Scribd
Upload
827 views9 pages

BMIT3084 Router Configuration Guide

Uploaded by

LEE TZU YUEN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
827 views9 pages

BMIT3084 Router Configuration Guide

Uploaded by

LEE TZU YUEN
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

BMIT3084 Enterprise Networking

Skills Based Assessment SBA Trial Exam

Topology – As shown in the Packet Tracer


Addressing Table

Default
Device Interface IP Address Subnet Mask Gateway

G0/1 [Link] [Link] N/A


S0/0/0 N/A
(DCE) [Link] [Link]
ISP S0/0/1 N/A
(DCE) [Link] [Link]
S0/1/0
(DCE) [Link] [Link] N/A
S0/0/0 [Link] [Link] N/A
VPN1
G0/1 [Link] [Link] N/A
S0/0/0 [Link] [Link] N/A
VPN2
G0/1 [Link] [Link] N/A
S0/0/1 [Link] [Link] N/A
NAT G0/0 [Link] [Link] N/A
G0/1 [Link] [Link] N/A
G0/0 [Link] [Link] N/A
DHCP
G0/1 [Link] [Link] N/A
PC-A NIC DHCP Client
PC-Office NIC [Link] [Link] [Link]
PC-B NIC DHCP Client

PC-C NIC [Link] [Link] [Link]

PC-D NIC [Link] [Link] [Link]


LocalServer/DNS
Server NIC [Link] [Link] [Link]

ExternalServer NIC [Link] [Link] [Link]

ExternalHost NIC [Link] [Link] [Link]

Assessment Objectives
 Configure OSPF and static route
 Configure IP services: NAT and DHCP
 Configure GRE tunnel
 Configure network access control using ACLs

User Profile
You are required to fill in your name and email address in the Packet Tracer User Profile

Pre-configuration:
All devices have been pre-configured with the basic IP addresses except PC-A, PC-B, PC-C and PC-D.
Enable password for NAT router is cisco

Complete the following task:


1. Configure OSPF
a. Configure a single area OSPF on NAT and DHCP routers using process-id 10 and area
0.
b. Configuring the LAN interfaces as passive interfaces to ensure they do not form
a neighbour relationship with each other.
c. Adjust the reference bandwidth to 100000 on each OSPF router
d. Propagate a default route configured using next hop IP address.

2. Configure Static Route


a. Configure a static route on ISP router to route to the public network address for
Network CK1 and Kong2 using next hop IP address.
Isp ip route [Link] [Link] [Link]

b. Configure 2 static routes on ISP to route packets to Network Jessie3 using respective
next hop IP address.
Ip route [Link] [Link] [Link]
Ip route [Link] [Link] [Link]
c. Configure default static routes in VPN1, VPN2 and NAT routers to forward traffic to
ISP using respective next hop IP address.
Vpn1 : ip route [Link] [Link] [Link]
Vpn2 : ip route [Link] [Link] [Link]
Nat :ip route [Link] [Link] [Link]

3. Configure DHCP
a. Network CK1
i. Exclude first 5 IP addresses from the pool
ii. DHCP pool name: POOL-CK1
iii. DNS [Link]
ip dhcp excluded-address [Link] [Link]

ip dhcp pool POOL-CK1


network [Link] [Link]
default-router [Link]
dns-server [Link]

b. Network Kong2
i. Exclude first 5 IP addresses from the pool
ii. DHCP pool name: POOL-Kong2
iii. DNS [Link]
ip dhcp excluded-address [Link] [Link]

ip dhcp pool POOL-Kong2


network [Link] [Link]
default-router [Link]
dns-server [Link]

NAT
int g0/1
Ip helper-address [Link]

4. Configure NAT
a. Configure dynamic NAT with Overload
i. NAT pool name: NAT-TARUCPOOL
ii. Public network address: [Link]/29 assign all ip exclude last usable
iii. Reserve the LAST usable IP address for STATIC mapping to the LocalServer
iv. Network Kong2 and Network CK1 are allowed to access to anywhere in the
Internet (use keyword) using a named extended ACL NAT-ACL
b. Configure static NAT
i. Map the LocalServer to the LAST usable IP address from
the [Link]/29
ip nat pool NAT-TARUCPOOL 208..165.102.1 208..165.102.5 netmask [Link]
ip nat inside source list NAT-ACL pool NAT-TARUCPOOL overload

ip access-list extended NAT-ACL


permit ip [Link] [Link] any
permit ip [Link] [Link] any

int g0/0
ip nat inside

int g0/1
ip nat inside

int s0/0/1
ip nat outside

b. Configure static NAT


i. Map the LocalServer to the LAST usable IP address from
the [Link]/29
5. Configure a GRE tunnel between VPN1 and NAT router
a. Tunnel number 1
b. Use the FIRST usable IP address from [Link]/30 for the tunnel interface at VPN1
c. In VPN1, configure a static route over the tunnel to the inside summarized network
space [Link] /16 using next-hop ip address.
Ip route [Link] [Link] [Link]
d. In NAT, configure a static route over the tunnel to VPN1 network [Link]
/24 using next-hop ip address.
Ip route [Link] [Link] [Link]

6. Configure a GRE tunnel between VPN2 and NAT router


a. Tunnel number 2
b. Use the FIRST usable IP address from [Link]/30 for the tunnel interface at VPN2
c. In VPN2, configure a static route over the tunnel to the inside summarized network
space [Link] /16 using next-hop ip address.
d. In NAT, configure a static route over the tunnel to VPN2 network [Link]
/24 using next-hop ip address.

7. Configure named standard ACL (use keyword host wherever applicable)


a. Configure a named standard ACL OFFICE-ACL on NAT router to allow Telnet access
b. Use telnet password cisco
c. Allow only PC-Office.

8. Configure numbered extended ACL (use keyword host wherever applicable)


a. Configure a numbered extended ACL using 188 on DHCP router
b. Permit any DHCP clients communicate to any DHCP Servers
c. Permit DNS access from Network CK1 to the DNS Server
d. SECOND half of Network CK1 is allowed to HTTPS to the LocalServer (use port
number)
e. PC-Office is allowed to HTTPS to the LocalServer(use port number)
f. SECOND half of the Network CK1 is allowed to FTP to the LocalServer
g. Network CK1 is allowed to access [Link]/24
h. Ensure PC-Office can telnet to G0/0 of NAT router
9. You are required to submit (upload and turn in) the following:
a. A screen shot of the score with your User Profile details
b. A configured Packet Tracer file.

~~~~~~~~~~~~~~~~~~~~~~~~~~ The End ~~~~~~~~~~~~~~~~~~~~~~~~~~

You might also like