Professional Documents
Culture Documents
Routing Protocols
Routing Protocols OSPF Practice Skills Assessment Packet Tracer
A few things to keep in mind while completing this activity:
1. Do not use the browser Back button or close or reload any exam windows during the exam.
2. Do not close Packet Tracer when you are done. It will close automatically.
3. Click the Submit Assessment button in the browser window to submit your work.
Introduction
In this practice skills assessment, you will configure the Our Town three-router network with
multiarea OSPFv2. As part of this process, you will perform basic router configuration tasks,
address router interfaces and hosts, and implement two ACLs.
All IOS device configurations should be completed from a direct terminal connection to the device
console.
Some values that are required to complete the configurations have not been given to you. In those
cases, create the values that you need to complete the requirements. These values may include
certain IP addresses, passwords, interface descriptions, banner text, and other values.
You will practice and be assessed on the following skills:
Configuration of initial device settings
IPv4 address assignment
Configuration and addressing of router interfaces
Configuration of the multiarea OSPFv2 routing protocol
Configuration of a default route and a static summary route.
Configuration of ACL to limit device access
You are only required to configure the following devices. See the instructions for details.
Police:
Configuration of initial router settings
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Central:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Configuration of IPv4 route summarization
Configuration and propagation of a default route
Configuration of ACLs
Fire:
Interface configuration and IPv4 addressing
Configuration of multiarea OSPFv2
Internal PC hosts:
IPv4 full addressing
Addressing Table
Note: You are provided with the networks that interfaces should be configured on. Unless you are
told to do differently in the detailed instructions below, you are free to choose the host addresses to
assign.
Device
Interface
Addressing Information
Comments
S0/0/0
192.168.100.20/30
Gi0/0
192.168.8.0/24
Gi0/1
192.168.9.0/24
Loopback 0
192.168.10.0/24
S0/0/0
192.168.100.20/30
S0/0/1
192.168.100.36/30
S0/1/0
203.0.113.16/29
S0/0/1
192.168.100.36/30
Gi0/0
192.168.12.0/24
Gi0/1
192.168.13.0/24
Loopback 0
192.168.14.0/24
PC1
NIC
192.168.8.0/24
PC2
NIC
192.168.9.0/24
PC3
NIC
192.168.12.0/24
PC4
NIC
192.168.13.0/24
Police
Central
Fire
Device
Interface
Address
S0/0/0
203.0.113.17
Central
Gi0/0
192.168.200.1
Public Server
NIC
209.165.200.100
NetAdmin Host
NIC
198.51.100.5
Outside Host
NIC
198.51.100.10
S3 Host
NIC
192.168.116.10
S6 Host
NIC
192.168.117.10
S5 Host
NIC
192.168.118.10
Instructions
Step 1: Determine the Addresses to Assign
Determine the IP addresses that you plan to use for the required interfaces on the three routers,
and the four LAN hosts. Refer to the addressing table and follow the guidelines below:
The first IP addresses in the networks that are provided in the addressing table should be assigned
to the LAN and loopback interfaces.
The first address in the Central subnet that is connected to the Internet has already been assigned
to the ISP end of the connection in the Internet cloud.
Any valid host address in the networks that are provided in the addressing table can be assigned to
the serial interfaces.
Any valid host addresses in the appropriate network can be assigned to the hosts.
Step 2: Configure Police
Configure Police with the following:
Configure the router with the hostname Police. Your entry must match this value exactly.
Prevent the router from attempting to resolve command line entries to IP addresses.
Protect device configurations from unauthorized access with the encrypted password.
Secure the router console and terminal lines.
Prevent all passwords from being viewed in clear text in device configuration files.
Configure a message-of-the-day banner.
Step 3: Configure the Router Interfaces
Configure the interfaces of all routers for full connectivity with the following:
Configure IP addresses.
Configure descriptions for all physical router interfaces.
Configure DCE settings where appropriate. Use a rate of 128000.
Use loopback 0 when required.
Step 4: Configure and Verify Host Addressing
Assign addresses to the hosts that are connected to the LAN interfaces of the Police and Fire
routers.
Step 5: Configure Static and Default Routing
On Central, configure the following static routes:
A default route to the Internet. This route will be distributed to the other routers in the topology. Use
the exit interface argument.
A summary route to the branch networks. Create a single summary route that will enable
connectivity between the three branch networks and all other hosts within the Our Town network,
and the appropriate external hosts. Use the exit interface argument.
Step 6: Configure OSPF Routing
a. On all routers:
Configure multiarea OSPFv2 to route between all internal networks. Use a process ID of 1.
Use the area numbers shown in the topology.
Use the correct inverse masks for all network statements.
Prevent routing updates from being sent to the LANs.
b. On the Central router:
Configure multiarea OSPFv2 to distribute the default route to Police and Fire.
Step 7: Customize Multiarea OSPFv2
Customize multiarea OSPFv2 by performing the following configuration tasks:
a. Set the bandwidth of the serial interfaces to 128 kb/s.
b. Configure OSPF router IDs as follows:
Police: 1.1.1.1
Central: 2.2.2.2
Fire: 3.3.3.3
c. Configure the OSPF cost of the link between Police and Central to 7500.
Step 8: Configure OSPF MD5 Authentication on the Required Interfaces
Configure OSPF to authenticate routing updates with MD5 authentication on the OSPF interfaces.
Use a key value of 1.
Use xyz_OSPF as the password.
Apply MD5 authentication to the correct interfaces.
Step 9: Configure Access Control Lists
You will configure two access control lists on Central. You must use the any and host keywords in
the ACL statements where required. The ACL specifications are as follows:
a. Restrict access to the vty lines on Central with a named standard ACL:
Create a named standard ACL using the name MANAGE. Be sure that you use this name exactly
as it appears in these instructions (case and spelling).
Allow the NetAdmin Host to access the vty lines of Central.
No other Internet hosts (including Internet hosts not visible in the topology) should be able to access
the vty lines of Central.
Your solution should consist of one ACL statement.
line vty 0 15
password cisco
login
service password-encryption
banner motd % message-of-the-day %
int s0/0/0
ip addr 192.168.100.22 255.255.255.252
description Site1 and HQ
clock rate 128000
ip ospf cost 7500
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int gi0/0
ip addr 192.168.8.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.9.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.10.1 255.255.255.0
exit
router ospf 1
router-id 1.1.1.1
net 192.168.100.20 0.0.0.3 area 0
net 192.168.8.0 0.0.0.255 area 3
net 192.168.9.0 0.0.0.255 area 3
passive-interface gi0/0
passive-interface gi0/1
area 3 authentication message-digest
_________Site 2 R3__________
en
conf t
int s0/0/1
ip addr 192.168.100.38 255.255.255.252
description Site2 and HQ
ip ospf message-digest-key 1 md5 xyz_OSPF
ip ospf authentication message-digest
bandwidth 128
no shut
exit
int gi0/0
ip addr 192.168.12.1 255.255.255.0
description local int
no shut
exit
int gi0/1
ip addr 192.168.13.1 255.255.255.0
description local int
no shut
exit
int loo 0
ip addr 192.168.14.1 255.255.255.0
exit
router ospf 1
router-id 3.3.3.3
net 192.168.100.36 0.0.0.3 area 0
net 192.168.12.0 0.0.0.255 area 4
net 192.168.13.0 0.0.0.255 area 4
passive-interface gi0/0
passive-interface gi0/1
area 4 authentication message-digest