Skill Test : Configuration of Frame Relay

Untitled

Part 1 Configure Frame-Relay:

R1:
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#int s0/1/0
R1(config-if)#encapsulation frame-relay
R1(config-if)#no shut

R1(config-if)#
%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up

R1(config-if)#

R1(config-if)#exit
R2:
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#int s0/1/0
R2(config-if)#encapsulation frame-relay
R2(config-if)#no shut

R2(config-if)#
%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up

R2(config-if)#exit
R2(config)#

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R3
R3(config)#int s0/1/0
R3(config-if)#encapsulation frame-relay
R3(config-if)#no shut

R3(config-if)#
%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0, changed state to up

R3(config-if)#exit

Part 2: Configure Frame Relay Point-to-Point Subinterfaces
R1(config)#int s0/1/0.102 point
R1(config)#int s0/1/0.102 point-to-point
R1(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.102, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.102, changed state to up

R1(config-subif)#ip address 10.1.1.1 255.255.255.252
R1(config-subif)#bandwidth 64
R1(config-subif)#frame-relay interface-dlci 102
R1(config-subif)#exit

R1(config)#int s0/1/0.103 point-to-point
R1(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.103, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.103, changed state to up

R1(config-subif)#ip address 10.1.3.2 255.255.255.252
R1(config-subif)#bandwidth 64
R1(config-subif)#frame-relay interface-dlci 103
R1(config-subif)#exit
R1(config)#

R2(config)#int s0/1/0.201 point-to-point
R2(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.201, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.201, changed state to up

R2(config-subif)#ip address 10.1.1.2 255.255.255.252
R2(config-subif)#bandwidth 64
R2(config-subif)#frame-relay interface-dlci 201
R2(config-subif)#exit
R2(config)#

R2(config)#int s0/1/0.203 point-to-point
R2(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.203, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.203, changed state to up

R2(config-subif)#ip address 10.1.2.1 255.255.255.252
R2(config-subif)#bandwidth 64
R2(config-subif)#frame-relay interface-dlci 203
R2(config-subif)#exit
R2(config)#

R3(config)#int s0/1/0.301 point-to-point
R3(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.301, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.301, changed state to up

R3(config-subif)#ip address 10.1.3.1 255.255.255.252
R3(config-subif)#bandwidth 64
R3(config-subif)#frame-relay interface-dlci 301
R3(config-subif)#exit
R3(config)#

R3(config)#int s0/1/0.302 point-to-point
R3(config-subif)#
%LINK-5-CHANGED: Interface Serial0/1/0.302, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0.302, changed state to up

R3(config-subif)#ip address 10.1.2.2 255.255.255.252
R3(config-subif)#bandwidth 64
R3(config-subif)#frame-relay interface-dlci 302
R3(config-subif)#exit
R3(config)#
Router Configuration :

R1(config)#int g0/0
R1(config-if)#ip address 192.168.10.1 255.255.255.0
R1(config-if)#no shut

R1(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up

R2(config)#int g0/0
R2(config-if)#ip address 192.168.30.1 255.255.255.0
R2(config-if)#no shut

R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up

R2(config-if)#exit
R2(config)#

R3(config)#int s0/1/1
R3(config-if)#ip address 209.165.200.225 255.255.255.224
R3(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/1/1, changed state to down
R3(config-if)#
R3(config-if)#clock rate 64000
R3(config-if)#exit
R3(config)#
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname ISP
ISP(config)#int s0/3/0
ISP(config-if)#ip address 209.165.200.226 255.255.255.224
ISP(config-if)#no shut

ISP(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

ISP(config-if)#

ISP(config)#int g0/0
ISP(config-if)#ip address 209.165.200.1 255.255.255.252
ISP(config-if)#no shut

ISP(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up

ISP(config-if)#
R1(config-if)#router eigrp 1
R1(config-router)#network 10.1.1.0 0.0.0.3
R1(config-router)#network 10.1.3.0 0.0.0.3
R1(config-router)#network 192.168.10.0 0.0.0.255
R1(config-router)#exit
R1(config)#
R2(config)#router eigrp 1
R2(config-router)#network 10.1.1.0 0.0.0.3
R2(config-router)#network 10.1.2.0 0.0.0.3
R2(config-router)#network 192.168.30.0 0.0.0.255
R2(config-router)#exit
R2(config)#

R3(config)#router eigrp 1
R3(config-router)#network 10.1.3.0 0.0.0.3
R3(config-router)#network 10.1.2.0 0.0.0.3
R3(config-router)#network 209.165.200.0 0.0.0.31
R3(config-router)#

Thank you

Momataj Momo

Advertisements

CCNA 3 V5 Skill Test Exam practice

exam-soultion

List of Area cover :

  • Configuration of initial device settings
  • IPv4 address assignment and configuration
  • Configuration and addressing of device interfaces
  • Configuration of the OSPFv2 routing protocol
  • Configuration of a default route
  • Configuration of ACL to limit device access
  • Configuration of switch management settings including SSH
  • Configuration of port security
  • Configuration of unused switch ports according to security best practices
  • Configuration of RPVST+
  • Configuration of  EtherChannel
  • Configuration of a router as a DHCP server
  • Configuration of VLANs and trunks
  • Configuration of routing between VLANs

Site 1:

  • Configure initial device settings.
  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.

HQ:

  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure and customize OSPFv2.
  • Configure named and numbered ACLs.
  • Configure and propagate a default route through OSPFv2.

Site 2:

  • Configure interfaces with IPv4 addresses, descriptions, and other settings.
  • Configure DHCP pools and excluded addresses.
  • Configure routing between VLANs.
  • Configure a standard ACL.
  • Configure OSPFv2.

SW-A:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Secure unused switch ports.
  • Configure port security.

SW-B:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings with SSH.
  • Activate RPVST+.

SW-C:

  • Create and name VLANs.
  • Configure EtherChannel.
  • Configure trunking.
  • Assign access ports to VLANs.
  • Configure remote management settings.
  • Activate and configure RPVST+.
  • Configure switch ports with PortFast and BPDU Guard.

Router>en

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname site-1
site-1(config)#no ip domain ?
lookup Enable IP Domain Name System hostname translation
name Define the default domain name
site-1(config)#no ip domain lookup
site-1(config)#enable secret cisco
site-1(config)#line console 0
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#
site-1(config-line)#exit
site-1(config)#line vty 0 4
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#exit
site-1(config)#
site-1(config)#line aux 0
site-1(config-line)#password cisco
site-1(config-line)#login
site-1(config-line)#exit
site-1(config)#line console 0
site-1(config-line)#logging sy
site-1(config-line)#logging synchronous
site-1(config-line)#exit
site-1(config)#banner motd “Authorized access only”
site-1(config)#service password en
site-1(config)#service password-en
site-1(config)#service password-encryption
site-1(config)#
site-1(config)#int s0/3/0
site-1(config-if)#bandwid
site-1(config-if)#bandwidth 128
site-1(config-if)#clock rate 64000
site-1(config-if)#ip address 192.168.100.22 255.255.255.252
site-1(config-if)#descripti
site-1(config-if)#description 2-central
site-1(config-if)#ip ospf cost 7500
site-1(config-if)#ip ospf mess
site-1(config-if)#ip ospf message-digest-key 1 md
site-1(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
site-1(config-if)#ip ospf authentication message-digest
site-1(config-if)#no shut

site-1(config)#int g0/0
site-1(config-if)#ip address 192.168.8.1 255.255.255.0
site-1(config-if)#des
site-1(config-if)#description
site-1(config-if)#description message-1A
site-1(config-if)#no shut

site-1(config-if)#
site-1(config)#int g0/1
site-1(config-if)#ip address 192.168.9.1 255.255.255.0
site-1(config-if)#des
site-1(config-if)#description clerck-1C
site-1(config-if)#no shut

OSPF on Site-1

site-1(config)#router ospf 1
site-1(config-router)#router-id 1.1.1.1
site-1(config-router)#area 0 authentication message-digest
site-1(config-router)#network 192.168.100.20 0.0.0.3 area 0
site-1(config-router)#network 192.168.8.0 0.0.0.255 area 1
site-1(config-router)#network 192.168.9.0 0.0.0.255 area 1
site-1(config-router)#

site-1(config-router)#passive-interface g0/0
site-1(config-router)#passive-interface g0/1
HQ:

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#no ip domain lookup
Router(config)#line console 0
Router(config-line)#logg
Router(config-line)#logging s
Router(config-line)#logging synchronous
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#line aux 0
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#
Router(config-line)#service pass
Router(config-line)#service password
Router(config-line)#service password-encryption
Router(config)#banner motd “Authorized access only”
Router(config)#

Router(config)#int s0/3/0
Router(config-if)#bandwidth 128
Router(config-if)#ip address 192.168.100.21 255.255.255.252
Router(config-if)#description 2-East
Router(config-if)#ip ospf cost 7500

Router(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
Router(config-if)#ip ospf authentication message-digest
Router(config-if)#no shut

Router(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

Router(config-if)#exit
Router(config)#

Router(config)#int s0/3/1
Router(config-if)#bandwidth 128
Router(config-if)#ip address 192.168.100.37 255.255.255.252
Router(config-if)#description 2-west
Router(config-if)#clock rate 128000

Router(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
Router(config-if)#ip ospf authentication mess
Router(config-if)#ip ospf authentication message-digest
Router(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/3/1, changed state to down
Router(config-if)#exit
Router(config)#

Router(config)#router ospf 1
Router(config-router)#router-id 2.2.2.2
Router(config-router)#area 0 authentication me
Router(config-router)#area 0 authentication message-digest
Router(config-router)#default-i
Router(config-router)#default-information or
Router(config-router)#default-information originate
Router(config-router)#network 192.168.100.20 0.0.0.3 area 0
Router(config-router)#

Router(config-router)#network 192.168.100.36 0.0.0.3 area 0

Site-2 Area 2:

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname site-2
site-2(config)#no ip domain lookup
site-2(config)#enable secret cisco

site-2(config)#line console 0
site-2(config-line)#logg
site-2(config-line)#logging s
site-2(config-line)#logging synchronous
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#
site-2(config-line)#line aux 0
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#
site-2(config-line)#line vty 0 4
site-2(config-line)#password cisco
site-2(config-line)#login
site-2(config-line)#

site-2(config)#service password-encryption
site-2(config)#banner motd “Authorized access only”
site-2(config)#

site-2(config)#int s0/3/1
site-2(config-if)#bandwidth 128
site-2(config-if)#ip address 192.168.100.38 255.255.255.252
site-2(config-if)#description 2-central
site-2(config-if)#ip ospf message-digest-key 1 md5 xyz_ospf
site-2(config-if)#ip ospf authentication message-digest
site-2(config-if)#no shut

site-2(config)#ip dhcp excluded-address 10.10.2.1 10.10.2.5
site-2(config)#ip dhcp excluded-address 10.10.4.1 10.10.4.5
site-2(config)#ip dhcp excluded-address 10.10.8.1 10.10.8.5
site-2(config)#ip dhcp pool vlan2pool
site-2(dhcp-config)#network 10.10.2.0 255.255.255.0
site-2(dhcp-config)#default-router 10.10.2.1
site-2(dhcp-config)#dns-server 192.168.200.225

site-2(config)#ip dhcp pool vlan4pool
site-2(dhcp-config)#network 10.10.4.0 255.255.255.0
site-2(dhcp-config)#default-router 10.10.4.1
site-2(dhcp-config)#dns
site-2(dhcp-config)#dns-server 192.168.200.225
site-2(dhcp-config)#

site-2(config)#ip dhcp pool vlan8pool
site-2(dhcp-config)#network 10.10.8.0 255.255.255.0
site-2(dhcp-config)#default
site-2(dhcp-config)#default-router 10.10.8.1
site-2(dhcp-config)#dns
site-2(dhcp-config)#dns-server 192.168.200.225
site-2(dhcp-config)#exit
site-2(config)#

Inter – Vlan:
site-2(config)#int g0/0.2
site-2(config-subif)#encapsulation do
site-2(config-subif)#encapsulation dot1Q 2
site-2(config-subif)#ip address 10.10.2.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.4
site-2(config-subif)#encapsulation dot1Q 4
site-2(config-subif)#ip address 10.10.4.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.8
site-2(config-subif)#encapsulation dot1Q 8
site-2(config-subif)#ip address 10.10.8.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.15
site-2(config-subif)#en
site-2(config-subif)#encapsulation d
site-2(config-subif)#encapsulation dot1Q 15
site-2(config-subif)#ip address 10.10.15.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#

site-2(config)#int g0/0.25
site-2(config-subif)#encapsulation dot1Q 25
site-2(config-subif)#ip address 10.10.25.1 255.255.255.0
site-2(config-subif)#exit
site-2(config)#
Router summarization:
site-2(config)#int s0/3/1
site-2(config-if)#ip summary-address eigrp 100 10.10.0.0 255.255.240.0
site-2(config-if)#exit

Access-list:

site-2(config)#access-list 1 permit 10.10.15.0 0.0.0.255
site-2(config)#int g0/0.25
site-2(config-subif)#ip access-group 1 out
site-2(config-subif)#
OSPF

site-2(config-router)#router-id 3.3.3.3
site-2(config-router)#passive-in
site-2(config-router)#passive-interface g0/0
site-2(config-router)#network 192.168.100.36 0.0.0.3 area 0
site-2(config-router)#
site-2(config-router)#network 10.10.2.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.4.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.8.0 0.0.0.255 area 2
site-2(config-router)#network 10.10.15.0 0.0.0.255 area 2
site-2(config-router)#

SW1:

Switch>
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname Bldg1
Bldg1(config)#no ip domain lookup
Bldg1(config)#enable secret cisco
Bldg1(config)#service pass
Bldg1(config)#service password-encryption
Bldg1(config)#
Bldg1(config)#line console 0
Bldg1(config-line)#lo
Bldg1(config-line)#log
Bldg1(config-line)#logging s
Bldg1(config-line)#logging synchronous
Bldg1(config-line)#password cisco
Bldg1(config-line)#login

Bldg1(config)#line vty 0 5
Bldg1(config-line)#password cisco
Bldg1(config-line)#login
Bldg1(config-line)#exit
Bldg1(config)#banner motd “Authorized access only”
Bldg1(config)#

Bldg1(config)#ip default-gateway 10.10.25.1

Bldg1(config)#vlan 2
Bldg1(config-vlan)#name sales
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 4
Bldg1(config-vlan)#name prod
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 8
Bldg1(config-vlan)#name acct
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 15
Bldg1(config-vlan)#name admin
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 25
Bldg1(config-vlan)#name sv1-net
Bldg1(config-vlan)#exit
Bldg1(config)#vlan 99
Bldg1(config-vlan)#name null
Bldg1(config-vlan)#exit
Bldg1(config)#
Bldg1(config)#int vlan 25
Bldg1(config-if)#

%LINK-5-CHANGED: Interface Vlan25, changed state to up

Bldg1(config-if)#ip address 10.10.25.254 255.255.255.0
Bldg1(config-if)#no shut
Bldg1(config-if)#

Bldg1(config-if)#int fa0/5
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 2
Bldg1(config-if)#exit
Bldg1(config)#int fa0/6
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 4
Bldg1(config-if)#exit
Bldg1(config)#int fa0/7
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 8
Bldg1(config-if)#exit
Bldg1(config)#int fa0/8
Bldg1(config-if)#switchport mode access
Bldg1(config-if)#switchport access vlan 15
Bldg1(config-if)#exit
Bldg1(config)#

Bldg1(config)#int range fa0/9-24
Bldg1(config-if-range)#switchport mode access
Bldg1(config-if-range)#switchport access vlan 99
Bldg1(config-if-range)#shutdown
Ether-channel:
Bldg1(config)#int range fa0/1,fa0/4
Bldg1(config-if-range)#channel-group 1 mode active
Bldg1(config)#int port-channel 1
Bldg1(config-if)#switchport mode trunk

Bldg1(config)#int range fa0/2-3
Bldg1(config-if-range)#channel-group 2 mode active
Bldg1(config-if-range)#int port-channel 2
Bldg1(config-if)#switchport mode trunk
Bldg1(config-if)#
PVST+:

Bldg1(config)#spanning-tree mode rapid-pvst
Bldg1(config)#spanning-tree vlan 2 root primary
Bldg1(config)#s
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 4 root primary
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 8 root secondary
Bldg1(config)#sp
Bldg1(config)#spanning-tree vlan 15 root secondary
Bldg1(config)#

configure port-Security :

Bldg1(config)#int fa0/5
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#

ldg1(config)#int fa0/6
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#

Bldg1(config)#int fa0/7
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#exit
Bldg1(config)#
Bldg1(config-if)#switchport port-security
Bldg1(config-if)#switchport port-security violation restrict
Bldg1(config-if)#switchport port-security maximum 2
Bldg1(config-if)#switchport port-security mac-address sticky
Bldg1(config-if)#
SW-B:

Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname Bldg2
Bldg2(config)#no ip domain lookup
Bldg2(config)#enable secret cisco
Bldg2(config)#service pass
Bldg2(config)#service password-encryption
Bldg2(config)#line console 0
Bldg2(config-line)#password cisco
Bldg2(config-line)#logging s
Bldg2(config-line)#logging synchronous
Bldg2(config-line)#login
Bldg2(config-line)#
Bldg2(config-line)#line vty 0 15
Bldg2(config-line)#password cisco
Bldg2(config-line)#login
Bldg2(config-line)#exit
Bldg2(config)#banner motd “Authorized access only”
Bldg2(config)#

Bldg2(config)#line console 0
Bldg2(config-line)#password cisco
Bldg2(config-line)#logging s
Bldg2(config-line)#logging synchronous
Bldg2(config-line)#login
Bldg2(config-line)#
Bldg2(config-line)#line vty 0 15
Bldg2(config-line)#password cisco
Bldg2(config-line)#login
Bldg2(config-line)#exit
Bldg2(config)#banner motd “Authorized access only”
Bldg2(config)#
Bldg2(config)#
Bldg2(config)#ip ssh version 2
Please create RSA keys (of at least 768 bits size) to enable SSH v2.
Bldg2(config)#ip domain-name ccna.com
Bldg2(config)#crypto key generate rsa
The name for the keys will be: Bldg2.ccna.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.

How many bits in the modulus [512]: 1024
% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]
Vlan :
Bldg2(config)#
Bldg2(config-line)#login local
Bldg2(config-line)#transport input ssh
Bldg2(config-line)#exit
Bldg2(config)#line vty 5 15
Bldg2(config-line)#login local
Bldg2(config-line)#transport input ssh
Bldg2(config-line)#ip default-gateway 10.10.25.1
Bldg2(config)#
Bldg2(config)#vlan 2
Bldg2(config-vlan)#name sales
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 4
Bldg2(config-vlan)#name prod
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 8
Bldg2(config-vlan)#name acct
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 15
Bldg2(config-vlan)#name admin
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 25
Bldg2(config-vlan)#name sv1-net
Bldg2(config-vlan)#exit
Bldg2(config)#vlan 99
Bldg2(config-vlan)#name null

Bldg2(config)#int vlan 25
Bldg2(config-if)#
Bldg2(config-if)#ip address 10.10.25.253 255.255.255.0
Bldg2(config-if)#no shut
Bldg2(config)#int fa0/5
Bldg2(config-if)#switchport mode trunk

Ether-channel 1:

Bldg2(config)#int range fa0/1, fa0/4
Bldg2(config-if-range)#channel-group 2 mode active
Bldg2(config-if-range)#int port-channel 2
Bldg2(config-if)#switchport mode trunk
Bldg2(config-if)#
Bldg2(config-vlan)#exit
Bldg2(config)#

Bldg2(config)#int range fa0/2-3
Bldg2(config-if-range)#channel-group 3 mode active
Bldg2(config-if-range)#int port-channel 3
Bldg2(config-if)#switchport mode trunk

-PVST+
Bldg2(config)#spanning-tree mode rapid-pvst
Bldg2(config)#
SW -C:

Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname bldg3
bldg3(config)#
bldg3(config)#no ip domain lookup
bldg3(config)#enable secret cisco
bldg3(config)#service pass
bldg3(config)#service password-encryption
bldg3(config)#banner motd “Authorized access only”
bldg3(config)#
bldg3(config)#line console 0
bldg3(config-line)#password cisco
bldg3(config-line)#login
bldg3(config-line)#
bldg3(config-line)#line vty 0 5
bldg3(config-line)#pass cisco
bldg3(config-line)#login
bldg3(config-line)#exit
bldg3(config)#

bldg3(config)#ip default-gateway 10.10.25.1

bldg3(config)#vlan 2
bldg3(config-vlan)#name sales
bldg3(config-vlan)#exit
bldg3(config)#vlan 4
bldg3(config-vlan)#name prod
bldg3(config-vlan)#exit
bldg3(config)#vlan 8
bldg3(config-vlan)#name acct
bldg3(config-vlan)#exit
bldg3(config)#vlan 15
bldg3(config-vlan)#name admin
bldg3(config-vlan)#exit
bldg3(config)#vlan 25
bldg3(config-vlan)#name sv1-net
bldg3(config-vlan)#exit
bldg3(config)#vlan 99
bldg3(config-vlan)#name null
bldg3(config-vlan)#exit
bldg3(config)#

bldg3(config)#int vlan 25
bldg3(config-if)#ip address 10.10.25.252 255.255.255.0
bldg3(config-if)#no shut
bldg3(config-if)#
Ether channel 1:

bldg3(config)#int range fa0/1, fa0/3
bldg3(config-if-range)#channel-group 3 mode active
bldg3(config-if-range)#int port-channel 3
bldg3(config-if)#switchport mode trunk
bldg3(config-if)#
bldg3(config)#int range fa0/2,fa0/4
bldg3(config-if-range)#channel-group 2 mode active
bldg3(config-if-range)#

bldg3(config-if-range)#int port-channel 2
bldg3(config-if)#switchport mode trunk
bldg3(config-if)#exit
bldg3(config)#

PVST+
bldg3(config)#spanning-tree mode rapid-pvst
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 2 root secondary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 4 root secondary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 8 root primary
bldg3(config)#sp
bldg3(config)#spanning-tree vlan 15 root primary
bldg3(config)#

port fast BPDU Guard Configure :

bldg3(config)#int range fa0/5-8
bldg3(config-if-range)#sp
bldg3(config-if-range)#spanning-tree portfast

bldg3(config-if-range)#spanning-tree bpduguard enable
bldg3(config-if-range)#no shut
bldg3(config-if-range)#

bldg3(config)#int fa0/5
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 2
bldg3(config-if)#exit

bldg3(config)#int fa0/6
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 4
bldg3(config-if)#exit
bldg3(config)#int fa0/7
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 8
bldg3(config-if)#exit
bldg3(config)#int fa0/8
bldg3(config-if)#switchport mode access
bldg3(config-if)#switchport access vlan 15
bldg3(config-if)#

Thank you

Momataj Momo

Skill Test : OSPFv2 Multiarea Adjacency

ospf_cluster

OSPFV2 Multi area Topology

OSPFv2 Configuration Command Line :  

R1 command line:

R1(config)interface GigabitEthernet0/0
R1(config-if) ip address 10.1.1.1 255.255.255.0
R1(config) interface GigabitEthernet0/1
R1(config-if) ip address 10.1.2.1 255.255.255.0
R1(config)#int s0/3/0
R1(config-if)#ip address 192.168.10.2 255.255.255.252
R1(config-if)#no shut

Enable OSPF on R1 :

R1(config)#router ospf 10
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 10.1.1.1 0.0.0.0 area 1
R1(config-router)#network 10.1.2.1 0.0.0.0 area 1
R1(config-router)#network 192.168.10.2 0.0.0.0 area 0
R1(config-router)#

R2 command line:

Router(config)#hostname R2
R2(config)#int s0/3/0
R2(config-if)#ip address 192.168.10.1 255.255.255.252
R2(config-if)#clock rate 2000000
R2(config-if)#no shut
R2(config)#interface GigabitEthernet0/0
R2(config)#ip address 10.2.1.1 255.255.255.0
R2(config)#int s0/3/1
R2(config-if)#ip address 192.168.10.5 255.255.255.252
R2(config-if)#clock rate 2000000
R2(config-if)#no shut

Configuration of R2 as ABR:

R2(config)#router ospf 10

R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 192.168.10.0 0.0.0.3 area 0
R2(config-router)#network 192.168.10.4 0.0.0.3 area 0
R2(config-router)#network 10.2.1.0 0.0.0.255 area 0

R3 command line:
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R3
R3(config)#
R3(config)#int g0/0
R3(config-if)#ip address 192.168.2.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
R3(config)#int g0/1
R3(config-if)#ip address 192.168.1.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#
R3(config)#int s0/3/1
R3(config-if)#ip address 192.168.10.6 255.255.255.252
R3(config-if)#no shut

Enable OSPF on R3:
R3(config)#router ospf 10
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 192.168.2.1 0.0.0.0 area 2
R3(config-router)#network 192.168.1.1 0.0.0.0 area 2
R3(config-router)#network 192.168.10.6 0.0.0.0 area 0
R3(config-router)#
Verfication command line:

R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:31 192.168.10.1 Serial0/3/0
R1#
R1#
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 10)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 250 0x80000002 0x000ec0 2
3.3.3.3 3.3.3.3 213 0x80000002 0x0006b0 2
2.2.2.2 2.2.2.2 184 0x80000005 0x009c77 5

Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 1.1.1.1 443 0x80000001 0x00db72
10.1.2.0 1.1.1.1 443 0x80000002 0x00ce7d
192.168.2.0 3.3.3.3 357 0x80000001 0x007175
192.168.1.0 3.3.3.3 357 0x80000002 0x007a6c

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 448 0x80000003 0x008f8f 2

Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.10.0 1.1.1.1 438 0x80000001 0x00bbee
192.168.10.4 1.1.1.1 215 0x80000002 0x001451
192.168.2.0 1.1.1.1 205 0x80000003 0x00aebd
192.168.1.0 1.1.1.1 205 0x80000004 0x00b7b4
10.2.1.0 1.1.1.1 179 0x80000005 0x004abe
R1#show ip protocols
R1#show ip route
R1#show ip ospf interface

R2#show ip protocols

Routing Protocol is “ospf 10”
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
192.168.10.0 0.0.0.3 area 0
192.168.10.4 0.0.0.3 area 0
10.2.1.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
1.1.1.1 110 00:05:21
2.2.2.2 110 00:04:15
3.3.3.3 110 00:04:44
Distance: (default is 110)
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 0 FULL/ – 00:00:38 192.168.10.2 Serial0/3/0
3.3.3.3 0 FULL/ – 00:00:35 192.168.10.6 Serial0/3/1
R2#
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:35 192.168.10.5 Serial0/3/1
R3#
Area 1 cluster 0 OSPF enable :

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router ospf 10
Router(config-router)#router-id 5.5.5.5
Router(config-router)#network 10.1.1.2 0.0.0.0 area 1
Router(config-router)#exit
Router(config)#

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router ospf 10
Router(config-router)#router-id 6.6.6.6
Router(config-router)#network 10.1.2.2 0.0.0.0 area 1
Router(config-router)

Area 2 cluster 1 OSPF enable :
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router ospf 10
Router(config-router)#router-id 7.7.7.7
Router(config-router)#network 192.168.2.2 0.0.0.0 area 2
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router ospf 10
Router(config-router)#router-id 9.9.9.9
Router(config-router)#network 192.168.1.2 0.0.0.0 area 2
Router(config-router)#
01:10:17: %OSPF-5-ADJCHG: Process 10, Nbr 3.3.3.3 on GigabitEthernet0/1 from LOADING to FULL, Loading Done

Area 0 cluster 2 OSPF enable :

Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#router ospf 10
Router(config-router)#router-id 4.4.4.4
Router(config-router)#network 10.2.1.2 0.0.0.0 area 0
Router(config-router)#
01:06:13: %OSPF-5-ADJCHG: Process 10, Nbr 2.2.2.2 on GigabitEthernet0/0 from LOADING to FULL, Loading Done

Verification :

R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
4.4.4.4 1 FULL/BDR 00:00:38 10.2.1.2 GigabitEthernet0/0
1.1.1.1 0 FULL/ – 00:00:30 192.168.10.2 Serial0/3/0
3.3.3.3 0 FULL/ – 00:00:30 192.168.10.6 Serial0/3/1
R2#

R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:36 192.168.10.5 Serial0/3/1
7.7.7.7 1 FULL/BDR 00:00:37 192.168.2.2 GigabitEthernet0/0
9.9.9.9 1 FULL/BDR 00:00:35 192.168.1.2 GigabitEthernet0/1
R3#

R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:32 192.168.10.1 Serial0/3/0
5.5.5.5 1 FULL/BDR 00:00:33 10.1.1.2 GigabitEthernet0/0
6.6.6.6 1 FULL/BDR 00:00:34 10.1.2.2 GigabitEthernet0/1
R1#

Thank you

Momataj Momo

Skill Test : EIGRP Configuration

EIGRP

Configuration Command Line: 

Router(config)#hostname R1
R1(config)#
R1(config)#int g0/0
R1(config-if)#ip address 172.16.1.1 255.255.255.0
R1(config-if)#no shut

R1(config-if)#exit
R1(config)#int s0/3/0
R1(config-if)#ip address 172.16.3.1 255.255.255.252
R1(config-if)#clock rate 64000
R1(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/3/0, changed state to down
R1(config-if)#
R1(config-if)#
R1(config)#int s0/3/1
R1(config-if)#ip address 192.168.10.6 255.255.255.252
R1(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/3/1, changed state to down
R1(config-if)#
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#

R2(config)#int g0/0
R2(config-if)#ip address 172.16.2.1 255.255.255.0
R2(config-if)#no shut

R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up

R2(config-if)#

R2(config-if)#exit
R2(config)#int s0/3/0
R2(config-if)#ip address 172.16.3.2 255.255.255.252
R2(config-if)#no shut

R2(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

R2(config-if)#

R2(config)#int s0/3/1
R2(config-if)#ip address 192.168.10.9 255.255.255.252
R2(config-if)#clock rate 64000
R2(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/3/1, changed state to down
R2(config-if)#exit
R2(config)#

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R3
R3(config)#

R3(config)#int g0/0
R3(config-if)#ip address 192.168.1.1 255.255.255.0
R3(config-if)#no shut

R3(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up

R3(config-if)#

R3(config)#int s0/3/1
R3(config-if)#ip address 192.168.10.10 255.255.255.252
R3(config-if)#no shut

R3(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/1, changed state to up

R3(config-if)#exit
R3(config)#

R3(config)#int s0/3/0
R3(config-if)#ip address 192.168.10.5 255.255.255.252
R3(config-if)#clock rate 64000
R3(config-if)#no shut

R3(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

R3(config-if)#

EIGRP Command Line: 

R1(config)#router eigrp 10
R1(config-router)#network 172.16.1.0 0.0.0.255
R1(config-router)#network 192.16.3.0 0.0.0.3
R1(config-router)#network 192.168.10.4 0.0.0.3
R1(config-router)#
R2(config)#router eigrp 10
R2(config-router)#network 172.16.2.0 0.0.0.255
R2(config-router)#network 172.16.3.0 0.0.0.3
R2(config-router)#network 172.168.10.8 0.0.0.3
R2(config-router)#
R3(config)#router eigrp 10
R3(config-router)#network 192.168.10.8 0.0.0.3
R3(config-router)#network 192.168.10.4 0.0.0.3
R3(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 10: Neighbor 192.168.10.6 (Serial0/3/0) is up: new adjacency

R3(config-router)#network 192.168.1.0 0.0.0.255
R3(config-router)#

Thank you

Momataj Momo

VTP and STP Configuration

VTP&STP Setup

VTP and STP configuration

Configuration Command Line :

Switch-1:
Configure VTP Server:
Switch#
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain lab
Changing VTP domain name from NULL to lab
S1(config)#vtp password cisco
Setting device VLAN database password to cisco
S1(config)#

Configure DTP port:
S1(config)#int fa0/24
S1(config-if)#switchport mode trunk

S1(config-if)#exit
S1(config)#int g0/2
S1(config-if)#switchport mode trunk
S1(config-if)#exit
S1(config)#int g0/1
S1(config-if)#switchport mode trunk
S1(config-if)#exit
S1(config)#
Create VLAN:
S1>
S1>en
S1#config t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#vlan 10
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#exit
S1(config)#
As we have already configure VTP server in our network so we don’t need to create VLAN on S2 or S3. We need only to associate VLAN with port.

Assign VLAN membership:

S1(config)#int fa0/1
S1(config-if)#switchport access vlan 10
S1(config-if)#int fa0/2
S1(config-if)#switchport access vlan 20
S1(config-if)#
S1(config-if)#exit
S1(config)#
Switch -2:
Configure VTP clients:

Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S2
S2(config)#vtp mode client
Setting device to VTP CLIENT mode.
S2(config)#vtp domain lab
Changing VTP domain name from NULL to lab
S2(config)#vtp password cisco
Setting device VLAN database password to cisco
S2(config)#

As we have already configure VTP server in our network so we don’t need to create VLAN on S2 or S3. We need only to associate VLAN with port.

Assign VLAN membership:

S2#config t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#int fa0/1
S2(config-if)#switchport access vlan 10
S2(config-if)#int fa0/2
S2(config-if)#switchport access vlan 20
S2(config-if)#exit
S2(config)#

Configure DTP port:
S2>
S2>en
S2#config t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#int g0/2
S2(config-if)#switchport mode trunk
S2(config-if)#int g0/1
S2(config-if)#switchport mode trunk
S2(config-if)#exit
S2(config)#int fa0/23
S2(config-if)#switchport mode trunk
S2(config)#int fa0/24
S2(config-if)#switchport mode trunk
S2(config-if)#
S2(config-if)#exit
S2(config)#
Create VLAN:

Switch – 3:
Configure VTP clients:

Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S3
S3(config)#vtp mode client
Setting device to VTP CLIENT mode.
S3(config)#vtp domain lab
Changing VTP domain name from NULL to lab
S3(config)#vtp password cisco
Setting device VLAN database password to cisco
S3(config)#

Configure DTP port:
S3>en
S3#config t
Enter configuration commands, one per line. End with CNTL/Z.
S3(config)#int g0/1
S3(config-if)#switchport mode trunk
S3(config-if)#

S3(config)#int fa0/24
S3(config-if)#switchport mode trunk
S3(config-if)#exit
S3(config)#

Create VLAN:
As we have already configure VTP server in our network so we don’t need to create VLAN on S2 or S3. We need only to associate VLAN with port.

Assign VLAN membership:
S3(config)#int fa0/1
S3(config-if)#switchport access vlan 10
S3(config-if)#int fa0/2
S3(config-if)#switchport access vlan 20
S3(config-if)#exit
S3(config)#

Now we have two working vlan. To test connectivity do ping form 10.0.0.2 to 10.0.0.3 and 10.0.0.4. if you get successfully replay then you have successfully created VLAN and VTP server.
Spanning-Tree Protocol:

In this configuration STP will block these ports F0/24 of S1 , F0/23 and F0/24 of S2 and F0/24 of S3 to avoid loop at layer to two. Verify those ports blocked due to STP functions.

Verify STP ports
Switch 2:

S2#show spanning-tree active
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0002.174D.7794
Cost 4
Port 26(GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.FF08.82E1
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20

Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Fa0/23 Desg FWD 19 128.23 P2p
Fa0/24 Altn BLK 19 128.24 P2p
Gi0/1 Desg FWD 4 128.25 P2p
Gi0/2 Root FWD 4 128.26 P2p

VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 32778
Address 0002.174D.7794
Cost 4
Port 26(GigabitEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32778 (priority 32768 sys-id-ext 10)
–More–

Router on Stick:

At this point of configuration you have two successfully running VLAN but they will not connect each other. To make intra VLAN communications we need to configure router . To do this double click on router and select CLI.

Configure intra VLAN:
Router:

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#no ip address
Router(config-if)#no shutdown

Router(config)#int fa0/0.10
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 10.0.0.1 255.0.0.0
Router(config-subif)#exit
Router(config)#
Router(config)#int fa0/0.20
Router(config-subif)#

Router(config-subif)#encap
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 20.0.0.1 255.0.0.0
Router(config-subif)#exit
Router(config)#

To test connectivity between different vlan do ping form any pc to all reaming pc. it should be ping successfully.

VLAN VTP Server STP DTP command reference sheet:

Switch(config)#vlan 10 Creates VLAN 10 and enters VLAN configuration mode for further definitions.
Switch(config-vlan)#name Sales Assigns a name to the VLAN. The length of the name can be from 1 to 32 characters.
Switch(config-vlan)#exit Applies changes, increases the revision number by 1, and returns to global configuration mode.
Switch(config)#interface fastethernet 0/1 Moves to interface configuration mode
Switch(config-if)#switchport mode access Sets the port to access mode
Switch(config-if)#switchport access vlan 10 Assigns this port to VLAN 10
Switch#show vlan Displays VLAN information
Switch#show vlan brief Displays VLAN information in brief
Switch#show vlan id 10 Displays information about VLAN 10 only
Switch#show vlan name sales Displays information about VLAN named sales only
Switch#show interfaces vlan x Displays interface characteristics for the specified VLAN
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#
Removes the entire VLAN database from flash.
Make sure there is no space between the colon (:) and the characters vlan.dat. You can potentially erase the entire contents of the flash with this command if the syntax is not correct. Make sure you read the output from the switch. If you need to cancel, press ctrl+cto escape back to privileged mode:
Switch(config)#interface fastethernet 0/5 Moves to interface configuration mode.
Switch(config-if)#no switchport access vlan 5 Removes port from VLAN 5 and reassigns it to VLAN 1—the default VLAN.
Switch(config-if)#exit Moves to global configuration mode.
Switch(config)#no vlan 5 Removes VLAN 5 from the VLAN database.
Switch#copy running-config startupconfig Saves the configuration in NVRAM
Switch(config-if) #switchport mode trunk Puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link.
Switch(config)#vtp mode server Changes the switch to VTP server mode.
Switch(config)#vtp mode client Changes the switch to VTP client mode.
Switch(config)#vtp mode transparent Changes the switch to VTP transparent mode.
Switch(config)#no vtp mode Returns the switch to the default VTP server mode.
Switch(config)#vtp domain domain-name Configures the VTP domain name. The name can be from 1 to 32 characters long.
Switch(config)#vtp password password Configures a VTP password

.

Switch(config)#vtp pruning Enables VTP pruning
Switch#show vtp status Displays general information about VTP configuration
Switch#show vtp counters Displays the VTP counters for the switch

Thank you

Momataj Momo

OSPFV2 Multi area Technology ( Configuration )

OSPFV2 Multi area configuration

OSPFV2 Multi area configuration

Router R1:

R1(config)#: interface GigabitEthernet0/0
R1(config-if)#ip address 10.1.1.1 255.255.255.0

R1(config)#: interface GigabitEthernet0/1
R1(config-if)#ip address 10.1.2.1 255.255.255.0

R1(config)#: interface Serial0/3/0
R1(config-if)#ip address 192.168.10.1 255.255.255.252
R1(config-if)#clock rate 64000

OSPFV2 Configuration Command:

R1(config)#router ospf 10
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 10.1.1.1 0.0.0.0 area 1
R1(config-router)#network 10.1.2.1 0.0.0.0 area 1
R1(config-router)#network 192.168.10.1 0.0.0.0 area 0
R1(config-router)#

Summarizing OSPF: 

R1(config)#router ospf 10

R1(config-router)#area 1 range 10.1.0.0 255.255.252.0
Router R2:

R2(config)#interface Serial0/3/0
R2(config-if)#ip address 192.168.10.2 255.255.255.252
R2(config)#

R2(config)#interface Serial0/3/1
R2(config-if)#ip address 192.168.10.5 255.255.255.252
R2(config-if)clock rate 64000

R2(config)#router ospf 10
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 192.168.10.0 0.0.0.3 area 0
R2(config-router)#network 192.168.10.4 0.0.0.3 area 0
R2(config-router)#
Router R3:

R3(config)#interface GigabitEthernet0/0
R3(config-if)# ip address 192.168.1.1 255.255.255.0

R3(config)#interface GigabitEthernet0/1
R3(config-if)# ip address 192.168.2.1 255.255.255.0
R3(config)#interface Serial0/3/1
R3(config-if)#ip address 192.168.10.6 255.255.255.252
Router(config)#hostname R3
R3(config)#router ospf 10
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 192.168.10.6 0.0.0.0 area 0
R3(config-router)#network 192.168.1.1 0.0.0.0 area 2

R3(config-router)#network 192.168.2.1 0.0.0.0 area 2
R3(config-router)#end

Summarizing OSPF: 

R2(config)#router ospf 10

R2(config-router)#area 2 range 192.168.0.0 255.255.252.0

Verification and Troubleshooting Command:

R3#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:38 192.168.10.5 Serial0/3/1
R3#
R3#
R3#show ip ospf border-routers
OSPF Process 10 internal Routing Table

Codes: i – Intra-area route, I – Inter-area route

i 1.1.1.1 [128] via 192.168.10.5, Serial0/3/1, ABR, Area 0, SPF 128
R3#
R1#show ip ospf interface

R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ – 00:00:30 192.168.10.2 Serial0/3/0
R1#

R1#show ip ospf border-routers
OSPF Process 10 internal Routing Table

Codes: i – Intra-area route, I – Inter-area route

i 3.3.3.3 [128] via 192.168.10.2, Serial0/3/0, ABR, Area 0, SPF 128
R1#
R1#show ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 10)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 239 0x80000002 0x00ffcf 2
2.2.2.2 2.2.2.2 164 0x80000004 0x00bc75 4
3.3.3.3 3.3.3.3 144 0x80000003 0x0004b1 2

Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 1.1.1.1 284 0x80000001 0x00db72
10.1.2.0 1.1.1.1 284 0x80000002 0x00ce7d
192.168.1.0 3.3.3.3 139 0x80000001 0x007c6b
192.168.2.0 3.3.3.3 119 0x80000002 0x006f76

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 288 0x80000003 0x008f8f 2

Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.10.0 1.1.1.1 284 0x80000001 0x00bbee
192.168.10.4 1.1.1.1 219 0x80000002 0x001451
192.168.1.0 1.1.1.1 134 0x80000003 0x00b9b3
192.168.2.0 1.1.1.1 114 0x80000004 0x00acbe
R1#

R1#show ip route ospf
O IA 192.168.1.0 [110/129] via 192.168.10.2, 00:04:37, Serial0/3/0
O IA 192.168.2.0 [110/129] via 192.168.10.2, 00:04:17, Serial0/3/0
192.168.10.0/24 is variably subnetted, 3 subnets, 2 masks
O 192.168.10.4 [110/128] via 192.168.10.2, 00:06:03, Serial0/3/0
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 0 FULL/ – 00:00:31 192.168.10.1 Serial0/3/0
3.3.3.3 0 FULL/ – 00:00:34 192.168.10.6 Serial0/3/1
R2#

R2#show ip ospf border-routers
OSPF Process 10 internal Routing Table

Codes: i – Intra-area route, I – Inter-area route

i 1.1.1.1 [64] via 192.168.10.1, Serial0/3/0, ABR, Area 0, SPF 64
i 3.3.3.3 [64] via 192.168.10.6, Serial0/3/1, ABR, Area 0, SPF 64
R2#

R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 10)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 304 0x80000002 0x00ffcf 2
2.2.2.2 2.2.2.2 230 0x80000004 0x00bc75 4
3.3.3.3 3.3.3.3 209 0x80000003 0x0004b1 2

Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 1.1.1.1 349 0x80000001 0x00db72
10.1.2.0 1.1.1.1 349 0x80000002 0x00ce7d
192.168.1.0 3.3.3.3 204 0x80000001 0x007c6b
192.168.2.0 3.3.3.3 184 0x80000002 0x006f76
R2#

List of verification command:

R1# show Ip route OSPF
R1#show IP OSPF NEIGHBOR
R1#SHOW IP OSPF
R1#SHOW IP OSPF INTERFACE
R1#SHOW IP PROTOCOLS
R1#SHOW IP OSPF INTERFACE BRIEF
R1#SHOW IP OSPF DATABASE
R1#SHOW IP OSF BORDER-ROUTERS

Summarizing OSPF verification Command:

R3#show ip route ospf

10.0.0.0/22 is subnetted, 1 subnets

O IA 10.1.0.0 [110/129] via 192.168.10.5, 00:00:55, Serial0/3/1

192.168.10.0/24 is variably subnetted, 3 subnets, 2 masks

O 192.168.10.0 [110/128] via 192.168.10.5, 00:01:05, Serial0/3/1

R3#

Thank you

Momataj Momo

Practical: Skill test on INTER-VLAN, RIP2, DYNAMIC NAT, ACL

Configure the network according to following table:

Network Description Net Address Mask Gateway Clock Rate
Vlan 10(Teacher) 172.16.10.0 255.255.255.0 172.16.10.1 NA
Vlan 20 (Student) 172.16.11.0 255.255.255.0 172.16.11.1 NA
Management Vlan 30(Managemrnt) 172.16.12.0

172.16.13.0

255.255.255.248 172.16.12.1

172.16.13.1

NA
R1 (Internal) to R2(AIUB) Serial 192.168.10.0 255.255.255.252 192.168.10.1 and 192.168.10.2 64000
R2 (AIUB) to R3(ISP) 192.168.11.0 255.255.255.252 192.168.11.1 and 192.168.11.2 64000
PC1(Vlan 10) connected to Switch 1 172.16.10.2 255.255.255.0 172.16.10.1 NA
Server(Vlan 20) connected to Switch 2 172.16.11.2 255.255.255.0 172.16.11.1 NA

 Required to configure the following : 

All Switch must be remotely accessible 

Perform inter vlan routing

Apply RIP version 2 in Internal and AIUB routers

RIP update must not go to any LAN

Configure default route from AIUB to ISP and propagate it to all router in RIP

Propagate default route to all router in RIP

Configure static route from ISP to AIUB and Internal networks

Apply numbered extended ACL to stop ping from PC1 to Server and Stop telnet to server form PC1

AIUB to ISP perform dynamic PAT for all internal networks towards ISP. Use public IP 200.20.2.1/30

solution

Topology Configuration

All Switch must be remotely accessible:
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SW1
SW1(config)#line console 0
SW1(config-line)#logging synchronous
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#exit

SW1(config)#line vty 0 5
SW1(config-line)#logging synchronous
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#exit
SW1(config)#

SW1(config)#enable secret cisco
SW1(config)#service password-encryption
Switch>en
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SW2
SW2(config)#line console 0
SW2(config-line)#logging sy
SW2(config-line)#logging synchronous
SW2(config-line)#password cisco
SW2(config-line)#login
SW2(config-line)#exit
SW2(config)#
SW2(config)#
SW2(config)#line vty 0 5
SW2(config-line)#logging syn
SW2(config-line)#logging synchronous
SW2(config-line)#password cisco
SW2(config-line)#login
SW2(config-line)#exit
SW2(config)#

SW2(config)#enable secret cisco
SW2(config)#service password-encryption
SW2(config)#
Perform inter vlan routing:
SW1(config)#vlan 10
SW1(config-vlan)#name Teacher
SW1(config-vlan)#exit
SW1(config)#vlan 20
SW1(config-vlan)#name Student
SW1(config-vlan)#exit
SW1(config)#vlan 30
SW1(config-vlan)#name Management
SW1(config-vlan)#exit
SW1(config)#
SW1(config)#vlan 99
SW1(config-vlan)#name native
SW1(config-vlan)#
SW1(config)#int vlan 30
SW1(config-if)#ip address 172.16.12.3 255.255.255.248
SW1(config-if)#ip default-gateway 172.16.12.1
SW1(config)#exit
SW1(config)#int fa0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#exit
SW1(config)#
SW1(config)#int fa0/1
SW1(config-if)#no shutdown

SW1(config)#int fa0/2
SW1(config-if)#switchport mode trunk
SW1(config-if)#switchport trunk allowed vlan 10,20,30,99
SW1(config-if)#switchport trunk native vlan 99
SW1(config-if)#

SW1(config)#int fa0/2
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#

SW2#config t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#vlan 10
SW2(config-vlan)#name Teacher
SW2(config-vlan)#exit
SW2(config)#vlan 20
SW2(config-vlan)#name Student
SW2(config-vlan)#exit
SW2(config)#vlan 30
SW2(config-vlan)#name Management
SW2(config-vlan)#exit
SW2(config)#vlan 99
SW2(config-vlan)#name native
SW2(config-vlan)#exit
SW2(config)#
SW2(config)#int vlan 30
SW2(config-if)#
%LINK-5-CHANGED: Interface Vlan30, changed state to up

SW2(config-if)#ip address 172.16.13.2 255.255.255.248
SW2(config-if)#ip default-gateway 172.16.13.1
SW2(config)#exit
SW2#
%SYS-5-CONFIG_I: Configured from console by console

SW2#config t
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#int fa0/1
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 20
SW2(config-if)#exit
SW2(config)#
SW2(config)#int fa0/1
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#

SW2(config)#int fa0/2
SW2(config-if)#switchport mode trunk
SW2(config-if)#switchport trunk allowed vlan 10,20,30,99
SW2(config-if)#switchport trunk native vlan 99
SW2(config-if)#exit
SW2(config)#

SW2(config)#int fa0/2
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#

INTERNAL ROUTER CONFIG:
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname INTERNAL
INTERNAL(config)#

INTERNAL(config)#int g0/0
INTERNAL(config-if)#no shutdown
INTERNAL(config)#int g0/0.10
INTERNAL(config-subif)#encapsulation dot1q 10
INTERNAL(config-subif)#ip address 172.16.10.1 255.255.255.0
INTERNAL(config-subif)#exit

INTERNAL(config)#int g0/0.30
INTERNAL(config-subif)#encapsulation dot1q 30
INTERNAL(config-subif)#ip address 172.16.12.1 255.255.255.248
INTERNAL(config-subif)#exit
INTERNAL(config)#

INTERNAL(config)#int g0/1.20
INTERNAL(config-subif)#en
INTERNAL(config-subif)#encapsulation
INTERNAL(config-subif)#encapsulation dot1Q 20
INTERNAL(config-subif)#ip address 172.16.11.1 255.255.255.0
INTERNAL(config-subif)#exit
INTERNAL(config)#

NTERNAL(config)#int g0/1.30
INTERNAL(config-subif)#en
INTERNAL(config-subif)#encapsulation
INTERNAL(config-subif)#encapsulation dot1Q 30
INTERNAL(config-subif)#ip address 172.16.13.1 255.255.255.248
INTERNAL(config-subif)#exit
INTERNAL(config)#
INTERNAL(config)#int g0/1
INTERNAL(config-if)#no shutdown
Apply RIP version 2 in Internal and AIUB routers:

INTERNAL(config)#
INTERNAL(config)#int s0/1/0
INTERNAL(config-if)#ip address 192.168.10.1 255.255.255.252
INTERNAL(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/1/0, changed state to down
INTERNAL(config-if)#clock rate 64000
INTERNAL(config-if)#exit
INTERNAL(config)#

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname AIUB
AIUB(config)#
Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname AIUB
AIUB(config)#int s0/1/0
AIUB(config-if)#ip address 192.168.10.2 255.255.255.252
AIUB(config-if)#no shutdown

AIUB(config-if)#
%LINK-5-CHANGED: Interface Serial0/1/0, changed state to up
exit
AIUB(config)#

AIUB(config)#int s0/1/1
AIUB(config-if)#ip address 192.168.11.1 255.255.255.252
AIUB(config-if)#clock rate 64000
AIUB(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/1/1, changed state to down
AIUB(config-if)#
AIUB(config-if)#

Router>en
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname ISP
ISP(config)#int s0/3/0
ISP(config-if)#ip address 192.168.11.2 255.255.255.252
ISP(config-if)#no shutdown

ISP(config-if)#
%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up

ISP(config-if)#
INTERNAL(config)#router rip
INTERNAL(config-router)#version 2
INTERNAL(config-router)#network 172.16.0.0
INTERNAL(config-router)#network 192.168.0.0
INTERNAL(config-router)#exit
INTERNAL(config)#

AIUB(config)#router rip
AIUB(config-router)#version 2
AIUB(config-router)#network 192.168.10.0
AIUB(config-router)#network 192.168.11.0
AIUB(config-router)#exit
AIUB(config)#

Propagate default route to all router in RIP :

AIUB(config)#router rip
AIUB(config-router)#version 2
AIUB(config-router)#default-information originate
AIUB(config-router)#

AIUB(config)router rip
AIUB(config-router)#version 2
AIUB(config-router) redistribute static
AIUB to ISP perform dynamic PAT for all internal networks towards ISP. Use public IP 200.20.2.1/30

AIUB(config)#ip nat pool INTERNET 200.20.2.1 200.20.2.3 netmask 255.255.255.252
AIUB(config)#
AIUB(config)#ip nat inside source list 1 pool INTERNET
AIUB(config)#ip nat inside source static 192.168.10.2 200.20.2.4
AIUB(config)#ip access-list standard 1
AIUB(config-std-nacl)#permit 172.16.10.0 0.0.0.255
AIUB(config-std-nacl)#permit 172.16.11.0 0.0.0.255
AIUB(config-std-nacl)#int s0/1/0
AIUB(config-if)#ip nat inside
AIUB(config-if)#exit
AIUB(config)#

AIUB(config)#int s0/1/1
AIUB(config-if)#ip nat outside
AIUB(config-if)#

AIUB#show ip nat translations

Configure default route from AIUB to ISP and propagate it to all router in RIP

Internal(config)#ip route 0.0.0.0 0.0.0.0 s0/1/0
AIUB(config)#ip route 0.0.0.0 0.0.0.0 Serial0/1/1

RIP update must not go to any LAN:
Internal(config)#router rip
Internal(config)# version 2
Internal(config)# passive-interface GigabitEthernet0/0
Internal(config)# passive-interface GigabitEthernet0/1

Apply numbered extended ACL to stop ping from PC1 to Server and Stop telnet to server form PC1
Internal(config)#ip access-list extended 110
Internal(config-ext-nacl)#
Internal(config-ext-nacl)#permit tcp any any eq telnet
Internal(config-ext-nacl)#deny tcp 172.16.10.2 0.0.0.255 eq telnet 172.16.13.2 0.0.0.7 eq telnet
Internal(config-ext-nacl)#deny icmp 172.16.10.2 0.0.0.255 172.16.11.2 0.0.0.255 echo
Internal(config-ext-nacl)#deny icmp 172.16.10.2 0.0.0.255 172.16.11.2 0.0.0.255 echo-reply

Thank you

Momataj Momo