (Line VTY)password on Router R2.

R2#config t
R2(config)#line vty 0 4
R2(config-line)#end
R2#
Step 4: Verify the telnet Session from Router R1 to Router R2.

R1#
R1#telnet 15.0.0.2
Trying 15.0.0.2 ... Open
Password:
R2>en
R2>enable
Password:
R2#
-72-
Step 5(A): Verify the telnet line on Router R2.

R2#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
0 CTY - - - - - 0 1 0/0
1 AUX 9600/9600 - - - - - 0 0 0/0
* 2 VTY - - - - - 5 0 0/0
3 VTY - - - - - 0 0 0/0
4 VTY - - - - - 0 0 0/0
5 VTY - - - - - 0 0 0/0
6 VTY - - - - - 0 0 0/0
R2#
Step 5(B): Verify the telnet User on Router R2.
R2#show users
Line User Host(s) Idle Location

* 2 vty 0 idle 00:00:00 15.0.0.1
R2#
Step 5(C): Verify the telnet sessions from Router R1.

R1#sh sessions
Conn Host Address Byte Idle Conn Name

* 1 15.0.0.2 15.0.0.2 0 0 15.0.0.2
R1#
Step 6: Switch the telnet session from Router R2 to Router R1.
R2#
Press [ Ctrl+Shift+6 and then ‘x’ ]
R1#
Note: And then Resume connection by just Enter Key.
Step 7(A): Disconect the telnet session from Router R1 (Gracefully).

R1#disconnect
Closing connection to 15.0.0.2 [confirm]
R1#
-73-
Step 7(B): Disconect the telnet session from Router R2 (Disgracefully).

R2#Clear line 2
[Connection to 15.0.0.2 closed by foreign host]
R1#
STATIC Routes
Objective
Understanding the Operation of Static Routes. Static Routes are administratively defined
routes that specify the address or interface of the next hop in the path that packets must
take while moving between a source & destination.
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Administratively define the Static Routes on both routers so that hosts on the both
routers can communicate with each other.
4. Check the routing table on both the routers after defining the Static Routes on
both sides.
5. Verifying the connection of both hosts.
-74-
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1(config-if)#exit
R1(config-if)#end
R1#
Step 1(B): Assigning the IP addresses on the Router R2.

R2(config-if)#end
R2(config-if)#end
R2#
Step 2(A): Check the Routing table of the Router R1.

RA#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 10.0.0.0/8 is directly connected, Ethernet0

C 15.0.0.0/8 is directly connected, Serial0
-75-
RA#
Step 2(B): Check the Routing table of the Router R2.

RB#sh ip route

RB#
Step 3(A): Administratively define the Static Route on the Router R1.
RA#config t
RA(config)#ip route 20.0.0.0 255.0.0.0 15.0.0.2 (Networks to be advertised)
RA(config)#end
RA#
Step 3(B): Administratively define the Static Route on the Router R2.
RB#config t
RA(config)#ip route 10.0.0.0 255.0.0.0 15.0.0.1 (Networks to be advertised)
RB(config)#end
RB#
Step 4(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
S 20.0.0.0/8 [1/0] via 15.0.0.2

RA#
Step 5(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route

S 10.0.0.0/8 [1/0] via 15.0.0.1
RB#
-76-
Step 5: Verifying the connection of Host ‘A’ & Host ‘B’.

C:\>ping 20.0.0.1
Reply from 20.0.0.1: bytes=32 time=20ms TTL=254


C:\>
-77-
Routing Protocols
(RIP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (RIP).
Diagram
Procedure
3. Enable the RIP protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Verifying the Routing protocols on the Router.
5. Check the routing table on both the routers after enabling the RIP on both sides.
-78-
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#

RA#sh ip route


-79-
RA#

RB#sh ip route

RB#
Step 3(A): Enable the RIP protocol on the Router R1.

RA#config t
RA(config)#router rip
RA(config-router)#network 10.0.0.0 (Networks to be advertised)
RA(config-router)#end
RA#
Step 3(B): Enable the RIP protocol on the Router R2.

RB#config t
RB(config)#router rip
RB(config-router)#network 20.0.0.0 (Networks to be advertised)
RB(config-router)#end
RB#
Step 4(A): Check the Routing Protocol on the Router R1.

RA#show ip protocols
Routing Protocol is "rip"

Sending updates every 30 seconds, next due in 3 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Routing for Networks:

10.0.0.0
15.0.0.0
Routing Information Sources:

Gateway Distance Last Update
15.0.0.2 120 00:00:26
Distance: (default is 120)
RA#
-80-
Step 4(B): Check the Routing Protocol on the Router R2.

RB#show ip protocols
Routing Protocol is "rip"


15.0.0.0
20.0.0.0

15.0.0.1 120 00:00:18

RB#
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:00:19, Serial0

RA#
RB#sh ip route

R 10.0.0.0/8 [120/1] via 15.0.0.1, 00:00:22, Serial0
RB#
-81-

C:\>ping 20.0.0.1


C:\>
-82-
Routing Protocols
(IGRP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (IGRP).
Diagram
Procedure
3. Enable the IGRP protocol on both routers so that hosts on the both routers can
5. Check the routing table on both the routers after enabling the IGRP on both sides.
-83-

R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#

RA#sh ip route


RA#
-84-

RB#sh ip route

RB#
Step 3(A): Enable the IGRP protocol on the Router R1.

RA#config t
RA(config)#router igrp 10
RA#
Step 3(B): Enable the IGRP protocol on the Router R2.

RB#config t
RB(config)#router igrp 10
RB#

Routing Protocol is "igrp 10"

IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hopcount 100
IGRP maximum metric variance 1
Redistributing: igrp 10
10.0.0.0
15.0.0.0
-85-

15.0.0.2 100 00:00:13

RA#

Routing Protocol is "igrp 10"

IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hop count 100
IGRP maximum metric variance 1
Redistributing: igrp 10

15.0.0.0
20.0.0.0

15.0.0.1 100 00:00:32

RB#
RA#sh ip route
I 20.0.0.0/8 [100/8576] via 15.0.0.2, 00:01:09, Serial0

RA#
-86-
RB#sh ip route

I 10.0.0.0/8 [100/8576] via 15.0.0.1, 00:01:00, Serial0
RB#

C:\>ping 20.0.0.1


C:\>
-87-
Routing Protocols
(OSPF Configuration
In A Single Area)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (OSPF) in a
single area.
1. OSPF configuration in a point-to-point topology.

2. OSPF configuration in a broadcast-multiaccess environment.
i. Point-to-Point Topology
The specifications of point-to-point topology are
1. Router dynamically detects its neighboring router using the hello packets.
2. No Election: Adjacency is automatic as soon as the two routers can communicate.
3. OSPF packets are always sent as a multicast to 224.0.0.5
Diagram
-88-
Procedure
3. Enable the OSPF protocol on both routers so that hosts on the both routers can
5. Check the routing table on both the routers after enabling the OSPF on both sides.
6. Verifying the OSPF neighbors on the routers.
7. Verifying the OSPF interfaces on the routers.
8. Verifying the OSPF database on the routers.
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
-89-

RA#sh ip route


RA#

RB#sh ip route

RB#
Step 3(A): Enable the OSPF protocol on the Router R1.

RA#config t
RA(config)#router ospf 64
RA(config-router)#network 10.0.0.0 0.255.255.255 area 0 (Network to be advertised)
RA(config-router)#network 15.0.0.0 0.255.255.255 area 0 (Network to be advertised)
RA#
Step 3(B): Enable the OSPF protocol on the Router R2.

RB#config t
RB(config)#router ospf 64
RB(config-router)#network 15.0.0.0 0.255.255.255 area 0 (Network to be advertised)
RB(config-router)#network 20.0.0.0 0.255.255.255 area 0 (Network to be advertised)
RB#
-90-

Routing Protocol is "ospf 64"
Redistributing: ospf 64

10.0.0.0
15.0.0.0

20.0.0.20 110 00:10:52
RA#

Routing Protocol is "ospf 64"
Redistributing: ospf 64

15.0.0.0
20.0.0.0

15.0.0.1 110 00:12:17

RB#
Step 5(A): Check the Routing table of the Router R2 after enabling OSPF.
RA#sh ip route
O 20.0.0.0/8 [110/74] via 15.0.0.2, 00:22:17, Serial0

RA#
-91-
Step 5(B): Check the Routing table of the Router R2 after enabling OSPF.
RB#sh ip route

O 10.0.0.0/8 [110/74] via 15.0.0.1, 00:20:57, Serial0
RB#
Step 6(A): Verifying the OSPF neighbors on the Router R1.

RA#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface

20.0.0.20 1 FULL/ - 00:00:36 15.0.0.2 Serial0
RA#
Step 6(B): Verifying the OSPF neighbors on the Router R2.

RB#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface

15.0.0.1 1 FULL/ - 00:00:36 15.0.0.1 Serial0
RB#
Step 7(A): Verifying the OSPF interfaces on the Router R1.

RA#show ip ospf interface

Internet Address 10.0.0.20/8, Area 0
Process ID 64, Router ID 15.0.0.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 15.0.0.1, Interface address 10.0.0.20
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
<Output Omitted>

Process ID 64, Router ID 15.0.0.1, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
<Output Omitted>
RA#
-92-
Step 7(B): Verifying the OSPF interfaces on the Router R2.

RB#show ip ospf interface

Process ID 64, Router ID 20.0.0.20, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 20.0.0.20, Interface address 20.0.0.20
No backup designated router on this network
<Output Omitted>

Process ID 64, Router ID 20.0.0.20, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
<Output Omitted>
RB#
Step 8(A): Verifying the OSPF database on the Router R1.

RA#show ip ospf database
OSPF Router with ID (15.0.0.1) (Process ID 64)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count

15.0.0.1 15.0.0.1 2040 0x80000004 0x7C99 3
20.0.0.20 20.0.0.20 708 0x80000006 0x9957 3
RA#
Step 8(B): Verifying the OSPF database on the Router R2.

RB#show ip ospf database
OSPF Router with ID (20.0.0.20) (Process ID 64)
Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
15.0.0.1 15.0.0.1 105 0x80000005 0x7A9A 3
20.0.0.20 20.0.0.20 820 0x80000006 0x9957 3
RB#
-93-

C:\>ping 20.0.0.1


C:\>
-94-
Routing Protocols
(EIGRP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (EIGRP).
Diagram
Procedure
3. Enable the EIGRP protocol on both routers so that hosts on the both routers can
5. Check the routing table on both the routers after enabling the EIGRP on both
sides.
-95-
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#

RA#sh ip route


RA#
-96-

RB#sh ip route

RB#
Step 3(A): Enable the EIGRP protocol on the Router R1.

RA#config t
RA(config)#router eigrp 10
RA#
Step 3(B): Enable the EIGRP protocol on the Router R2.

RB#config t
RB(config)#router eigrp 10
RB#

Routing Protocol is "eigrp 10"
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: eigrp 10
Automatic network summarization is in effect

Automatic address summarization:
15.0.0.0/8 for Ethernet0
-97-

10.0.0.0
15.0.0.0

15.0.0.2 90 00:01:06
Distance: internal 90 external 170

RA#

Routing Protocol is "eigrp 10"
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
Redistributing: eigrp 10
Automatic network summarization is in effect
Automatic address summarization:

15.0.0.0/8 for Ethernet0
20.0.0.0/8 for Serial0

15.0.0.0
20.0.0.0

15.0.0.1 90 00:02:47
Distance: internal 90 external 170

RB#
-98-
Step 5(A): Check the Routing table of the Router R2 after enabling EIGRP.
RA#sh ip route
D 20.0.0.0/8 [90/2195456] via 15.0.0.2, 00:04:42, Serial0

RA#
Step 5(B): Check the Routing table of the Router R2 after enabling EIGRP.
RB#sh ip route

D 20.0.0.0/8 [90/2195456] via 15.0.0.1, 00:01:12, Serial0
RB#

C:\>ping 20.0.0.1


C:\>
-99-
Access Control List

Objective
Understanding the Router Packet Filtering Technique. It manage IP traffic as network
access grows and filter packets as they pass through the router.
1. Using Standard Access List (1-99).

2. Using Extended Access List (100-199).
i. STANDARD ACL
Standard IP lists (1-99) test conditions of all IP packets from source addresses.
In this lab scenario, initially both the Hosts ’A’ & ‘B’ are accessing the Web & Ftp
services but then apply the Standard ACL so that the Host ‘A’ could not access the Web
& Ftp Services.
It is recommended that place the Standard ACL near the destination.
Diagram
100
- -
Procedure
3. Enable the routing protocol on both routers so that hosts on the both routers can
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server & ftp server to the hosts C & D respectively.
6. Verifying the access of web server & ftp server by the hosts A & B respectively.
7. Make Apply the Standard ACL on the router R2, so that Host A can not access
these services.
8. Verifying the Standard ACL by accessing the web & ftp server from Host A.
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
101
- -

RA#sh ip route


RA#

RB#sh ip route

RB#

RA#config t
RA#

RB#config t
RB(config)#router rip 10
RB#
102
- -
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:04:42, Serial0

RA#
RB#sh ip route

R 20.0.0.0/8 [120/1] via 15.0.0.1, 00:01:12, Serial0
RB#
Step 5(A): Make a Web Server to the Host C.

1. Make a Web Page & Save it on Desktop.
2. Go to Start Button > All Programs > Administrative Tool > Internet Service
Manager
3. Right Click on the Computer name & goes to New tab > Web Site.
4. Follow the wizard and make the Web Server.
Step 5(B): Make a Ftp Server to the Host D.

Manager
3. Right Click on the Computer name & goes to New tab > FTP Site.
4. Follow the wizard and make the FTP Server.
Step 6(A): Verifying the Access of Web Server by the Host ‘A’.
Step 6(B): Verifying the Access of Ftp Server by the Host ‘A’.
Step 6(C): Verifying the Access of Web Server by the Host ‘B’.
Step 6(D): Verifying the Access of Web Server by the Host ‘B’.
103
- -
Step 7(A): Make the Standard ACL on the Router R2 so that Host A can not
accesses the Web & Ftp Server.
R2(config)#access-list 10 deny host 10.0.0.1
R2(config)#access-list 10 permit any
R2(config-if)#end
R2#
Step 7(B): Apply the Standard ACL on the Router (R2) Serial Interface.
R2(config-if)#ip access-group 10 in
R2(config-if)#end
R2#
Step 8(A): Verifying the Standard ACL from Host ‘A’ by accessing Web Server.
Step 8(B): Verifying the Standard ACL from Host ‘A’ by accessing Ftp Server.
Step 8(C): Verifying the Standard ACL from Host ‘D’ by accessing Web Server.
Step 8(D): Verifying the Standard ACL from Host ‘D’ by accessing Ftp Server.
104
- -
ii. EXTENDED ACL

Extended IP lists (100-199) test conditions of source and destination addresses, specific
TCP/IP protocols, and destination ports.
In this lab scenario, initially both the Hosts ’A’ & ‘B’ are accessing the Web & Ftp
services but then apply the Extended ACL in this way that Host ‘A’ can be access only
the web services & and Host ‘B’ could be access the Ftp Services only.
It is recommended that place the Extended ACL near the source.
Diagram
Procedure
both sides.
5. Make a web server & ftp server to the hosts C & D respectively.
6. Verifying the access of web server & ftp server by the hosts A & B respectively.
7. Make & Apply the Extended ACL on the router R1, so that Host ‘A’ can not
access the Web services & Host ‘B’ can not access the Ftp services.
8. Verifying the Standard ACL by accessing the Web & Ftp services from Host A &
Host ‘B’.
105
- -
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
RA#sh ip route


RA#
106
- -

RB#sh ip route

RB#

RA#config t
RA#

RB#config t
RB#
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:04:42, Serial0

RA#
RB#sh ip route

R 20.0.0.0/8 [120/1] via 15.0.0.1, 00:01:12, Serial0
RB#
107
- -
Step 5(A): Make a Web Server to the Host C.

Manager
Step 5(B): Make a Ftp Server to the Host D.

Manager
3. Right Click on the Computer name & goes to New tab > FTP Site.
4. Follow the wizard and make the FTP Server.
Step 6(A): Verifying the Access of Web Server by the Host ‘A’.
Step 6(B): Verifying the Access of Ftp Server by the Host ‘A’.
Step 6(C): Verifying the Access of Web Server by the Host ‘B’.
Step 6(D): Verifying the Access of Web Server by the Host ‘B’.
Step 7(A): Make the Extended ACL on the Router R1 so that Host A can not
access the Web Server & Host ‘B’ can not access the Ftp Server.
R1(config)#access-list 110 deny tcp host 10.0.0.1 host 20.0.0.1 eq www
R1(config)#access-list 110 deny tcp host 10.0.0.2 host 20.0.0.2 eq ftp
R1(config)#access-list 110 permit ip any any
R1(config-if)#end
R1#
Step 7(B): Apply the Extended ACL on the Router (R1) Ethernet Interface.
R1(config)#interface Ethernet 0
R1(config-if)#ip access-group 110 in
R1(config-if)#end
R1#
108
- -
Step 8(A): Verifying the Extended ACL from Host ‘A’ by accessing Web Server.
Step 8(B): Verifying the Extended ACL from Host ‘A’ by accessing Ftp Server.
Step 8(C): Verifying the Extended ACL from Host ‘D’ by accessing Web Server.
Step 8(D): Verifying the Extended ACL from Host ‘D’ by accessing Ftp Server.
109
- -
Network Address Translation

(NAT)
Objective
Understanding the operation of Network Address Translation. It’s uses when a network’s
host’s do not have enough globally unique IP Addresses to connect to the internet.
NAT technology enables private IP networks that use non-registered IP addresses to

connect to a public network.
1. Static NAT
2. Dynamic NAT.
3. Overload NAT (PAT).
i. STATIC NAT
In the Static NAT, we map the 1 Private IP Address to 1 reserved Public IP Address.
Diagram
110
- -
Procedure
both sides.
5. Make a web server to the host C & Run the Sniffer.
6. Access of web server by the hosts A & B respectively & check the Sniffer Output.
7. Establishes Static NAT Translation between an inside local address and an inside
global address.
8. Marks the interface as connected to the inside & outside networks.
9. Verifying the Standard Static NAT Translation by commands & Sniffer Outputs.
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
111
- -

RA#sh ip route


RA#

RB#sh ip route

RB#

RA#config t
RA#

RB#config t
RB#
112
- -
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:04:42, Serial0

RA#
RB#sh ip route

R 20.0.0.0/8 [120/1] via 15.0.0.1, 00:01:12, Serial0
RB#
Step 5(A): Make a Web Server to the Host C & Run the Sniffer.
Manager
5. Run the Sniffer & capturing the www traffic.
Step 6: Access Web Server by the Host ‘A’ & ‘B’ & check the Sniffer Output..
Step 7: Establishes Static NAT Translation between an inside local address

and an inside global address.
R1#config t
R1(config)#ip nat inside source static 10.0.0.1 15.0.0.11
R1(config)#ip nat inside source static 10.0.0.2 15.0.0.22
R1(config)#end
R1#
113
- -
Step 8(A): Marks the interface as connected to the Inside Network.

R1#conf t
R1(config)#int Ethernet 0
R1(config-if)#ip nat inside
R1(config-if)#exit
R1#
Step 8(B): Marks the interface as connected to the Outside Network.

R1#conf t
R1(config)#int serial 0
R1(config-if)#exit
R1#
Step 9(A): Verifying the Static NAT Translation on Router R1 by translation

table command.
R1#show ip nat translations
Pro Inside global Inside local Outside local Outside global

--- 15.0.0.11 10.0.0.1 --- ---
--- 15.0.0.22 10.0.0.2 --- ---
R1#
Step 9(B): Verifying the Static NAT Translation on Router R1 by debug.

R1#debug ip nat
IP NAT debugging is on
When Host ’A’ pings to Host ‘C’:
00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [34]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [34]
00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [35]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [35]
00:19:01: NAT: s=10.0.0.1->15.0.0.11, d=20.0.0.1 [36]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.11->10.0.0.1 [36]
114
- -
When Host ’B’ pings to Host ‘C’:
00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [37]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [37]
00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [38]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [38]
00:19:01: NAT: s=10.0.0.2->15.0.0.22, d=20.0.0.1 [39]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.22->10.0.0.2 [39]
115
- -
ii. Dynamic NAT

In the Dynamic NAT, we map the many Private IP Addresses to many Public IP Address.
Diagram
Procedure
both sides.
7. Defines a pool of global addresses to be allocated as needed.
8. Defines a standard IP access list permitting those inside local addresses that are to
be translated.
9. Establishes dynamic source translation, specifying the access list defined in the
prior step.
11. Verifying the Standard Dynamic translation by commands & Sniffer Outputs.
116
- -
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
RA#sh ip route


RA#
117
- -

RB#sh ip route

RB#

RA#config t
RA#

RB#config t
RB#
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:04:42, Serial0

RA#
RB#sh ip route

R 20.0.0.0/8 [120/1] via 15.0.0.1, 00:01:12, Serial0
RB#
118
- -
Manager
Step 7: Defines a pool of global addresses to be allocated as needed.

R1#config t
R1(config)#ip nat pool cttc 15.0.0.41 15.0.0.45 prefix-length 8
R1(config)#end
R1#
Step 8: Defines a standard IP access list permitting those inside local addresses
that are to be translated.
R1#config t
R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
R1(config)#end
R1#
Step 9: Establishes dynamic source translation, specifying the access list defined
in the prior step.
R1#config t
R1(config)#ip nat inside source list 1 pool cttc
R1(config)#end
R1#

R1#conf t
R1(config-if)#exit
R1#
119
- -

R1#conf t
R1(config-if)#exit
R1#
Step 11(A): Verifying the Dynamic NAT Translation on Router R1 by

debugging command.
R1#debug ip nat
00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [34]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [34]
00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [35]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [35]
00:19:01: NAT: s=10.0.0.1->15.0.0.41, d=20.0.0.1 [36]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.41->10.0.0.1 [36]
00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [37]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [37]
00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [38]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [38]
00:19:01: NAT: s=10.0.0.2->15.0.0.42, d=20.0.0.1 [39]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.42->10.0.0.2 [39]
Step 11(B): Verifying the Dynamic NAT Translation on Router R1 by
translation table.

--- 15.0.0.41 10.0.0.1 --- ---
--- 15.0.0.42 10.0.0.2 --- ---
R1#
120
- -
iii. Overload NAT (PAT)

In the Overload NAT, we map the many Private IP Addresses to 1 Public IP Address.
Diagram
Procedure
both sides.
7. Defines a standard IP access list permitting those inside local addresses that are to
be translated.
8. Establishes dynamic source translation, specifying the access list defined in the
prior step.
10. Verifying the Standard Dynamic translation by commands & Sniffer Outputs.
121
- -
Configuration
R1(config-if)#exit
R1(config-if)#end
R1#

R2(config-if)#end
R2(config-if)#exit
R2#
RA#sh ip route


RA#
122
- -

RB#sh ip route

RB#

RA#config t
RA#

RB#config t
RB#
RA#sh ip route
R 20.0.0.0/8 [120/1] via 15.0.0.2, 00:04:42, Serial0

RA#
RB#sh ip route

R 20.0.0.0/8 [120/1] via 15.0.0.1, 00:01:12, Serial0
RB#
123
- -
Manager
Step 7: Defines a standard IP access list permitting those inside local addresses
that are to be translated.
R1#config t
R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
R1(config)#end
R1#
Step 8: Establishes dynamic source translation, specifying the access list defined
in the prior step.
R1#config t
R1(config)#ip nat inside source list 1 int serial 0 overload
R1(config)#end
R1#

R1#conf t
R1(config-if)#exit
R1#

R1#conf t
R1(config-if)#exit
R1#
124
- -
Step 10(A): Verifying the Overload NAT Translation on Router R1 by

debugging command..
R1#debug ip nat
00:19:01: NAT: s=10.0.0.1->15.0.0.1, d=20.0.0.1 [933]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.1 [933]
00:19:01: NAT: s=10.0.0.1->15.0.0.1, d=20.0.0.1 [934]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.1 [934]
00:19:01: NAT: s=10.0.0.1->15.0.0.1, d=20.0.0.1 [935]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.1 [935]
00:19:01: NAT: s=10.0.0.2->15.0.0.1, d=20.0.0.1 [5192]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.2 [5192]
00:19:01: NAT: s=10.0.0.2->15.0.0.1, d=20.0.0.1 [5193]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.2 [5193]
00:19:01: NAT: s=10.0.0.2->15.0.0.1, d=20.0.0.1 [5194]

00:19:01: NAT*: s=20.0.0.1, d=15.0.0.1->10.0.0.2 [5194]
Step 10(B): Verifying the Dynamic NAT Translation on Router R1 by

translation table.

icmp 15.0.0.1:933 10.0.0.1:933 20.0.0.1:933 20.0.0.1:933
icmp 15.0.0.1:5192 10.0.0.2:5192 20.0.0.1:5192 20.0.0.1:5192
125
- -
FRAME RELAY
Objective
Establishing a Frame Relay PVC connection. Frame Relay is a standard that defines the
process for sending data over a public data network.
Frame Relay is a connection-oriented data link technology that is streamlined to provide

high performance & efficiency. Frame Relay connections operate over virtual circuits.
A basic Frame Relay configuration assumes one or more physical interfaces, and LMI
and Inverse ARP are running on the remote routers. In this type of environment, the LMI
notifies the router about the available DLCIs.
Diagram
Procedure
1. Configuring & Assigning the IP addresses to the FR Clients (R1 & R2).
2. Configuring the FR Switch.
3. Verifying the Frame Relay Operation by commands.
4. Verifying the connectivity of both FR Clients.
126
- -
Configuration
Step 1(A): Assigning the IP addresses to the FR Client Router R1.
R1(config-if)#encapsulation frame-relay
R1(config-if)#end
R1#
Step 1(B): Assigning the IP addresses to the FR Client Router R2.

R2(config-if)#encapsulation-frame-relay
R2(config-if)#end
R2(config-if)#exit
R2#
Step 2: Configuring the FR switch.

FR-SWITCH#config t
FR-SWITCH(config)#frame-relay switching
FR-SWITCH(config)#int s0
FR-SWITCH(config-if)#no ip address
FR-SWITCH(config-if)#no shutdown
FR-SWITCH(config-if)#encapsulation frame-relay
FR-SWITCH(config-if)#frame-relay intf-type dce
FR-SWITCH(config-if)#clock rate 64000
FR-SWITCH(config-if)#frame-relay route 102 int s1 201
FR-SWITCH(config-if)#exit
FR-SWITCH(config)#
FR-SWITCH(config)#int s1
FR-SWITCH(config-if)#no ip address
FR-SWITCH(config-if)#no shutdown
FR-SWITCH(config-if)#encapsulation frame-relay
FR-SWITCH(config-if)#frame-relay intf-type dce
FR-SWITCH(config-if)#clock rate 64000
FR-SWITCH(config-if)#frame-relay route 201 int s0 102

FR-SWITCH(config-if)#end
127
- -
Step 3(A): Verifying the Frame Relay Operation by commands.

show frame-relay pvc command displays the status of each configured connection, as
well as traffic statistics.
The show frame-relay map command displays the DLCI-protocol address map entries,
as well as information about the connection.
The show frame-relay lmi command displays LMI traffic statistics.
The show frame-relay route command displays the status of each configured virtual
circuit connection, as well as their status and route to other interface.

CCNA Lab Manual

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Lab Manual

Uploaded by

Copyright:

Available Formats

- 1-

The types of Ethernet cables available are:

1) Host to switch or hub

ii. Crossover Cable Cable

Notice that instead of connecting 1 to 1, etc., here we connect pins 1 to 3 and 2 to 6 on

iii. Rolled Cable

How To Create A LAN

The major concerns are,

i. Connecting 2 PC’s via Cross Cable

ii. Connecting 2 PC’s via Straight Cable

Then go to Hardware tab > Device Manager

Expand the SERVER123 (Computer Name) tab > Network Adapters

Step 2: Assign IP address to your LAN (NIC) card on both PC’s.

Choose your LAN card, & take the Properties,

Go to the TCP/IP, & take the Properties

Give the IP Address, & press O.K.

Check the IP Address on the Command Prompt.

Windows 2000 IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

Step 3(A): Check their connectivity by PING command.

Pinging 10.0.0.2 with 32 bytes of data:

Reply from 10.0.0.2: bytes=32 time<10ms TTL=128

Ping statistics for 10.0.0.2:

Step 3(B): Check their connectivity by Data Sharing.

The following screen will pop-up,

Open A Hyper Terminal Session

Step 2: Give the Session name.

Step 3: Define the Connection Type i-e., COM1.

Step 4: Define the Port Settings of COM Port.

Note: Press Restore Defaults Button

Step 5: Start the Hyper Terminal Session.

Switch Basic CAT IOS

PCA Number: 73-3122-04

1 user(s) now active on Management Console.

User Interface Menu

Step 3: To Enter Into Global Configuration Mode.

Step 4: To change the Host Name of Switch.

Step 5(B): Verification Of User Password on the 1900-SWA.

CLI session with the switch is now closed.

Press any key to continue.

Catalyst 1900 Management Console

PCA Number: 73-3122-04

1 user(s) now active on Management Console.

User Interface Menu

CLI session with the switch is open.

Step 6(A): Set the User Password (Level 1) in encrypted form.

Step 6(B): Verifying the User Password in encrypted form.

PCA Number: 73-3122-04

1 user(s) now active on Management Console.

User Interface Menu

Enter password: ****** (Enter Level 15 Secret Password)

CLI session with the switch is open.

Step 7(A): Set the Privileged/Administrative Mode Password in Clear Text.

Step 7(B): Verifying the privileged mode password in clear text.

Step 8(A): Set the Privileged Mode password in encrypted form.

Step 7(B): Verifying the Privileged Mode password in encrypted form.

Enter password: ****** (Enter Level 15 Secret Password)

Step 8: Show contents of Current Configuration (RAM).

interface Ethernet 0/11

Step 9: Remove the User Mode Password (Level 1) in clear form.

Step 13(A): To give the IP Address of Management VLAN Of 1900-SWA.

Step 13(B): Display the ip address of Management VLAN on 1900 switch.