Scribd
Upload
1K views10 pages

Shogun Method Derek Rake

shogun method derek rake

Uploaded by

Syed Tushin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views10 pages

Shogun Method Derek Rake

shogun method derek rake

Uploaded by

Syed Tushin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Packet Tracer – Skills Integration Challenge (Instructor Version)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Topology

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 10
Packet Tracer – Skills Integration Challenge

Addressing Table
Instructor Note: The student version has blanks in place of all variables shown in double brackets.

Device Interface IP Address Subnet Mask Default Gateway

G0/0.15 [[R1G0sub15Add]] [[R1G0sub15SM]] N/A


G0/0.30 [[R1G0sub30Add]] [[R1G0sub30SM]] N/A
G0/0.45 [[R1G0sub45Add]] [[R1G0sub45SM]] N/A
[[R1Name]] G0/0.60 [[R1G0sub60Add]] [[R1G0sub60SM]] N/A
S0/0/0 [[R1S000Add]] [Link] N/A
S0/0/1 [[R1S001Add]] [Link] N/A
S0/1/0 [[R1S010Add]] [Link] N/A
G0/0 [[R2G00Add]] [[R2R3LanSM]] N/A
[[R2Name]] S0/0/0 [[R2S000Add]] [Link] N/A
S0/0/1 [[R2S001Add]] [Link] N/A
G0/0 [[R3G00Add]] [[R2R3LanSM]] N/A
[[R3Name]] S0/0/0 [[R3S000Add]] [Link] N/A
S0/0/1 [[R3S001Add]] [Link] N/A
[[S1Name]] VLAN 60 [[S1VLAN60Add]] [[R1G0sub60SM]] [[R1G0sub60Add]]
[[PC1Name]] NIC DHCP Assigned DHCP Assigned DHCP Assigned

VLANs and Port Assignments Table

VLAN Number - Name Port assignment Network

15 - Servers F0/11 - F0/20 [[R1-VLANsrvNet]]


30 - PCs F0/1 - F0/10 [[R1-VLANpcNet]]
45 - Native G0/1 [[R1-VLANntvNet]]
60 - Management VLAN 60 [[R1-VLANmanNet]]

Scenario
This culminating activity includes many of the skills that you have acquired during this course. First, you will
complete the documentation for the network. Make sure you have a printed version of the instructions. During
implementation, you will configure VLANs, trunking, port security and SSH remote access on a switch. You
will then implement inter-VLAN routing and NAT on a router. Finally, you will use your documentation to verify
your implementation by testing end-to-end connectivity.

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 10
Packet Tracer – Skills Integration Challenge

Documentation
You are required to fully document the network. You will need a print out of this instruction set, which will
include an unlabeled topology diagram:
o Label all the device names, network addresses and other important information that Packet Tracer
generated.
o Complete the Addressing Table and VLANs and Port Assignments Table.
o Fill in any blanks in the Implementation and Verification steps. The information is supplied when
you launch the Packet Tracer activity.

Implementation
Note: All devices in the topology except [[R1Name]], [[S1Name]], and [[PC1Name]] are fully configured. You
do not have access to the other routers. You can access all the servers and PCs for testing purposes.
Implement to following requirements using your documentation:
[[S1Name]]
• Configure remote management access including IP addressing and SSH:
o Domain is [Link]
o User [[UserText]] with password [[UserPass]]
o Crypto key length of 1024
o SSH version 2, limited to 2 authentication attempts and a 60 second timeout using the following
commands:
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
o Clear text passwords should be encrypted.
• Configure, name and assign VLANs. Ports should be manually configured as access ports.
• Configure trunking.
• Implement port security:
o On F0/1, allow 2 MAC addresses that are automatically added to the configuration file when detected.
The port should not be disabled, but a syslog message should be captured if a violation occurs.
o Disable all other unused ports.
[[R1Name]]
• Configure inter-VLAN routing.
• Configure DHCP services for VLAN 30. Use LAN as the case-sensitive name for the pool.
• Implement routing:
o Use RIPv2 as the routing protocol.
o Configure one network statement for the entire [[DisplayNet]] address space.
o Disable interfaces that should not send RIPv2 messages.
o Configure a default route to the Internet.
• Implement NAT:

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 10
Packet Tracer – Skills Integration Challenge

o Configure a standard, one statement ACL number 1. All IP addresses belonging to the [[DisplayNet]]
address space are allowed.
o Refer to your documentation and configure static NAT for the File Server.
o Configure dynamic NAT with PAT using a pool name of your choice, a /30 mask, and these two public
addresses:
[[NATPoolText]]
[[PC1Name]]
Verify [[PC1Name]] has received full addressing information from [[R1Name]].

Verification
All devices should now be able to ping all other devices. If not, troubleshoot your configurations to isolate and
solve problems. A few tests include:
• Verify remote access to [[S1Name]] by using SSH from a PC.
• Verify VLANs are assigned to appropriate ports and port security is in force.
• Verify RIP neighbors and a complete routing table.
• Verify NAT translations and statics.
o Outside Host should be able to access File Server at the public address.
o Inside PCs should be able to access Web Server.
• Document any problems you encountered and the solutions in the Troubleshooting Documentation
table below.

Troubleshooting Documentation

Problem Solution

Suggested Scoring Rubric


Packet Tracer scores 70 points. Documentation is worth 30 points.

ID:[[indexAdds]][[indexNames]]

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 10
Packet Tracer – Skills Integration Challenge

*****************************************************
ISOMORPH ID KEY:
ID = XY where;
X = indexAdds for /24 private address space
Y = indexNAMES for device names
Note: Each seed contains variables that are independent
of the other seeds. There are 9 possible combinations.
You do not need to test all the various combinations.
Solutions for isomorph scenario IDs 00, 11, and 22 are provided here.
The isomorph scenario ID is provided at the bottom of the instructions.
=======================================================
ISOMORPH ID = 00
=======================================================
HQ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
en
conf t
ip dhcp pool LAN
network [Link] [Link]
default-router [Link]
interface GigabitEthernet0/0
no shutdown
interface GigabitEthernet0/0.15
encapsulation dot1Q 15
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.45
encapsulation dot1Q 45 native
ip address [Link] [Link]
interface GigabitEthernet0/0.60
encapsulation dot1Q 60
ip address [Link] [Link]
router rip
version 2
passive-interface GigabitEthernet0/0
passive-interface Serial0/1/0
network [Link]
!
ip nat pool TEST [Link] [Link] netmask [Link]
ip nat inside source list 1 pool TEST overload
ip nat inside source static [Link] [Link]
ip route [Link] [Link] Serial0/1/0
access-list 1 permit [Link] [Link]
interface s0/0/0
ip nat inside

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 10
Packet Tracer – Skills Integration Challenge

interface s0/0/1
ip nat inside
interface s0/1/0
ip nat outside
end
wr
!!!!!!!!!!!!!!!!!!!!!!!!
!HQ-Sw!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!
en
conf t
int vlan 60
ip add [Link] [Link]
no shut
ip default-gateway [Link]
vlan 15
name Servers
vlan 30
name PCs
vlan 45
name Native
vlan 60
name Management
interface range fa0/1 - 10
switchport mode access
switchport access vlan 30
interface fa0/1
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface range fa0/11 - 20
switchport mode access
switchport access vlan 15
interface g0/1
switchport mode trunk
switchport trunk native vlan 45
interface range fa0/21 - 24 , g0/2
shutdown
ip domain-name [Link]
crypto key gen rsa
1024

user HQadmin pass ciscoclass


service password-encryption
ip ssh version 2
ip ssh auth 2
ip ssh time 60
line vty 0 15

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 10
Packet Tracer – Skills Integration Challenge

login local
transport input ssh

=======================================================
ISOMORPH ID = 11
=======================================================
!Admin!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
en
conf t
ip dhcp pool LAN
network [Link] [Link]
default-router [Link]
interface GigabitEthernet0/0
no shutdown
interface GigabitEthernet0/0.15
encapsulation dot1Q 15
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.45
encapsulation dot1Q 45 native
ip address [Link] [Link]
interface GigabitEthernet0/0.60
encapsulation dot1Q 60
ip address [Link] [Link]
router rip
version 2
passive-interface GigabitEthernet0/0
passive-interface Serial0/1/0
network [Link]
interface s0/0/0
ip nat inside
interface s0/0/1
ip nat inside
interface s0/1/0
ip nat outside
!
ip nat pool TEST [Link] [Link] netmask [Link]
ip nat inside source list 1 pool TEST overload
ip nat inside source static [Link] [Link]
ip route [Link] [Link] Serial0/1/0
access-list 1 permit [Link] [Link]
end
wr
!!!!!!!!!!!!!!!!!!!!!!!!
!Admin-Sw!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 10
Packet Tracer – Skills Integration Challenge

en
conf t
int vlan 60
ip add [Link] [Link]
no shut
ip default-gateway [Link]
vlan 15
name Servers
vlan 30
name PCs
vlan 45
name Native
vlan 60
name Management
interface range fa0/1 - 10
switchport mode access
switchport access vlan 30
interface fa0/1
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface range fa0/11 - 20
switchport mode access
switchport access vlan 15
interface g0/1
switchport mode trunk
switchport trunk native vlan 45
interface range fa0/21 - 24 , g0/2
shutdown
ip domain-name [Link]
crypto key gen rsa
1024

user Admin pass letmein


service password-encryption
ip ssh version 2
ip ssh auth 2
ip ssh time 60
line vty 0 15
login local
transport input ssh

===============================================================
ISOMORPH ID: 22
===============================================================
!Central!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
en
conf t

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 10
Packet Tracer – Skills Integration Challenge

ip dhcp pool LAN


network [Link] [Link]
default-router [Link]
interface GigabitEthernet0/0
no shutdown
interface GigabitEthernet0/0.15
encapsulation dot1Q 15
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address [Link] [Link]
ip nat inside
interface GigabitEthernet0/0.45
encapsulation dot1Q 45 native
ip address [Link] [Link]
interface GigabitEthernet0/0.60
encapsulation dot1Q 60
ip address [Link] [Link]
router rip
version 2
passive-interface GigabitEthernet0/0
passive-interface Serial0/1/0
network [Link]
interface s0/0/0
ip nat inside
interface s0/0/1
ip nat inside
interface s0/1/0
ip nat outside
!
ip nat pool TEST [Link] [Link] netmask [Link]
ip nat inside source list 1 pool TEST overload
ip nat inside source static [Link] [Link]
ip route [Link] [Link] Serial0/1/0
access-list 1 permit [Link] [Link]
end
wr
!!!!!!!!!!!!!!!!!!!!!!!!
!Cnt-Sw!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
en
conf t
int vlan 60
ip add [Link] [Link]
no shut
ip default-gateway [Link]
vlan 15
name Servers
vlan 30

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 9 of 10
Packet Tracer – Skills Integration Challenge

name PCs
vlan 45
name Native
vlan 60
name Management
interface range fa0/1 - 10
switchport mode access
switchport access vlan 30
interface fa0/1
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface range fa0/11 - 20
switchport mode access
switchport access vlan 15
interface g0/1
switchport mode trunk
switchport trunk native vlan 45
interface range fa0/21 - 24 , g0/2
shutdown
ip domain-name [Link]
crypto key gen rsa
1024

user CAdmin pass itsasecret


service password-encryption
ip ssh version 2
ip ssh auth 2
ip ssh time 60
line vty 0 15
login local
transport input ssh

© 2018 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 10 of 10

You might also like