You are on page 1of 9

CCNA 2 Routing and Switching

Routing Protocols
Routing Protocols OSPF Practice Skills Assessment Packet Tracer
A few things to keep in mind while completing this activity:
1. Do not use the browser Back button or close or reload any exam windows during the exam.
2. Do not close Packet Tracer when you are done. It will close automatically.
3. Click the Submit Assessment button in the browser window to submit your work.
Introduction
In this practice skills assessment, you will configure the Our Town three-router network with
multiarea OSPFv2. As part of this process, you will perform basic router configuration tasks,
address router interfaces and hosts, and implement two ACLs.
All IOS device configurations should be completed from a direct terminal connection to the device
console.
Some values that are required to complete the configurations have not been given to you. In those
cases, create the values that you need to complete the requirements. These values may include
certain IP addresses, passwords, interface descriptions, banner text, and other values.
You will practice and be assessed on the following skills:
Configuration of initial device settings
IPv4 address assignment
Configuration and addressing of router interfaces
Configuration of the multiarea OSPFv2 routing protocol
Configuration of a default route and a static summary route.
Configuration of ACL to limit device access
You are only required to configure the following devices. See the instructions for details.
Police:
Configuration of initial router settings
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Central:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Configuration of IPv4 route summarization
Configuration and propagation of a default route
Configuration of ACLs
Fire:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Internal PC hosts:
IPv4 full addressing
Addressing Table
Note: You are provided with the networks that interfaces should be configured on. Unless you are
told to do differently in the detailed instructions below, you are free to choose the host addresses to
assign.

Device

Interface

Addressing Information

Comments

S0/0/0

192.168.100.20/30

any address in network

Gi0/0

192.168.8.0/24

first address in network

Gi0/1

192.168.9.0/24

first address in network

Loopback 0

192.168.10.0/24

first address in network

S0/0/0

192.168.100.20/30

any address in network

S0/0/1

192.168.100.36/30

any address in network

S0/1/0

203.0.113.16/29

The first address is used by


the ISP router in the Internet cloud.
Assign any of the remaining addresses.

S0/0/1

192.168.100.36/30

any address in network

Gi0/0

192.168.12.0/24

first address in network

Gi0/1

192.168.13.0/24

first address in network

Loopback 0

192.168.14.0/24

first address in network

PC1

NIC

192.168.8.0/24

any available address in network

PC2

NIC

192.168.9.0/24

any available address in network

PC3

NIC

192.168.12.0/24

any available address in network

PC4

NIC

192.168.13.0/24

any available address in network

Police

Central

Fire

The following addresses have been preconfigured:

Device

Interface

Address

Internet Cloud Router

S0/0/0

203.0.113.17

Central

Gi0/0

192.168.200.1

Public Server

NIC

209.165.200.100

NetAdmin Host

NIC

198.51.100.5

Outside Host

NIC

198.51.100.10

S3 Host

NIC

192.168.116.10

S6 Host

NIC

192.168.117.10

S5 Host

NIC

192.168.118.10

Instructions
Step 1: Determine the Addresses to Assign
Determine the IP addresses that you plan to use for the required interfaces on the three routers,
and the four LAN hosts. Refer to the addressing table and follow the guidelines below:
The first IP addresses in the networks that are provided in the addressing table should be assigned
to the LAN and loopback interfaces.
The first address in the Central subnet that is connected to the Internet has already been assigned
to the ISP end of the connection in the Internet cloud.
Any valid host address in the networks that are provided in the addressing table can be assigned to
the serial interfaces.
Any valid host addresses in the appropriate network can be assigned to the hosts.
Step 2: Configure Police
Configure Police with the following:
Configure the router with the hostname Police. Your entry must match this value exactly.
Prevent the router from attempting to resolve command line entries to IP addresses.

Protect device configurations from unauthorized access with the encrypted password.
Secure the router console and terminal lines.
Prevent all passwords from being viewed in clear text in device configuration files.
Configure a message-of-the-day banner.
Step 3: Configure the Router Interfaces
Configure the interfaces of all routers for full connectivity with the following:
Configure IP addresses.
Configure descriptions for all physical router interfaces.
Configure DCE settings where appropriate. Use a rate of 128000.
Use loopback 0 when required.
Step 4: Configure and Verify Host Addressing
Assign addresses to the hosts that are connected to the LAN interfaces of the Police and Fire
routers.
Step 5: Configure Static and Default Routing
On Central, configure the following static routes:
A default route to the Internet. This route will be distributed to the other routers in the topology. Use
the exit interface argument.

A summary route to the branch networks. Create a single summary route that will enable
connectivity between the three branch networks and all other hosts within the Our Town network,
and the appropriate external hosts. Use the exit interface argument.
Step 6: Configure OSPF Routing
a. On all routers:
Configure multiarea OSPFv2 to route between all internal networks. Use a process ID of 1.
Use the area numbers shown in the topology.
Use the correct inverse masks for all network statements.
Prevent routing updates from being sent to the LANs.
b. On the Central router:
Configure multiarea OSPFv2 to distribute the default route to Police and Fire.
Step 7: Customize Multiarea OSPFv2
Customize multiarea OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of the serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
Police: 1.1.1.1
Central: 2.2.2.2
Fire: 3.3.3.3
c. Configure the OSPF cost of the link between Police and Central to 7500.
Step 8: Configure OSPF MD5 Authentication on the Required Interfaces
Configure OSPF to authenticate routing updates with MD5 authentication on the OSPF interfaces.
Use a key value of 1.
Use xyz_OSPF as the password.
Apply MD5 authentication to the correct interfaces.
Step 9: Configure Access Control Lists
You will configure two access control lists on Central. You must use the any and host keywords in
the ACL statements where required. The ACL specifications are as follows:
a. Restrict access to the vty lines on Central with a named standard ACL:
Create a named standard ACL using the name MANAGE. Be sure that you use this name exactly
as it appears in these instructions (case and spelling).
Allow the NetAdmin Host to access the vty lines of Central.
No other Internet hosts (including Internet hosts not visible in the topology) should be able to access
the vty lines of Central.
Your solution should consist of one ACL statement.

b. Control traffic from the Internet by creating an extended ACL:


Use access list number 101.
Allow the external NetAdmin Host full access to the Our Town network.
Allow hosts within the network to ping outside hosts by allowing responses to ping requests to enter
the network.
Allow any other traffic that is in response to requests for data from the LANs. Use the any keyword.
All other traffic should be denied. Be sure that matches to this condition can be viewed using IOS
show commands.
Your ACL should consist of four statements.
Your ACL should be placed in the most efficient location as possible to conserve network bandwidth
and device processing resources.
NOTA: Si esta configuracin compartida por uno de nuestros usuarios te ha sido til hznoslo
saber en los comentarios.
Shared by Gega Sxirtladze
_______HQ R2________
en
conf t
no ip domain-lookup
enable secret cisco
line con 0
logging synchronous
line console 0
password cisco
login
line vty 0 15
password cisco
login
service password-encryption
int s0/0/0
ip addr 192.168.100.21 255.255.255.252
description HQ and Site1
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int s0/0/1
ip addr 192.168.100.37 255.255.255.252
description HQ and site2
clock rate 128000

ip ospf message-digest-key 1 md5 xyz_OSPF


ip ospf authentication message-digest
bandwidth 128
no shut
exit
int s0/1/0
ip addr 203.0.113.18 255.255.255.248
description HQ and Internet
bandwidth 128
no shut
exit
ip route 0.0.0.0 0.0.0.0 s0/1/0
ip route 192.168.116.0 255.255.252.0 gi0/0
router ospf 1
router-id 2.2.2.2
default-information originate
net 192.168.100.20 0.0.0.3 area 0
net 192.168.100.36 0.0.0.3 area 0
area 0 authentication message-digest
Router(config)#line vty 0 15
Router(config-line)#access-class MANAGE in
Router(config-line)#exit
Router(config)#int s0/1/0
Router(config-if)#ip access-group 101 in
Router(config-if)#exit
Router(config)#ip access-list standard MANAGE
Router(config-std-nacl)#permit host 198.51.100.5
Router(config-std-nacl)#access-list 101 permit ip host 198.51.100.5 any
Router(config)#access-list 101 permit icmp any any echo-reply
Router(config)#access-list 101 permit tcp any any established
Router(config)#access-list 101 deny ip any any
_________site1 R1___________
en
conf t
hostname Site-1
no ip domain-lookup
enable secret cisco
line con 0
logging synchronous
line console 0
password cisco
login

line vty 0 15
password cisco
login
service password-encryption
banner motd % message-of-the-day %

int s0/0/0
ip addr 192.168.100.22 255.255.255.252
description Site1 and HQ
clock rate 128000
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int gi0/0
ip addr 192.168.8.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.9.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.10.1 255.255.255.0
exit
router ospf 1
router-id 1.1.1.1
net 192.168.100.20 0.0.0.3 area 0
net 192.168.8.0 0.0.0.255 area 3
net 192.168.9.0 0.0.0.255 area 3
passive-interface gi0/0
passive-interface gi0/1
area 3 authentication message-digest
_________Site 2 R3__________
en
conf t
int s0/0/1
ip addr 192.168.100.38 255.255.255.252
description Site2 and HQ
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128

no shut
exit
int gi0/0
ip addr 192.168.12.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.13.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.14.1 255.255.255.0
exit
router ospf 1
router-id 3.3.3.3
net 192.168.100.36 0.0.0.3 area 0
net 192.168.12.0 0.0.0.255 area 4
net 192.168.13.0 0.0.0.255 area 4
passive-interface gi0/0
passive-interface gi0/1
area 4 authentication message-digest

You might also like