Escolar Documentos
Profissional Documentos
Cultura Documentos
CABLES
Objective
This lab gives you the better understanding to make an Ethernet Cables.
1) Straight-through cable
2) Crossover cable
3) Rolled cable
i. Straight-Through Cable
The straight-through cable is used to connect
Four wires are used in straight-through cable to connect Ethernet devices. It is relatively
simple to create this type; Figure shows the four wires used in a straight-through Ethernet
cable.
Diagram
Notice that only pins 1, 2, 3, and 6 are used. Just connect 1 to 1, 2 to 2, 3 to 3, and 6 to 6,
and you’ll be up and networking in no time. However, remember that this would be an
Ethernet-only cable and wouldn’t work with Voice, Token Ring, ISDN, etc.
- 2-
1) Switch to switch
2) Hub to hub
3) Host to host
4) Hub to switch
5) Router direct to host
The same four wires are used in this cable as in the straight-through cable; we just
connect different pins together. Figure shows how the four wires are used in a crossover
Ethernet cable.
Diagram
- 3-
If you have a Cisco router or switch, you would use this cable to connect your PC
running HyperTerminal to the Cisco hardware.
Eight wires are used in this cable to connect serial devices, although not all eight are used
to send information, just as in Ethernet networking. Figure shows the eight wires used in
a rolled cable.
Diagram
These are probably the easiest cables to make, because you just cut the end off on one
side of a straight-through cable and reverse the end.
Once you have the correct cable connected from your PC to the Cisco router or switch,
you can start HyperTerminal to create a console connection and configure the device
- 4-
Procedure
1. Make sure that either NIC is installed onto your PC’s or not.
2. Assign IP address to your LAN (NIC) card on both PC’s.
3. Check their connectivity by PING command & DATA sharing.
Configuration
Step 1: Make sure that either NIC is installed onto your PC’s or not.
Go to Windows Start Button > Settings > Control Panel
Then go to System
- 6-
Note: - If LAN (NIC) card is not installed onto your PC then go to Windows Start
Button > Settings > Control Panel > Add/Remove Hardware.
- 7-
D:\>ipconfig
Diagram
Procedure
1. Open the Hyper Terminal Session From RUN by giving the command
‘hypertrm’ or from STRART Button -> Programs -> Accessories ->
Communications -> Hyper Terminal.
2. Give the Session name.
3. Define the connection type i-e., COM1.
-11-
Configuration
Step 1: Open the Hyper Terminal Session From RUN by giving the command
‘hypertrm’ or from START Button -> Programs -> Accessories ->
Communications -> Hyper Terminal.
Diagram
Configuration
Step 1: After connecting your PC to the Console Port.
Catalyst 1900 Management Console
Copyright (c) Cisco Systems, Inc. 1993-1999
All rights reserved.
Enterprise Edition Software
Ethernet Address: 00-03-6B-33-42-C0
[M] Menus
[K] Command Line
[I] IP Configuration
[P] Console Password
Enter Selection: K
>
Step 2: To Enter Into Priviledge mode/Executive Mode From User Mode & Vice-
Versa.
>enable
#
#disable
>
Step 5(A): Set the User Password (Level 1) on the 1900 Switch.
1900-SWA#config t
1900-SWA(config)#enable password level 1 cisco
1900-SWA(config)#end
1900-SWA#
[M] Menus
[K] Command Line
[I] IP Configuration
[P] Console Password
Enter Selection: K
Enter password: *****
1900-SWA>enable
1900-SWA#
Note: The enable secret password must not be same as your enable password. This
is recommended.
-17-
[M] Menus
[K] Command Line
Enter Selection: K
Enter password: ***** (Enter Level 15 Password)
Incorrect password
1900-SWA>
Note: The enable secret password must not be same as your enable password. This
is recommended.
Incorrect password
Building configuration...
Current configuration:
!
hostname "1900-SWA"
!
enable secret level 1 5 $1$FNl3$Uqvk0GXXGxW0vuNOeGc601
enable secret 5 $1$0o8Z$R21htpuG96wOl1zbub90X.
enable password level 1 "CISCO"
enable password level 15 "CISCO"
!
interface Ethernet 0/1
!
interface Ethernet 0/2
-19-
!
<Output Omitted>
Step 10: Remove the User Mode Password (Level 1) in encrypted form.
1900-SWA#config t
1900-SWA(config)#no enable secret level 1 cisco1
1900-SWA(config)#end
1900-SWA#
Step 11: Remove the Privileged Mode Password (Level 15) in clear form.
1900-SWA#config t
1900-SWA(config)#no enable password level 15 cisco
1900-SWA(config)#end
1900-SWA#
Step 12: Remove the Privileged Mode Secret Password (Level 15) in encrypted
form.
1900-SWA#config t
1900-SWA(config)#no enable secret level 15 cisco1
1900-SWA(config)# end
1900-SWA#
-20-
1900-SWA#show ip
IP Address: 10.0.0.10
Subnet Mask: 255.0.0.0
Default Gateway: 10.0.0.50
Management VLAN: 1
Domain name:
Name server 1: 0.0.0.0
Name server 2: 0.0.0.0
HTTP server : Enabled
HTTP port : 80
RIP : Enabled
1900-SWA#
1900-SWA(config-if)#duplex full
1900-SWA(config-if)#
1900-SWA(config-if)#description This-Interface-Belong-To-Cisco-Lab
1900-SWA(config-if)#end
1900-SWA#
i. Dynamic Method
It is the by-default learning method of the switches. The entry remains in the table, if the
communication does not exist within the 300 seconds.
Diagram
Procedure
1. Ping from Host ‘A’ to Host ‘B’.
2. Verifying the Mac Addresses of the Hosts by the command.
3. Remove the Dynamic entry of the Hosts
-24-
Configuration
Step 1(A): Ping from Host ‘A’ to Host ‘B’.
D:\>ping 10.0.0.2
Diagram
Procedure
1. Define the permanent entry of the both Hosts.
2. Ping from Host ‘A’ to Host ‘B’.
3. Verifying the Mac Addresses of the Hosts by the command.
4. Remove the permanent entry of the Hosts.
Configuration
Step 1: Define the permanent entry of the both Hosts.
1900-SWA#configure terminal
1900-SWA(config)#mac-address-table permanent 0050.DA23.C9DD e0/1
1900-SWA(config)#mac-address-table permanent 0001.0262.FCC4 e0/2
1900-SWA(config)#end
1900-SWA#
-26-
OR
Diagram
Procedure
1. Define the restricted static of the both Hosts.
2. Ping from Host ‘A’ to Host ‘B’.
3. Verifying the Mac Addresses of the Hosts by the command.
4. Remove the permanent entry of the Hosts.
Configuration
Step 1: Define the Restricted Static entry of the both Hosts.
1900-SWA#configure terminal
1900-SWA(config)#mac-address-table restricted static 0050.DA23.C9DD e0/1 e0/2
1900-SWA(config)#mac-address-table restricted static 0001.0262.FCC4 e0/2 e0/1
1900-SWA(config)#end
1900-SWA#
-28-
OR
Accessing Switch
through
Telnet & Http
Objective
This lab gives you the better understanding of accessing the Switch through the remote
ways e.g. through Telnet & Http.
Diagram
Procedure
1. Set the Privileged Mode Password on Switch.
2. Give the IP Address of Management VLAN Of Switch.
3. Verification of connectivity of PC & Switch by ping command.
4. Telnet to Switch by telnet command on PC.
5. Open Internet Explorer on PC and Type IP Address of Switch.
-30-
Configuration
Step 1: Set the Privileged/Administrative Mode Password in Clear Text.
1900-SWA(config)#
1900-SWA(config)#enable password level 15 cisco
1900-SWA(config)#exit
1900-SWA#
Port Security
Objective
This lab gives you the better understanding of port security mechanism on Switch.
In the port security, we can limit the Mac-address table size for each port and can define
violation method.
Diagram
Procedure
1. Enable the port Security of the Interfaces.
2. Define the Max Mac Addresses on the Interfaces.
3. Verifying the Port Security of the Interfaces by the command.
4. Define the permanent entry of the both Hosts on the switch.
5. Ping from Host ‘A’ to Host ‘B’.
6. Change the interfaces of the Hosts & verifying the Results by the ping command.
-32-
Configuration
Step 1: Enable the port Security of the Interfaces.
1900-SWA#configure terminal
1900-SWA(config)#int Ethernet 0/1
1900-SWA(config-if)#port secure
1900-SWA(config-if)#exit
1900-SWA(config)#int Ethernet 0/2
1900-SWA(config-if)#port secure
1900-SWA(config-if)#exit
1900-SWA#
Step 4: Change the interfaces of the Hosts & verifying the Results by the ping
command.
D:\>ping 10.0.0.2
VLAN
&
VLAN Trunking Protocol
(VTP)
Objective
Understanding the VLAN & VTP operations in switched environment.
1. To make Vlan’s on 1900 switches & Vlan membership assignments to the ports.
2. VLAN Trunking Protocol (VTP).
i. VLAN
Diagram
Procedure
1. Connecting PC’A’ with 1900-SWA switch and verified by Commands.
2. Display the results that all ports are the members of the Native VLAN (VLAN#1).
3. Create a VLAN # 2 on 1900-SWA Switch.
4. Assign a VLAN Member-ship for a Port on 1900-SWA Switch.
5. Verification of VLAN # 2.
-35-
Configuration
Step 1(A): Connecting PC’A’ with 1900-SWA Switch & verified by the Interface
Command.
Step 1(B): Connecting PC with 1900 switch and verified by the MAC Address
Table Command.
1900-SWA#show mac-address-table
OR
-36-
1900-SWA#show vlan 1
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
--------------------------------------------------------------------------------------------------
1 Ethernet 100001 1500 0 0 0 Unkn 1002 1003
--------------------------------------------------------------------------------------------------
1900-SWA#
Step 2(B): Display the results that all ports are the members of Native VLAN.
1900-SWA#show vlan-membership
AUI 1 Static
A 1 Static
B 1 Static
1900-SWA#
Step 4: Assign a Member-ship for Fast Ethernet Port 0/1 on 1900-SWA Switch.
1900-SWA#config t
1900-SWA(config)#int ethernet 0/1
1900-SWA(config-if)#vlan-membership ?
1900-SWA(config-if)#vlan-membership static ?
1900-SWA(config-if)#vlan-membership static 2
1900-SWA(config-if)#end
1900-SWA#
OR
1900-SWA#sh vlan 2
VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
-------------------------------------------------------------------------------------------------------
2 Ethernet 100002 1500 0 1 1 Unkn 0 0
-------------------------------------------------------------------------------------------------------
1900-SWA#
-38-
Procedure
1. Make a VTP domain CISCO on switches.
2. Make a VTP server to 1900-SWA and client to 1900-SWB.
3. Enable a Trunking on the fastEthernet ports 0/26 of the switches.
4. Verifying with VTP commands on switches.
5. Verifying the ISL trunking on switches.
6. Verifying the VTP Advertisements By Trigger Updates ( make vlan’s) On 1900-
SWA switch.
7. Verifying the VTP database on switches after triggered update.
8. Verifying the VLAN datatbase on 1900-SWA switch after making VLAN’s.
9. Verifying the VLAN datatbase consistency on 1900 switch after making VLAN’s
on 1900-SWB switch.
-39-
Configuration
Step 1(A): Make a VTP Domain CISCO on 1900-SWA Switch.
1900-SWA#config t
1900-SWA(config)#vtp ?
1900-SWA(config)#vtp domain
1900-SWA(config)#vtp domain ?
Step 3(A): Enable an ISL Trunking on the fastEthernet port 0/26 of 1900-SWA.
1900-SWA#config t
1900-SWA(config)#int fastEthernet 0/26
1900-SWA(config-if)#trunk on
1900-SWA(config-if)#end
1900-SWA#
Step 3(B): Enable an ISL Trunking on the fastEthernet ports 0/26 of 1900-SWB.
1900-SWB#config t
1900-SWB(config)#int fastEthernet 0/26
1900-SWB(config-if)#trunk on
1900-SWB(config-if)#end
1900-SWB#
VTP version: 1
Configuration revision: 11
Maximum VLANs supported locally: 1005
Number of existing VLANs: 9
VTP domain name : CISCO
VTP password :
VTP operating mode : Server
VTP pruning mode : Disabled
VTP traps generation : Enabled
Configuration last modified by: 10.0.0.10 at 00-00-0000 00:00:00
1900-SWA#
VTP version: 1
Configuration revision: 11
Maximum VLANs supported locally: 1005
Number of existing VLANs: 9
VTP domain name : CISCO
VTP password :
VTP operating mode : Client
VTP pruning mode : Disabled
VTP traps generation : Enabled
-41-
1900-SWA#config t
1900-SWA(config)#vlan 25
1900-SWA(config)#vlan 50
1900-SWA(config)#vlan 75
1900-SWA(config)#vlan 100
1900-SWA(config)#end
1900-SWA#
Step 7(A): Verifying the VTP Status on 1900-SWA switch after triggered update.
1900-SWA#show vtp
VTP version: 1
Configuration revision: 15
Maximum VLANs supported locally: 1005
Number of existing VLANs: 13
VTP domain name : CISCO
VTP password :
VTP operating mode : Server
VTP pruning mode : Disabled
VTP traps generation : Enabled
Configuration last modified by: 10.0.0.10 at 00-00-0000 00:00:00
1900-SWA#
-42-
Step 7(B): Verifying the VTP Status on 1900-SWB switch after triggered update.
1900-SWB#show vtp
VTP version: 1
Configuration revision: 15
Maximum VLANs supported locally: 1005
Number of existing VLANs: 13
VTP domain name : CISCO
VTP password :
VTP operating mode : Client
VTP pruning mode : Disabled
VTP traps generation : Enabled
Configuration last modified by: 10.0.0.10 at 00-00-0000 00:00:00
1900-SWB#
1900-SWB#show vlan
Procedure
1. Verifying the Spanning Tree Protocol on the 1900-SWA switch.
2. Verifying the Spanning Tree Protocol on the 1900-SWB switch.
3. Select Root Port By Changing Priority Of Ports On 1900-SWA (Root Switch).
4. Verifying the results by changing Priority of ports on 1900-SWA & 1900-SWB.
5. Change 1900-SWB (Non-Root Switch) to Root Switch.
6. Verifying the results on 1900-SWA & 1900-SWB.
7. Select Root Port By Changing Cost Of Ports On 1900-SWANon-Root Switch).
8. Verifying the results by changing cost on 1900-SWA
-45-
Configuration
Step 1(A): Verifying the Spanning Tree Protocol on the 1900-SWA Switch.
1900-SWA#show spantree
OR
1900-SWA#show spantree 1
Step 2(A): Verifying the Spanning Tree Protocol on the 1900-SWB Switch.
1900-SWB#show spantree
OR
1900-SWB#show spantree 1
1900-SWA#config t
1900-SWA(config)#interface fastEthernet 0/27
1900-SWA(config-if)#spantree priority 112
1900-SWA(config-if)#end
1900-SWA#
Note: After 50 sec’s, the port will be forwarded after taking part into election.
1900-SWA#show spantree
OR
1900-SWA#show spantree 1
1900-SWB#show spantree
OR
1900-SWB#show spantree 1
Step 6(A): Verifying the results of new Root Switch on 1900-SWA ( Old Root
Switch).
1900-SWA#show spantree
Step 6(B): Verifying the results of new Root Switch on 1900-SWB ( New Root
Switch).
1900-SWB#show spantree
1900-SWA#config t
1900-SWA(config)#interface fastEthernet 0/27
1900-SWA(config-if)#spantree cost 9
1900-SWA(config-if)#end
1900-SWA#
1900-SWA#show spantree
OR
1900-SWA#show spantree 1
Diagram
Configuration
Step 1: After connecting your PC to the Console Port.
Router con0 is now available
Step 2: To Enter Into Privilege mode/Executive Mode From User Mode & Vice-
Versa.
Router>enable
Router#
Router#disable
Router>
Router#setup
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
hostname R1
enable secret 5 $1$ZFA2$ZR288i7VkOufhqSdIyiOs.
enable password cisco
line vty 0 4
password cisco
no snmp-server
!
no ip routing
!
interface Ethernet0
no shutdown
ip address 10.0.0.20 255.0.0.0
!
interface Serial0
shutdown
no ip address
!
!
interface Serial1
shutdown
no ip address
!
end
% You can enter the setup, by typing setup at IOS command prompt
Router#
-57-
Password:
R1>enable
R1#
The enable secret you have chosen is the same as your enable password.
This is not recommended. Re-enter the enable secret.
Step 10(A): Set the System Clock, Date & Time on the Router
R1#clock set ?
<1993-2035> Year
Step 10(B): Verify the System Clock, Date & Time on the Router
R1#show clock
Step 11(A): Set the Message of the Day Banner on the Router.
R1(config)#
R1(config)#banner motd # HELLO & WELCOME TO CISCO WORLD #
R1(config)#end
R1#
Step 11(B): Verify the Message of the Day Banner on the Router.
R1 con0 is now available
Password:
R1>enable
Password:
-60-
R1#
Building configuration...
Current configuration:
!
! Last configuration change at 06:35:33 UTC Sat Jan 1 2005
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname R1
!
enable secret 5 $1$AuWm$zCssEZ4eNAqcED9e.qUE9.
enable password cisco
!
ip subnet-zero
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
ip classless
no ip http server
!
banner motd ^C HELLO & WELCOME TO CISCO WORLD ^C
!
-61-
line con 0
password cisco
login
transport input none
line aux 0
password cisco
login
line vty 0 4
password cisco
login
end
R1#
Step 13: Remove the Privileged Mode Password (Level 15) in clear form.
1900-SWA#config t
1900-SWA(config)#no enable password cisco
1900-SWA(config)#end
1900-SWA#
Step 14: Remove the Privileged Mode Secret Password (Level 15) in encrypted
form.
1900-SWA#config t
1900-SWA(config)#no enable secret cisco1
1900-SWA(config)# end
1900-SWA#
OR
R1#show flash:
R1#show version
Step 18(A): Display the Detailed Information of the Ethernet Interface on the
Router.
-63-
Step 18(B): Display the Detailed Information of the Serial Interface on the
Router.
Procedure
1. Check for the interfaces summary of the Router.
2. Assign the IP Address on the Ethernet Interface of the Router.
3. Display the interface information of the Ethernet interface of the router.
4. Verify the connectivity of the Router with the switch & PC.
-65-
Configuration
Step 1: Check for the Interfaces summary of the Router.
R1#show ip interface brief
Step 3: Display the interface information of the Ethernet interface of the Router.
R1#show interfaces ethernet 0
Step 4(B): Verify the connectivity of the Router with the Switch.
R1#ping 10.0.0.20
Step 4(C): Verify the connectivity of the Router with the PC.
R1#ping 10.0.0.1
Procedure
1) Check for the interfaces summary of the Router R1 & R2
2) Check for the DCE & DTE interfaces of the Router R1 & R2
3) Assign the IP Address on the Serial Interfaces of the Router R1 & R2.
4) Display the interface information of the Serial interface of the Router R1 & R2.
5) Verify the connectivity of the Router R1 & R2.
-68-
Configuration
Step 2(A): Check for the DCE cable of the Router R1.
R1#show controllers serial 0
Step 2(B): Check for the DTE cable of the Router R2.
R2#show controllers serial 0
Step 3(A): Assign the IP Address on the Serial Interface of the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#end
R1#
Step 3(A): Assign the IP Address on the Serial Interface of the Router R2.
R2(config)#interface serial 0
R2(config-if)#ip address 15.0.0.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#end
R2#
Step 4: Display the interface information of the Serial interface of the Router.
R1#show interfaces serial 0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 15.0.0.1/8
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:04, output 00:00:00, output hang never
Last clearing of "show interface" counters 01:48:12
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
<Output Omitted>
Step 5(A): Check for the Interfaces summary of the Router R1.
R1#show ip interface brief
Objective
Understanding the telnet operations. In this lab Router R1 is going to be telnet to Router
R2.
Diagram
Procedure
1) Check the Connectivity between 2 routers.
2) Set the Privilege mode password on Router R2.
3) Set the TELNET (line VTY) password on Router R2.
4) Verify the telnet Session from Router R1 to Router R2.
5) Disconnect the telnet Session.
-71-
Configuration
Step 1: Check the Connectivity between 2 routers.
R1#ping 15.0.0.2
Password:
R2>en
R2>enable
Password:
R2#
-72-
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
0 CTY - - - - - 0 1 0/0
1 AUX 9600/9600 - - - - - 0 0 0/0
* 2 VTY - - - - - 5 0 0/0
3 VTY - - - - - 0 0 0/0
4 VTY - - - - - 0 0 0/0
5 VTY - - - - - 0 0 0/0
6 VTY - - - - - 0 0 0/0
R2#
Step 5(B): Verify the telnet User on Router R2.
R2#show users
R2#
Press [ Ctrl+Shift+6 and then ‘x’ ]
R1#
STATIC Routes
Objective
Understanding the Operation of Static Routes. Static Routes are administratively defined
routes that specify the address or interface of the next hop in the path that packets must
take while moving between a source & destination.
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Administratively define the Static Routes on both routers so that hosts on the both
routers can communicate with each other.
4. Check the routing table on both the routers after defining the Static Routes on
both sides.
5. Verifying the connection of both hosts.
-74-
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
RA#
Step 3(A): Administratively define the Static Route on the Router R1.
RA#config t
RA(config)#ip route 20.0.0.0 255.0.0.0 15.0.0.2 (Networks to be advertised)
RA(config)#end
RA#
Step 3(B): Administratively define the Static Route on the Router R2.
RB#config t
RA(config)#ip route 10.0.0.0 255.0.0.0 15.0.0.1 (Networks to be advertised)
RB(config)#end
RB#
Step 4(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
Step 5(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Routing Protocols
(RIP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (RIP).
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the RIP protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Verifying the Routing protocols on the Router.
5. Check the routing table on both the routers after enabling the RIP on both sides.
6. Verifying the connection of both hosts.
-78-
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
RA#
Step 5(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
Step 5(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Routing Protocols
(IGRP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (IGRP).
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the IGRP protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Verifying the Routing protocols on the Router.
5. Check the routing table on both the routers after enabling the IGRP on both sides.
6. Verifying the connection of both hosts.
-83-
Redistributing: igrp 10
Routing for Networks:
10.0.0.0
15.0.0.0
-85-
RB#show ip protocols
Redistributing: igrp 10
Step 5(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
Step 5(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Routing Protocols
(OSPF Configuration
In A Single Area)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (OSPF) in a
single area.
i. Point-to-Point Topology
The specifications of point-to-point topology are
1. Router dynamically detects its neighboring router using the hello packets.
2. No Election: Adjacency is automatic as soon as the two routers can communicate.
3. OSPF packets are always sent as a multicast to 224.0.0.5
Diagram
-88-
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the OSPF protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Verifying the Routing protocols on the Router.
5. Check the routing table on both the routers after enabling the OSPF on both sides.
6. Verifying the OSPF neighbors on the routers.
7. Verifying the OSPF interfaces on the routers.
8. Verifying the OSPF database on the routers.
9. Verifying the connection of both hosts.
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Redistributing: ospf 64
Redistributing: ospf 64
Step 5(A): Check the Routing table of the Router R2 after enabling OSPF.
RA#sh ip route
Step 5(B): Check the Routing table of the Router R2 after enabling OSPF.
RB#sh ip route
Routing Protocols
(EIGRP Configuration)
Objective
Understanding the Routing Updates using the Dynamic Routing Protocol (EIGRP).
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the EIGRP protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Verifying the Routing protocols on the Router.
5. Check the routing table on both the routers after enabling the EIGRP on both
sides.
6. Verifying the connection of both hosts.
-95-
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Redistributing: eigrp 10
Redistributing: eigrp 10
Step 5(A): Check the Routing table of the Router R2 after enabling EIGRP.
RA#sh ip route
Step 5(B): Check the Routing table of the Router R2 after enabling EIGRP.
RB#sh ip route
i. STANDARD ACL
Standard IP lists (1-99) test conditions of all IP packets from source addresses.
In this lab scenario, initially both the Hosts ’A’ & ‘B’ are accessing the Web & Ftp
services but then apply the Standard ACL so that the Host ‘A’ could not access the Web
& Ftp Services.
Diagram
100
- -
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the routing protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server & ftp server to the hosts C & D respectively.
6. Verifying the access of web server & ftp server by the hosts A & B respectively.
7. Make Apply the Standard ACL on the router R2, so that Host A can not access
these services.
8. Verifying the Standard ACL by accessing the web & ftp server from Host A.
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 4(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
Step 4(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Step 6(A): Verifying the Access of Web Server by the Host ‘A’.
Step 6(B): Verifying the Access of Ftp Server by the Host ‘A’.
Step 6(C): Verifying the Access of Web Server by the Host ‘B’.
Step 6(D): Verifying the Access of Web Server by the Host ‘B’.
103
- -
Step 7(A): Make the Standard ACL on the Router R2 so that Host A can not
accesses the Web & Ftp Server.
R2#configure terminal
R2(config)#access-list 10 deny host 10.0.0.1
R2(config)#access-list 10 permit any
R2(config-if)#end
R2#
Step 7(B): Apply the Standard ACL on the Router (R2) Serial Interface.
R2#configure terminal
R2(config)#interface serial 0
R2(config-if)#ip access-group 10 in
R2(config-if)#end
R2#
Step 8(A): Verifying the Standard ACL from Host ‘A’ by accessing Web Server.
Step 8(B): Verifying the Standard ACL from Host ‘A’ by accessing Ftp Server.
Step 8(C): Verifying the Standard ACL from Host ‘D’ by accessing Web Server.
Step 8(D): Verifying the Standard ACL from Host ‘D’ by accessing Ftp Server.
104
- -
In this lab scenario, initially both the Hosts ’A’ & ‘B’ are accessing the Web & Ftp
services but then apply the Extended ACL in this way that Host ‘A’ can be access only
the web services & and Host ‘B’ could be access the Ftp Services only.
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the routing protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server & ftp server to the hosts C & D respectively.
6. Verifying the access of web server & ftp server by the hosts A & B respectively.
7. Make & Apply the Extended ACL on the router R1, so that Host ‘A’ can not
access the Web services & Host ‘B’ can not access the Ftp services.
8. Verifying the Standard ACL by accessing the Web & Ftp services from Host A &
Host ‘B’.
105
- -
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 4(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Step 6(A): Verifying the Access of Web Server by the Host ‘A’.
Step 6(B): Verifying the Access of Ftp Server by the Host ‘A’.
Step 6(C): Verifying the Access of Web Server by the Host ‘B’.
Step 6(D): Verifying the Access of Web Server by the Host ‘B’.
Step 7(A): Make the Extended ACL on the Router R1 so that Host A can not
access the Web Server & Host ‘B’ can not access the Ftp Server.
R1#configure terminal
R1(config)#access-list 110 deny tcp host 10.0.0.1 host 20.0.0.1 eq www
R1(config)#access-list 110 deny tcp host 10.0.0.2 host 20.0.0.2 eq ftp
R1(config)#access-list 110 permit ip any any
R1(config-if)#end
R1#
Step 7(B): Apply the Extended ACL on the Router (R1) Ethernet Interface.
R1#configure terminal
R1(config)#interface Ethernet 0
R1(config-if)#ip access-group 110 in
R1(config-if)#end
R1#
108
- -
Step 8(A): Verifying the Extended ACL from Host ‘A’ by accessing Web Server.
Step 8(B): Verifying the Extended ACL from Host ‘A’ by accessing Ftp Server.
Step 8(C): Verifying the Extended ACL from Host ‘D’ by accessing Web Server.
Step 8(D): Verifying the Extended ACL from Host ‘D’ by accessing Ftp Server.
109
- -
1. Static NAT
2. Dynamic NAT.
3. Overload NAT (PAT).
i. STATIC NAT
In the Static NAT, we map the 1 Private IP Address to 1 reserved Public IP Address.
Diagram
110
- -
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the routing protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server to the host C & Run the Sniffer.
6. Access of web server by the hosts A & B respectively & check the Sniffer Output.
7. Establishes Static NAT Translation between an inside local address and an inside
global address.
8. Marks the interface as connected to the inside & outside networks.
9. Verifying the Standard Static NAT Translation by commands & Sniffer Outputs.
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 4(A): Check the Routing table of the Router R2 after enabling RIP.
RA#sh ip route
Step 4(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Step 5(A): Make a Web Server to the Host C & Run the Sniffer.
1. Make a Web Page & Save it on Desktop.
2. Go to Start Button > All Programs > Administrative Tool > Internet Service
Manager
3. Right Click on the Computer name & goes to New tab > Web Site.
4. Follow the wizard and make the Web Server.
5. Run the Sniffer & capturing the www traffic.
Step 6: Access Web Server by the Host ‘A’ & ‘B’ & check the Sniffer Output..
R1#config t
R1(config)#ip nat inside source static 10.0.0.1 15.0.0.11
R1(config)#ip nat inside source static 10.0.0.2 15.0.0.22
R1(config)#end
R1#
113
- -
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the routing protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server to the host C & Run the Sniffer.
6. Access of web server by the hosts A & B respectively & check the Sniffer Output.
7. Defines a pool of global addresses to be allocated as needed.
8. Defines a standard IP access list permitting those inside local addresses that are to
be translated.
9. Establishes dynamic source translation, specifying the access list defined in the
prior step.
10. Marks the interface as connected to the inside & outside networks.
11. Verifying the Standard Dynamic translation by commands & Sniffer Outputs.
116
- -
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 4(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Step 5(A): Make a Web Server to the Host C & Run the Sniffer.
1. Make a Web Page & Save it on Desktop.
2. Go to Start Button > All Programs > Administrative Tool > Internet Service
Manager
3. Right Click on the Computer name & goes to New tab > Web Site.
4. Follow the wizard and make the Web Server.
5. Run the Sniffer & capturing the www traffic.
Step 6: Access Web Server by the Host ‘A’ & ‘B’ & check the Sniffer Output..
Step 8: Defines a standard IP access list permitting those inside local addresses
that are to be translated.
R1#config t
R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
R1(config)#end
R1#
Step 9: Establishes dynamic source translation, specifying the access list defined
in the prior step.
R1#config t
R1(config)#ip nat inside source list 1 pool cttc
R1(config)#end
R1#
R1#debug ip nat
IP NAT debugging is on
Diagram
Procedure
1. Configuring & Assigning the IP addresses on the routers R1 & R2.
2. Check the routing table on both the routers.
3. Enable the routing protocol on both routers so that hosts on the both routers can
communicate with each other.
4. Check the routing table on both the routers after enabling the routing protocol on
both sides.
5. Make a web server to the host C & Run the Sniffer.
6. Access of web server by the hosts A & B respectively & check the Sniffer Output.
7. Defines a standard IP access list permitting those inside local addresses that are to
be translated.
8. Establishes dynamic source translation, specifying the access list defined in the
prior step.
9. Marks the interface as connected to the inside & outside networks.
10. Verifying the Standard Dynamic translation by commands & Sniffer Outputs.
121
- -
Configuration
Step 1(A): Assigning the IP addresses on the Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#clock rate 64000 (Clock Rate will set only DCE Interface)
R1(config-if)#exit
R1(config)#interface ethernet 0
R1(config-if)#ip address 10.0.0.20 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#end
R1#
Step 4(B): Check the Routing table of the Router R2 after enabling RIP.
RB#sh ip route
Step 5(A): Make a Web Server to the Host C & Run the Sniffer.
1. Make a Web Page & Save it on Desktop.
2. Go to Start Button > All Programs > Administrative Tool > Internet Service
Manager
3. Right Click on the Computer name & goes to New tab > Web Site.
4. Follow the wizard and make the Web Server.
5. Run the Sniffer & capturing the www traffic.
Step 6: Access Web Server by the Host ‘A’ & ‘B’ & check the Sniffer Output..
Step 7: Defines a standard IP access list permitting those inside local addresses
that are to be translated.
R1#config t
R1(config)#access-list 1 permit 10.0.0.0 0.255.255.255
R1(config)#end
R1#
Step 8: Establishes dynamic source translation, specifying the access list defined
in the prior step.
R1#config t
R1(config)#ip nat inside source list 1 int serial 0 overload
R1(config)#end
R1#
R1#debug ip nat
IP NAT debugging is on
FRAME RELAY
Objective
Establishing a Frame Relay PVC connection. Frame Relay is a standard that defines the
process for sending data over a public data network.
A basic Frame Relay configuration assumes one or more physical interfaces, and LMI
and Inverse ARP are running on the remote routers. In this type of environment, the LMI
notifies the router about the available DLCIs.
Diagram
Procedure
1. Configuring & Assigning the IP addresses to the FR Clients (R1 & R2).
2. Configuring the FR Switch.
3. Verifying the Frame Relay Operation by commands.
4. Verifying the connectivity of both FR Clients.
126
- -
Configuration
Step 1(A): Assigning the IP addresses to the FR Client Router R1.
R1#configure terminal
R1(config)#interface serial 0
R1(config-if)#ip address 15.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#encapsulation frame-relay
R1(config-if)#end
R1#
The show frame-relay map command displays the DLCI-protocol address map entries,
as well as information about the connection.
The show frame-relay route command displays the status of each configured virtual
circuit connection, as well as their status and route to other interface.