Final Lab 2.

192.168.2.250/24
Fa0/1

Internet
RID: 1.1.1.1

Saigon
192.168.2.110/24
.1 Fa0/0

Router
ADSL

Address Pool: 192.168.2.177 192.168.2.180/24

Fa0/24

192.168.100.0/29
Fa0/22

Fa0/0

SW-ENV

.2

.3
RID: 2.2.2.2

NhaTrang

OSPF
Area 0

Fa0/23

Fa0/0

RID: 4.4.4.4

RID: 3.3.3.3
S0/0/0

PPP/CHAP

Hanoi

Fa0/1

Fa0/1

Fa0/24

Fa0/24

192.168.200.0/24

S0/0/0

Hue
Fa0/0

192.168.40.0/24

SW-NT1

SW-HN1
Fa0/22
Fa0/23 VTP Information:
VTP Information:
VLAN 1: 192.168.100.0/24
VTP Domain: NewStar
Fa0/24 VLAN 11: 192.168.11.0/24
Fa0/23
VTP password: cisco
VLAN 22: 192.168.22.0/24
VTP prunning: Enable
SW-HN2
VLAN 33: 192.168.33.0/24
Sw-HN1: VTP mode server
Native VLAN: 33
Sw-HN2: VTP mode client

Fa0/24

SW-H

A. STARTING Basic Cisco Devices Configuration

1. Cisco Catalyst Switches Configuration (05 points)
-

Configure the switches with host name of Sw-NT1, Sw-SG, Sw-HN1, SwHN2 and Sw-H as the diagram.

Set the management console password to newstar

Set the telnet acces (vty 0 15) password to cisco

An enable secret password of ccna

Start www service on all switches

Disable domain name resolution service on all switches

Configure all switches so that messages from the siwtches to the console
screen will not be appended to the command line

All clear text passwords in the running-config should be encrypted

Configure all switches to show banner when you login to the switch (from
console port or Telnet)

2. Cisco Routers Configuration (5 points)

-

Configure the routers with host name of Saigon, Nhatrang, Hanoi, and Hue
as the diagram

Set the management console password to newstar

Create a user account on all routers with the name is netadmin and the
password is master with the privilege level of 15

Start the www secure-service on all routers

Diable domain name resolution service on all routers

Configure all routers so that messages from the routers to the console screen
will not be appended to the command line

All clear text passwords in the running-config should be encrypted

Configure all routers to show a banner when you login to the router

3. IP addressing Assignment (05 points)

-

Look at the network diagram for IP addressing for each interface, and assign
them to appropriate interfaces. Dont forget look at the netmask.

While configuring IP addresses on the interfaces, configure the data link

layer (PPP, if appropriate) and place a description on each interface starting
the router that they are connected to and which interface they are.

B. CHALLENGING
1. DHCP service (05 points)
-

Configure DHCP service on Hanoi router

Pool name VLAN1: 192.168.1.0/24
o DNS server 1: 208.67.222.222
o DNS server 2: 208.67.220.220
Pool name VLAN11: 192.168.11.0/24
o DNS server 1: 208.67.222.222
o DNS server 2: 208.67.220.220
Pool name VLAN22: 192.168.22.0/24
o DNS server 1: 208.67.222.222
o DNS server 2: 208.67.220.220
Pool name VLAN33: 192.168.33.0/24

o DNS server 1: 208.67.222.222

o DNS server 2: 208.67.220.220
2. Switching (20 points)
-

Configure VTP and VLAN database in Hanoi sites switches with the VTP
and VLAN information given in the above diagram.

Configure uplinks between access layer Sw-HN2 and distribution layer SwHN1 switches. Each of these channels should be 802.1q compliant trunk
links that are capable of transporting all VLAN traffic. The VLAN 33
should be the native VLAN. Enable the prunning of unnecessary traffic
from nonresident VLANs.

On the Catalyst Switch Sw-HN1, configure Port 02, 03, 04 into VLAN11,
Port 12, 13, 14 into VLAN22 and Port 17, 18, 19 into VLAN33.

On the Catalyst Switch Sw-HN2, configure Port 01 09 into VLAN11,

Port 13, 15, 17, and 19 into VLAN22 and Port 20, 21 into VLAN33.

Enable spanning tree mode PVRST on all switches. Ensure the Sw-HN1
should be the Root Bridge of all VLAN.

3. Routing (30 points)

-

OSPF
o Configure OSPF routing protocol on each router. Dont forget to
configure appropriate RouterID on each router. Ensure that users can
reach any site of network and the Internet.
o Enable OSPF clear text authentication feature on the Serial
interfaces of Hanoi and Hue routers with the key of newstar.

4. WAN (10 points)

-

PPP
o Configure PPP enacapsulation on the WAN link between Hanoi and
Hue
o Configure CHAP authentication with the password is newstar

5. Others (20 points)

-

Standard Access List: Create a standard out going access list, and apply it on
Nhatrangs FastEhternet 0/1 to fullfil the following requirement:
o Deny access to users on VLAN11 and VLAN22 to Nhatrangs LAN

Extended Access list: Create 02 extended incoming access lists, and apply
each of them on appropriate interfaces on Hanoi router to fullfil the
following requirements:

o Users in VLAN1 cannot ping Hues LAN but can telnet to Sw-H
o Deny http (www) request from users from VLAN33
o Permit anything else
-

NAT: configure NAT on Saigon to have the following:

o Every host resides in every VLAN and LAN can go through the
Internet

C. ENDING
-

Test the connnectivity between any interfaces of any devices in the diagram

Every host resides in every VLAN and LAN can through the Internet