Scribd
Upload
1K views20 pages

8.6.1 PT Answers

This configuration document contains configurations for multiple routers and switches to implement VLANs, routing, NAT, and firewall services in a network. Key elements: - Router HQ configured with WAN links, NAT, routing, and basic firewall services to connect sites over Frame Relay. - Branch routers B1-B3 configured with VLANs, routing, DHCP, and connected over Frame Relay to HQ. - Access switches B1-S1-S3 joined to VLAN trunks, with port security on access ports for VLANs. - VLANs configured for departments on switches and routing/DHCP on branch routers.

Uploaded by

Sheila Snyder
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
1K views20 pages

8.6.1 PT Answers

This configuration document contains configurations for multiple routers and switches to implement VLANs, routing, NAT, and firewall services in a network. Key elements: - Router HQ configured with WAN links, NAT, routing, and basic firewall services to connect sites over Frame Relay. - Branch routers B1-B3 configured with VLANs, routing, DHCP, and connected over Frame Relay to HQ. - Access switches B1-S1-S3 joined to VLAN trunks, with port security on access ports for VLANs. - VLANs configured for departments on switches and routing/DHCP on branch routers.

Uploaded by

Sheila Snyder
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 20

!!!!!

HQ en conf t hostname HQ enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit int fa0/0 ip address 10.0.1.1 255.255.255.0 no shutdown exit Int s0/0/0 no ip address encapsulation frame-relay frame-relay lmi-type q933a no shutdown int s0/0/0.41 point-to-point ip address 10.255.255.1 255.255.255.252 frame-relay interface-dlci 41 int s0/0/0.42 point-to-point ip address 10.255.255.5 255.255.255.252 frame-relay interface-dlci 42 int s0/0/0.43 point-to-point ip address 10.255.255.9 255.255.255.252 frame-relay interface-dlci 43 exit int fa0/0 description Servers ip address 10.0.1.1 255.255.255.0 no shutdown exit username ISP password ciscochap int s0/1/0 description Link to ISP ip address 209.165.201.1 255.255.255.252

encapsulation ppp ppp authentication chap no shutdown exit username NewB password ciscopap int s0/0/1 description Link to NewB ip address 10.255.255.253 255.255.255.252 encapsulation ppp ppp authentication pap ppp pap sent-username HQ password 0 ciscopap clock rate 64000 no shutdown exit ip access-list standard NAT_LIST permit 10.0.0.0 0.255.255.255 exit ip nat pool XYZCORP 209.165.200.241 209.165.200.245 netmask 255.255.255.248 ip nat inside source list NAT_LIST pool XYZCORP overload ip nat inside source static 10.0.1.2 209.165.200.246 int fa0/0 ip nat inside int s0/0/0.41 point-to-point ip nat inside int s0/0/0.42 point-to-point ip nat inside int s0/0/0.43 point-to-point ip nat inside int s0/0/1 ip nat inside int s0/1/0 ip nat outside exit ip route 0.0.0.0 0.0.0.0 serial0/1/0 ip route 10.4.5.0 255.255.255.0 serial0/0/1 router eigrp 100 passive-interface fa0/0 passive-interface s0/0/1 passive-interface s0/1/0 network 10.0.0.0 no auto-summary exit

ip access-list extended FIREWALL !permit tcp any host 209.165.200.244 eq www permit tcp any host 209.165.200.246 eq www permit tcp any any established permit icmp any any echo-reply deny ip any any exit int s0/1/0 ip access-group FIREWALL in !!!!!B1 en conf t hostname B1 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit int s0/0/0 ip address 10.255.255.2 255.255.255.252 encapsulation frame-relay frame-relay lmi-type q933a no shutdown exit ip route 0.0.0.0 0.0.0.0 10.255.255.1 int fa0/0 no shutdown int fa0/0.10 description Admin VLAN 10 encapsulation dot1Q 10 ip address 10.1.10.1 255.255.255.0 int fa0/0.20 description Sales VLAN 20 encapsulation dot1Q 20 ip address 10.1.20.1 255.255.255.0 int fa0/0.30 description Production VLAN 30

encapsulation dot1Q 30 ip address 10.1.30.1 255.255.255.0 int fa0/0.88 description Wireless VLAN 88 encapsulation dot1Q 88 ip address 10.1.88.1 255.255.255.0 int fa0/0.99 description Management&Native VLAN 99 encapsulation dot1Q 99 native ip address 10.1.99.1 255.255.255.0 exit router eigrp 100 passive-interface fastethernet0/0.10 passive-interface fastethernet0/0.20 passive-interface fastethernet0/0.30 passive-interface fastethernet0/0.99 network 10.0.0.0 no auto-summary exit int s0/0/0 ip summary-address eigrp 100 10.1.0.0 255.255.0.0 exit ip dhcp excluded-address 10.1.10.1 10.1.10.10 ip dhcp excluded-address 10.1.20.1 10.1.20.10 ip dhcp excluded-address 10.1.30.1 10.1.30.10 ip dhcp excluded-address 10.1.88.1 10.1.88.24 ip dhcp pool B1_VLAN10 network 10.1.10.0 255.255.255.0 default-router 10.1.10.1 dns-server 10.0.1.4 exit ip dhcp pool B1_VLAN20 network 10.1.20.0 255.255.255.0 default-router 10.1.20.1 dns-server 10.0.1.4 exit ip dhcp pool B1_VLAN30 network 10.1.30.0 255.255.255.0 default-router 10.1.30.1 dns-server 10.0.1.4 exit ip dhcp pool B1_VLAN88

network 10.1.88.0 255.255.255.0 default-router 10.1.88.1 dns-server 10.0.1.4 !!!!!B2 en conf t hostname B2 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit int s0/0/0 ip address 10.255.255.6 255.255.255.252 encapsulation frame-relay frame-relay lmi-type q933a no shutdown exit ip route 0.0.0.0 0.0.0.0 10.255.255.5 int fa0/0 no shutdown int fa0/0.10 description Admin VLAN 10 encapsulation dot1Q 10 ip address 10.2.10.1 255.255.255.0 int fa0/0.20 description Sales VLAN 20 encapsulation dot1Q 20 ip address 10.2.20.1 255.255.255.0 int fa0/0.30 description Production VLAN 30 encapsulation dot1Q 30 ip address 10.2.30.1 255.255.255.0 int fa0/0.88 description Wireless VLAN 88 encapsulation dot1Q 88 ip address 10.2.88.1 255.255.255.0

int fa0/0.99 description Management&Native VLAN 99 encapsulation dot1Q 99 native ip address 10.2.99.1 255.255.255.0 exit router eigrp 100 passive-interface fastethernet0/0.10 passive-interface fastethernet0/0.20 passive-interface fastethernet0/0.30 passive-interface fastethernet0/0.99 network 10.0.0.0 no auto-summary exit int s0/0/0 ip summary-address eigrp 100 10.2.0.0 255.255.0.0 exit ip dhcp excluded-address 10.2.10.1 10.2.10.10 ip dhcp excluded-address 10.2.20.1 10.2.20.10 ip dhcp excluded-address 10.2.30.1 10.2.30.10 ip dhcp excluded-address 10.2.88.1 10.2.88.24 ip dhcp pool B2_VLAN10 network 10.2.10.0 255.255.255.0 default-router 10.2.10.1 dns-server 10.0.1.4 exit ip dhcp pool B2_VLAN20 network 10.2.20.0 255.255.255.0 default-router 10.2.20.1 dns-server 10.0.1.4 exit ip dhcp pool B2_VLAN30 network 10.2.30.0 255.255.255.0 default-router 10.2.30.1 dns-server 10.0.1.4 exit ip dhcp pool B2_VLAN88 network 10.2.88.0 255.255.255.0 default-router 10.2.88.1 dns-server 10.0.1.4 !!!!!B3 en conf t

hostname B3 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit int s0/0/0 ip address 10.255.255.10 255.255.255.252 encapsulation frame-relay ietf frame-relay lmi-type ansi no shutdown exit ip route 0.0.0.0 0.0.0.0 10.255.255.9 int fa0/0 no shutdown int fa0/0.10 description Admin VLAN 10 encapsulation dot1Q 10 ip address 10.3.10.1 255.255.255.0 int fa0/0.20 description Sales VLAN 20 encapsulation dot1Q 20 ip address 10.3.20.1 255.255.255.0 int fa0/0.30 description Production VLAN 30 encapsulation dot1Q 30 ip address 10.3.30.1 255.255.255.0 int fa0/0.88 description Wireless VLAN 88 encapsulation dot1Q 88 ip address 10.3.88.1 255.255.255.0 int fa0/0.99 description Management&Native VLAN 99 encapsulation dot1Q 99 native ip address 10.3.99.1 255.255.255.0 exit router eigrp 100

passive-interface fastethernet0/0.10 passive-interface fastethernet0/0.20 passive-interface fastethernet0/0.30 passive-interface fastethernet0/0.99 network 10.0.0.0 no auto-summary exit int s0/0/0 ip summary-address eigrp 100 10.3.0.0 255.255.0.0 exit ip dhcp excluded-address 10.3.10.1 10.3.10.10 ip dhcp excluded-address 10.3.20.1 10.3.20.10 ip dhcp excluded-address 10.3.30.1 10.3.30.10 ip dhcp excluded-address 10.3.88.1 10.3.88.24 ip dhcp pool B3_VLAN10 network 10.3.10.0 255.255.255.0 default-router 10.3.10.1 dns-server 10.0.1.4 exit ip dhcp pool B3_VLAN20 network 10.3.20.0 255.255.255.0 default-router 10.3.20.1 dns-server 10.0.1.4 exit ip dhcp pool B3_VLAN30 network 10.3.30.0 255.255.255.0 default-router 10.3.30.1 dns-server 10.0.1.4 exit ip dhcp pool B3_VLAN88 network 10.3.88.0 255.255.255.0 default-router 10.3.88.1 dns-server 10.0.1.4 !!!!!B1-S1 en conf t hostname B1-S1 enable secret class no ip domain-lookup line con 0 password cisco

login logging synch line vty 0 4 password cisco login exit vtp mode server vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk int fa0/5 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.1.99.21 255.255.255.0 no shutdown exit ip default-gateway 10.1.99.1 vlan 10 name Admin vlan 20 name Sales vlan 30 name Production vlan 88 name Wireless vlan 99 name Mgmt&Native exit spanning-tree vlan 1 priority 4096

spanning-tree vlan 10 priority 4096 spanning-tree vlan 20 priority 4096 spanning-tree vlan 30 priority 4096 spanning-tree vlan 88 priority 4096 spanning-tree vlan 99 priority 4096 !!!!!B1-S2 en conf t hostname B1-S2 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.1.99.22 255.255.255.0 no shut exit ip default-gateway 10.1.99.1 int fa0/6

switchport access vlan 10 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/11 switchport access vlan 20 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/16 switchport access vlan 30 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown !!!!!B1-S3 en conf t hostname B1-S3 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2

switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.1.99.23 255.255.255.0 no shutdown exit ip default-gateway 10.1.99.1 int fa0/7 switchport access vlan 88 switchport mode access exit spanning-tree vlan 1 priority 8192 spanning-tree vlan 10 priority 8192 spanning-tree vlan 20 priority 8192 spanning-tree vlan 30 priority 8192 spanning-tree vlan 88 priority 8192 spanning-tree vlan 99 priority 8192 !!!!B2-S1 en conf t hostname B2-S1 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode server vtp domain xyzcorp vtp password xyzvtp

int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk int fa0/5 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.2.99.21 255.255.255.0 no shutdown exit ip default-gateway 10.2.99.1 vlan 10 name Admin vlan 20 name Sales vlan 30 name Production vlan 88 name Wireless vlan 99 name Mgmt&Native exit spanning-tree vlan 1 priority 4096 spanning-tree vlan 10 priority 4096 spanning-tree vlan 20 priority 4096 spanning-tree vlan 30 priority 4096 spanning-tree vlan 88 priority 4096 spanning-tree vlan 99 priority 4096 !!!!!B2-S2 en conf t hostname B2-S2

enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.2.99.22 255.255.255.0 no shut exit ip default-gateway 10.2.99.1 int fa0/6 switchport access vlan 10 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/11 switchport access vlan 20 switchport mode access switchport port-security

switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/16 switchport access vlan 30 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown !!!!!B2-S3

en conf t hostname B2-S3 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99

ip address 10.2.99.23 255.255.255.0 no shut exit ip default-gateway 10.2.99.1 int fa0/7 switchport access vlan 88 switchport mode access exit spanning-tree vlan 1 priority 8192 spanning-tree vlan 10 priority 8192 spanning-tree vlan 20 priority 8192 spanning-tree vlan 30 priority 8192 spanning-tree vlan 88 priority 8192 spanning-tree vlan 99 priority 8192 !!!!!B3-S1

en conf t hostname B3-S1 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode server vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4

switchport trunk native vlan 99 switchport mode trunk int fa0/5 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.3.99.21 255.255.255.0 no shutdown exit ip default-gateway 10.3.99.1 vlan 10 name Admin vlan 20 name Sales vlan 30 name Production vlan 88 name Wireless vlan 99 name Mgmt&Native exit spanning-tree vlan 1 priority 4096 spanning-tree vlan 10 priority 4096 spanning-tree vlan 20 priority 4096 spanning-tree vlan 30 priority 4096 spanning-tree vlan 88 priority 4096 spanning-tree vlan 99 priority 4096 !!!!!B3-S2 en conf t hostname B3-S2 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit

vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.3.99.22 255.255.255.0 no shut exit ip default-gateway 10.3.99.1 int fa0/6 switchport access vlan 10 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/11 switchport access vlan 20 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown int fa0/16 switchport access vlan 30 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown

!!!!!B3-S3 en conf t hostname B3-S3 enable secret class no ip domain-lookup line con 0 password cisco login logging synch line vty 0 4 password cisco login exit vtp mode client vtp domain xyzcorp vtp password xyzvtp int fa0/1 switchport trunk native vlan 99 switchport mode trunk int fa0/2 switchport trunk native vlan 99 switchport mode trunk int fa0/3 switchport trunk native vlan 99 switchport mode trunk int fa0/4 switchport trunk native vlan 99 switchport mode trunk exit int vlan 99 ip address 10.3.99.23 255.255.255.0 no shut exit ip default-gateway 10.3.99.1 int fa0/7 switchport access vlan 88 switchport mode access exit spanning-tree vlan 1 priority 8192 spanning-tree vlan 10 priority 8192 spanning-tree vlan 20 priority 8192

spanning-tree vlan 30 priority 8192 spanning-tree vlan 88 priority 8192 spanning-tree vlan 99 priority 8192

You will still

have to configure pc's and wireless routers.

You might also like