ESwitching Basic Switching/Wireless PT Practice SBA

A few things to keep in mind while completing this activity:

Do not use the browser Back button or close or reload any Exam windows during the exam.
Do not close Packet Tracer when you are done. It will close automatically.
Click the Submit Assessment button to submit your work.
Introduction

In this practice Packet Tracer Skills Exam, you will:

configure VLANs using VTP

configure inter-VLAN routing
modify STP
configure port security
add a wireless LAN
Addressing Table

Device
Interface
Address
Subnet Mask
Default Gateway
Router1
Fa0/0.10
172.16.10.1
255.255.255.0
n/a
Fa0/0.20
172.16.20.1
255.255.255.0
n/a
Fa0/0.43
172.16.43.1
255.255.255.0
n/a
Fa0/0.67
172.16.67.1
255.255.255.0
n/a
WRS
Internet
172.16.67.10
255.255.255.0
172.16.67.1
Wireless
172.16.100.1
255.255.255.0
n/a
SW_DS1
VLAN 43
172.16.43.11
255.255.255.0
172.16.43.1
SW_AC2
VLAN 43
172.16.43.12
255.255.255.0
172.16.43.1
SW_AC3
VLAN 43
172.16.43.13
255.255.255.0
172.16.43.1
PC1
NIC
172.16.10.10
255.255.255.0
172.16.10.1
PC2
NIC
172.16.20.10
255.255.255.0
172.16.20.1
PC3
NIC
172.16.10.11
255.255.255.0
172.16.10.1
PC4
NIC
DHCP assigned
255.255.255.0
172.16.100.1
Note: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

Step 1: Connect the Devices.

Use the appropriate cable type to make the following connections:
SW_AC2 FastEthernet 0/1 to PC1
SW_AC2 FastEthernet 0/11 to PC2
SW_AC2 FastEthernet 0/19 to SW_AC3 FastEthernet 0/19
SW_AC2 FastEthernet 0/20 to SW_AC3 FastEthernet 0/20
SW_AC3 FastEthernet 0/18 to WRS
Step 2: Configure the Device Basics.
a. Configure the following on SW_AC2.

· The switch name is SW_AC2.

Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname SW_AC2
SW_AC2(config)#

· The privileged EXEC mode uses the following encrypted password: class

SW_AC2#config t
Enter configuration commands, one per line. End with CNTL/Z.
SW_AC2(config)#enable password class
SW_AC2(config)#exit
SW_AC2#

· Enable Telnet and console line login using the following password: cisco

SW_AC2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW_AC2(config)#line console 0
SW_AC2(config-line)#login
% Login disabled on line 0, until 'password' is set
SW_AC2(config-line)#password cisco
SW_AC2(config-line)#exit
SW_AC2(config)#line vty 0
SW_AC2(config-line)#password cisco
SW_AC2(config-line)#exit

· Configure the banner message-of-the-day as Authorized access only!

SW_AC2(config)#banner motd #
Enter TEXT message. End with the character '#'.
Authorized acces only ! #
SW_AC2(config)#

b. To configure the switches for remote management access, create and enable interface VLAN 43 on
all three switches.

SW_AC2(config)#interface vlan43
SW_AC2(config-if)#no shutdown
SW_AC2(config-if)#ip address 172.16.43.12 255.255.255.0
SW_AC2(config-if)#exit
SW_AC2(config)#
SW_AC2(config)#end
SW_AC2#
Step 3: Configure Trunking.

Note: Packet Tracer now supports the use of the range argument for the interface command.

For interfaces FastEthernet 0/19 through FastEthernet 0/24 on all three switches:

Configure static trunking.

Assign VLAN 43 as the native VLAN.

SW_AC2(config)#int r f 0/19-24
SW_AC2(config-if-range)#switchport mode trunk
SW_AC2(config-if-range)#switchport trunk native vlan 43
SW_AC2(config-if-range)#no shutdown
SW_AC2(config-if-range)#end
Step 4: Configure VTP and VLANs.

a. Step 1: Configure SW_DS1 as VTP server and the following VTP parameters:

· SW_DS1 is the VTP server.

· VTP domain name: CCNA

· VTP password: cisco

b. Create and name the following VLANs on SW_DS1.

· VLAN 10: Student

· VLAN 20: Faculty

· VLAN 43: Management

· VLAN 67: Wireless

c. Step 2: Configure SW_AC2 and SW_AC3 as VTP clients to participate in the CCNA VTP domain.

d. Step3: Verify that VTP is operational.

Step 5: Configure Interfaces for VLAN Access

VLAN port assignments on each switch are as follows:

Device
Ports
Assignment
SW_AC2, SW_AC3
Fa0/1 – 0/10
10
SW_AC2, SW_AC3
Fa0/11 – 0/17
20
SW_AC3
Fa0/18
67
a. Step 1: Configure access ports on access layer switches.

· Configure the appropriate interfaces on SW_AC2 and SW_AC3 for static access.

· Assign VLANs according to the port assignments table.

b. Step 2: Verify trunking and VLAN assignments.

Step 6: Configure Spanning Tree.

a. Modify STP root bridge elections.

· Using a priority of 4096, set SW_DS1 as the root bridge for all VLANs.

· Using a priority of 8192, set SW_AC2 as the backup root bridge for all VLANs.

b. Verify the spanning tree election.

Step 7: Configure Inter-VLAN Routing.

Use the information in the Addressing Table to configure Router1 for inter-VLAN routing.
Verify inter-VLAN routing.
Step 8: Configure Port Security.

Note: Best practice requires port security on all access ports. However, for this practice exercise you will
only configure one port with security.

a. Configure SW_AC3 with port security on FastEthernet 0/2.

· No more than 2 MAC addresses are allowed on the FastEthernet 0/2 port for SW_AC3.

· Once learned, MAC addresses should be automatically added to the running configuration.

· If this policy is violated, the port should be automatically disabled.

SW_AC3(config)#interface fastethernet 0/2

SW_AC3(config-if)#switchport port-security
SW_AC3(config-if)#
SW_AC3(config-if)#switchport port-security maximum 2
SW_AC3(config-if)#switchport port-security mac-addres sticky
SW_AC3(config-if)#switchport port-security violation shutdown
SW_AC3(config-if)#end

b. Verify that port security is implemented.

SW_AC3#show port-security address

Step 9: Configure the Wireless LAN.

Refer to the Addressing Table to configure the wireless LAN.

a. Configure WRS.

· Use static addressing on the Internet interface.

· Set the router IP and subnet mask.

· Configure the router to allow wireless hosts to use DHCP.

· The first host address is the 10th host address in the Wireless LAN subnet.

· The maximum number of hosts is 25.

b. Configure wireless security.

· Set the SSID to WRS_LAN.

· Enable WEP security and use 12345ABCDE as key1.

c. Enable remote management with the password cisco123.

d. Configure PC4 to access the wireless network that is provided by WRS. PC4 uses DHCP to obtain
addressing information.

Note: It will not be possible for devices to ping PC4 since PC4 is behind the WRS NAT firewall.
Step 10: Verify Connectivity.

Although these are not scored, the following connectivity tests should be successful.

SW_DS1 can ping Router1.

SW_AC2 can ping Router1.
SW_AC3 can ping Router1.
PC1 can ping PC2.
PC2 can ping PC3.
PC4 can ping PC1.

Version 1.0
Created in Packet Tracer 5.2.1 and Marvel 1.0.1
All contents are Copyright © 1992 - 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco
Public Information.