Outdated_Cisco 4 Intructor Version_Outdated
-
Upload
jose-a-ibarra -
Category
Documents
-
view
200 -
download
4
Transcript of Outdated_Cisco 4 Intructor Version_Outdated
WAN TechnologiesCCNA 4 Labs and Study GuideInstructor Edition
John Rullan
Cisco Networking Academy Program
The only authorized Labs and Study Guide for the Cisco Networking Academy Program
ii WAN Technologies CCNA 4 Labs and Study Guide
PublisherPaul Boger
Cisco RepresentativeAnthony Wolfenden
Cisco Press Program ManagerJeff Brady
Executive EditorMary Beth Ray
Managing EditorPatrick Kanouse
Senior Development EditorChristopher A. Cleveland
Senior Project EditorSan Dee Phillips
Copy EditorKeith Cline
Technical EditorScott Empson
Team CoordinatorVanessa Evans
Book and Cover DesignerLouisa Adair
CompositionMark Shirar
WAN TechnologiesCCNA 4 Labs and Study Guide
Instructor Edition
John Rullan
Copyright© 2007 Cisco Systems, Inc.
Published by:Cisco Press800 East 96th Street Indianapolis, IN 46240 USA
All rights reserved. No part of this book may be reproduced or transmittedin any form or by any means, electronic or mechanical, including photo-copying, recording, or by any information storage and retrieval system,without written permission from the publisher, except for the inclusion ofbrief quotations in a review.
Printed in the United States of America 1 2 3 4 5 6 7 8 9 0
First Printing August 2006
ISBN: 1-58713-184-6
Warning and DisclaimerThis book is designed to provide information about the labs for WANTechnologies CCNA 4 course of the Cisco Networking Academy Program.Every effort has been made to make this book as complete and as accurateas possible, but no warranty or fitness is implied.
The information is provided on an “as is” basis. The author, Cisco Press,and Cisco Systems, Inc. shall have neither liability nor responsibility to anyperson or entity with respect to any loss or damages arising from the infor-mation contained in this book or from the use of the discs or programs thatmay accompany it.
The opinions expressed in this book belong to the author and are not neces-sarily those of Cisco Systems, Inc.
Corporate and Government SalesCisco Press offers excellent discounts on this book when ordered in quantityfor bulk purchases or special sales.
For more information please contact: U.S. Corporate and Government Sales1-800-382-3419 [email protected]
For sales outside the U.S. please contact:International Sales [email protected]
Feedback InformationAt Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each bookis crafted with care and precision, undergoing rigorous development that involves the unique expertise ofmembers from the professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how wecould improve the quality of this book, or otherwise alter it to better suit your needs, you can contact usthrough e-mail at [email protected]. Please make sure to include the book title and ISBN in yourmessage.
We greatly appreciate your assistance.
Trademark AcknowledgmentsAll terms mentioned in this book that are known to be trademarks or service marks have been appropriatelycapitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of aterm in this book should not be regarded as affecting the validity of any trademark or service mark.
iii
About the AuthorJohn Rullan has been a teacher at Thomas Edison High School in Jamaica, New York, for the past 10years and has been a Cisco instructor since 1998. He is the New York City Department of Education city-wide Cisco trainer and is the regional manager for Queens, New York, high schools. John also has taughtCCNA, CCNP, and network security at the Borough of Manhattan Community College since 2000. Heprovides support to the academy community, working with the CCNA/CCNP Instructional Support team,too. John holds the Network+, CCNA, CCNP, and CCAI certifications.
About the ContributerJim Lorenz is a curriculum developer for the Cisco Networking Academy Program who co-authored thethird editions of the Lab Companions for the CCNA courses. He has more than 20 years experience ininformation systems and has held various IT positions in several Fortune 500 companies, including Allied-Signal, Honeywell, and Motorola. Jim has developed and taught computer and networking courses for bothpublic and private institutions for more than 15 years.
iv WAN Technologies CCNA 4 Labs and Study Guide
About the Technical ReviewerScott Empson, CCDA, CCNP, CCAI, Network+, is an instructor in the telecommunications departmentat the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada. He teaches Cisco routing,switching, and network design courses to students at the post-secondary level. Scott holds three undergrad-uate degrees: a bachelor of arts, with a major in English; a bachelor of education, with a major inEnglish/language arts; and a bachelor of applied information systems technology, with a major in networkmanagement.
v
DedicationTo my daughters, Brianna and Gabriella.
vi WAN Technologies CCNA 4 Labs and Study Guide
AcknowledgmentsThis book could not have been completed without hard work and dedication from my students at ThomasEdison High School. Their input and assistance in designing the challenge labs are what makes this bookso special to be a part of. I want to give special thanks to Lourdes Luna, Charish Patel, Charles Chen,Alvar Lam, Nader Khandaker, Tulin Ravienthira, and Johanna Iniguez.
vii
Contents at a Glance
Chapter 1 Scaling IP Addresses 1
Chapter 2 WAN Technologies 75
Chapter 3 PPP 81
Chapter 4 ISDN and DDR 129
Chapter 5 Frame Relay 169
Chapter 6 Introduction to Network Administration 237
Appendix A Troubleshooting Questions and Lab Exercise 245
Appendix B Adtran Configuration Lab 281
Appendix C Router Interface Summary Chart 291
Appendix D Erasing and Reloading the Switch 293
Appendix E Erasing and Reloading the Router 295
viii WAN Technologies CCNA 4 Labs and Study Guide
Contents
Chapter 1 Scaling IP Addresses 1
Study Guide 2
Scaling Networks with NAT and PAT 2
Concept Questions 2
Research Assignment 3
Matching Terms 7
DHCP 8
Concept Questions 8
Matching Terms 9
Lab Exercises 10
Curriculum Lab 1-1: Configuring NAT (1.1.4a) 10
Task 1: Configure the Routers 11
Task 2: Save the Configuration 11
Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, andDefault Gateway 11
Task 4: Verify That the Network Is Functioning 11
Task 5: Create a Static Route 11
Task 6: Create a Default Route 12
Task 7: Define the Pool of Usable Public IP Addresses 13
Task 8: Define an Access List That Matches the Inside Private IP Addresses 13
Task 9: Define the NAT Translation from Inside the List to Outside the Pool 13
Task 10: Specify the Interfaces 13
Task 11: Test the Configuration 13
Curriculum Lab 1-2: Configuring PAT (1.1.4b) 15
Task 1: Configure the Routers 16
Task 2: Save the Configurations 16
Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, andDefault Gateway 16
Task 4: Verify That the Network Is Functioning 16
Task 5: Create a Default Route 16
Task 6: Define an Access List That Matches the Inside Private IP Addresses 17
Task 7: Define the PAT Translation from Inside the List to Outside the Address 17
Task 8: Specify the Interfaces 17
Task 9: Test the Configuration 17
Curriculum Lab 1-3: Configuring Static NAT Addresses (1.1.4c) 19
Task 1: Configure the Routers 20
Task 2: Save the Configurations 20
Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, andDefault Gateway 20
Task 4: Verify That the Network Is Functioning 20
Task 5: Create a Static Route 21
Task 6: Create a Default Route 21
Task 7: Define the Pool of Usable Public IP Addresses 21
ix
Task 8: Define an Access List That Matches the Inside Private IP Addresses 21
Task 9: Define the NAT Translation from Inside the List to Outside the Pool 22
Task 10: Specify the Interfaces 22
Task 11: Configure Static Mapping 22
Task 12: Test the Configuration 22
Curriculum Lab 1-4: Verifying NAT and PAT Configuration (1.1.5) 24
Task 1: Configure the Routers 25
Task 2: Save the Configurations 25
Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, andDefault Gateway 25
Task 4: Verify That the Network Is Functioning 25
Task 5: Create a Static Route 25
Task 6: Create a Default Route 26
Task 7: Define the Pool of Usable Public IP Addresses 26
Task 8: Define an Access List That Matches the Inside Private IP Addresses 26
Task 9: Define the NAT Translation from Inside the List to Outside the Pool 27
Task 10: Specify the Interfaces 27
Task 11: Test the Configuration 27
Task 12: Verify NAT/PAT Statistics 27
Curriculum Lab 1-5: Troubleshooting NAT and PAT (1.1.6) 29
Task 1: Configure the Routers 30
Task 2: Save the Configurations 30
Task 3: Configure the Hosts with the Proper IP Address, Subnet Mask, andDefault Gateway 30
Task 4: Verify That the Network Is Functioning 30
Task 5: Create a Static Route 30
Task 6: Create a Default Route 31
Task 7: Define the Pool of Usable Public IP Addresses 31
Task 8: Define an Access List That Matches the Inside Private IP Addresses 31
Task 9: Define the NAT Translation from Inside the List to Outside the Pool 31
Task 10: Specify the Interfaces 32
Task 11: Test the Configuration 32
Curriculum Lab 1-6: Configuring DHCP (1.2.6) 34
Task 1: Configure the Routers 35
Task 2: Save the Configurations 35
Task 3: Create a Static Route 35
Task 4: Create a Default Route 35
Task 5: Create the DHCP Address Pool 36
Task 6: Exclude Addresses from the Pool 36
Task 7: Verify DHCP Operation 36
Task 8: View DHCP Bindings 37
Curriculum Lab 1-7: Configuring DHCP Relay (1.2.8) 37
Task 1: Configure the Routers 38
Task 2: Configure Routing on the Remote Router 38
Task 3: Configure Routing on the Campus Router 38
Task 4: Save the Configurations 39
x WAN Technologies CCNA 4 Labs and Study Guide
Task 5: Create the Campus DHCP Address Pool on the Campus Router 39
Task 6: Create the Remote DHCP Address Pool on the Campus Router 40
Task 7: Exclude Addresses from the Pool 40
Task 8. Verify DHCP Operation on the Campus Router 40
Task 9: Verify DHCP Operation on the Remote Router 41
Task 10: Configure DHCP Relay 41
Task 11: Verify DHCP Operation on the Remote Router 41
Task 12: View DHCP Bindings 41
Comprehensive Lab 1-8: Configuring NAT, PAT, and Static NAT 42
Challenge Lab 1-9: NAT, PAT, DHCP 49
Challenge Lab 1-10: Double NAT Configuration 57
Task 1: Cabling and Configuration 57
Task 2: IP Addressing 57
Task 3: Inter-VLAN Communication 58
Task 4: Configure VLANs, VLAN Ports, and the HTTP Server 58
Task 5: Configure and Verify RIPv2 Operation 58
Task 6: Configure DHCP 58
Task 7: Configure NAT and PAT 58
Task 8: Verify Configurations 58
Optional Lab 1-11: Using a Linksys Router to Simulate a HomeNetwork 70
Chapter 2 WAN Technologies 75
Study Guide 76
WAN Technologies Overview 76
Concept Questions 76
WAN Technologies 77
Matching Terms 77
WAN Design 78
Concept Questions 78
Lab Exercises 80
Chapter 3 PPP 81
Study Guide 82
Serial Point-to-Point Links 82
Concept Questions 82
PPP Authentication 83
Concept Questions 83
Configuring PPP 84
Concept Questions 84
Chapter Review Questions 84
xi
Lab Exercises 88
Curriculum Lab 3-1: Troubleshooting a Serial Interface (3.1.7) 88
Task 1: Configure the Routers 88
Task 2: Configure the Paris Interface 89
Task 3: Configure the London Interface 89
Task 4: Save the Configuration 89
Task 5: Enter the Command show interface serial 0 (See Appendix C) on London 89
Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris 90
Task 7: Correct the Clock Location 91
Task 8: Enter the Command show interface serial 0 on Paris 91
Task 9: Verify That the Serial Connection Is Functioning by Pinging the SerialInterface of the Other Router 92
Curriculum Lab 3-2: Configuring PPP Encapsulation (3.3.2) 94
Task 1: Configure the Routers 94
Task 2: Configure the Dublin Interface 95
Task 3: Configure the Washington Interface 95
Task 4: Save the Configuration 95
Task 5: Enter the Command show interface serial 0 (See Appendix C) onWashington 95
Task 6: Enter the Command show interface serial 0 (See Appendix C) on Dublin 96
Task 7: Change the Encapsulation Type 97
Task 8: Enter the Command show interface serial 0 on Washington 97
Task 9: Enter the Command show interface serial 0 on Dublin 97
Task 10: Verify That the Serial Connection Is Functioning by Pinging the SerialInterface of the Other Router 98
Curriculum Lab 3-3: Configuring PPP Authentication (3.3.3) 100
Task 1: Configure the Routers 101
Task 2: Configure the Tokyo Interface 101
Task 3: Configure the Madrid Interface 101
Task 4: Save the Configuration 101
Task 5: Enter the Command show interface serial 0 on Madrid 101
Task 6: Enter the Command show interface serial 0 on Tokyo 102
Task 7: Verify That the Serial Connection Is Functioning by Pinging the SerialInterface of the Other Router 103
Task 8: Configure PPP Authentication 103
Task 9: Verify That the Serial Connection Is Functioning 103
Task 10: Configure PPP Authentication 103
Task 11: Verify That the Serial Connection Is Functioning 103
Curriculum Lab 3-4: Verifying PPP Configuration (3.3.4) 105
Task 1: Configure the Routers 106
Task 2: Configure the Warsaw 106
Task 3: Configure the Brasilia Interface 106
Task 4: Save the Configuration 106
xii WAN Technologies CCNA 4 Labs and Study Guide
Task 5: Enter the Command show interface serial 0 (See Appendix C) on Brasilia 106
Task 6: Enter the Command show interface serial 0 (See Appendix C) on Warsaw 107
Task 7: Turn on PPP Debugging 107
Task 8: Change the Encapsulation Type 107
Task 9: Enter the Command show interface serial 0 on Brasilia 107
Task 10: Enter the Command show interface serial 0 on Warsaw 108
Task 11: Verify That the Serial Connection Is Functioning 109
Curriculum Lab 3-5: Troubleshooting PPP Configuration (3.3.5) 110
Task 1: Configure the Routers 111
Task 2: Configure the Paris Interface 111
Task 3: Configure the London Interface 111
Task 4: Save the Configuration 111
Task 5: Enter the Command show interface serial 0 (See Appendix C) on London 112
Task 6: Enter the Command show interface serial 0 (See Appendix C) on Paris 112
Task 7: Correct the Clock Location 113
Task 8: Enter the Command show cdp neighbors on London 114
Task 9: Enter the Command debug ppp negotiation on London 114
Task 10: Enter the command debug ppp negotiation on Paris 115
Task 11: Correct the Encapsulation Type 115
Task 12: Enter the command show interface serial 0 on Paris 116
Task 13: Verify That the Serial Connection Is Functioning by Pinging the SerialInterface of the Other Router 116
Challenge Lab 3-6: Configuring PPP with NAT, DHCP, and VLANs118
Task 1 118
Task 2 119
Task 3 121
Task 4 121
Task 5 122
Task 6 122
Task 7 122
Chapter 4 ISDN and DDR 129
Study Guide 130
ISDN Concepts 130
Concept Questions 130
ISDN Configuration 131
Concept Questions 131
DDR Configuration 131
Concept Questions 132
Chapter Review Questions 132
xiii
Lab Exercises 136
Curriculum Lab 4-1: Configuring ISDN BRI (U-Interface) (4.2.1) 136
Task 1: Configure the Router 136
Task 2: Verify the ISDN BRI Switch Type 137
Task 3: Specify the Switch Type 137
Task 4: Verify the Switch Status 138
Task 5: Activate the BRI Connection 138
Task 6: Review the Switch Status 138
Task 7: Configure the ISDN SPIDs 139
Task 8: Review the Switch Status 139
Task 9: Reset the Interface 139
Task 10: Save the Configuration and Reboot 140
Curriculum Lab 4-2: Configuring Legacy DDR (4.3.2) 141
Task 1: Configure the Router 142
Task 2: Define the Switch Type and SPID Numbers 142
Task 3: Define the Static Routes for DDR 143
Task 4: Specify Interesting Traffic for DDR 143
Task 5: Configure the DDR Dialer Information for Router 1 143
Task 6: Configure the DDR Dialer Information for Router 2 144
Task 7: View the Tokyo Router Configuration 144
Task 8: Verify the DDR Configuration 144
Curriculum Lab 4-3: Configuring Dialer Profiles (4.3.7) 145
Task 1: Configure the Router 146
Task 2: Define the Switch Type and SPID Numbers 146
Task 3: Define the Static Routes for DDR 147
Task 4: Specify Interesting Traffic for DDR 147
Task 5: Configure the DDR Dialer Information 147
Task 6: Configure the Dialer Information 148
Task 7: Associate the Dialer Profiles 149
Task 8: Configure the Dialer Timeouts 149
Task 9: View the Tokyo Router Configuration 150
Task 10: Verify the DDR Configuration 152
Challenge Lab 4-4: Configuring Dialer Maps and Dialer Profiles 157
Task 1: Physical 158
Task 2: Logical Mo 158
Task 3: Logical Larry 158
Task 4: Logical Curley 158
Task 5: Switches 159
Task 6: Verification 159
Chapter 5 Frame Relay 169
Study Guide 170
Frame Relay Concepts 170
Concept Questions 170
xiv WAN Technologies CCNA 4 Labs and Study Guide
Configuring Frame Relay 170
Concept Questions 171
Chapter Review Questions 172
Lab Exercises 176
Curriculum Lab 5-1: Configuring Frame Relay (5.2.1) 176
Task 1: Configure the Routers 176
Task 2: Configure the Serial Interface 177
Task 3: Verify the Frame Relay Configuration 177
Task 4: Review Switch Assignments 178
Task 5: Check the Frame Relay Map 179
Curriculum Lab 5-2: Configuring Frame Relay PVC (5.2.2) 180
Task 1: Configure the Routers 180
Task 2: Configure the Washington Serial Interface 181
Task 3: Configure the Frame Relay Map on Washington 181
Task 4: Configure the DCE on Washington 181
Task 5: Configure the Dublin Router 181
Task 6: Verify the Frame Relay PVC 182
Task 7: Display the Frame Relay Map 182
Task 8: Verify Frame Relay Connectivity 182
Curriculum Lab 5-3: Configuring Frame Relay Subinterfaces (5.2.5) 184
Task 1: Configure the Routers 185
Task 2: Configure the Serial 0 Interfaces 185
Task 3: Create Subinterfaces on the Amsterdam Router 186
Task 4: Create Subinterfaces on the Paris Router 186
Task 5: Create Subinterfaces on the Berlin Router 186
Task 6: Configure IGRP Routing 187
Task 7: Verify the Frame Relay PVC 187
Task 8: Show the Frame Relay Maps 188
Task 9: Show the LMIs 189
Task 10: Check the Routing Protocol 189
Task 11: Verify Connectivity 190
Challenge Lab 5-4: Four-Interface Frame Relay Switch 193
Task 1 194
Task 2 194
Task 3 194
Task 4 194
Task 5 194
Task 6 194
Task 7 195
Challenge Lab 5-5: Frame Relay Switch Challenge Lab 1 196
Task 1 198
Task 2 198
Task 3 198
Task 4 199
xv
Task 5 199
Task 6 199
Task 7 200
Task 8 200
Task 9 200
Challenge Lab 5-6: Frame-Relay Challenge Lab 2 219
Task 1 220
Task 2 220
Task 3 220
Task 4 220
Task 5 221
Task 6 221
Task 7 221
Task 8 221
Task 9 221
Chapter 6 Introduction to Network Administration 237
Study Guide 238
Workstations and Servers 238
Concept Questions 238
Network Management 238
Concept Questions 239
Chapter Review Questions 239
Lab Exercises 243
Appendix A Troubleshooting Questions and Lab Exercise 245
Appendix B Adtran Configuration Lab 281
Appendix C Router Interface Summary Chart 291
Appendix D Erasing and Reloading the Switch 293
Appendix E Erasing and Reloading the Router 295
xvi WAN Technologies CCNA 4 Labs and Study Guide
Icons Used in This Book
Command Syntax ConventionsThe conventions used to present command syntax in this book are the same conventions used in the IOSCommand Reference. The Command Reference describes these conventions as follows:
■ Bold indicates commands and keywords that are entered literally as shown. In actual configurationexamples and output (not general command syntax), bold indicates commands that are manually inputby the user (such as a show command).
■ Italic indicates arguments for which you supply actual values.
■ Vertical bars (|) separate alternative, mutually exclusive elements.
■ Square brackets ([ ]) indicate an optional element.
■ Braces ({ }) indicate a required choice.
■ Braces within brackets ([{ }]) indicate a required choice within an optional element.
xvii
PC PC withSoftware
SunWorkstation
Macintosh
Terminal File Server
WebServer
CiscoworksWorkstation
Printer Laptop IBMMainframe
Front EndProcessor
ClusterController
Modem
DSU/CSU
Router Bridge Hub DSU/CSU CatalystSwitch
MultilayerSwitch
ATMSwitch
ISDN/Frame RelaySwitch
CommunicationServer
Gateway
AccessServer
Network Cloud
TokenRing
Token Ring
Line: Ethernet
FDDI
FDDI
Line: Serial Line: Switched Serial
IntroductionWAN Technologies CCNA 4 Labs and Study Guide is a supplement to your classroom and laboratory expe-rience with the Cisco Networking Academy Program. Specifically, this book covers the fourth course ofthe CCNA curriculum. To succeed on the exam and achieve your CCNA certification, do everything inyour power to arm yourself with a variety of tools and training materials to support your learning efforts.This Labs and Study Guide is just such a collection of tools. Used to its fullest extent, it will help youacquire the knowledge and practice the skills associated with the content area of v3.1.1 of the CCNA 4WAN Technologies course. Specifically, this book helps you work on these main areas of CCNA 4:
■ Network Address Translation
■ Dynamic Host Configuration Protocol
■ ISDN dialer maps and profiles
■ Frame Relay
Goals and MethodsOne of the goals of this book is to help you prepare for either the CCNA exam (640-801) or the ICNDexam (640-811). Whether you are studying for the full exam or the second part of your CCNA, passingeither of these exams means not only that you have the required knowledge of the technologies covered bythe exam, but also that you can plan, design, implement, operate, and troubleshoot these technologies. Inother words, these exams are rigorously application-based. In fact, if you view the mainobjectives for the CCNA exam at http://www.cisco.com/go/certifications, you will see the following fourcategories of objectives:
■ Planning & Design
■ Implementation & Operation
■ Troubleshooting
■ Technology
Although technology is listed last, a CCNA student cannot possibly plan, design, implement, operate, andtroubleshoot networks without first fully grasping the technology. You should devote a significant amountof time and effort in the Study Guide section of each chapter to learning the concepts and theories beforeapplying them in the Lab Exercises.
The Study Guide section offers exercises that help you learn the concepts and configurations crucial toyour success as a CCNA exam candidate. Each chapter differs slightly and includes some or all of the fol-lowing types of exercises:
■ Vocabulary Matching and Completion
■ Concept Questions
■ Comprehensive Multiple-Choice Questions
■ Internet Research
xviii WAN Technologies CCNA 4 Labs and Study Guide
The Lab Exercises section includes all the online curriculum labs plus new comprehensive labs and chal-lenge labs. The curriculum labs typically walk you through the configuration tasks step by step. The com-prehensive labs combine many, if not all, of the configuration tasks of the curriculum labs without actuallyproviding you with the commands. The challenge labs take this a step further, often giving you only a gen-eral requirement that you must implement fully without the details of each small step. In other words, youmust use the knowledge and skills you gained in the curriculum labs from all four courses to successfullycomplete the comprehensive and challenge labs. In fact, you should not attempt the comprehensive orchallenge labs until you have worked through all the Study Guide activities and the curriculum labs. Avoidthe temptation to work through the comprehensive and challenge labs by flipping back through the cur-riculum labs when you are not sure of a command. Do not try to short-circuit your CCNA training. Youneed a deep understanding of CCNA knowledge and skills to ultimately succeed on the CCNA exam.
Who Should Read This Book?This book should be read by students completing the final course of the CCNA curriculum. The challengelabs are designed to test your knowledge of and ability to configure and troubleshoot routing protocols,switching concepts, and WAN protocols. Based on the author’s experience in the classroom, extensivepractical knowledge is necessary to pass the CCNA certification.
Strategies for Exam PreparationA successful CCNA certification candidate is knowledgeable about network design, implementation, andtroubleshooting. Knowledge of theoretical terms and hands-on experience are both vital to successfullypass the certification.
How This Book Is OrganizedWork through the Study Guide and Lab Exercises in the sequence they are presented. The sequence isdesigned to take you from a basic understanding of the knowledge through the full application and imple-mentation of skills. Specifically, Chapters 1 through 6 and Appendix A include exerises and labs coveringthe following knowledge and skills:
Chapter 1, “Scaling IP Addresses,” describes how to conserve IP addresses and how to communi-cate across the Internet and wide-area networks (WANs) that span the globe. The chapter goes overNetwork Address Translation (NAT) and Port Address Translation (PAT), two translation protocols forIP addresses, and Dynamic Host Configuration Protocol (DHCP), a method of auto-assigning IPaddresses. The labs in this chapter explain how IP addresses are translated with NAT and PAT and theprocess of DHCP. They also cover the commands to configure both. A challenge lab tests your com-prehension of the chapter.
Chapter 2, “WAN Technologies,” introduces much of the terminology and general concepts encoun-tered in a WAN. It lays the groundwork for an understanding of some of the more advanced conceptspresented in later chapters. This chapter contains no labs, just exercises to reinforce your understand-ing of the terminology and concepts.
Chapter 3, “PPP,” goes over the communication of individual links within the WAN that use certaintypes of encapsulation protocols. This chapter describes the High-Level Data Link Control (HDLC)protocol and the Point-to-Point Protocol (PPP). The challenge lab in this chapter tests your ability toconfigure PPP and any previous concepts you have learned thus far in this book.
xix
Chapter 4, “ISDN and DDR,” covers ISDN, a cost-effective, need-basis WAN technology that maysubstitute for a T1 connection or as just a step above a phone line. Dial-on-Demand Routing (DDR) isa method described in this chapter that makes ISDN cost-effective based on call setup and termination.The labs in this chapter test your knowledge of configuring dialer maps and dialer profiles.
Chapter 5, “Frame Relay,” explains how Frame Relay, a packet-switched technology, connectslocal-area networks (LANs) across a cloud by using virtual circuits. The labs in this chapter give youa chance to configure basic Frame Relay, and two challenge labs test all the skills you have learned upto this point.
Chapter 6, “Introduction to Network Administration,” describes basic network administration con-cepts. It also explains how to manage a network using different tools such as Simple NetworkManagement Protocol (SNMP). Upon completion of the exercises in this chapter, students should bet-ter understand the different devices found on a LAN and the tools used to manage, test, and trou-bleshoot simple networks.
Appendix A, “WAN Troubleshooting, Questions and Lab Exercise,” contains a practice challengelab that tests your knowledge of all four courses of the CCNA curriculum. The lab exercise consists ofa scenario that requires knowledge of troubleshooting methodologies.
Appendix B, “Adtran Configuration Lab,” contains a step-by-step guide to configuring the AdtranAtlas 550.
Appendixes C, D, and E come into play within the curriculum labs. Where applicable, the curriculumlab tells you when to refer to these appendixes.
xx WAN Technologies CCNA 4 Labs and Study Guide
CHAPTER 1
Scaling IP Addresses
The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice,and open-ended question exercises to test your knowledge of the theory of Network Address Translation(NAT), Port Address Translation (PAT), and Dynamic Host Configuration Protocol (DHCP).
The Lab Exercises portion of this chapter includes all the online curriculum labs and comprehensive labsand a challenge lab to ensure that you have mastered the practical, hands-on skills needed to configureNAT, Static NAT, PAT, and DHCP.
Study Guide
Scaling Networks with NAT and PATWhen connecting to the Internet, you must use a registered public IP address. When users connect to theInternet through a cable provider (such as Time Warner or Cablevision), the IP address assigned is regis-tered and gives the user access to the Internet through the carrier’s network. This arrangement actuallymakes the user’s computer part of the cable provider’s network. When you have more than one computerat home and each needs access to the Internet simultaneously, a router such as a Linksys usually does thetrick. This device uses the single IP address assigned to you by your carrier and performs Port AddressTranslation (PAT), which allows multiple devices to access the Internet using a single unique address.
When it comes to a company, things are a little more complicated. Most companies require an entire net-work address for all their devices to access the Internet. Companies acquire these addresses from theAmerican Registry of Internet Numbers (ARIN) or any Internet service provider (ISP) in their area. As thenetwork grows, however, it might find that it no longer has enough addresses for all the devices. Instead ofpurchasing another network address (if even possible), another solution is to use Network AddressTranslation (NAT). Network administrators use private addresses put aside by RFC 1918 on the inside oftheir network. The router translates the device’s inside private address into a registered global address eachtime the company needs to access the outside world. The use of NAT along with private addresses pro-vides security by hiding a device’s internal address from the outside world, thus making it difficult for“outsiders” to know exactly who is behind the device. Because not all devices inside a network needaccess to the Internet, NAT pools are created to determine who has access and who does not. Thus, NATenables network administrators to allow multiple users to access the outside world dynamically; it alsoenables them to statically map an outside address to an internal device.
Concept Questions1. Discuss the advantages of NAT.
NAT allows unregistered IP addresses inside a network to access the Internet or the outside world.This process helps conserve registered numbers by using private addresses. Another advantage is thatit is difficult for someone on the outside to determine which internal host is responsible for what traf-fic. Without careful monitoring, this could become a disadvantage, too.
2. RFC 1918 put aside three addresses and classified them as “private.” Explain the difference between apublic and private address.
Private addresses are used inside a network and are not routable on the public domain or Internet.These addresses can be used by anyone, but they cannot be used to access the Internet. Public address-es are legitimate, registered numbers that only one organization can use at a given time. They areobtained through an ISP or from ARIN.
3. When is it necessary to assign a static NAT address to a device inside your network? Give an exampleof a device, and explain the reason for doing so.
A device such as a web server might need to be accessed from the outside world at a specific location(IP address). NAT allows the server to be assigned a private address but still be reachable from theInternet. The router translates the outside global address to an inside local address where the serverresides.
2 WAN Technologies CCNA 4 Labs and Study Guide
Chapter 1: Scaling IP Addresses 3
4. How many networks in total did RFC 1918 put aside?
273 total addresses
1 Class A: 10.0.0.0–10.255.255.255
16 Class B: 172.16.0.0–172.31.255.255
256 Class C: 192.168.0.0–192.168.255.255
5. Under what circumstances would you use NAT? PAT?
You should use NAT when you are using private addresses inside your network but not all the devicesneed to access the Internet. NAT enables you to have more devices on your network than registeredaddresses permit. Use PAT when most, if not all, of the devices need access to the outside world andyou do not have not enough registered addresses to go around. PAT enables you to support scores ofdevices while having fewer registered addresses at your disposal.
Research AssignmentThis chapter discussed the difference between private and public addresses and their use within a network.Go to http://www.arin.net and research the following:
1. The American Registry for Internet Numbers (ARIN) allocates Internet number resources for theUnited States, Canada, and islands in the Caribbean and North Atlantic. What organization providesthese same services in the following?
On the home page, on the right side, click the Network Abuse link.
a. Africa AfriNIC
b. Asia APNIC
c. Latin America LACNIC
d. Europe, the Middle East, and Central Asia RIPE NCC
2. How do you obtain a registered network number through ARIN?
On the home page, click the Education link. Under Process Flowcharts, click Request for IPv4Assignment from ARIN (End-user).
You must fill out and submit an End-user Request Template.
3. List at least five items found on the IPv4 Network Request template provided by ARIN.
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
________________________________________________________________________________
On the home page, click Registration Services, IPv4 Resources on the left. Under the IPv4 Templatessection, click IPv4 Network Request.
ARIN Network Request Template
Template: ARIN-NET-ISP-3.2.3
**********************************************************************
** As of June 2005 **
** **
** Enter all information to the right of the colon (:). **
** **
** DO NOT modify the format of this template in any way. **
** **
*********************** JUSTIFICATION SECTION ************************
**—————————— CONNECTIVITY SUBSECTION ——————————-**
1. ** List any peering or exchange points to which your network
** directly connects.
Peering Points:
2. ** List ISPs providing your connectivity.
Internet Connectivity:
**——————————- UTILIZATION SUBSECTION ——————————-**
** If necessary, repeat lines 3 through 8. **
**—————————————————————————————————**
3. ** List all IP addresses issued to your organization.
Existing IP Networks:
4. ** Enter the amount of address space issued to customers.
Assigned:
5. ** Provide internal utilization information.
Internal:
6. ** Enter the amount of unassigned or available address space.
Unassigned:
7. ** If using RWhois, provide the hostname and port number of the RWhois server.
Reassignment Option (SWIP/RWhois):
8. ** List the number of IP addresses that utilize each type of service listed below.
Type of Service:
Dial-up:
Cable:
Web Hosting:
4 WAN Technologies CCNA 4 Labs and Study Guide
Leased Line:
xDSL:
Co-location:
Wireless:
Other (please specify):
##—————— 3, 6 AND 12-MONTH PROJECTION SUBSECTION ——————-**
9. ** List the number of IP addresses in /24s that will be needed for
** each type of service for the next 3 months, 6 months, and 12
** months.
Host Projections:
3-Month 6-Month 12-Month
———- ———- ————
Dial-up:
Cable:
Web Hosting:
Leased Line:
xDSL:
Co-location:
Wireless:
Other (please specify):
10. ** Provide any additional information you would like ARIN to
** consider for this ISP network registration request.
Additional Information:
************************ REGISTRATION SECTION ************************
11. ** REQUIRED. Allocations are made based upon the 3-month
** projection. However, subscribers who have been members of ARIN
** for over 1 year may request a 6 month supply of addresses.
** Enter the prefix length of the network requested, e.g. /19,
** /20.
Prefix Length Requested:
12. ** REQUIRED. Enter the Org ID currently registered in ARIN’s WHOIS
** database.
Chapter 1: Scaling IP Addresses 5
Org ID:
13. ** REQUIRED. Provide the organization name currently registered to
** your Org ID.
Org Name:
14. ** REQUIRED. Choose a name for the network, using no more than 50
** characters. It may contain letters, numbers and/or dashes (-).
Network Name:
15. ** If the network has in-addr.arpa servers, list the hostnames of
** at least two name servers. Do not provide IP addresses.
** Duplicate field name to specify additional servers.
IN-ADDR Name Server:
IN-ADDR Name Server:
********************* CONTACT SECTION (Optional) *********************
** The person or role in this section serves as a **
** supplemental contact to the organization POC(s). To **
** specify multiple contacts, duplicate lines 16 and 17. **
**********************************************************************
16. ** Specify T for Technical, AB for Abuse or N for Network
** Operations Center.
POC Type:
17. ** Provide a POC handle currently registered in ARIN’s WHOIS
** database.
POC Handle:
***************** PUBLIC COMMENTS SECTION (Optional) *****************
18. ** Comments listed here will appear in ARIN’s WHOIS database.
Public Comments:
END OF TEMPLATE
6 WAN Technologies CCNA 4 Labs and Study Guide
4. What costs are associated with obtaining a 24-bit address from ARIN?
A 24-bit address from ARIN requires a one-time registration fee of $2500 and an annual maintenancefee of $100.
5. On the home page, click the “Who is” link. Enter a legitimate address in the Search box. This couldbe any address other than those put aside by RFC 1918. List five pieces of information you canretrieve about the owner of that address space.
Organization name, ID, company address, range of addresses, contact-person information.
6. Enter Cisco in the “Who is” Search box. Describe some of the information that appears.
Different companies within Cisco have their own range of addresses. An example of this is the CiscoLearning Institute. Not all the links belong to Cisco Systems, but rather to different organizations thatbegin with the name Cisco.
Matching TermsMatch the definition on the left with the correct term on the right. Use each definition only one time.
Chapter 1: Scaling IP Addresses 7
Definitions
a. Uses a single IP address to support numerous inside local addresses
b. An IP address that is routable on the Internet
c. Addresses never to be assigned to an organization as a registered network number
d. An IP address assigned to a host in a private network
e. Identifies an interface that is on the private side of a network
f. Allows unregistered addresses to accessthe Internet using legitimate or public addresses
g. The IP address of a host on the outside ofthe network as it is known to the hosts on the inside network
h. A legitimate registered address that rep-resents an inside local address to the outside world
i. Identifies an interface that is on the public side of the network
j. A one-to-one mapping of a public and private address
Terms
__d__ inside local address
__f__ NAT
__i__ ip nat outside command
__g__ outside local address
__j__ static NAT
__h__ inside global address
__a__ Port Address Translation
__b__ outside global address
__e__ ip nat inside command
__c__ RFC 1918
DHCPDynamic Host Configuration Protocol (DHCP) allows a device to dynamically receive network informa-tion upon boot. The basic information configured on a server includes network address, subnet mask, anddefault gateway. Domain Name System (DNS), NetBIOS, and Windows Internet Naming Service (WINS)server information are optional configurations if they exist on a network. As networks grow, DHCPdeploys a plug-and-play design that allows new hosts to plug into the network without manual interven-tion. Designed by the Internet Engineering Task Force (IETF), it has become a standard component in net-work design and implementation.
Concept Questions1. Explain the purpose of the DHCP excluded-address command.
The excluded range of addresses is not assigned by the DHCP server. These addresses are usuallyassigned manually to servers, routers, and switches on the network. They can also act as a reservedepository for additional devices that require static addresses to be added to the network later.
2. Explain the advantages of DHCP over static allocation when a device such as a computer moves fromone part of a network to another when multiple subnets exist.
The DHCP server automatically assigns the device all the necessary information upon boot. WithoutDHCP, the network technician must manually configure the device with the correct IP address, subnetmask, default gateway, and other information before it can connect to the network.
3. Explain the difference between BOOTP and DHCP.
BOOTP requires manual configuration of host information on a server, whereas DHCP allows fordynamic allocation of network addresses and additional configurations to newly attached devices to anetwork. DHCP allows for recovery and reallocation of network addresses through a leasing mecha-nism.
4. You are the network administrator of a company that uses DHCP on its network. Does DHCP providea mechanism to prevent unauthorized users from plugging in and connecting to the network?
Unfortunately, DHCP does not prevent unauthorized access. It cannot control the IP address used by adevice on the network. A mechanism other than DHCP must be used.
8 WAN Technologies CCNA 4 Labs and Study Guide
Matching TermsMatch the definition on the left with the correct term on the right. Use each definition only one time.
Chapter 1: Scaling IP Addresses 9
Definitions
a. A proposed configuration, from a DHCP server, that may include IP addresses, DNS server addresses, and lease time
b. A predecessor of DHCP (not dynamic)
c. A broadcast sent by a client to locate a DHCP server
d. Creates a pool with the specified name and puts the router in a specialized DHCP configuration mode
e. Configures the router to prohibit an individual address or range of addressesfrom being used when assigning addresses to clients
f. Verifies the operation of DHCP
g. A security server
h. Used to relay broadcast requests when the DHCP server resides on a different network than the host
i. A protocol used for assigning IP addresses to devices on a network (client/server mode)
j. DHCP assigning permanent IP addresses to the clients
Terms
__i__ DHCP
__j__ automatic allocation
__f__ show ip dhcp binding
__g__ TACACS server
__b__ BOOTP
__e__ ip dhcp excluded-addresses
__a__ DHCPOFFER
__c__ DHCPDISCOVER
__d__ ip dhcp pool word
__h__ ip helper address
Lab Exercises
Curriculum Lab 1-1: Configuring NAT (1.1.4a)Figure 1-1 Topology for Lab 1-1
Table 1-1 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Address/ Loopback 0 Designation Name Address/Subnet Type Subnet Mask Address/Subnet
Mask Mask
Router 1 Gateway 10.10.10.1/24 DCE 200.2.2.18/30 —
Router 2 ISP — DTE 200.2.2.17/30 172.16.1.1/32
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Objective
■ Configure a router to use NAT to convert internal IP addresses, which are typically private addresses,into outside public addresses.
Background/Preparation
The ISP has allocated the public classless interdomain routing (CIDR) IP address 199.99.9.32/27 to a com-pany. This is equivalent to 30 public IP addresses. Because the company has an internal requirement formore than 30 addresses, the IT manager has decided to implement NAT. The company has decided toreserve the addresses 199.99.9.33 through 199.99.9.39 for static allocation and 199.99.9.40 through199.99.9.62 for dynamic allocation. Routing between the ISP and the company’s gateway router will bedone using a static route from the ISP to the gateway and a default route from the gateway to the ISP. TheISP’s connection to the Internet will be represented by a loopback address on the ISP router.
Cable a network that is similar to the one in Figure 1-1. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See the
10 WAN Technologies CCNA 4 Labs and Study Guide
information in Appendix C, “Router Interface Summary Chart,” to correctly specify the required interfaceidentifiers based on the equipment in your lab. The configuration output in this lab results from 1721series routers. Another router might produce slightly different output. Execute the following tasks on eachrouter unless you are specifically instructed otherwise.
Start a HyperTerminal session.
See and implement the procedure documented in Appendix D, “Erasing and Reloading the Switch,” beforeyou continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart.
Task 2: Save the ConfigurationAt the privileged EXEC mode prompt, on both routers, enter the command copy running-config startup-config.
Task 3: Configure the Hosts with the Proper IP Address, SubnetMask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Rememberto assign a specific IP address and default gateway to the workstation. If you are running Windows 98,check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in aDOS window.
Task 4: Verify That the Network Is FunctioningStep 1. From the attached hosts, ping the Fast Ethernet interface of the default gateway router.
Did the ping from the first host succeed? Yes
Did the ping from the second host succeed? Yes
Step 2. If the answer is no for either question, troubleshoot the router and host configurations to findthe error. Then, ping again until they succeed.
Task 5: Create a Static RouteCreate a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated forInternet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
Is the static route in the routing table? Yes
What command checks the routing table contents?
The show ip route command checks the routing table contents.
If the route was not in the routing table, give one reason why this might be so.
The interface is down.
ISP#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
Chapter 1: Scaling IP Addresses 11
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
199.99.9.0/27 is subnetted, 1 subnets
S 199.99.9.32 [1/0] via 200.2.2.18
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
172.16.0.0/32 is subnetted, 1 subnets
C 172.16.1.1 is directly connected, Loopback0
Task 6: Create a Default RouteStep 1. Add a default route, using the ip route command, from the gateway router to the ISP router.
This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Is the static route in the routing table? Yes
Step 2. Try to ping from one of the workstations to the ISP serial interface IP address.
Did the ping succeed? No
Why?
There is no return route to the 10.10.10.0 network.
Gateway#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 200.2.2.17 to network 0.0.0.0
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0
S* 0.0.0.0/0 [1/0] via 200.2.2.17
12 WAN Technologies CCNA 4 Labs and Study Guide
Task 7: Define the Pool of Usable Public IP AddressesTo define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224
Task 8: Define an Access List That Matches the Inside Private IPAddresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Task 9: Define the NAT Translation from Inside the List to Outsidethe Pool
To define the NAT, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access
Task 10: Specify the InterfacesYou must specify whether the active interfaces on the router are inside or outside interfaces with respect toNAT. To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip nat inside
Gateway(config-if)#interface serial 0
Gateway(config-if)#ip nat outside
Gateway#show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 199.99.9.40 10.10.10.10 --- ---
Task 11: Test the ConfigurationConfigure a workstation on the internal LAN with the IP address 10.10.10.10/24 and a default gateway10.10.10.1. From the PC, ping 172.16.1.1. If successful, look at the NAT translation on the gateway routerby using the command show ip nat translations.
What is the translation of the inside local host address?
10.10.10.10 = 199.99.9.40
How is the inside global address assigned?
The router from the NAT pool
How is the inside local address assigned?
The workstation administrator
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then remove andstore the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers.
ISP
Router#configure terminal
Router(config)#hostname ISP
Chapter 1: Scaling IP Addresses 13
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip add 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip add 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#clockrate 64000
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
ISP(config)#end
ISP#copy running-config startup-config
Destination filename [startup-config]?[Enter]
Gateway
Router#configure terminal
Router(config)#hostname Gateway
Gateway(config)#enable password cisco
Gateway(config)#enable secret class
Gateway(config)#line console 0
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#line vty 0 4
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip add 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Gateway(config-if)#exit
Gateway(config)#interface serial 0
Gateway(config-if)#ip add 200.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
14 WAN Technologies CCNA 4 Labs and Study Guide
Curriculum Lab 1-2: Configuring PAT (1.1.4b)Figure 1-2 Topology for Lab 1-2
Table 1-2 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Loopback 0Designation Name Address/Subnet Type Address/Subnet Address/Subnet
Mask Mask Mask
Router 1 Gateway 10.10.10.1/24 DCE 200.2.2.18/30 —
Router 2 ISP — DTE 200.2.2.17/30 172.16.1.1/32
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Objective
■ Configure a router to use PAT to convert internal IP addresses, which are typically private addresses,into outside public addresses.
Background/Preparation
Aidan McDonald has just received a Digital Subscriber Line (DSL) Internet connection in his home to alocal ISP. The ISP has allocated only one IP address for use on the serial port of his remote-access device.Routing between the ISP and the home router will be achieved by using a static route between the ISP andgateway routers and a default route between the gateway and ISP routers. The ISP connection to theInternet is represented by a loopback address on the ISP router.
Cable a network that is similar to the one in Figure 1-2. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment inyour lab. The configuration output in this lab results from 1721 series routers. Another router might pro-duce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Chapter 1: Scaling IP Addresses 15
Start a HyperTerminal session.
See and implement the procedure documented in Appendix E, “Erasing and Reloading the Router,” beforeyou continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart. If you have trouble doing this, see Lab 1-1, “Configuring NAT.”
Task 2: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 3: Configure the Hosts with the Proper IP Address, SubnetMask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Rememberto assign a specific IP address and default gateway to the workstation. If you are running Windows 98,check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in aDOS window.
Task 4: Verify That the Network Is FunctioningStep 1. From the attached hosts, ping the Fast Ethernet interface of the default gateway router.
Did the ping from the first host succeed? Yes
Did the ping from the second host succeed? Yes
Step 2. If the answer is no for either question, troubleshoot the router and host configurations to findthe error. Then, ping again until they succeed.
Task 5: Create a Default RouteStep 1. Add a default route from the gateway to the ISP router. This forwards any unknown destination
address traffic to the ISP. Use the ip route command to create the default route:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Is the route in the routing table? Yes
Step 2. Try to ping from one of the workstations to the ISP serial interface IP address.
Did the ping succeed? No
Why?
There is no return route to the 10.10.10.0 network.
What command checks the routing table contents?
show ip route
#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
16 WAN Technologies CCNA 4 Labs and Study Guide
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 200.2.2.17 to network 0.0.0.0
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, FastEthernet0
S* 0.0.0.0/0 [1/0] via 200.2.2.17
Task 6: Define an Access List That Matches the Inside Private IPAddresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Task 7: Define the PAT Translation from Inside the List to Outsidethe Address
To define the PAT translation, use the ip nat inside source command. This command with the overloadoption creates PAT by using the serial 0 IP address as the base:
Gateway(config)#ip nat inside source list 1 interface serial 0 overload
Task 8: Specify the InterfacesYou must specify whether the active interfaces on the router are inside or outside interfaces with respect toPAT (NAT). To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip nat inside
Gateway(config-if)#interface serial 0
Gateway(config-if)#ip nat outside
Task 9: Test the ConfigurationConfigure a PC on the internal LAN with the IP address 10.10.10.10/24 and a default gateway 10.10.10.1.From the PCs, ping the Internet address 172.16.1.1. If successful, telnet to the same IP address. Then, lookat the PAT translation on the gateway router by using the command show ip nat translations:
Gateway#show ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 200.2.2.18:1086 10.10.10.10:1086 172.16.1.1:23 172.16.1.1:23
icmp 200.2.2.18:768 10.10.10.10:768 172.16.1.1:768 172.16.1.1:768
What is the translation of the inside local host addresses?
Answers will vary.
Chapter 1: Scaling IP Addresses 17
10.10.10.10:1086 = 200.2.2.18: 1086
10.10.10.10:768 = 200.2.2.18: 768
What does the number after the colon represent?
The port that NAT used
Why do all the commands for PAT say NAT?
PAT is an extension of NAT.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers.
ISP
Router#configure terminal
Router(config)#hostname ISP
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip address 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip address 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#clockrate 64000
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
ISP(config)#end
ISP#copy running-config startup-config
Gateway
Router#configure terminal
Router(config)#hostname Gateway
Gateway(config)#enable password cisco
Gateway(config)#enable secret class
Gateway(config)#line console 0
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#line vty 0 4
18 WAN Technologies CCNA 4 Labs and Study Guide
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip address 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Gateway(config-if)#exit
Gateway(config)#interface serial 0
Gateway(config-if)#ip address 200.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Curriculum Lab 1-3: Configuring Static NAT Addresses(1.1.4c)Figure 1-3 Topology for Lab 1-3
Table 1-3 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Loopback 0 Designation Name Address/Subnet Type Address/Subnet Address/Subnet
Mask Mask Mask
Router 1 Gateway 10.10.10.1/24 DCE 200.2.2.18/30 —
Router 2 ISP — DTE 200.2.2.17/30 172.16.1.1/32
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Chapter 1: Scaling IP Addresses 19
Objectives
■ Configure a router to use NAT to convert internal IP addresses, which are typically private addresses,into outside public addresses.
■ Configure static IP mapping to allow outside access to an internal PC.
Background/Preparation
The ISP has allocated the public CIDR IP address 199.99.9.32/27 to a company. This is equivalent to 30public IP addresses. Because the company has an internal requirement for more than 30 addresses, the ITmanager has decided to use NAT. The company has decided to reserve the addresses 199.99.9.33 through199.99.9.39 for static allocation and 199.99.9.40 through 199.99.9.62 for dynamic allocation. Routingbetween the ISP and the gateway router will be done using a static route between the ISP and the gatewayand a default route between the gateway and the ISP. The ISP connection to the Internet is represented bya loopback address on the ISP router.
Cable a network that is similar to the one in Figure 1-3. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment inyour lab. The configuration output in this lab results from 1721 series routers. Another router might pro-duce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Start a HyperTerminal session.
See and implement the procedure documented in Appendix E before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart.
Task 2: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 3: Configure the Hosts with the Proper IP Address, SubnetMask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Rememberto assign a specific IP address and default gateway to the workstation. If you are running Windows 98,check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in aDOS window.
Task 4: Verify That the Network Is FunctioningStep 1. From the attached hosts, ping the Fast Ethernet interface of the default gateway router.
Did the ping from the first host succeed? Yes
Did the ping from the second host succeed? Yes
Step 2. If the answer is no for either question, troubleshoot the router and host configurations to findthe error. Then, ping again until they succeed.
20 WAN Technologies CCNA 4 Labs and Study Guide
Task 5: Create a Static RouteCreate a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated forInternet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
Is the static route in the routing table? Yes
What command checks the routing table contents? show ip route
If the route was not in the routing table, give one reason why this might be so. Interface down
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
199.99.9.0/27 is subnetted, 1 subnets
S 199.99.9.32 [1/0] via 200.2.2.18
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
172.16.0.0/32 is subnetted, 1 subnets
C 172.16.1.1 is directly connected, Loopback0
Task 6: Create a Default RouteStep 1. Add a default route, using the ip route command, from the gateway router to the ISP router.
This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Is the route in the routing table? Yes
Step 2. Try to ping from one of the workstations to the ISP serial interface IP address.
Did the ping succeed? No
Why?
There is no return route to the 10.10.10.0 network.
Task 7: Define the Pool of Usable Public IP AddressesTo define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224
Task 8: Define an Access List That Matches the Inside Private IPAddresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Chapter 1: Scaling IP Addresses 21
Task 9: Define the NAT Translation from Inside the List to Outsidethe Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access
Task 10: Specify the InterfacesYou must specify whether the active interfaces on the router are inside or outside interfaces with respect toNAT. To do this, use either the ip nat inside or ip nat outside command.
Task 11: Configure Static MappingStep 1. You should use workstation 1, 10.10.10.10/24, as the public WWW server. This server needs a
permanent public IP address. Define this mapping by using a static NAT mapping.
Step 2. Configure one of the PCs on the LAN with the IP address 10.10.10.10/24 and a default gate-way 10.10.10.1. To configure a static IP NAT mapping, use the ip nat inside source staticcommand at the privileged EXEC mode prompt:
Gateway(config)#ip nat inside source static 10.10.10.10 199.99.9.33
This permanently maps 199.99.9.33 to the inside address 10.10.10.10.
Step 3. Look at the translation table:
Gateway#show ip nat translations
Does the mapping show up in the output of the show command? Yes
Task 12: Test the ConfigurationStep 1. From the 10.10.10.10 workstation, ping 172.16.1.1.
Did the ping succeed? Yes
Why? NAT is properly set up.
Step 2. From the ISP router, ping the host with the static NAT translation by entering ping10.10.10.10.
ISP#ping 10.10.10.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
Success rate is 0 percent (0/5)
What were the results of the ping? Did it succeed? No
Why? There is no route to 10.10.10.10.
Step 3. From the ISP router, ping 199.99.9.33. If successful, look at the NAT translation on the gate-way router by using the command show ip nat translations.
ISP#ping 199.99.9.33
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 199.99.9.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
ISP#
22 WAN Technologies CCNA 4 Labs and Study Guide
Gateway#show ip nat translations
Pro Inside global Inside local Outside local Outside global
--- 199.99.9.33 10.10.10.10 --- ---
What is the translation of the inside local host address?
10.10.10.10 = 199.99.9.33
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and Gateway routers.
ISP
Router#configure terminal
Router(config)#hostname ISP
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip address 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip address 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#clockrate 64000
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
ISP(config)#end
ISP#copy running-config startup-config
Gateway
Router#configure terminal
Router(config)#hostname Gateway
Gateway(config)#enable password cisco
Gateway(config)#enable secret class
Gateway(config)#line console 0
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#line vty 0 4
Gateway(config-line)#password cisco
Gateway(config-line)#login
Chapter 1: Scaling IP Addresses 23
Gateway(config-line)#exit
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip address 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Gateway(config-if)#exit
Gateway(config)#interface serial 0
Gateway(config-if)#ip address 200.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Curriculum Lab 1-4: Verifying NAT and PAT Configuration(1.1.5)Figure 1-4 Topology for Lab 1-4
Table 1-4 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Loopback 0 Designation Name Address/Subnet Type Address/Subnet Address/Subnet
Mask Mask Mask
Router 1 Gateway 10.10.10.1/24 DCE 200.2.2.18/30 —
Router 2 ISP — DTE 200.2.2.17/30 172.16.1.1/32
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
Objectives
■ Configure a router for NAT and PAT.
■ Test the configuration and verify NAT/PAT statistics.
24 WAN Technologies CCNA 4 Labs and Study Guide
Background/Preparation
The ISP has allocated the public CIDR IP address 199.99.9.32/30 to a company. This is equivalent to fourpublic IP addresses. Because the company has an internal requirement for more than 30 addresses, the ITmanager has decided to use NAT with PAT. Routing between the ISP and the gateway router will be doneusing a static route between the ISP and the gateway and a default route between the gateway and the ISP.The ISP connection to the Internet is represented by a loopback address on the ISP router.
Cable a network that is similar to the one in Figure 1-4. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment inyour lab. The configuration output in this lab results from 1721 series routers. Another router might pro-duce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Start a HyperTerminal session.
See and implement the procedure documented in Appendix E before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart. If you have trouble doing this, see Lab 1-1, “Configuring NAT.”
Task 2: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 3: Configure the Hosts with the Proper IP Address, SubnetMask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Rememberto assign a specific IP address and default gateway to the workstation. If you are running Windows 98,check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in aDOS window.
Task 4: Verify That the Network Is FunctioningStep 1. From the attached hosts, ping the Fast Ethernet interface of the default gateway router.
Did the ping from the first host succeed? Yes
Did the ping from the second host succeed? Yes
Step 2. If the answer is no for either question, troubleshoot the router and host configurations to findthe error. Then, ping again until they succeed.
Task 5: Create a Static RouteCreate a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated forInternet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.252 200.2.2.18
Is the static route in the routing table? Yes
Chapter 1: Scaling IP Addresses 25
What command checks the routing table contents? show ip route
If the route was not in the routing table, give one reason why this might be so. The interface is down.
ISP#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
199.99.9.0/30 is subnetted, 1 subnets
S 199.99.9.32 [1/0] via 200.2.2.18
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
172.16.0.0/32 is subnetted, 1 subnets
C 172.16.1.1 is directly connected, Loopback0
Task 6: Create a Default RouteStep 1. Add a default route, using the ip route command, from the gateway router to the ISP router.
This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Is the route in the routing table? Yes
Step 2. Try to ping from one of the workstations to the ISP serial interface IP address.
Did the ping succeed? No
Why?
There is no return route to the 10.10.10.0 network.
Task 7: Define the Pool of Usable Public IP AddressesTo define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.32 199.99.9.35 netmask 255.255.255.252
Task 8: Define an Access List That Matches the Inside Private IPAddresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
26 WAN Technologies CCNA 4 Labs and Study Guide
Task 9: Define the NAT Translation from Inside the List to Outsidethe Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access overload
Task 10: Specify the InterfacesYou must specify whether the active interfaces on the router are inside or outside interfaces with respect toNAT. To do this, use the ip nat inside or ip nat outside command:
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip nat inside
Gateway(config-if)#interface serial 0
Gateway(config-if)#ip nat outside
Task 11: Test the ConfigurationFrom the workstations, ping 172.16.1.1. Open multiple DOS windows on each workstation and telnet tothe 172.16.1.1 address. Next, view the NAT translations on the gateway router with the command show ipnat trans.
Gateway#show ip nat trans
Pro Inside global Inside local Outside local Outside global
tcp 199.99.9.33:1091 10.10.10.10:1091 172.16.1.1:23 172.16.1.1:23
tcp 199.99.9.33:1092 10.10.10.10:1092 172.16.1.1:23 172.16.1.1:23
icmp 199.99.9.33:512 10.10.10.10:512 172.16.1.1:512 172.16.1.1:512
What is the translation of the inside local host addresses?
10.10.10.10:1091 = 199.99.9.33:1091
10.10.10.10:1092 = 199.99.9.33:1092
Task 12: Verify NAT/PAT StatisticsTo view the NAT and PAT statistics, enter the show ip nat statistics command at the privileged EXECmode prompt.
Gateway#show ip nat statistics
Total active translations: 2 (0 static, 2 dynamic; 2 extended)
Outside interfaces:
Serial0
Inside interfaces:
FastEthernet0
Hits: 14 Misses: 2
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 pool public_access refcount 2
pool public_access: netmask 255.255.255.252
start 199.99.9.32 end 199.99.9.35
type generic, total addresses 4, allocated 1 (25%), misses 0
Chapter 1: Scaling IP Addresses 27
How many active translations have taken place? 2
How many addresses are in the pool? 4
How many addresses have been allocated so far? 1
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers.
ISP
Router#configure terminal
Router(config)#hostname ISP
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip address 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip address 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#clockrate 64000
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
ISP(config)#end
ISP#copy running-config startup-config
Gateway
Router#configure terminal
Router(config)#hostname Gateway
Gateway(config)#enable password cisco
Gateway(config)#enable secret class
Gateway(config)#line console 0
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#line vty 0 4
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#interface fastethernet 0
28 WAN Technologies CCNA 4 Labs and Study Guide
Gateway(config-if)#ip address 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Gateway(config-if)#exit
Gateway(config)#interface serial 0
Gateway(config-if)#ip address 2.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Curriculum Lab 1-5: Troubleshooting NAT and PAT (1.1.6)Figure 1-5 Topology for Lab 1-5
Table 1-5 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Address/ Loopback 0 Designation Name Address/Subnet Type Subnet Mask Address/Subnet
Mask Mask
Router 1 Gateway 10.10.10.1/24 DCE 200.2.2.18/30 —
Router 2 ISP — DTE 200.2.2.17/30 172.16.1.1/32
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Objectives
■ Configure a router for NAT and PAT.
■ Troubleshoot NAT and PAT by using debug.
Background/Preparation
The ISP has allocated the public CIDR IP address 199.99.9.32/30 to a company. This is equivalent to fourpublic IP addresses. Because the company has an internal requirement for more than 30 addresses, the ITmanager has decided to use NAT and PAT. Routing between the ISP and the gateway router will be doneusing a static route between the ISP and the gateway and a default route between the gateway and the ISP.The ISP’s connection to the Internet is represented by a loopback address on the ISP router.
Chapter 1: Scaling IP Addresses 29
Cable a network that is similar to the one in Figure 1-5. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment inyour lab. The configuration output in this lab results from 1721 series routers. Another router might pro-duce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Start a HyperTerminal session.
See the erase and reload instructions in Appendix E. Perform those tasks on all routers in this lab assign-ment before you continue.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart. If you have trouble doing this, see Lab 1-1, “Configuring NAT.“
Task 2: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 3: Configure the Hosts with the Proper IP Address, SubnetMask, and Default Gateway
Each workstation should be able to ping the attached router. Troubleshoot as necessary. Hint: Rememberto assign a specific IP address and default gateway to the workstation. If you are running Windows 98,check using Start > Run > winipcfg. If you are running Windows 2000 or later, check using ipconfig in aDOS window.
Task 4: Verify That the Network Is FunctioningStep 1. From the attached hosts, ping the Fast Ethernet interface of the default gateway router.
Did the ping from the first host succeed? Yes
Did the ping from the second host succeed? Yes
Step 2. If the answer is no for either question, troubleshoot the router and host configurations to findthe error. Then, ping again until they succeed.
Task 5: Create a Static RouteCreate a static route from the ISP to the gateway router. Addresses 199.99.9.32/27 have been allocated forInternet access outside the company. Use the ip route command to create the static route:
ISP(config)#ip route 199.99.9.32 255.255.255.252 200.2.2.18
Is the static route in the routing table? Yes
What command checks the routing table contents? show ip route
If the route was not in the routing table, give one reason why this might be so. The interface is down.
ISP#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
30 WAN Technologies CCNA 4 Labs and Study Guide
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
199.99.9.0/27 is subnetted, 1 subnets
S 199.99.9.32 [1/0] via 200.2.2.18
200.2.2.0/30 is subnetted, 1 subnets
C 200.2.2.16 is directly connected, Serial0
172.16.0.0/32 is subnetted, 1 subnets
C 172.16.1.1 is directly connected, Loopback0
Task 6: Create a Default RouteStep 1. Add a default route, using the ip route command, from the gateway router to the ISP router.
This forwards any unknown destination address traffic to the ISP:
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Is the route in the routing table? Yes
Step 2. Try to ping from one of the workstations to the ISP serial interface IP address.
Did the ping succeed? No
Why?
There is no return route to the 10.10.10.0 network.
Task 7: Define the Pool of Usable Public IP AddressesTo define the pool of public addresses, use the ip nat pool command:
Gateway(config)#ip nat pool public_access 199.99.9.32 199.99.9.35 netmask 255.255.255.252
Task 8: Define an Access List That Matches the Inside Private IPAddresses
To define the access list to match the inside private addresses, use the access-list command:
Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255
Task 9: Define the NAT Translation from Inside the List to Outsidethe Pool
To define the NAT translation, use the ip nat inside source command:
Gateway(config)#ip nat inside source list 1 pool public_access overload
Chapter 1: Scaling IP Addresses 31
Task 10: Specify the InterfacesYou must specify whether the active interfaces on the router are inside or outside interfaces with respect toNAT. To do this, use the ip nat inside command:
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip nat inside
Task 11: Test the ConfigurationStep 1. Turn on debugging for the NAT process by entering debug ip nat at the privileged EXEC
mode prompt.
Does the debug command show output? No
Step 2. If translation were taking place, there would be output from the debug command. In reviewingthe running configuration of the gateway router, you see that the ip nat outside statement hasnot been entered on the serial 0 interface. To configure this, enter the following:
Gateway(config)#interface serial 0
Gateway(config-if)#ip nat outside
Step 3. From the workstations, ping 172.16.1.1.
If you entered the ip nat outside statement correctly, there should be output from the debug ipnat command.
What does NAT*: S=10.10.10.? -> 199.99.9 mean?
Source and destination hosts
Step 4. Stop the debug output by entering undebug all at the privileged EXEC mode prompt.
Gateway#debug ip nat
IP NAT debugging is on
Gateway#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Gateway(config)#interface serial 0
Gateway(config-if)#ip nat outside
Gateway(config-if)#
00:07:53: ip_ifnat_modified: old_if 2, new_if 1
00:08:04: NAT: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11391]
00:08:04: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11391]
00:08:05: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11392]
00:08:05: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11392]
00:08:06: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11393]
00:08:06: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11393]
00:08:07: NAT*: s=10.10.10.10->199.99.9.33, d=172.16.1.1 [11394]
00:08:07: NAT*: s=172.16.1.1, d=199.99.9.33->10.10.10.10 [11394]
Gateway(config-if)#
Gateway(config-if)#exit
Gateway#undebug all
00:08:50: %SYS-5-CONFIG_I: Configured from console by console all
All possible debugging has been turned off
32 WAN Technologies CCNA 4 Labs and Study Guide
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! This sheet contains the basic configuration commands for the ISP and gateway routers.
ISP
Router#configure terminal
Router(config)#hostname ISP
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip add 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip add 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#clockrate 64000
ISP(config)#ip route 199.99.9.32 255.255.255.224 200.2.2.18
ISP(config)#end
ISP#copy running-config startup-config
Destination filename [startup-config]?[Enter]
Gateway
Router#configure terminal
Router(config)#hostname Gateway
Gateway(config)#enable password cisco
Gateway(config)#enable secret class
Gateway(config)#line console 0
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#line vty 0 4
Gateway(config-line)#password cisco
Gateway(config-line)#login
Gateway(config-line)#exit
Gateway(config)#interface fastethernet 0
Gateway(config-if)#ip add 10.10.10.1 255.255.255.0
Gateway(config-if)#no shutdown
Gateway(config-if)#exit
Chapter 1: Scaling IP Addresses 33
Gateway(config)#interface serial 0
Gateway(config-if)#ip add 200.2.2.18 255.255.255.252
Gateway(config-if)#no shutdown
Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17
Curriculum Lab 1-6: Configuring DHCP (1.2.6)Figure 1-6 Topology for Lab 1-6
Table 1-6 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Serial 0 Address/ Loopback 0 Designation Name Address/Subnet Type Subnet Mask Address/Subnet
Mask Mask
Router 1 campus 172.16.12.1/24 DCE 172.16.1.6/30 —
Router 2 ISP — DTE 172.16.1.5/30 172.16.13.1/32
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Objective
■ Configure a router for DHCP to dynamically assign addresses to attached hosts.
Background/Preparation
Routing between the ISP and the campus router is by way of a static route between the ISP and the gate-way and a default route between the gateway and the ISP. The ISP connection to the Internet is identifiedby a loopback address on the ISP router.
Cable a network that is similar to the one in Figure 1-6. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment in your lab. The configuration output in this lab results from 1721 series routers. Another router might
34 WAN Technologies CCNA 4 Labs and Study Guide
produce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Start a HyperTerminal session.
See and implement the procedure documented in Appendix E before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart. If you have trouble doing this, see Lab 1-1, “Configuring NAT.”
Task 2: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 3: Create a Static RouteAddresses 172.16.12.0/24 have been allocated for Internet access outside the company. Use the ip routecommand to create the static route:
ISP(config)#ip route 172.16.12.0 255.255.255.0 172.16.1.6
Is the static route in the routing table? Yes
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
S 172.16.12.0/24 [1/0] via 172.16.1.6
C 172.16.13.0/24 is directly connected, Loopback0
C 172.16.1.4/30 is directly connected, Serial0
Task 4: Create a Default RouteUse the ip route command to add a default route from the campus router to the ISP router. This providesthe mechanism to forward unknown destination address traffic to the ISP:
campus(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.5
Is the route in the routing table? Yes
campus#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
Chapter 1: Scaling IP Addresses 35
P - periodic downloaded static route
Gateway of last resort is 172.16.1.5 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.12.0/24 is directly connected, FastEthernet0
C 172.16.1.4/30 is directly connected, Serial0
S* 0.0.0.0/0 [1/0] via 172.16.1.5
Task 5: Create the DHCP Address PoolTo configure the campus LAN pool, use the following commands:
campus(config)#ip dhcp pool campus
campus(dhcp-config)#network 172.16.12.0 255.255.255.0
campus(dhcp-config)#default-router 172.16.12.1
campus(dhcp-config)#dns-server 172.16.1.2
campus(dhcp-config)#domain-name foo.com
campus(dhcp-config)#netbios-name-server 172.16.1.10
Task 6: Exclude Addresses from the PoolTo exclude addresses from the pool, use the following command:
campus(dhcp-config)#ip dhcp excluded-address 172.16.12.1 172.16.12.10
Task 7: Verify DHCP OperationStep 1. At each workstation on the directly connected subnet, configure the TCP/IP properties so that
the workstation obtains an IP address and DNS server address from the DHCP server (seeFigure 1-7). After you change and save the configuration, reboot the workstation.
Figure 1-7 TCP/IP Properties Dialog Box
36 WAN Technologies CCNA 4 Labs and Study Guide
Step 2. To confirm the TCP/IP configuration information on each host, use Start > Run > winipcfg. Ifyou are running Windows 2000, check using ipconfig in a DOS window.
What IP address was assigned to the workstation?
172.16.12.11
What other information was assigned automatically?
Domain name, DNS, NetBIOS, subnet mask, gateway
When was the lease obtained?
The student should have listed the time and date.
When will the lease expire?
The student should have listed the time and date.
Task 8: View DHCP BindingsFrom the campus router, you can see the bindings for the hosts. To see the bindings, use the commandshow ip dhcp binding at the privileged EXEC mode prompt.
campus#show ip dhcp binding
IP address Client-ID/Hardware address Lease expiration Type
172.16.12.11 0100.10a4.188f.a4 Mar 02 2005 01:25 AM Automatic
172.16.12.12 0100.10b7.ce14.fb Mar 02 2005 01:26 AM Automatic
What IP addresses were assigned?
172.16.12.11 and 172.16.12.12
What three other fields does the output list?
Hardware (MAC) address, lease expiration, and lease type
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Curriculum Lab 1-7: Configuring DHCP Relay (1.2.8)Figure 1-8 Topology for Lab 1-7
Chapter 1: Scaling IP Addresses 37
Table 1-7 Lab Equipment Configuration
Router Router Fast Ethernet 0 Interface Type Serial 0 AddressDesignation Name Address/Subnet Mask
Router 1 campus 172.16.12.1/24 DCE 172.16.1.6/30
Router 2 remote 172.16.13.1/24 DTE 172.16.1.5/30
The enable secret password for both routers is class.
The enable, VTY, and console password for both routers is cisco.
Objectives
■ Configure a router for DHCP.
■ Add the capability for workstations to remotely obtain DHCP addresses and dynamically assignaddresses to the attached hosts.
Background/Preparation
A DHCP client uses IP broadcasts to find the DHCP server. However, routers do not forward these broad-casts, so in the case of the remote LAN, the workstations cannot locate the DHCP server. The router mustbe configured with the ip helper-address command to enable forwarding of these broadcasts, as unicastpackets, to the specific server.
Routing between the remote and the campus router is done by using a static route between remote andgateway and a default route between gateway and remote.
Cable a network that is similar to the one in Figure 1-8. You can use any router that meets the interfacerequirements in the diagram (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the required interface identifiers based on the equipment inyour lab. The configuration output in this lab results from 1721 series routers. Another router might pro-duce slightly different output. Execute the following tasks on each router unless you are specificallyinstructed otherwise.
Start a HyperTerminal session.
See and implement the procedure documented in Appendix E before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, virtual terminal and enable passwords, and interfaces according to thechart. If you have a problem completing this, see Lab 1-1, “Configuring NAT.”
Task 2: Configure Routing on the Remote RouterUsing Open Shortest Path First (OSPF) as the routing protocol, set up network as area 0 and the processID as 1:
remote(config)#router ospf 1
remote(config-router)#network 172.16.1.0 0.0.0.255 area 0
remote(config-router)#network 172.16.13.0 0.0.0.255 area 0
Task 3: Configure Routing on the Campus RouterUsing OSPF as the routing protocol, set up the network as area 0 and the process ID as 1:
campus(config)#router ospf 1
38 WAN Technologies CCNA 4 Labs and Study Guide
campus(config-router)#network 172.16.1.0 0.0.0.255 area 0
campus(config-router)#network 172.16.12.0 0.0.0.255 area 0
Do OSPF routes exist in the routing table? Yes
remote#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O 172.16.12.0/24 [110/65] via 172.16.1.6, 00:00:12, Serial0
C 172.16.13.0/24 is directly connected, FastEthernet0
C 172.16.1.4/30 is directly connected, Serial0
campus#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.12.0/24 is directly connected, FastEthernet0
O 172.16.13.0/24 [110/65] via 172.16.1.5, 00:00:14, Serial0
C 172.16.1.4/30 is directly connected, Serial0
Task 4: Save the ConfigurationsAt the privileged EXEC mode prompt on both routers, enter the command copy running-config startup-config.
Task 5: Create the Campus DHCP Address Pool on the CampusRouter
To configure the campus LAN pool, use the following commands:
campus(config)#ip dhcp pool campus
campus(dhcp-config)#network 172.16.12.0 255.255.255.0
campus(dhcp-config)#default-router 172.16.12.1
Chapter 1: Scaling IP Addresses 39
campus(dhcp-config)#dns-server 172.16.12.2
campus(dhcp-config)#domain-name foo.com
campus(dhcp-config)#netbios-name-server 172.16.12.10
Task 6: Create the Remote DHCP Address Pool on the CampusRouter
To configure the remote LAN pool, use the following commands:
campus(dhcp-config)#ip dhcp pool remote
campus(dhcp-config)#network 172.16.13.0 255.255.255.0
campus(dhcp-config)#default-router 172.16.13.1
campus(dhcp-config)#dns-server 172.16.12.2
campus(dhcp-config)#domain-name foo.com
campus(dhcp-config)#netbios-name-server 172.16.12.10
Task 7: Exclude Addresses from the PoolTo exclude addresses from the pool, use the following commands:
campus(dhcp-config)#ip dhcp excluded-address 172.16.12.1 172.16.12.10
campus(dhcp-config)#ip dhcp excluded-address 172.16.13.1 172.16.13.10
This defines the address range that the DHCP server excludes from dynamic issue.
Why would addresses be excluded?
Servers, routers, and so on
Task 8. Verify DHCP Operation on the Campus RouterStep 1. From the workstation directly connected to the campus router, configure the TCP/IP properties
for the workstation to obtain its IP properties automatically from DHCP. These propertiesinclude the IP and DNS server address (see Figure 1-9).
Figure 1-9 TCP/IP Properties Dialog Box
40 WAN Technologies CCNA 4 Labs and Study Guide
Step 2. After you change the configuration, reboot the workstation. View the TCP/IP configurationinformation. If you are running Windows 98, go to Start > Run > winipcfg. With Windows2000 or higher, use ipconfig in a DOS window.
What IP address was assigned to the workstation? 172.16.12.11
Task 9: Verify DHCP Operation on the Remote RouterRepeat Task 8 using the workstation that is attached to the remote router.
Is a valid address assigned from the DHCP pool? No
What IP address was assigned to the workstation?
Varies. It could be a 169.254.x.y IP address.
What does this address (if any) represent?
If it is 169.254.x.x, this is a DHCP address that was automatically assigned by Windows. This means thatthe DHCP client could not find a real DHCP server.
Task 10: Configure DHCP RelayConfigure the remote router with the ip helper-address command to enable forwarding of broadcasts, asunicast packets, to the specific server. You must configure this command on the LAN interface of theremote router for DHCP to function:
remote(config)#interface fastethernet 0
remote(config-if)#ip helper-address 172.16.12.1
Task 11: Verify DHCP Operation on the Remote RouterStep 1. Reboot the workstation that is attached to the remote router.
Is a valid address assigned from the DHCP pool? Yes
What IP address was assigned to the workstation? 172.16.13.11
Step 2. If there is no IP address, troubleshoot the workstation and router configurations and repeat Task 11.
Task 12: View DHCP BindingsFrom the campus router, you can see the bindings for the hosts. To see the bindings, use the commandshow ip dhcp binding at the privileged EXEC mode prompt.
campus#show ip dhcp binding
IP address Client-ID/Hardware address Lease expiration Type
172.16.12.11 0108.0046.06fb.b6 Mar 02 2005 04:41 PM Automatic
172.16.13.11 0542.0010.0a21.cb Mar 02 2005 04:45 PM Automatic
Which IP addresses are assigned to the hosts?
172.16.12.11, 172.16.13.11
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Chapter 1: Scaling IP Addresses 41
Comprehensive Lab 1-8: Configuring NAT, PAT, and StaticNAT
You are the network administrator of ACME, a start-up marketing company with a limited number ofusers. Your company purchased a small range of public addresses from your ISP for global communica-tion. Your company’s IP address is 200.127.54.0/26—which is the equivalent of 62 assignable addresses.Routing between ACME and the ISP is accomplished using a classless routing protocol. A loopbackaddress represents the ISP’s connection to the Internet. Figure 1-10 shows the network topology for thislab.
Figure 1-10 Network Topology for Lab 1-8
Objective
■ Configure a router with multiple NAT pools to accommodate numerous VLANs within the network.To complete this lab, you can use 2620, 1721, and 1760 routers and 2950 switches.
Configuration Tasks
■ Cable and configure the equipment according to the topology diagram in Figure 1-10.
■ Control access to the console port on all devices using cisco as the password.
■ Use an encrypted password when accessing the privileged mode of all devices using class as the pass-word.
■ Restrict remote access to all devices using itsasecret as the password.
■ Configure interface descriptions.
Addressing Scheme
■ As the network administrator of ACME, you decide to use the 192.168 100.0 /24 address for devicesinside your network.
■ You must create an addressing scheme that will support three subnets:
■ Department of Information Services (DIS) Department: 12 users
■ Finance department: 13 users
■ Marketing department: 30 users
42 WAN Technologies CCNA 4 Labs and Study Guide
ISP
ACME
S0/0 162.23.218.165/30
Lo0 192.168.1.1/30
DCE
S0/0 162.23.218.166/30DTE
Fa0/0
Fa0/1
Fa0/2
WebServer
VLAN10
(3–6)
VLAN20
(7–10)
VLANs
■ Create three VLANs and apply them to the following ports on the ALswitch:
■ VLAN 1: DIS.
■ VLAN 10: Marketing department ports 3–6.
■ VLAN 20: Finance department ports 7–10.
■ All unassigned ports should be assigned to VLAN 1. If they are unused, they should be disabled forsecurity purposes.
■ Configure trunk ports as indicated by the diagram. All trunk links should carry traffic for all VLANs.
■ Configure the switch with an address from VLAN 1 with an appropriate default gateway.
■ Configure inter-VLAN routing on the ACME router using IEEE 802.1q encapsulation.
Web Server
■ Configure the web server with an address from VLAN 1.
NAT
Using the public addresses assigned to you by the ISP, configure three separate NAT pools for each of thefollowing:
■ You are to allow all 30 users in the Marketing department to access the Internet by pulling an IPaddress dynamically (NAT).
■ Users in the Finance department will communicate with the outside world using the same IP address(PAT).
■ The company’s web server is inside the private network and must be statically assigned a publicaddress.
Routing
■ Use a classless routing protocol to route traffic between the ISP and ACME routers. Because you arethe network administrator, you decide which protocol to use.
! ACME router configs
ACME#show running-config
Building configuration...
Current configuration : 1415 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ACME
!
enable secret 5 $1$2MEe$fFkMYaJCzoWGTe9wwclTq/
!
ip subnet-zero
!
!
Chapter 1: Scaling IP Addresses 43
!
!
!
interface FastEthernet0/0
no ip address
speed auto
!
interface FastEthernet0/0.1
--More--
description DIS vlan 1
encapsulation dot1Q 1 native
ip address 192.168.100.49 255.255.255.240
!
interface FastEthernet0/0.10
description Marketing Department vlan 10
encapsulation dot1Q 10
ip address 192.168.100.1 255.255.255.224
!
interface FastEthernet0/0.20
description Finance Department vlan 20
encapsulation dot1Q 20
ip address 192.168.100.33 255.255.255.240
!
interface Serial0/0
ip address 162.23.218.166 255.255.255.252
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
router rip
--More--
version 2
network 162.23.0.0
network 192.168.100.0
!
ip nat pool marketing 200.127.54.1 200.127.54.30 netmask 255.255.255.192
ip nat pool finance 200.127.54.31 200.127.54.31 netmask 255.255.255.192
ip nat inside source list 1 pool marketing
ip nat inside source list 2 pool finance overload
ip nat inside source static 192.168.100.28 200.127.54.32
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
no ip http server
!
44 WAN Technologies CCNA 4 Labs and Study Guide
!
access-list 1 permit 192.168.100.0 0.0.0.31
access-list 2 permit 192.168.100.32 0.0.0.15
!
line con 0
password class
login
line aux 0
line vty 0 4
password itsasecret
--More--
login
!
end
ACME#
ISP#show running-config
Serial0/0
Current configuration : 779 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
enable secret 5 $1$kwHm$6RH0d5guV7RCPBX7EanZM0
enable password cisco
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.252
!
interface FastEthernet0/0
--More--
no ip address
speed auto
Chapter 1: Scaling IP Addresses 45
!
interface Serial0/0
ip address 162.23.218.165 255.255.255.252
no fair-queue
clockrate 56000
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router rip
version 2
network 162.23.0.0
network 192.168.1.0
!
ip classless
ip route 200.127.54.0 255.255.255.0 Serial0/0
--More--
no ip http server
!
!
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password itsasecret
login
!
end
ISP#
ALSwitch#show running-config
Current configuration : 1602 bytes
!
version 12.1
no service pad
service timestamps debug uptime
46 WAN Technologies CCNA 4 Labs and Study Guide
service timestamps log uptime
no service password-encryption
!
hostname ALSwitch
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
Trunk Link to Router
--More--
switchport mode trunk
!
interface FastEthernet0/2
shutdown
!
interface FastEthernet0/3
description Marketing vlan 10
switchport access vlan 10
!
interface FastEthernet0/4
description Marketing vlan 10
switchport access vlan 10
!
interface FastEthernet0/5
description Marketing vlan 10
switchport access vlan 10!
interface FastEthernet0/6
description Marketing vlan 10
switchport access vlan 10
!
interface FastEthernet0/7
description Finance vlan 20
switchport access vlan 20
!
interface FastEthernet0/8
description Finance vlan 20
switchport access vlan 20
!
Chapter 1: Scaling IP Addresses 47
interface FastEthernet0/9
--More--
description Finance vlan 20
switchport access vlan 20
!
interface FastEthernet0/10
description Finance vlan 20
switchport access vlan 20
!
interface FastEthernet0/11
shutdown
!
interface FastEthernet0/12
shutdown
!
interface FastEthernet0/13
shutdown
!
interface FastEthernet0/14
shutdown
!
interface FastEthernet0/15
!shutdown
interface FastEthernet0/16
shutdown
!
interface FastEthernet0/17
shutdown
!
interface FastEthernet0/18
shutdown
!
interface FastEthernet0/19
shutdown
!
interface FastEthernet0/20
shutdown
!
interface FastEthernet0/21
shutdown
!
interface FastEthernet0/22
shutdown
!
interface FastEthernet0/23
48 WAN Technologies CCNA 4 Labs and Study Guide
shutdown
!
interface FastEthernet0/24
shutdown
!
interface Vlan1
ip address 192.168.100.51 255.255.255.240
no ip route-cache
!
ip default-gateway 192.168.100.49
--More--
ip http server
!
line con 0
line vty 5 15
!
!
end
ALSwitch#
Challenge Lab 1-9: NAT, PAT, DHCPEstimated time: 90 minutes
Figure 1-11 Network Topology for Lab 1-9
Chapter 1: Scaling IP Addresses 49
CO
Edison
S0/0 192.168.2.1/24DCE
S0/0 192.168.2.2/24DTE
Fa0/0
Fa0/1
Host AVLAN 10
NativeVLAN1(2–5)
VLAN
20
(10–13)VLAN10
(6–9)
Host BVLAN 20
Note
This lab tests your knowledge of NAT, PAT, DHCP, static, and default routes. It builds on VLAN concepts and config-urations you have learned previously in CCNA 3 of the curriculum. You might find it useful to review notes and labsfrom CCNA 3 before proceeding.
General Configuration Tasks
■ Cable and configure the equipment based on the topology shown in Figure 1-11.
■ Control access to the console on all devices using cisco as the password.
■ Use an encrypted password when accessing the privileged mode of all devices using class as the pass-word.
■ Restrict remote access to all devices using itsasecret as the password.
■ Configure descriptions on all interfaces.
Addressing
■ As the network administrator, you decide which private address to use on the inside of your network.Choose a Class B address with a 24-bit mask from RFC 1918.
■ Use the address that you have chosen and create three subnets to accommodate users on the manage-ment, teacher, and student VLANs:
■ 90 users on the student VLAN
■ 20 users on the teacher VLAN
■ 12 users on the management VLAN
VLANs
■ Create three VLANs and apply them to the following ports on the ALswitch:
■ VLAN 1: Management VLAN ports 2–5
■ VLAN 10: Student VLAN ports 6–9
■ VLAN 20: Teacher VLAN ports 10–13
■ Configure trunk ports as indicated in the diagram. All trunk links should carry traffic for all VLANs.
■ Configure the switch with an address from VLAN 1 with the appropriate default gateway.
■ Configure inter-VLAN routing on the Edison router using IEEE 802.1q encapsulation.
Static Routes
■ Create a default route on the Edison router so that the hosts can access all networks on the CentralOffice router.
■ Create a static route on the Central Office router so that it can connect to all networks on the EdisonLAN.
DHCP
■ Instead of assigning a static IP address to each device on the network, use DHCP to assign IP address-es to all devices on the student VLAN.
■ Configure the appropriate default gateway and exclude the first 10 addresses from this pool.
■ Connect the PCs to the appropriate switch ports as indicated by the diagram. Verify that the PCs onthe student VLAN have been assigned an address from the correct subnet pool.
■ Devices on the teacher VLAN will be statically assigned. Remember to use only those addresses suit-able for teacher client devices.
50 WAN Technologies CCNA 4 Labs and Study Guide
NAT/PAT
■ Only traffic from the student and teacher VLANs will be NATed when leaving the Edison router.Traffic from the management VLAN will remain the same.
■ The NAT/PAT pools should be created from the unused address space on the WAN subnet between theCentral Office and Edison routers. Separate pools should be created for each VLAN.
■ Create a large pool for students so that they are each assigned a unique address when crossing theWAN.
■ All devices on the teacher VLAN will cross the WAN as the same address. In other words, the teacherpool will require overloading (PAT).
Testing and Verification
■ Test connectivity between PCs, to the default gateway, and from the PC to the loopback interface onthe Central Office router.
■ Ensure that devices on the student VLAN have an address assigned from the DHCP pool.
■ Ensure that each device on the student VLAN crosses the WAN link with an address from the NATpool and that each device on the teacher VLAN crosses the WAN with the same address assigned inthat pool.
Reflection
List five commands other than the show running-config command that you used to verify the correctconfiguration of the lab assignment. Explain how each command proved useful in completing this lab.
show ip nat translation
show ip dhcp binding
show ip route
show ip interface brief
show vlan
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
Chapter 1: Scaling IP Addresses 51
Edison#show running-config
Building configuration...
Current configuration : 1420 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Edison
!
enable secret 5 $1$nUs2$IalHqjDEilgTPu5ulZzHm0
enable password cisco
!
ip subnet-zero
!
ip dchp excluded-address 172.31.1.1 172.31.1.10
ip dhcp pool Students
network 172.31.1.0 255.255.255.128
default-router 172.31.1.1
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 172.31.1.161 255.255.255.240
!
interface FastEthernet0/0.10
description Student VLAN
encapsulation dot1Q 10
ip address 172.31.1.1 255.255.255.128
ip nat inside
!
interface FastEthernet0/0.20
description Teacher VLAN
encapsulation dot1Q 20
ip address 172.31.1.129 255.255.255.224
ip nat inside
!
interface Serial0/0
ip address 192.168.2.2 255.255.255.0
52 WAN Technologies CCNA 4 Labs and Study Guide
ip nat outside
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
ip nat pool Teachers 192.168.2.4 192.168.2.4 netmask 255.255.255.0
ip nat pool Students 192.168.2.129 192.168.2.254 netmask 255.255.255.0
ip nat inside source list 1 pool Students
ip nat inside source list 2 pool Teachers overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
no ip http server
!
!
access-list 1 permit 172.31.1.0 0.0.0.127
access-list 2 permit 172.31.1.128 0.0.0.31
!
line con 0
line aux 0
line vty 0 4
password itsasecret
login
!
no scheduler allocate
end
Edison#
CO#show running-config
Building configuration...
Current configuration : 712 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CO
!
enable secret 5 $1$qySU$w3Em8trubgSFY3I7AZofL.
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
Chapter 1: Scaling IP Addresses 53
ip address 192.168.1.1 255.255.255.252
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
ip address 192.168.2.1 255.255.255.0
clockrate 56000
!
interface Serial0/1
no ip address
!
interface BRI1/0
no ip address
shutdown
!
ip classless
ip route 172.31.1.0 255.255.255.0 192.168.2.2
no ip http server
!
!
!
line con 0
password cisco
login
line aux 0
line vty 0 4
password itsasecret
login
!
no scheduler allocate
end
CO#
ALSwitch#show running-config
Building configuration...
Current configuration : 1468 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ALSwitch
!
!
54 WAN Technologies CCNA 4 Labs and Study Guide
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
Description Trunk Link to Router
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
description Student VLAN
switchport access vlan 10
!
interface FastEthernet0/7
description Student VLAN
switchport access vlan 10
!
interface FastEthernet0/8
description Student VLAN
switchport access vlan 10
!
interface FastEthernet0/9
description Student VLAN
switchport access vlan 10
!
interface FastEthernet0/10
description Teacher VLAN
switchport access vlan 20
!
interface FastEthernet0/11
description Teacher VLAN
switchport access vlan 20
!
interface FastEthernet0/12
description Teacher VLAN
switchport access vlan 20
!
Chapter 1: Scaling IP Addresses 55
interface FastEthernet0/13
description Teacher VLAN
switchport access vlan 20
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 172.31.1.162 255.255.255.240
no ip route-cache
!
ip default-gateway 172.31.1.161
ip http server
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password itsasecret
login
line vty 5 15
password cisco
login
!
!
end
ALSwitch#
56 WAN Technologies CCNA 4 Labs and Study Guide
Challenge Lab 1-10: Double NAT ConfigurationFigure 1-12 Topology for Challenge Lab 1-10
This lab requires you to perform NAT on two different routers. The Scissor LAN addresses are translatedon the Scissor router using remaining address space from the WAN connection and are translated again onthe Paper router using a different set of addresses.
Objectives
■ Configure VLANs and inter-VLAN routing.
■ Configure DHCP.
■ Configure NAT and PAT.
■ Configure RIPv2.
Task 1: Cabling and ConfigurationCable and configure equipment according to the diagram in Figure 1-12.
Task 2: IP AddressingAssign IP addresses on your routers using the appropriate addressing scheme for each LAN based on thedetailed VLAN information in Figure 1-12. This task tests your knowledge of Classless InterdomainRouting (CIDR) and Variable-Length subnet Masks (VLSMs).
Chapter 1: Scaling IP Addresses 57
Internet193.10.100.1/30
Lo0
Rock
PaperScissor
NAT Scissor and Paper using24.58.96.252/30
S0/0 64.26.91.1/30
S0/1196.100.10.2/24
S0/0196.100.10.1/24
DCE
S0/0 64.26.91.2/30
DCEFa0/1
192.168.10.0/23
192.168.10.0/23
VLAN1 VLAN
20VLAN10
NAT
Fa0/1
192.168.20.0/23
VLAN1 VLAN
20VLAN10
NAT
VLAN 1 = 250 HostsVLAN 10 = 120 HostsVLAN 20 = 60 Hosts
Task 3: Inter-VLAN CommunicationConfigure inter-VLAN routing using IEEE 802.1q encapsulation.
Task 4: Configure VLANs, VLAN Ports, and the HTTP ServerStep 1. Configure the Scissor switch and the Paper switch with the following VLANs:
■ VLAN 1
■ VLAN 10: Wholesale
■ VLAN 20: Retail
Step 2. Assign the VLANs to the appropriate ports:
■ VLAN 1: All unassigned ports
■ VLAN 10: Ports 6–10
■ VLAN 20: Ports 11–15
Step 3. Set up the Rock router as an HTTP server.
Task 5: Configure and Verify RIPv2 OperationStep 1. Configure RIPv2 on each router and advertise all directly connected networks.
Step 2. Verify functionality with the show ip route command.
Task 6: Configure DHCPStep 1. Configure DHCP on the Paper and Scissor routers.
Step 2. Exclude the first 10 addresses from each VLAN.
Task 7: Configure NAT and PATStep 1. Configure NAT and PAT on the Paper and Scissor routers.
Step 2. Translate the Scissor LAN with the unused address space from 196.100.10.0/24 in this way:
■ VLAN 1 will access the outside world using one IP address.
■ Create a NAT pool for VLAN 10.
■ Create a NAT pool for VLAN 20.
Step 3. All addresses will be retranslated at the Paper router when communicating with the Rock routerin the following way:
■ All Scissor addresses will use the 24.58.96.253/30 address.
■ The Paper LAN will use the 24.58.96.254/30 address.
Task 8: Verify ConfigurationsVerify configurations using the appropriate commands.
Hosts on the Scissor LAN should ping the Paper LAN using an address from the 196.100.10.0/24 network.
Hosts on the Scissor LAN should ping the Rock router using the 24.58.96.253/30 address.
Hosts on the Paper LAN should ping the Scissor LAN using an address from the 192.168.20.0/23 network.
Hosts on the Paper LAN should ping the Rock router using the 24.58.96.254/30 address.
58 WAN Technologies CCNA 4 Labs and Study Guide
Rock#show running-config
Building configuration...
Current configuration : 735 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Rock
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
description Internet
ip address 193.10.100.1 255.255.255.252
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
description WAN connection to Paper
ip address 64.26.91.1 255.255.255.252
no fair-queue
clockrate 56000
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router rip
version 2
network 64.0.0.0
network 193.10.100.0
Chapter 1: Scaling IP Addresses 59
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip http server
!
!
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
Paper#show running-config
Building configuration...
Current configuration : 1792 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Paper
!
!
ip subnet-zero
ip dhcp excluded-address 192.168.20.1 192.168.20.10
ip dhcp excluded-address 192.168.21.1 192.168.21.10
ip dhcp excluded-address 192.168.21.129 192.168.21.139
!
ip dhcp pool Management
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
!
ip dhcp pool Wholesale
network 192.168.21.0 255.255.255.128
default-router 192.168.21.1
!
ip dhcp pool Retail
network 192.168.21.128 255.255.255.192
default-router 192.168.21.129
!
!
60 WAN Technologies CCNA 4 Labs and Study Guide
!
!
!
interface FastEthernet0/0
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management
encapsulation dot1Q 1 native
ip address 192.168.20.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.10
description Wholesale
encapsulation dot1Q 10
ip address 192.168.21.1 255.255.255.128
ip nat inside
!
interface FastEthernet0/0.20
description Retail
encapsulation dot1Q 20
ip address 192.168.21.129 255.255.255.192
ip nat inside
!
interface Serial0/0
description WAN connection to Rock
ip address 64.26.91.2 255.255.255.252
ip nat outside
no fair-queue
!
interface Serial0/1
description WAN connection to Scissor
ip address 196.100.10.2 255.255.255.0
ip nat inside
clockrate 56000
!
router rip
version 2
network 64.0.0.0
network 192.168.20.0
network 192.168.21.0
network 196.100.10.0
!
ip nat pool PaperVlan 24.58.96.254 24.58.96.254 netmask 255.255.255.252
ip nat pool Scissor 24.58.96.253 24.58.96.253 netmask 255.255.255.252
Chapter 1: Scaling IP Addresses 61
ip nat inside source list 1 pool PaperVlan overload
ip nat inside source list 2 pool Scissor overload
ip classless
no ip http server
!
!
access-list 1 permit 192.168.20.0 0.0.3.255
access-list 2 permit 196.100.10.0 0.0.0.255
!
line con 0
logging synchronous
line aux 0
line vty 0 4
!
no scheduler allocate
end
Scissor#show running-config
Building configuration...
Current configuration : 1718 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Scissor
!
!
ip subnet-zero
ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp excluded-address 192.168.11.1 192.168.11.10
ip dhcp excluded-address 192.168.11.129 192.168.11.139
!
ip dhcp pool Management
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
!
ip dhcp pool Wholesale
network 192.168.11.0 255.255.255.128
default-router 192.168.11.1
!
ip dhcp pool Retail
network 192.168.11.128 255.255.255.192
62 WAN Technologies CCNA 4 Labs and Study Guide
default-router 192.168.11.129
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management
encapsulation dot1Q 1 native
ip address 192.168.10.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.10
description Wholesale
encapsulation dot1Q 10
ip address 192.168.11.1 255.255.255.128
ip nat inside
!
interface FastEthernet0/0.20
description Retail
encapsulation dot1Q 20
ip address 192.168.11.129 255.255.255.192
ip nat inside
!
interface Serial0/0
ip address 196.100.10.1 255.255.255.0
ip nat outside
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
router rip
version 2
network 192.168.10.0
network 192.168.11.0
network 196.100.10.0
!
ip nat pool Management 196.100.10.3 196.100.10.3 netmask 255.255.255.0
ip nat pool Wholesale 196.100.10.4 196.100.10.124 netmask 255.255.255.0
ip nat pool Retail 196.100.10.125 196.100.10.185 netmask 255.255.255.0
Chapter 1: Scaling IP Addresses 63
ip nat inside source list 1 pool Management overload
ip nat inside source list 2 pool Wholesale
ip nat inside source list 3 pool Retail
ip classless
no ip http server
!
!
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 2 permit 192.168.11.0 0.0.0.127
access-list 3 permit 192.168.11.128 0.0.0.63
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
Scissor_Switch#sh run
Building configuration...
Current configuration : 1822 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Scissor-Switch
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
no ip address
64 WAN Technologies CCNA 4 Labs and Study Guide
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/11
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
Chapter 1: Scaling IP Addresses 65
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.10.2 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.10.1
66 WAN Technologies CCNA 4 Labs and Study Guide
ip http server
!
!
line con 0
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
Paper-Switch#show running-config
Building configuration...
Current configuration : 1820 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Paper-Switch
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
Chapter 1: Scaling IP Addresses 67
no ip address
!
interface FastEthernet0/6
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
description wholesale
switchport access vlan 10
no ip address
!
interface FastEthernet0/11
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
description retail
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
description retail
68 WAN Technologies CCNA 4 Labs and Study Guide
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.20.2 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.20.1
ip http server
!
!
line con 0
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
Chapter 1: Scaling IP Addresses 69
Optional Lab 1-11: Using a Linksys Router to Simulate aHome Network
In this lab, you use a Linksys router to simulate a real-world example of a home network.
Figure 1-13 Network Topology for Lab 1-11
Equipment
■ You can complete this lab using any Linksys router other than voice-enabled models. You can use1700, 2500, and 2600 series routers for this lab to simulate the ISP.
Objective
■ Configure the ISP router with DHCP, which will allow the Linksys router to pull an address from thepool you create. The Linksys router will then perform PAT on attached devices without having to beconfigured. Before you begin, reset the Linksys router to factory defaults by pressing the small buttonon the back of the router for 1 minute using a small pointy object, such as a pencil or paper clip.
Step 1. Cable and configure the equipment based on the topology in Figure 1-13.
Step 2. Configure the router with DHCP. Omit the router’s IP address from the pool.
Step 3. The switch does not to be configured but should be cleaned of any previous configurations,especially VLAN information. Use the following commands to clear configurations:
Switch#delete flash:vlan.dat
Switch#erase startup-config or write erase
Switch#reload
70 WAN Technologies CCNA 4 Labs and Study Guide
ISPFa0/0 200.100.28.1/24
PublicDomain
HomeNetwork
Fa0/1
Fa0/2
Host A Host B
Step 4. Connect to the Linksys router.
a. Open your web browser.
b. Enter 192.168.1.1 in the address bar. This is the default IP address of the Linksys router (see Figure 1-14).
Figure 1-14 Default Linksys IP Address
c. The router prompts you for a password (see Figure 1-15).
Figure 1-15 Linksys Password Prompt
d. Leave the username blank and enter the default password, admin (see Figure 1-16).
Figure 1-16 Linksys Administrator Login
e. The information shown in Figure 1-17 appears on the Linksys setup page.
Chapter 1: Scaling IP Addresses 71
Figure 1-17 Linksys Setup Page
f. Under Network Setup, the default address of the Linksys router appears. With this option, you can use any address you choose, including those not included in RFC 1918.
Why is the router’s IP address 192.168.1.1 rather than an address from the pool that has beencreated?
This address represents the default gateway for all hosts connected to the Linksys router.
What is the range of DHCP addresses used by the Linksys router?
192.168.1.100 through 192.168.1.254
Step 5. Open the command prompt dialog box and display the IP address of Host A and Host B (seeFigure 1-18).
Figure 1-18 Displaying Host A and B IP Addresses
Step 6. On the ISP router, enter the following command:
ISP#debug ip icmp
Step 7. From Host A, ping the ISP router’s Fast Ethernet interface.
The following information was displayed on the ISP router:
Router#
*Apr 14 07:51:53.955: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
*Apr 14 07:51:54.953: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
72 WAN Technologies CCNA 4 Labs and Study Guide
Router#
*Apr 14 07:51:55.955: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
*Apr 14 07:51:56.956: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
Router#
*Apr 14 07:52:06.760: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
*Apr 14 07:52:07.750: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
Router#
*Apr 14 07:52:08.752: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
*Apr 14 07:52:09.753: ICMP: echo reply sent, src 200.100.28.1, dst200.100.28.3
Router#
Why is the reply sent to the 200.100.28.3 address rather than the 192.168.100.2 address?
The 200.100.28.3 address is the address that the Linksys router pulled from the DHCP pool.When the ICMP packet passed through the Linksys router, it translated the inside privateaddress of 192.168.100.102 into the 200.100.28.3 address.
Step 8. Ping the 200.100.28.1 address from both hosts.
Why is only one address listed as the source instead of the IP address from each host?
The Linksys router uses PAT, which allows multiple users to access the Internet using a singleIP address.
ISP#show running-config
Building configuration...
Current configuration : 666 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
!
ip subnet-zero
ip dhcp excluded-address 200.100.28.1
!
ip dhcp pool Linksys
network 200.100.28.0 255.255.255.0
default-router 200.100.28.1
!
!
!
!
!
Chapter 1: Scaling IP Addresses 73
interface FastEthernet0/0
ip address 200.100.28.1 255.255.255.0
speed auto
no shut
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
ip classless
ip route 192.168.1.0 255.255.255.0 FastEthernet0/0
no ip http server
!
!
!
line con 0
line aux 0
!
ip address 200.100.28.1 255.255.255.0
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
ip classless
ip route 192.168.1.0 255.255.255.0 FastEthernet0/0
no ip http server
!
!
!
line con 0
line aux 0
line vty 0 4
!
end
74 WAN Technologies CCNA 4 Labs and Study Guide
CHAPTER 2
WAN Technologies
The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice,and open-ended question exercises to test your knowledge of the theory of WAN devices, technologies,and connections such as Frame Relay, Integrated Services Digital Network (ISDN), digital subscriber line(DSL), and cable. This chapter also discusses WAN design and implementation.
This chapter contains no lab exercises.
Study Guide
WAN Technologies OverviewA WAN is a network that connects multiple LANs regardless of their physical location. A typical WANuses several fundamental devices, such as routers, modems, WAN switches, channel service units/dataservice units (CSUs/DSUs), and communication servers. WANs use all seven layers of the OSI model butare generally focused within Layers 1 and 2. Layer 1 defines the type of connections used, along with theirfunctionality. Layer 2 is where the encapsulation of data takes place, using protocols such as High-LevelData Link Control (HDLC) and Point-to-Point Protocol (PPP) to name just a few. WANs connect multiplelocations (LANs) and use packet-switched technology to create virtual circuits between locations to makethem look as though they are directly connected to one another.
Concept Questions1. Explain the difference between LANs and WANs.
LANs are composed of hosts that are usually on the same network, and they generally span a smallarea (such as a building or campus). LANs can be located anywhere in the world and are connectedthrough the services of an ISP. A WAN usually connects multiple LANs over a greater distance, and itis composed of multiple LANs. The network administrator has complete control over the LAN, andimplementation of device placement and protocols are at his discretion. WANs are under the controlof the ISP, and connecting LANs must follow all rules and procedures set forth by their carrier. Failureto comply with them might result in the LAN losing service. WAN equipment is owned by the carrier,and LAN equipment is owned by the company.
2. Compare and contrast the devices found on a LAN and those found on a WAN.
Devices found on a LAN are PCs, servers, and printers that store data or provide a type of service toend users. Network devices found on a LAN are switches and routers, which also provide services tousers. Some examples of WAN devices are routers, WAN switches, communication servers,CSUs/DSUs, and modems, all of which provide connectivity between LANs so that these same serv-ices can be shared over a large geographic area.
3. A company has multiple locations, and each location’s router is from a different vendor. Would therebe connectivity if each router is configured with HDLC? Why or why not?
There would not be connectivity because HDLC is vendor-specific, and different-vendor HDLCs arenot compatible. The solution is to use an open-standard encapsulation such as PPP.
4. Compare and contrast a switched virtual circuit (SVC) and a permanent virtual circuit (PVC).
SVCs are set up on demand and are connectionless. In SVCs, packets may take a different path eachtime a connection is established. PVCs are connection-oriented, predetermined permanent circuitswithin the WAN cloud. In the WAN cloud, packets take the same path from source to destinationevery time a link is brought up. Frame Relay identifies these circuits with data-link connection identi-fiers (DLCIs).
5. Dialup connectivity is considered too slow, with low throughput speeds. It is generally being replacedby cable and DSL services. If this is the case, why is dialup still being used and still the most avail-able connection available?
Dialup uses existing phone lines, which reach even the most remote areas of this country. This makesdialup a low-cost option widely available to anyone. Other services, such as ISDN, cable, and DSL,are not available in all areas, which often makes dialup the only choice available.
76 WAN Technologies CCNA 4 Labs and Study Guide
Terms
__j___ ISDN BRI
__h___ Analog dialup
__f___ ATM
__e___ PVC
__g___ Frame Relay
__c___ circuit-switched
__i___ DSL
__d___ leased line
__b___ cable
__a___ packet-switched
Chapter 2: WAN Technologies 77
WAN TechnologiesA network administrator may choose from several options when creating the physical links within a WAN.These options include analog dialup, ISDN, cable, DSL, Frame Relay, ATM, leased lines, and X.25.Analog dialup is what we know as regular dialup or 56k; this uses ordinary telephone lines to transmit data using analog signals rather than digital. ISDN usually carries two different channels:
■ The B (bearer) channel, which carries voice and data
■ The D (delta) channel, which is used for call setup and termination
There are two different types of ISDN:
■ Basic Rate Interface (BRI)—Two 64-kbps B channels and one 16-kbps D channel
■ Primary Rate Interface (PRI)—Twenty-three 64-kbps B channels and one 64-kbps D channel (equalin bandwidth to that of a T1)
Leased lines are connections to the provider network/ISP that a business must pay for monthly and canrange from a 56-kbps line to an OC-48 line. In Frame Relay, there is no error checking, and Frame Relayuses PVCs and SVCs to provide connectivity between two locations. Asynchronous Transfer Mode (ATM)is a technology that provides low latency and low levels of jitter at high bandwidths by using cell technol-ogy; that is, data is split up into 53-byte cells to transmit faster. DSL, a dedicated user line, uses telephonelines to transmit data over high speeds by transmitting at higher frequencies than a regular phone line.Cable provides an always-on connection through coaxial cable, and users are in a shared environment.
Matching TermsMatch the definition on the left with the correct term on the right. Use each definition only one time.
Definitions
a. A full-time shared connection
b. An “always-on” connection that uses coaxialcable to carry signals to a modem
c. A path that is up during the duration of theconnection that requires call setup and calltermination
d. A pre-established dedicated connection avail-able in different bandwidth options
e. A temporary permanent circuit dedicatedfrom source to destination
f. A cell-switched technology that uses fixedcells at 53 bytes
g. A packet-switched technology that uses virtu-al circuits to connect multiple locations
h. Offers home and mobile users an inexpensiveoption for connecting to the Internet
i. A dedicated line from the source to the ISPthat provides Internet access
j. Digital telephony and data transport servicesoffered by regional telephone carriers
WAN DesignThere are many different considerations when designing a WAN, such as the connections, LAN locations,how to connect them, and so on. Topology is also vital; primarily, star, full-mesh, and partial-mesh topolo-gies are set up for WANs. Whether the WAN will use ATM, Frame Relay, or X.25 depends on the type oftraffic that the WAN must handle. A hierarchy also proves useful to make the WAN more manageable, eas-ier to troubleshoot, and scalable. Typically, the three-layer hierarchy used in WAN design consists of theaccess, distribution, and core layers. Security—protecting servers, LANs within the WAN, and so on—isalso a primary concern when designing a WAN.
Concept Questions1. You have a company that has four remote sites and a home office user (see Figure 2-1). Remote sites
A, B, and C require permanent connections. Site D does not require a fixed connection but makeslarge file transfers once a day. The home office user needs access to resources located at headquartersand must be connected at all times. What type of WAN connection and speed should you use at head-quarters? The remote sites? The home office?
Figure 2-1 WAN Connection Requirements
Remote sites A, B, and C could use T1 lines with Frame Relay connections. Headquarters should usea T3 connection because a T1 might not provide enough bandwidth to handle all the sites connectingto it. Remote site D could use ISDN because it makes large file transfers only once a day. The homeoffice user could use an SDSL connection because it provides a continuous connection and the sameupload and download speeds.
78 WAN Technologies CCNA 4 Labs and Study Guide
Remote Office A Remote Office B
Remote Office C Remote Office D
Headquarters
Home Office
WAN Cloud
2. What type of connection is best for a home office, and why?
Cable or DSL is best suited for a home office user because it uses existing lines, such as a cable TVline or a telephone line for DSL. With cable or DSL, the home office user can stay connected at alltimes (always-on connection). This is also a cost-effective way to stay connected to headquarters.
3. What types of DSL services are available to the consumer? Explain the differences between them.
In asymmetric digital subscriber line (ADSL), the flow of data has a higher download speed thanupload speed. ADSL uses two separate frequency bands. A direct relationship exists between the num-ber of chunks available and the throughput capacity of the ADSL connection.
Symmetric digital subscriber line (SDSL) differs from ADSL in that SDSL has the same upstreamdata transfer rate as the downstream.
Chapter 2: WAN Technologies 79
Lab ExercisesThis chapter contains no lab exercises.
80 WAN Technologies CCNA 4 Labs and Study Guide
CHAPTER 3
PPP
The Study Guide portion of this chapter uses a combination of matching, fill-in-the-blank, multiple-choice,and open-ended question exercises to test your knowledge of the theory of serial point-to-point links,Point-to-Point Protocol (PPP), and authentication using Password Authentication Protocol (PAP) andChallenge Handshake Authentication Protocol (CHAP).
The Lab Exercises portion of this chapter includes all the online curriculum labs, a comprehensive lab, anda challenge lab to ensure that you have mastered the practical, hands-on skills needed for PPP and authen-tication configurations.
Study Guide
Serial Point-to-Point LinksThe fundamentals of WAN technologies and communications are the links within a WAN. One of the morepopular methods of transmission over a serial link is time-division multiplexing (TDM). Because seriallinks can transmit only 1 bit at a time over the link, TDM provides an organization data transmissionthrough the use of timeslots. TDM prioritizes what data needs to be sent over the link and puts data intodifferent categories, such as video, voice, and data. With TDM, multiple devices can transmit over oneline. TDM acts as a train does—each timeslot contains one of the three categories of data, and they are justsent. However, the disadvantage of this is that if a device does not have any information to send, the emptytimeslot remains part of the train being transmitted across the line.
Another aspect of WANs are demarcation points. These are the exchange of how responsibility from theprovider to the customer and vice versa takes place. They may also separate the data circuit-terminatingequipment (DCE) and data terminal equipment (DTE). The DCE is the device that provides the service,such as a connection to the Internet or to the WAN. The DTE, in most cases, is the customer using the service.
The DCE sets the rate at which the link operates (synchronously). Just like Ethernet, encapsulation isrequired for the data to be sent. HDLC is one form of encapsulation and is vendor-specific. All vendors(such as Cisco, 3Com, and so on) have their own version of High-Level Data Link Control (HDLC) that cannot communicate with another vendor’s version. Typically, HDLC does not support multiple-linkaccess protocols, but the Cisco version of HDLC has a Type field in the encapsulation that allows morethan one protocol to operate on the same serial line. All versions of HDLC also add a flag at the beginningand the end of the datagram; the sole function of the flag is to say where the datagram begins and ends. Toconfigure HDLC on a serial link, you must configure both connected serial interfaces on the router withthe command encapsulation hdlc.
Concept Questions1. You have a large network that has various connections to the Internet and that uses multiple Layer 3
protocols on the network. Security is a concern, and authentication is a must for remote users connect-ing to the network. The routers on the edge of the network are all Cisco, but those on the inside comefrom different vendors. The WAN encapsulation that you decide to use is PPP. Explain why this is thecorrect choice over HDLC.
The Cisco versions of HDLC and PPP support multiple Layer 3 protocols, but only PPP supports mul-tiple interface types. HDLC is limited to serial interfaces and does not provide authentication or pro-tect against callback. As far as the type of routers you use, encapsulation is used only between theborder routers on the edge of your network that connects to the WAN cloud. The routers on the insideof your network are not affected by WAN encapsulation.
2. The clock rate is normally set on the DCE end of a serial connection. Explain the purpose of the clockrate command and why the interface remains down if not set.
Serial interfaces are synchronous and require a timing mechanism for them to communicate. Withoutthis, the line is up, but the protocol is down. This has no relationship to bandwidth, which is theamount of data that can be forwarded across a link.
82 WAN Technologies CCNA 4 Labs and Study Guide
Chapter 3: PPP 83
3. Explain the benefit of using TDM.
TDM allocates bandwidth to multiple channels on a single line. Each channel can then be allocatedfor different types of traffic, such as voice, video, and data. This type of service prevents one form ofdata stream from using all the bandwidth.
PPP AuthenticationPPP is another form of WAN encapsulation and is much different from HDLC. For one, it is an open-standard protocol that works in a multivendor environment. PPP provides the option of operating on asyn-chronous, synchronous, high-speed serial interfaces and ISDN. In addition, PPP allows authentication(optional configuration parameter) to be set to provide more security for a link. When establishing a link,PPP sends out a link control protocol (LCP) to negotiate the link’s parameters before data transmission.After both routers negotiate the maximum transmission unit (MTU) and bandwidth over the link, authenti-cation, if configured, takes place. The network control protocol (NCP) then chooses a network layer proto-col to use, such as IP.
PPP may use two types of authentication:
■ Password Authentication Protocol (PAP)—Uses a two-way handshake that asks the devices toauthenticate only one time. It provides a simple security measure to verify the identity of the devicesin question using a username and password. However, PAP is susceptible to hackers because it passesthe username and password across the link in plain text, making it easier for the hacker to gain access.
■ Challenge Handshake Authentication Protocol (CHAP)—Uses a three-way handshake and random-ly authenticates the connecting device. CHAP is more secure than PAP because it is not susceptible toplayback and because the challenges are encrypted using MD5 and are verified using a hash.
Concept Questions1. Explain some of the functions of the LCP as it negotiates parameters of a link.
Besides authentication, compression, and callback, the LCP performs error detection by checking forexcessive errors on a link. It uses looped link detection by using magic numbers. Each router uses adifferent number, so if a router sees its own magic number in a frame, it knows that there is a loop andcan terminate the link immediately.
2. CHAP authentication is more secure than PAP because it uses MD5, a one-way hash to encode thepassword as it is sent across the link. Explain how a one-way hash works.
A one-way hash converts data into a fixed string of digits. The sending device encodes the data, andthe receiving device generates a hash using the same algorithm. If the two hashes match, the receivingdevice knows the sending device has been authenticated. It is also used to verify and authenticate theoriginator of a message (called digital signatures).
3. Explain the PPP session establishment phase.
The PPP session is established when all three phases are complete. First is the link-establishmentphase, which uses LCP to establish the link and negotiate certain parameters, which might includecompression and MTU. This must occur for any data to be sent. The next phase is the authenticationphase, which is optional and does not begin until the LCP phase is complete. This is wherePAP/CHAP can be used to provide a more secure connection between hosts. The third and final phaseis the network layer protocol phase, during which one or more network layer protocols can be used tosend data across the link.
Configuring PPPEncapsulation works on the border routers (ones that connect to the WAN). It does not matter what type ofrouters are on the inside of your network, because encapsulation has no bearing on them. To configure PPPon a serial interface, you must enter the command encapsulation ppp. To add the authentication, use thecommand ppp authentication followed by either pap or chap. To verify that the authentication has beenconfigured properly on the interface, use the command show interfaces serial or show interface serial xor show interface serial x/y, where x or x/y is the number of the interface. If there is any problem with theconfiguration, debugging is a useful method of troubleshooting:
debug ppp [authentication | negotiation | packet | error | chap]
Concept Questions1. Explain the purpose of the ppp multilink command and what would happen if it were not configured
on an interface.
The ppp multilink command logically combines both B channels on an ISDN interface and allowsthe router to packet-fragment (load-balance fragments) between them. If this command were not con-figured, only one B channel would be used to a single destination.
2. Explain the difference between Stacker and Predictor compression mechanisms used by PPP.
Stacker replaces continuous streams of characters with codes. Predictor tries to predict the nextsequence of characters in a data stream using a compression dictionary. Stacker is CPU-intensive,whereas Predictor is memory-intensive.
3. What information appears when you use the debug ppp negotiation command?
The debug ppp negotiation command displays the following information:
■ The type of authentication being used (PAP or CHAP).
■ Whether it is a challenge or response.
■ The username of the device you are trying to connect to. This indicates whether the usernames cor-respond with the hostnames of the routers. If they don’t, this causes an authentication failure.
■ The letter I indicates an incoming message, and the letter O indicates an outgoing message.
■ Whether authentication succeeded.
Chapter Review Questions1. Which of the following are true of PAP? (Select two)
A. It is a strong authentication protocol.
B. It sends usernames and passwords across the link in plain text.
C. It is a weak authentication protocol.
D. It uses a one-way hash function.
2. Which of the following compression mechanisms is CPU-intensive?
A. PAP
B. Stacker
C. Predictor
D. CHAP
3. Which command enables PPP on an interface?
A. Router(config)#ppp encapsulation
B. Router(config)#encapsulation ppp
C. Router(config-if)#ppp encapsulation
D. Router(config-if)#encapsulation ppp
84 WAN Technologies CCNA 4 Labs and Study Guide
4. PPP can be configured on which of the following interface types? (Select all that apply)
A. Serial interfaces
B. Auxiliary interfaces
C. Virtual interfaces
D. High-speed serial interfaces
E. ISDN BRI interfaces
F. Loopback interfaces
5. What type of cable is used when connecting two DTE devices?
A. RS-232
B. Smart serial cable
C. Null-modem
D. V.35
6. Which of the following functions does the LCP perform? (Select all that apply)
A. Detect misconfiguration errors
B. Terminate a link
C. Configure network layer protocols
D. Determine whether a link is functioning
E. Perform encryption
7. Which command provides load balancing across a PPP-configured interface?
A. Callback
B. Playback
C. Overload
D. Multilink
8. Which of the following are true of CHAP? (Select two)
A. It uses a one-way hash.
B. It uses a two-way hash.
C. It uses a one-way handshake.
D. It uses a two-way handshake.
E. It uses a three-way handshake.
9. What is the location in the network called where responsibility between the telco and customerchanges hands?
A. Demarcation
B. Local loop
C. CSU/DSU
D. DTE
E. DCE
Chapter 3: PPP 85
10. Which command displays real-time events as they happen on a PPP-configured interface? (Select allthat apply)
A. show ppp interfaces
B. show ppp authentication
C. show ppp negotiation
D. debug ppp interfaces
E. debug ppp authentication
F. debug ppp negotiation
11. Which of the following features uses a magic number to detect loops?
A. Authentication
B. Negotiation
C. Multilink
D. Error detection
E. Split horizon
12. Which of the following are true of PPP? (Select all that apply)
A. Allows multiple network layer protocols to operate on the same link.
B. Provides a separate NCP for every network layer protocol.
C. Provides a separate LCP for every data link layer protocol.
D. Does not support multiple network layer protocols across the same link.
E. Each network layer protocol requires a separate LCP.
13. How should the username and passwords on each router be configured for PPP authentication? (Selecttwo)
A. Name of the person connecting to the device.
B. Hostname of the local router.
C. Hostname of the remote router.
D. Same on both routers.
E. Passwords can differ.
F. Passwords must be the same.
14. What would happen if both PAP and CHAP were enabled on a router? (Select two)
A. Negotiation would fail.
B. The first method would be used during link negotiation.
C. The peer could refuse to use the first method and try the second one instead.
D. Authentication would fail if the peer router is configured for only one method only.
15. When does PAP authentication occur?
A. After NCP establishes the link
B. During the three-way handshake
C. Only upon initial link establishment
D. Periodically
86 WAN Technologies CCNA 4 Labs and Study Guide
16. Which of the following are true of PAP and CHAP authentication? (Select all that apply)
A. It ensures that the caller has permission to establish a connection.
B. It is an optional parameter.
C. It reduces the amount of congestion on a link.
D. Peer routers exchange authentication messages.
E. It detects loops that may occur across the link.
17. What is the default encapsulation on Cisco serial interfaces?
A. PPP
B. ARAP
C. IP
D. IPX
E. HDLC
18. Which command displays the state of interface channels and the type of cable connected?
A. show interface s0/0
B. show ip interface s0/0
C. show ip interface brief
D. show controller s0/0
E. show interfaces serial
19. Which network layer protocols does NCP support? (Select two)
A. IPCP
B. IPNP
C. ICMP
D. IPXCP
E. IPXNP
20. Which of the following are not protected against by PAP? (Select all that apply)
A. Callback attacks
B. Playback attacks
C. Random challenges
D. Trial-and-error attacks
Chapter 3: PPP 87
Lab Exercises
Curriculum Lab 3-1: Troubleshooting a Serial Interface(3.1.7)Figure 3-1 Topology for Lab 3-1
Table 3-1 Lab Equipment Configuration
Router Designation Router Name Interface Type Serial 0 Address
Router 1 London DCE 192.168.15.1
Router 2 Paris DTE 192.168.15.2
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
The subnet mask for both routers is 255.255.255.0.
Objectives
■ Configure a serial interface on two routers.
■ Use show commands to troubleshoot connectivity issues.
Background/Preparation
Cable a network that is similar to the one in Figure 3-1. You can use any router that meets the interfacerequirements in Figure 3-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C, “Router Interface Summary Chart,” to correctly specify the interface identi-fiers based on the equipment in your lab. The 1721 series routers produced the configuration output in thislab. Another router might produce slightly different output. Execute the following tasks on each routerunless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E, “Erasing and Reloading the Router,” on all routersbefore you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 3-1. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
88 WAN Technologies CCNA 4 Labs and Study Guide
Task 2: Configure the Paris Interface Configure the Paris router serial interface as follows:
Paris(config)#interface serial 0
Paris(config-if)#ip address 192.168.15.2 255.255.255.0
Paris(config-if)#clock rate 56000
Paris(config-if)#no shutdown
Paris(config-if)#exit
Paris(config)#exit
Task 3: Configure the London Interface Configure the London router serial interface as follows:
London(config)#interface serial 0
London(config-if)#ip address 192.168.15.1 255.255.255.0
London(config-if)#no shutdown
London(config-if)#exit
London(config)#exit
Task 4: Save the ConfigurationTo save the configuration of the Paris and London router serial interfaces, enter the following:
London#copy running-config startup-config
Paris#copy running-config startup-config
Task 5: Enter the Command show interface serial 0 (SeeAppendix C) on London
London#show interface serial 0
This shows the details of interface serial 0.
London#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:06, output 00:00:00, output hang never
58 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.1.7 Copyright ? 2003, Cisco Systems,Inc.
Last clearing of “show interface” counters 03:02:45
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/32 (active/max active/max total)
Chapter 3: PPP 89
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 96 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
1039 packets input, 67974 bytes, 0 no buffer
Received 753 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
1047 packets output, 77227 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Answer the following questions:
Serial 0 is up, and line protocol is down.
What type of problem is indicated in the last statement? Data link- (Layer 2) related
What is the Internet address? 192.168.15.1
What is the encapsulation type? HDLC
Task 6: Enter the Command show interface serial 0 (SeeAppendix C) on Paris
Paris#show interface serial 0
This shows the details of interface serial 0.
Answer the following questions:
Serial 0 is up, and line protocol is down.
What is the Internet address? 192.168.15.2
What is the encapsulation type? HDLC
To what OSI layer does “Encapsulation” refer? Layer 2
Why is the interface down?
The clock rate is not set on the DCE interface.
End #show interface serial 0
Serial0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of “show interface” counters 00:04:44
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
90 WAN Technologies CCNA 4 Labs and Study Guide
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
15 packets output, 869 bytes, 0 underruns
0 output errors, 0 collisions, 10 interface resets
0 output buffer failures, 0 output buffers swapped out
16 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 7: Correct the Clock LocationThe clock rate statement has been placed on the wrong interface. It is currently placed on the Paris router,but the London router is the DCE. Remove the clock rate statement from the Paris router by using the noversion of the command. Then, add it to the London router’s configuration.
Task 8: Enter the Command show interface serial 0 on ParisParis#show interface serial 0
Serial 0 is up, and line protocol is up.
What is the difference in the Line and Protocol status that was recorded on Paris earlier? Why?
Both interfaces are up due to the correct clock rate setting.
End is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:02, output 00:00:07, output hang never
Last clearing of “show interface” counters 00:07:47
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
31 packets input, 2864 bytes, 0 no buffer
Received 21 broadcasts, 0 runts, 0 giants, 0 throttles
Chapter 3: PPP 91
1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort
43 packets output, 3231 bytes, 0 underruns
0 output errors, 0 collisions, 11 interface resets
0 output buffer failures, 0 output buffers swapped out
20 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 9: Verify That the Serial Connection Is Functioning byPinging the Serial Interface of the Other Router
London#ping 192.168.15.2
Paris#ping 192.168.15.1
London#ping 192.168.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/40 ms
London#
Paris#ping 192.168.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
Paris#
From London, can you ping the Paris router’s serial interface? Yes
From Paris, can you ping the London router’s serial interface? Yes
If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do thepings again until the answer to both questions is yes.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Paris
Router#configure terminal
Router(config)#hostname Paris
Paris(config)#enable password cisco
Paris(config)#enable secret class
Paris(config)#line vty 0 4
Paris(config-line)#password cisco
Paris(config-line)#login
Paris(config-line)#line con 0
Paris(config-line)#password cisco
Paris(config-line)#login
92 WAN Technologies CCNA 4 Labs and Study Guide
Paris(config-line)#interface serial 0
Paris(config-if)#ip address 192.168.15.2 255.255.255.0
Paris(config-if)#clock rate 56000
Paris(config-if)#no shutdown
Paris(config-if)#exit
Paris(config)#exit
Paris#copy running-config startup-config
! Removing the clock from Paris Serial DTE interface
Paris#configure terminal
Paris(config)#interface serial 0
Paris(config-if)#no clock rate 56000
Paris(config-if)#exit
Paris(config)#exit
Paris#copy running-config startup-config
! London
Router#configure terminal
Router(config)#hostname London
London(config)#enable password cisco
London(config)#enable secret class
London(config)#line vty 0 4
London(config-line)#password cisco
London(config-line)#login
London(config-line)#line con 0
London(config-line)#password cisco
London(config-line)#login
London(config-line)#interface serial 0
London(config-if)#ip address 192.168.15.1 255.255.255.0
London(config-if)#no shutdown
London(config-if)#exit
London(config)#exit
London#copy running-config startup-config
! Configuring the clock on London Serial DCE interface
London#configure terminal
London(config)#interface serial 0
London(config-if)#clock rate 56000
London(config-if)#exit
London(config)#exit
London#copy running-config startup-config
Chapter 3: PPP 93
Curriculum Lab 3-2: Configuring PPP Encapsulation(3.3.2)Figure 3-2 Topology for Lab 3-2
Table 3-2 Lab Equipment Configuration
Router Designation Router Name Interface Type Serial 0 Address
Router 1 Washington DCE 192.168.15.1
Router 2 Dublin DTE 192.168.15.2
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
The subnet mask for both routers is 255.255.255.0.
Objectives
■ Configure the serial interfaces on two routers with the PPP protocol.
■ Test the link for connectivity.
Background/Preparation
Cable a network that is similar to the one in Figure 3-2. You can use any router that meets the interfacerequirements in Figure 3-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 3-2. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
94 WAN Technologies CCNA 4 Labs and Study Guide
Task 2: Configure the Dublin Interface Configure the Dublin router serial interface as follows:
Dublin(config)#interface serial 0
Dublin(config-if)#ip address 192.168.15.2 255.255.255.0
Dublin(config-if)#no shutdown
Dublin(config-if)#exit
Dublin(config)#exit
Task 3: Configure the Washington Interface Configure the Washington router serial interface as follows:
Washington(config)#interface serial 0
Washington(config-if)#ip address 192.168.15.1 255.255.255.0
Washington(config-if)#clock rate 64000
Washington(config-if)#no shutdown
Washington(config-if)#exit
Washington(config)#exit
Task 4: Save the ConfigurationTo save the Dublin and Washing router serial interfaces, use the following commands:
Dublin#copy running-config startup-config
Washington#copy running-config startup-config
Task 5: Enter the Command show interface serial 0 (SeeAppendix C) on Washington
Washington#show interface serial 0
This shows the details of interface serial 0.
Serial 0 is up, and line protocol is up.
The Internet address is 192.168.15.1.
Encapsulation is HDLC.
Washington#show interface 0serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:04, output 00:00:03, output hang never
Last clearing of “show interface” counters 00:06:09
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Chapter 3: PPP 95
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
16 packets input, 902 bytes, 0 no buffer
Received 16 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
35 packets output, 2939 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
2 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 6: Enter the Command show interface serial 0 (SeeAppendix C) on Dublin
Dublin#show interface serial 0
This shows the details of interface serial 0.
Serial 0 is up, and line protocol is up.
The Internet address is 192.168.15.2.
Encapsulation is HDLC.
Dublin#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:01, output 00:00:02, output hang never
Last clearing of “show interface” counters 00:05:19
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
11 packets input, 1068 bytes, 0 no buffer
Received 11 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
25 packets output, 1603 bytes, 0 underruns
0 output errors, 0 collisions, 3 interface resets
0 output buffer failures, 0 output buffers swapped out
14 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
96 WAN Technologies CCNA 4 Labs and Study Guide
Task 7: Change the Encapsulation TypeChange the encapsulation type to PPP by entering encapsulation ppp at the interface serial 0 configura-tion mode prompt on both routers:
Washington(config-if)#encapsulation ppp
Dublin(config-if)#encapsulation ppp
Task 8: Enter the Command show interface serial 0 onWashington
Washington#show interface serial 0
What is the encapsulation type? PPP
Washington#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:13, output 00:00:10, output hang never
Last clearing of “show interface” counters 00:00:17
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
11 packets input, 1220 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
7 packets output, 366 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 9: Enter the Command show interface serial 0 on DublinDublin#show interface serial 0
What is the encapsulation type? PPP
Dublin#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
Chapter 3: PPP 97
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
68 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.2 Copyright ? 2003, Cisco Systems, Inc.
Last input 00:00:02, output 00:00:02, output hang never
Last clearing of “show interface” counters 00:00:28
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10 packets input, 412 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
15 packets output, 1280 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
4 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 10: Verify That the Serial Connection Is Functioning byPinging the Serial Interface of the Other Router
Washington#ping 192.168.15.2
Dublin#ping 192.168.15.1
From Washington, can you ping the Dublin router’s serial interface? Yes
From Dublin, can you ping the Washington router’s serial interface? Yes
If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do thepings again until the answer to both questions is yes.
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Washington#
Dublin#ping 192.168.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Dublin#
98 WAN Technologies CCNA 4 Labs and Study Guide
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! Washington
Router#configure terminal
Router(config)#hostname Washington
Washington(config)#enable password cisco
Washington(config)#enable secret class
Washington(config)#line vty 0 4
Washington(config-line)#password cisco
Washington(config-line)#login
Washington(config-line)#line con 0
Washington(config-line)#password cisco
Washington(config-line)#login
Washington(config-line)#exit
Washington(config)#interface serial 0
Washington(config-if)#ip address 192.168.15.1 255.255.255.0
Washington(config-if)#clock rate 64000
Washington(config-if)#no shutdown
Washington(config-if)#exit
Washington(config)#exit
Washington#copy running-config startup-config
! Configuring PPP on Washington
Washington#configure terminal
Washington(config)#interface serial 0
Washington(config-if)#encapsulation ppp
Washington(config-if)#exit
Washington(config)#exit
Washington#copy running-config startup-config
! Dublin
Router#configure terminal
Router(config)#hostname Dublin
Dublin(config)#enable password cisco
Dublin(config)#enable secret class
Dublin(config)#line vty 0 4
Dublin(config-line)#password cisco
Dublin(config-line)#login
Dublin(config-line)#line con 0
Dublin(config-line)#password cisco
Dublin(config-line)#login
Dublin(config-line)#exit
Dublin(config)#interface serial 0
Dublin(config-if)#ip address 192.168.15.2 255.255.255.0
Dublin(config-if)#no shutdown
Dublin(config-if)#exit
Chapter 3: PPP 99
Dublin(config)#exit
Dublin#copy running-config startup-config
! Configuring PPP on Dublin
Dublin#configure terminal
Dublin(config)#interface serial 0
Dublin(config-if)#encapsulation ppp
Dublin(config-if)#exit
Dublin(config)#exit
Dublin#copy running-config startup-config
Curriculum Lab 3-3: Configuring PPP Authentication(3.3.3)Figure 3-3 Topology for Lab 3-3
Table 3-3 Lab Equipment Configuration
Router Designation Router Name Interface Type Serial 0 Address
Router 1 Madrid DCE 192.168.15.1
Router 2 Tokyo DTE 192.168.15.2
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
The subnet mask for both routers is 255.255.255.0.
Objective
■ Configure PPP authentication by using CHAP on two routers.
Background/Preparation
Cable a network that is similar to the one in Figure 3-3. You can use any router that meets the interfacerequirements in Figure 3-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
100 WAN Technologies CCNA 4 Labs and Study Guide
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 3-3. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Configure the Tokyo Interface Configure the Tokyo router serial interface as follows:
Tokyo(config)#interface serial 0
Tokyo(config-if)#ip address 192.168.15.2 255.255.255.0
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#no shutdown
Tokyo(config-if)#exit
Tokyo(config)#exit
Task 3: Configure the Madrid Interface Configure the Madrid router serial interface as follows:
Madrid(config)#interface serial 0
Madrid(config-if)#ip address 192.168.15.1 255.255.255.0
Madrid(config-if)#clock rate 64000
Madrid(config-if)#encapsulation ppp
Madrid(config-if)#no shutdown
Madrid(config-if)#exit
Madrid(config)#exit
Task 4: Save the ConfigurationTo save the Tokyo and Madrid serial interface configurations, use the following commands:
Tokyo#copy running-config startup-config
Madrid#copy running-config startup-config
Task 5: Enter the Command show interface serial 0 on MadridMadrid#show interface serial 0
What is the encapsulation type? PPP
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:09, output 00:00:09, output hang never
Last clearing of “show interface” counters 00:00:35
Chapter 3: PPP 101
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10 packets input, 136 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
10 packets output, 136 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Task 6: Enter the Command show interface serial 0 on TokyoTokyo#show interface serial 0
What is the encapsulation type? PPP
Tokyo#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:02, output 00:00:02, output hang never
Last clearing of “show interface” counters 00:00:29
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
12 packets input, 168 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
12 packets output, 168 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
102 WAN Technologies CCNA 4 Labs and Study Guide
Task 7: Verify That the Serial Connection Is Functioning byPinging the Serial Interface of the Other Router
Madrid#ping 192.168.15.2
Tokyo#ping 192.168.15.1
If the pings are unsuccessful, troubleshoot the router configurations to find the error. Then, do the pingsagain until both pings succeed.
Task 8: Configure PPP AuthenticationConfigure usernames and passwords on the Madrid router. The passwords must be the same on bothrouters. The username must reflect the other router’s hostname exactly. (It is case-sensitive.)
Madrid(config)#username Tokyo password cisco
Madrid(config)#interface serial 0
Madrid(config-if)#ppp authentication chap
Task 9: Verify That the Serial Connection Is FunctioningVerify that the serial connection is functioning by pinging the serial interface of the other router:
Madrid#ping 192.168.15.2
Did the ping succeed? No
Why? CHAP is not set up on Tokyo.
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Task 10: Configure PPP AuthenticationConfigure usernames and passwords on the Tokyo router. The passwords must be the same on bothrouters. The usernames must reflect the other router’s hostname exactly (they are case-sensitive).
Tokyo(config)#username Madrid password cisco
Tokyo(config)#interface serial 0
Tokyo(config-if)#ppp authentication chap
Task 11: Verify That the Serial Connection Is FunctioningVerify that the serial connection is functioning by pinging the serial interface of the other router:
Tokyo#ping 192.168.15.1
Did the ping succeed? Yes
Why? The username was set up on Tokyo.
Tokyo#ping 192.168.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Chapter 3: PPP 103
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms
Madrid#ping 192.168.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Tokyo
Router#configure terminal
Router(config)#hostname Tokyo
Tokyo(config)#enable password cisco
Tokyo(config)#enable secret class
Tokyo(config)#line vty 0 4
Tokyo(config-line)#password cisco
Tokyo(config-line)#login
Tokyo(config-line)#line con 0
Tokyo(config-line)#password cisco
Tokyo(config-line)#login
Tokyo(config-line)#exit
Tokyo(config)#interface serial 0
Tokyo(config-if)#ip address 192.168.15.2 255.255.255.0
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#no shutdowndown
Tokyo(config-if)#exit
Tokyo(config)#exit
Tokyo#copy running-config startup-config
Tokyo chap configuration
Tokyo#configure terminal
Tokyo(config)#username Madrid password cisco
Tokyo(config)#interface serial 0
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#exit
Tokyo(config)#exit
Tokyo#copy running-config startup-config
! Madrid
Router#configure terminal
Router(config)#hostname Madrid
Madrid(config)#enable password cisco
Madrid(config)#enable secret class
Madrid(config)#line vty 0 4
Madrid(config-line)#password cisco
Madrid(config-line)#login
Madrid(config-line)#line con 0
104 WAN Technologies CCNA 4 Labs and Study Guide
Madrid(config-line)#password cisco
Madrid(config-line)#login
Madrid(config-line)#exit
Madrid(config)#interface serial 0
Madrid(config-if)#ip address 192.168.15.1 255.255.255.0
Madrid(config-if)#clock rate 56000
Madrid(config-if)#encapsulation ppp
Madrid(config-if)#no shutdown
Madrid(config-if)#exit
Madrid(config)#exit
Madrid chap configuration
Madrid#configure terminal
Madrid(config)#username Tokyo password cisco
Madrid(config)#interface serial 0
Madrid(config-if)#ppp authentication chap
Madrid(config-if)#exit
Curriculum Lab 3-4: Verifying PPP Configuration (3.3.4)Figure 3-4 Topology for Lab 3-4
Table 3-4 Lab Equipment Configuration
Router Designation Router Name Interface Type Serial 0 Address
Router 1 Brasilia DCE 192.168.15.1
Router 2 Warsaw DTE 192.168.15.2
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
The subnet mask for both routers is 255.255.255.0.
Objectives
■ Configure a serial interface on two routers with the PPP protocol.
■ Verify and test the link for connectivity.
Chapter 3: PPP 105
Background/Preparation
Cable a network that is similar to the one in Figure 3-4. You can use any router that meets the interfacerequirements in Figure 3-4 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 3-4. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Configure the Warsaw Configure the Warsaw router serial interface as follows:
Warsaw(config)#interface serial 0
Warsaw(config-if)#ip address 192.168.15.2 255.255.255.0
Warsaw(config-if)#no shutdown
Warsaw(config-if)#exit
Warsaw(config)#exit
Task 3: Configure the Brasilia InterfaceConfigure the Brasilia router serial interface as follows:
Brasilia(config)#interface serial 0
Brasilia(config-if)#ip address 192.168.15.1 255.255.255.0
Brasilia(config-if)#clock rate 64000
Brasilia(config-if)#no shutdown
Brasilia(config-if)#exit
Brasilia(config)#exit
Task 4: Save the ConfigurationTo save the Warsaw and Brasilia router serial interface configurations, use the following commands:
Warsaw#copy running-config startup-config
Brasilia#copy running-config startup-config
Task 5: Enter the Command show interface serial 0 (SeeAppendix C) on Brasilia
Brasilia#show interface serial 0
This shows the details of interface serial 0.
The encapsulation type is HDLC.
106 WAN Technologies CCNA 4 Labs and Study Guide
Task 6: Enter the Command show interface serial 0 (SeeAppendix C) on Warsaw
Warsaw#show interface serial 0
This shows the details of interface serial 0.
The encapsulation type is HDLC.
Task 7: Turn on PPP DebuggingTurn on the PPP debug function on both routers by entering debug ppp event at the privileged EXECmode prompt. Note: For the 2600 router, use the command debug ppp tasks.
Task 8: Change the Encapsulation TypeStep 1. Change the encapsulation type to PPP by entering encapsulation ppp at the interface serial 0
configuration mode prompt on both routers:
Brasilia(config-if)#encapsulation ppp
Warsaw(config-if)#encapsulation ppp
What did the debug function report when the PPP encapsulation was applied to each router?
00:03:07: Se0 AUTH: Started process 0 pid 4
00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) queued 1/1/1
00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) busy/0
started 1/1/1
00:03:07: Se0: AAA_PER_USER LCP_UP (0x826DC7DC) id 0 (0s.) busy/0 done
in 0 s. 0/0/1
Step 2. Turn off the debug function by entering undebug all at the privileged EXEC mode prompt.
Task 9: Enter the Command show interface serial 0 on BrasiliaBrasilia#show interface serial 0
Brasilia#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
LCP Open
Open: IPCP, CDPCP
Last input 00:00:00, output 00:00:01, output hang never
Last clearing of “show interface” counters 00:01:04
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Chapter 3: PPP 107
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
7 packets input, 945 bytes, 0 no buffer
Received 7 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
4 packets output, 362 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
The encapsulation type is PPP.
Task 10: Enter the Command show interface serial 0 on WarsawWarsaw#show interface serial 0
Warsaw#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
LCP Open
Open: IPCP, CDPCP
Last input 00:00:01, output 00:00:03, output hang never
Last clearing of “show interface” counters 00:01:11
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
5 packets input, 386 bytes, 0 no buffer
Received 5 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
8 packets output, 1228 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
The encapsulation type is PPP.
108 WAN Technologies CCNA 4 Labs and Study Guide
Task 11: Verify That the Serial Connection Is FunctioningStep 1. Ping the other router to verify that there is connectivity between the two routers.
Brasilia#ping 192.168.15.2
Warsaw#ping 192.168.15.1
Brasilia#ping 192.168.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
84 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.4 Copyright ? 2003, CiscoSystems, Inc.
Brasilia#
Warsaw#ping 192.168.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
Warsaw#
From Brasilia, can you ping the Warsaw router’s serial interface? Yes
From Warsaw, can you ping the Brasilia router’s serial interface? Yes
Step 2. If the answer is no for either question, troubleshoot the router configurations to find the error.Then, do the pings again until the answer to both questions is yes.
Step 3. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then,remove and store the cables and adapter.
Brasilia
Router#configure terminal
Router(config)#hostname Brasilia
Brasilia(config)#enable password cisco
Brasilia(config)#enable secret class
Brasilia(config)#line vty 0 4
Brasilia(config-line)#password cisco
Brasilia(config-line)#login
Brasilia(config-line)#line con 0
Brasilia(config-line)#password cisco
Brasilia(config-line)#login
Brasilia(config-line)#interface serial 0
Brasilia(config-if)#ip address 192.168.15.1 255.255.255.0
Brasilia(config-if)#clock rate 64000
Warsaw(config-if)#encapsulation ppp
Brasilia(config-if)#no shutdown
Brasilia(config-if)#exit
Brasilia(config)#exit
Brasilia#copy running-config startup-config
Chapter 3: PPP 109
! Warsaw
Router#configure terminal
Router(config)#hostname Warsaw
Warsaw(config)#enable password cisco
Warsaw(config)#enable secret class
Warsaw(config)#line vty 0 4
Warsaw(config-line)#password cisco
Warsaw(config-line)#login
Warsaw(config-line)#line console 0
Warsaw(config-line)#password cisco
Warsaw(config-line)#login
Warsaw(config-line)#
Warsaw(config-line)#
Warsaw(config-line)#interface serial 0
Warsaw(config-if)#ip address 192.168.15.2 255.255.255.0
Warsaw(config-if)#encapsulation ppp
Warsaw(config-if)#no shutdown
Warsaw(config-if)#exit
Warsaw(config)#exit
Warsaw#copy running-config startup-config
Curriculum Lab 3-5: Troubleshooting PPP Configuration(3.3.5)Figure 3-5 Topology for Lab 3-5
Table 3-5 Lab Equipment Configuration
Router Designation Router Name Interface Type Serial 0 Address
Router 1 London DCE 192.168.15.1
Router 2 Paris DTE 192.168.15.2
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
The subnet mask for both routers is 255.255.255.0.
110 WAN Technologies CCNA 4 Labs and Study Guide
Objectives
■ Configure a PPP on the serial interfaces of two routers.
■ Use show and debug commands to troubleshoot connectivity issues.
Background/Preparation
Cable a network that is similar to the one in Figure 3-5. You can use any router that meets the interfacerequirements in Figure 3-5 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 3-5. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Configure the Paris Interface Configure the Paris router serial interface as follows:
Paris(config)#interface serial 0
Paris(config-if)#ip address 192.168.15.2 255.255.255.0
Paris(config-if)#clock rate 56000
Paris(config-if)#no shutdown
Paris(config-if)#exit
Paris(config)#exit
Task 3: Configure the London Interface Configure the London router serial interface as follows:
London(config)#interface serial 0
London(config-if)#ip address 192.168.15.1 255.255.255.0
London(config-if)#encapsulation ppp
London(config-if)#no shutdown
London(config-if)#exit
London(config)#exit
Task 4: Save the ConfigurationTo save the Paris and London router serial interface configurations, use the following commands:
Paris#copy running-config startup-config
London#copy running-config startup-config
Chapter 3: PPP 111
Task 5: Enter the Command show interface serial 0 (See Appendix C) on London
London#show interface serial 0
This shows the details of interface serial 0.
London#show interface serial 0
Serial0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 192.168.15.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Listen
Closed: IPCP, CDPCP
Last input never, output never, output hang never
Last clearing of “show interface” counters 00:00:27
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/2/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
2 packets output, 28 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 output buffer failures, 0 output buffers swapped out
2 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
List the following information discovered from issuing this command:
■ Serial 0 is up, and line protocol is down.
■ What type of problem is indicated in the last statement? Encapsulation
■ The Internet address is 192.168.15.1.
■ The encapsulation type is PPP.
Task 6: Enter the Command show interface serial 0 (SeeAppendix C) on Paris
Paris#show interface serial 0
This shows the details of interface serial 0.
Paris#show interface serial 0
112 WAN Technologies CCNA 4 Labs and Study Guide
Serial0 is up, line protocol is down
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of “show interface” counters 00:04:02
91 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.5 Copyright ? 2003, Cisco Systems,Inc.
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
19 packets output, 1230 bytes, 0 underruns
0 output errors, 0 collisions, 14 interface resets
0 output buffer failures, 0 output buffers swapped out
DCD=up DSR=up DTR=up RTS=up CTS=up
List the following information discovered from issuing this command:
■ Serial 0 is up, and line protocol is down.
■ The Internet address is 192.168.15.2.
■ The encapsulation type is HDLC.
■ To what OSI layer does “Encapsulation” refer? Layer 2
If the serial interface were configured, why did the show interface serial 0 output show that the interfaceis down?
The clock rate is not set on the London DCE, and encapsulation is HDLC on Paris.
Task 7: Correct the Clock LocationThe clock rate statement has been placed on the wrong interface. It is currently placed on the Paris router,but the London router is the DCE. Remove the clock rate statement from the Paris router by using the noversion of the command, and then add it to the configuration for the London router.
London#configure terminal
End (config)#interface serial 0
London(config-if)#clock rate 56000
London(config-if)#exit
Chapter 3: PPP 113
Task 8: Enter the Command show cdp neighbors on LondonLondon#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
Is there output from the command? No
Should there be output? No
Task 9: Enter the Command debug ppp negotiation on LondonIt might take 60 seconds or more before output occurs.
London#
00:07:48: Se0 LCP: TIMEout: State REQsent
00:07:48: Se0 LCP: O CONFREQ [REQsent] id 77 len 10
00:07:48: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6)
00:07:50: Se0 LCP: TIMEout: State REQsent
00:07:50: Se0 LCP: O CONFREQ [REQsent] id 78 len 10
00:07:50: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6)
00:07:52: Se0 LCP: TIMEout: State REQsent
00:07:52: Se0 LCP: O CONFREQ [REQsent] id 79 len 10
00:07:52: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6)
00:07:54: Se0 LCP: TIMEout: State REQsent
00:07:54: Se0 LCP: O CONFREQ [REQsent] id 80 len 10
00:07:54: Se0 LCP: MagicNumber 0x09BEEBE6 (0x050609BEEBE6)
00:07:56: Se0 LCP: TIMEout: State REQsent
00:07:56: Se0 LCP: State is Listen
00:08:26: Se0 LCP: TIMEout: State Listen
00:08:26: Se0 LCP: O CONFREQ [Listen] id 81 len 10
00:08:26: Se0 LCP: MagicNumber 0x09BFAF37 (0x050609BFAF37)
00:08:28: Se0 LCP: TIMEout: State REQsent
00:08:28: Se0 LCP: O CONFREQ [REQsent] id 82 len 10
00:08:28: Se0 LCP: MagicNumber 0x09BFAF37 (0x050609BFAF37)
Is there output? Yes
What is the output saying? Request timeout
Is there a problem with PPP encapsulation on the London router or the Paris router? Paris
Why? PPP encapsulation is not set.
What encapsulations were listed for the interfaces?
London? PPP
Paris? HDLC
Is there an issue with the preceding answers? Yes
What is the issue? Router interface encapsulations do not match.
114 WAN Technologies CCNA 4 Labs and Study Guide
Task 10: Enter the command debug ppp negotiation on ParisEnter the command debug ppp negotiation on the Paris router at the privileged EXEC mode prompt.
Is there output from the debug command? No
Task 11: Correct the Encapsulation TypeConvert the encapsulation to PPP on the Paris router.
Is there output from the debug command? Yes
Does it confirm link establishment? Yes
Paris#configure terminal
Paris(config)#interface serial 0
Paris(config-if)#encapsulation ppp
Paris(config-if)#
00:09:48: Se0 PPP: Phase is DOWN, Setup [0 sess, 0 load]
00:09:48: Se0 PPP: Using default call direction
00:09:48: Se0 PPP: Treating connection as a dedicated line
00:09:48: Se0 PPP: Phase is ESTABLISHING, Active Open [0 sess, 0 load]
00:09:48: Se0 LCP: O CONFREQ [Closed] id 1 len 10
00:09:48: Se0 LCP: MagicNumber 0x09F12828 (0x050609F12828)
00:09:48: Se0 LCP: I CONFREQ [REQsent] id 101 len 10
00:09:48: Se0 LCP: MagicNumber 0x09C0E151 (0x050609C0E151)
00:09:48: Se0 LCP: O CONFACK [REQsent] id 101 len 10
00:09:48: Se0 LCP: MagicNumber 0x09C0E151 (0x050609C0E151)
00:09:48: Se0 LCP: I CONFACK [ACKsent] id 1 len 10
00:09:48: Se0 LCP: MagicNumber 0x09F12828 (0x050609F12828)
00:09:48: Se0 LCP: State is Open
00:09:48: Se0 AUTH: Started process 0 pid 23
00:09:48: Se0 PPP: Phase is UP [0 sess, 0 load]
00:09:48: Se0 IPCP: O CONFREQ [Closed] id 1 len 10
00:09:48: Se0 IPCP: Address 192.168.15.2 (0x0306C0A80F02)
00:09:48: Se0 CDPCP: O CONFREQ [eClosed] id 1 len 4
00:09:48: Se0 IPCP: I CONFREQ [REQsent] id 1 len 10
93 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 3.3.5 Copyright ? 2003, Cisco Systems,Inc.
00:09:48: Se0 IPCP: Address 192.168.15.1 (0x0306C0A80F01)
00:09:48: Se0 IPCP: O CONFACK [REQsent] id 1 len 10
00:09:48: Se0 IPCP: Address 192.168.15.1 (0x0306C0A80F01)
00:09:48: Se0 CDPCP: I CONFREQ [REQsent] id 1 len 4
00:09:48: Se0 CDPCP: O CONFACK [REQsent] id 1 len 4
00:09:48: Se0 IPCP: I CONFACK [ACKsent] id 1 len 10
00:09:48: Se0 IPCP: Address 192.168.15.2 (0x0306C0A80F02)
00:09:48: Se0 IPCP: State is Open
00:09:48: Se0 CDPCP: I CONFACK [ACKsent] id 1 len 4
00:09:48: Se0 CDPCP: State is Open
00:09:48: Se0 IPCP: Install route to 192.168.15.1nd
Chapter 3: PPP 115
Task 12: Enter the command show interface serial 0 on ParisParis#show interface serial 0
End #show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 192.168.15.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of “show interface” counters 00:00:19
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10 packets input, 408 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
9 packets output, 388 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Serial0 is up, and line protocol is up.
The encapsulation type is PPP.
What is the difference between the Line and Protocol status recorded on Paris earlier? Why?
Both are up. Proper configuration of the serial interfaces
Task 13: Verify That the Serial Connection Is Functioning byPinging the Serial Interface of the Other Router
London#ping 192.168.15.1
Paris#ping 192.168.15.2
Paris#ping 192.168.15.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.1, timeout is 2 seconds:
116 WAN Technologies CCNA 4 Labs and Study Guide
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms
London#ping 192.168.15.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms
From London, can you ping the serial interface on the Paris router? Yes
From Paris, can you ping the serial interface on the London router? Yes
If the answer is no for either question, troubleshoot the router configurations to find the error. Then, do thepings again until the answer to both questions is yes.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Paris
Router#configure terminal
Paris(config)#hostname Paris
Paris(config)#enable password cisco
Paris(config)#enable secret class
Paris(config)#line vty 0 4
Paris(config-line)#password cisco
Paris(config-line)#login
Paris(config-line)#line con 0
Paris(config-line)#password cisco
Paris(config-line)#login
Paris(config-line)#exit
Paris(config-line)#interface serial 0
Paris(config-if)#ip address 192.168.15.2 255.255.255.0
Paris(config-if)#encapsulation ppp
Paris(config-if)#no shutdown
Paris(config-if)#exit
Paris(config)#exit
Paris#exit
Paris#copy running-config startup-config
! London
Router#configure terminal
Router(config)#hostname London
London(config)#enable password cisco
London(config)#enable secret class
London(config)#line vty 0 4
London(config-line)#password cisco
London(config-line)#login
London(config-line)#line console 0
London(config-line)#password cisco
Chapter 3: PPP 117
London(config-line)#login
London(config-line)#exit
London(config)#interface serial 0
London(config-if)#ip address 192.168.15.1 255.255.255.0
London(config-if)#encapsulation ppp
London(config-if)#no shutdown
London(config-if)#clock rate 56000
London(config-if)#exit
London(config)#exit
London#copy running-config startup-config
Challenge Lab 3-6: Configuring PPP with NAT, DHCP, andVLANs
You are a newly hired network administrator for a start-up company (ACME) that wants to you to create asecure connection to an ISP. You are also responsible for IP addressing, VLAN assignment, DHCP, andNAT. Figure 3-6 shows the network topology for this lab.
Figure 3-6 Network Topology for Lab 3-6
Objectives
■ Configure PPP with authentication.
■ Configure DHCP, NAT, and PAT.
■ Configure the ISP as a web server and verify connectivity via a web browser from hosts on the ACMELAN.
Task 1Step 1. Cable the equipment.
Step 2. Protect the privileged mode using an encrypted password of class.
Step 3. Ensure that the command output is not interrupted by router output.
Step 4. Restrict remote access to devices using cisco as the password.
router#config t
router(config)#hostname ACME
ACME(config)#enable secret class
118 WAN Technologies CCNA 4 Labs and Study Guide
Lo0192.172.10.1/30
Web ServerISPACMEACME_Switch S0/0200.100.37.1/26
S0/0200.100.37.2/26
DTEDCEFa0/1 Fa0/0
VLAN1
Ports2–5
14 Hosts
VLAN10Ports6–1030 Hosts
VLAN
20
Ports
11–15
60 Hosts
ACME LAN Address Pool192.168.100.0/24
ACME(config)#line con 0
ACME(config-line)#logging synchronous
ACME(config)#line vty 0 4
ACME(config-line)#password cisco
ACME(config-line)#login
ACME(config-line)#exit
ACME(config)#
router#config t
router(config)#hostname ISP
ISP(config)#enable secret class
ISP(config)#line con 0
ISP(config-line)#logging synchronous
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#
switch#config t
switch(config)#hostname ACME_Switch
ACME_Switch(config)#enable secret class
ACME_Switch(config)#line con 0
ACME_Switch(config-line)#logging synchronous
ACME_Switch(config)#line vty 0 15
ACME_Switch(config-line)#password cisco
ACME_Switch(config-line)#login
ACME_Switch(config-line)#exit
ACME_Switch(config)#
Task 2Step 1. Based on the diagram in Figure 3-6, create an addressing scheme to accommodate users on the
ACME LAN.
Step 2. Create three VLANs on ACME_Switch:
■ VLAN 1: default name
■ VLAN 10: Marketing VLAN
■ VLAN 20: HR_Dept
Step 3. Assign VLANs to the appropriate interfaces based on the diagram in Figure 3-6.
Step 4. Configure inter-VLAN routing on the ACME router.
Router configuration:
ACME(config)#int fa0/0
ACME(config-if)#no shut
ACME(config-if)#int fa0/0.1
Chapter 3: PPP 119
ACME(config-if)#description VLAN1
ACME(config-if)#encapsulation dot1q 1 native
ACME(config-if)#ip address 192.168.100.97 255.255.255.240
ACME(config-if)#int fa0/0.10
ACME(config-if)#description Marketing
ACME(config-if)#encapsulation dot1q 10
ACME(config-if)#ip address 192.168.100.65 255.255.255.224
ACME(config-if)#int fa0/0.20
ACME(config-if)#description HR_Dept
ACME(config-if)#encapsulation dot1q 20
ACME(config-if)#ip address 192.168.100.1 255.255.255.192
Switch configuration:
ACME_Switch#vlan database
ACME_Switch(vlan)#vlan 10 name Marketing
ACME_Switch(vlan)#vlan 20 name HR_Dept
ACME_Switch(vlan)#exit
ACME_Switch#config t
ACME_Switch(config-if)#int fa0/1
ACME_Switch(config-if)#switchport mode trunk
ACME_Switch(config-if)#int fa0/6
ACME_Switch(config-if)#switchport access vlan 10
ACME_Switch(config-if)#int fa0/7
ACME_Switch(config-if)#switchport access vlan 10
ACME_Switch(config-if)#int fa0/8
ACME_Switch(config-if)#switchport access vlan 10
ACME_Switch(config-if)#int fa0/9
ACME_Switch(config-if)#switchport access vlan 10
ACME_Switch(config-if)#int fa0/10
ACME_Switch(config-if)#switchport access vlan 10
ACME_Switch(config-if)#int fa0/11
ACME_Switch(config-if)#switchport access vlan 20
ACME_Switch(config-if)#int fa0/12
ACME_Switch(config-if)#switchport access vlan 20
ACME_Switch(config-if)#int fa0/13
ACME_Switch(config-if)#switchport access vlan 20
ACME_Switch(config-if)#int fa0/14
ACME_Switch(config-if)#switchport access vlan 20
ACME_Switch(config-if)#int fa0/15
ACME_Switch(config-if)#switchport access vlan 20
ACME_Switch(config-if)#int vlan1
ACME_Switch(config-if)#ip address 192.168.100.98 255.255.255.240
ACME_Switch(config-if)#no shut
ACME_Switch(config-if)#exit
ACME_Switch(config)#ip default-gateway 192.168.100.97
120 WAN Technologies CCNA 4 Labs and Study Guide
Task 3Step 1. Configure the ACME router as a DHCP server.
Step 2. Create a separate DHCP pool for each subnet.
Step 3. Exclude the first three addresses from each DHCP pool.
Step 4. Verify that the workstations obtain the correct information from the server.
DHCP commands:
ACME(config)#ip dhcp excluded-address 192.168.100.1 192.168.100.3
ACME(config)#ip dhcp excluded-address 192.168.100.65 192.168.100.68
ACME(config)#ip dhcp excluded-address 192.168.100.97 192.168.100.100
ACME(config)#ip dhcp pool VLAN1
ACME(dhcp-config)#network 192.168.100.96 255.255.255.240
ACME(dhcp-config)#default-router 192.168.100.97
ACME(dhcp-config)#exit
ACME(config)#ip dhcp pool Marketing
ACME(dhcp-config)#network 192.168.100.64 255.255.255.224
ACME(dhcp-config)#default-router 192.168.100.65
ACME(dhcp-config)#exit
ACME(config)#ip dhcp pool HR_Dept
ACME(dhcp-config)#network 192.168.100.0 255.255.255.192
ACME(dhcp-config)#default-router 192.168.100.1
Task 4Step 1. Use the spare addresses from the WAN link to create your NAT pools.
Step 2. Configure dynamic NAT for VLAN 1 and the Marketing VLAN.
Step 3. Use one global address for HR_Dept to access the outside world.
NAT commands:
ACME(config)#ip nat pool VLAN1 200.100.37.3 200.100.37.17 netmask255.255.255.192
ACME(config)#ip nat pool Marketing 200.100.37.18 200.100.37.48 netmask255.255.255.192
ACME(config)#ip nat pool HR_Dept 200.100.37.49 200.100.37.49 netmask255.255.255.192
ACME(config)#access-list 1 permit 192.168.100.96 0.0.0.15
ACME(config)#access-list 2 permit 192.168.100.64 0.0.0.31
ACME(config)#access-list 3 permit 192.168.100.0 0.0.0.63
ACME(config)#ip nat inside source list 1 pool VLAN1
ACME(config)#ip nat inside source list 2 pool Marketing
ACME(config)#ip nat inside source list 3 pool HR_Dept overload
ACME(config-if)#int fa0/0.1
ACME(config-if)#ip nat inside
ACME(config-if)#int fa0/0.10
ACME(config-if)#ip nat inside
ACME(config-if)#int fa0/0.20
ACME(config-if)#ip nat inside
Chapter 3: PPP 121
Task 5Configure both routers to use PPP as the encapsulation protocol.
PPP encapsulation commands:
ACME(config)#int s0/0
ACME(config-if)#encapsulation ppp
ISP(config)#int s0/0
ISP(config-if)#encapsulation ppp
Task 6Configure a secure authentication on both routers that protects against callback.
CHAP commands:
ACME(config)#int s0/0
ACME(config-if)#ppp authentication chap
ACME(config)#username ISP password cisco
ISP(config)#int s0/0
ISP(config-if)#ppp authentication chap
ISP(config)#username ACME password cisco
Task 7Verify the configuration using the appropriate commands. Do not limit yourself to using only the showrunning-config command. The lab is accomplished when all hosts can access the web server via the webbrowser.
ACME#show running-config
hostname ACME
!
enable secret 5 $1$Pp3L$otAkhDxd956.DcsYZqcwd0
!
username ISP password 0 cisco
ip subnet-zero
ip dhcp excluded-address 192.168.100.1 192.168.100.3
ip dhcp excluded-address 192.168.100.65 192.168.100.68
ip dhcp excluded-address 192.168.100.97 192.168.100.100
!
ip dhcp pool VLAN1
network 192.168.100.96 255.255.255.240
default-router 192.168.100.97
!
ip dhcp pool Marketing
network 192.168.100.64 255.255.255.224
default-router 192.168.100.65
!
122 WAN Technologies CCNA 4 Labs and Study Guide
ip dhcp pool HR_Dept
network 192.168.100.0 255.255.255.192
default-router 192.168.100.1
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
no shut
!
interface FastEthernet0/0.1
description VLAN1
encapsulation dot1Q 1 native
ip address 192.168.100.97 255.255.255.240
ip nat inside
!
interface FastEthernet0/0.10
description Marketing
encapsulation dot1Q 10
ip address 192.168.100.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description HR_Dept
encapsulation dot1Q 20
ip address 192.168.100.1 255.255.255.192
ip nat inside
!
interface Serial0/0
ip address 200.100.37.2 255.255.255.192
ip nat outside
encapsulation ppp
ppp authentication chap
no shut
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
Chapter 3: PPP 123
ip nat pool vlan1 200.100.37.3 200.100.37.17 netmask 255.255.255.0
ip nat pool Marketing 200.100.37.18 200.100.37.48 netmask 255.255.255.0
ip nat pool hrdept 200.100.37.49 200.100.37.49 netmask 255.255.255.0
ip nat inside source list 1 pool vlan1
ip nat inside source list 2 pool Marketing
ip nat inside source list 3 pool HR_Dept overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
no ip http server
!
!
access-list 1 permit 192.168.100.96 0.0.0.15
access-list 2 permit 192.168.100.64 0.0.0.31
access-list 3 permit 192.168.100.0 0.0.0.63
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
no scheduler allocate
end
ISP#show running-config
hostname ISP
!
enable secret 5 $1$IV8q$i0rJSg6vBuxcKzLVXGb/01
!
username ACME password 0 cisco
ip subnet-zero
!
!
!
!
!
interface Loopback0
description Web Server
ip address 192.172.10.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
124 WAN Technologies CCNA 4 Labs and Study Guide
speed auto
!
interface Serial0/0
ip address 200.100.37.1 255.255.255.192
encapsulation ppp
clockrate 56000
ppp authentication chap
no shut
!
interface Serial0/1
no ip address
shutdown
ip route 192.168.100.0 255.255.255.0 s0/0
!
ip classless
ip http server
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
no scheduler allocate
end
ACME_Switch#show running-config
hostname ACME_switch
!
enable secret 5 $1$/HXH$FrVwLK/aQBNXXnpL4YMxX/
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
Chapter 3: PPP 125
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
switchport access vlan 20
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport access vlan 20
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
126 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.100.98 255.255.255.0
no shut
no ip route-cache
!
ip default-gateway 192.168.100.97
ip http server
!
line con 0
logging synchronous
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
end
Chapter 3: PPP 127
This page intentionally left blank
CHAPTER 4
ISDN and DDR
The Study Guide portion of this chapter uses a combination of multiple-choice and open-ended questionexercises to test your knowledge of the theory of ISDN standards, concepts, and reference points.
The Lab Exercises portion of this chapter includes all the online curriculum labs and a challenge lab toensure that you have mastered the practical, hands-on skills needed for dialer interfaces, dialer maps, anddialer profiles.
Study Guide
ISDN ConceptsISDN is a WAN technology that serves as a solution for offices using digitized phone lines. ISDN allowsfor faster call setup and transfer of data, video, and audio than traditional analog dialup. Call setup and ter-mination are done on a separate channel (D or delta channel), which is called out-of-band signaling. Datais transmitted over a separate channel called the B or bearer channel. Each B channel provides 64 kbps ofbandwidth, whereas the D channel has 16 kbps of bandwidth (ISDN Basic Rate Interface [BRI]) or 64kbps (ISDN Primary Rate Interface [PRI]). ISDN PRI in North America consists of 23 B channels and oneD channel. It is an inexpensive, cost-effective alternative to a dedicated T1 connection. The Europeanequivalent to an ISDN PRI is called an E. It consists of 30 B channels and a single D channel.
ISDN has three sets of standards:
■ The E protocols, which define the telephone network standards
■ The I protocols, which relate to ISDN concepts and terms
■ The Q protocols, which determine the operation of signaling and switching
During the call setup process, the phone number is transmitted to the local ISDN switch via the D channel.It is then forwarded to another ISDN switch using the Signaling System 7 (SS7) signaling protocol. Thenumber is passed to the destination, which sends its acknowledgment back through the ISDN switches tothe caller; from here, the connection is officially established. Switch types that give a set of call setupneeds must also be configured depending on which type the service provider is using. Service provideridentifiers (SPIDs) are also provided by the Internet service provider (ISP) as a mandatory component toconnect to the local ISDN switch. SPIDs are actually phone lines that are dialed to establish a connection.
Concept Questions1. Compare ISDN BRI and PRI.
ISDN BRI uses two B channels and one D channel. ISDN PRI uses 23 B channels and one D channel.In ISDN BRI, the D channel has a bandwidth of 16 kbps, whereas ISDN PRI’s D channel has a band-width of 64 kbps.
2. Explain the function of the ISDN delta and bearer channels.
The bearer channel is used to transport user data. This could be voice, video, or data that can consistof e-mails, FTP, or even Telnet traffic. The delta channel is for call setup and termination. It also pro-vides out-of-band signaling.
3. Explain the difference between in-band and out-of-band signaling.
Out-of-band signaling is when call setup and termination are done on a channel separate from thechannel used to transport data. ISDN is an example of out-of-band signaling, which is done on thedelta channel. In-band signaling occurs where data transport and call setup and termination are alldone on the same line. An example of in-band signaling is the Public Switched Telephone Network(PSTN).
130 WAN Technologies CCNA 4 Labs and Study Guide
Chapter 4: ISDN and DDR 131
ISDN ConfigurationISDN BRI must be configured with the switch type and SPIDs. The switch type can be configured ineither global configuration mode or interface mode. You use global configuration mode when connectingto multiple switches that are of the same type. You use interface mode when connecting to multiple switch-es of different types. This requires the exact switch type to be configured on the appropriate interface. Inglobal configuration mode, configure the switch type using the command isdn switch-type switch-type.
You can set up two SPIDs on ISDN BRI, one for each B channel. Go into the BRI interface and enter isdnspid1 [spid-number] and isdn spid2 [spid-number].
In ISDN PRI, you must also configure the switch type. Specify in global configuration mode where the T1/E1card is located with the command controller [t1 | e1] slot/port. This is similar to going into an interface.
When inside controller mode, set the framing with either framing [sf | esf] when configuring T1 lines orframing [crc4 | no-crc4] for E1 lines. Also, inside controller mode, you must specify the signaling withthe command linecode [ami | b8zs | hdb3]. To verify all configurations, use the commands show isdnactive, show dialer, and show interface bri [slot/port].
Concept Questions1. Explain the purpose of identifying the appropriate ISDN switch type.
The purpose of a switch type is to establish communication between the carrier’s network and yournetwork. Switch types vary depending on the country or part of the country in which you are located.Each switch type has different call setup requirements, making it impossible to connect when config-ured incorrectly.
2. Explain the function of a SPID.
Each SPID represents a separate channel (bearer channel) in your carrier’s network. The number con-sists of a “phone” number and a carrier identifier. When interesting traffic turns the line on, the“phone” number associated with the SPID is dialed, and the call is placed.
3. What information appears when you enter the show isdn active command?
The show isdn active command displays the number called and the time remaining on the call.
DDR ConfigurationDial-on-demand routing (DDR) is a method that allows the ISDN line to be triggered only when certaintypes of traffic, called interesting traffic, attempt to cross the line. This interesting traffic is filtered by a setof predetermined criteria set in a dialer list. When the line is turned on, all traffic can cross, even that con-sidered “boring.” After all interesting traffic has finished crossing the ISDN line, the line terminates untilthe next batch of interesting traffic passes through. To specify what the interesting traffic will be, use thedialer-list command. For example, to allow all IP traffic to be considered interesting, you use the com-mand dialer-list 1 protocol ip permit. You must apply the dialer list to the interface with the commanddialer-group [list-number].
Legacy DDR is a basic method of setting up dialer characteristics that must be applied to an interface.Setting up legacy DDR requires configuring static routes and dialer information and predetermining inter-esting traffic. The dialer information consists of the dialer map, encapsulation, authentication, and idletimeout. To configure the dialer map, use the command dialer map [protocol] [next-hop-address] name[hostname] [dial-string] while inside the interface. Use the dialer idle-timeout command on the interfaceto specify when the line will disconnect after all interesting traffic has been transmitted.
A more flexible alternative to dialer maps is dialer profiles. Instead of statically configuring dialer parame-ters onto an interface and changing them every time the call setup requirements change, dialer profiles areautomatically assigned to the interface every time the call requirements change. Create a dialer profile withthe command interface dialer [number], and assign the profile with the encapsulation, an IP address, anda dialer string using the command dialer remote-name [name]. Go into the physical ISDN interface anduse the command dialer pool-member [pool-number] priority [number] to make the interface part of adialer pool. If multiple calls are placed simultaneously, the pool with the highest priority dials out first.Verify all DDR configurations with the commands show isdn status, show isdn active, and show dialer.
Concept Questions1. Why is it better to use static routes rather than dynamic routes across an ISDN connection?
Static routes are used rather than dynamic routes because they do not send periodic updates that cantrigger the line and take away the cost-effectiveness of ISDN.
2. Explain the function of a SPID within a dialer map.
The SPID identifies the actual “phone” line used in the carrier’s network that data will be sent across.It can also be called the circuit that establishes the connection from end to end.
3. Compare a dialer map to a dialer profile.
A dialer map is a manual mapping of a destination to the circuit being used (SPID). A different dialermap must be configured for each location. Dialer profiles can be set for various locations with differ-ent criteria and applied to the ISDN interface. Dialer profiles are more scalable and flexible thandialer maps.
Chapter Review QuestionsFor multiple-choice questions 1 through 20, circle the correct answers. Some questions have more thanone answer.
1. What are the benefits of ISDN? (Select three)
A. Always-on connection
B. Cost-effective
C. Faster call setup and termination
D. Fiber connection
E. Can transport video, voice, and data simultaneously
2. What set of protocols deal with ISDN telephone network standards?
A. I protocols
B. Q protocols
C. IEEE protocols
D. E protocols
E. HDLC-derived protocols
132 WAN Technologies CCNA 4 Labs and Study Guide
3. Which channel in ISDN is used for call setup and termination?
A. B channel
B. D channel
C. C channel
D. BRI channel
E. PRI channel
4. In North America, ISDN PRI uses 23 bearer channels and one delta channel to equal the bandwidth ofa T1. What does this make ISDN PRI most efficient for?
A. A substitute for using a T1 line
B. A fallback in case the original line malfunctions
C. No efficiency whatsoever
D. Primary always-on connection
5. Which device in an ISDN connection is responsible for converting the four-wire signal to a two-wiredigitized ISDN signal?
A. TA
B. TE1
C. NT2
D. NT1
E. TE2
6. What factors affect which switch type a private network will use on its ISDN router? (Select two)
A. Switch type used by the carrier
B. Protocols that are being run
C. Country/region of the private network
D. Whether the connection is BRI or PRI
E. SPIDs being used
7. What modes on a router can a switch type be configured in? (Select two)
A. Router>
B. Router#
C. Router(config)#
D. Router(config-if)#
E. Router(config-subif)#
8. On ISDN BRI, what is the maximum number of SPIDs you can configure per bearer channel?
A. 1
B. 2
C. 3
D. The SPID is configured for the BRI interface.
E. None
Chapter 4: ISDN and DDR 133
9. What command enables you to make configurations when using ISDN PRI?
A. Router(config)#interface pri slot/port
B. Router(config)#interface t1/e1 slot/port
C. Router(config)#controller pri slot/port
D. Router(config)#controller t1/e1 slot/port
E. Router(config)#interface pri t1/e1
10. What command shows the time remaining on an ISDN call?
A. show isdn status
B. show isdn active
C. show interface bri0/0
D. debug isdn q921
E. show running-configuration
11. How do you configure DDR? (Select three)
A. Determine interesting traffic with a dialer list.
B. Set up static routes.
C. Disable ISDN before setting up DDR.
D. Set up dialer maps.
E. DDR is on by default on Cisco routers.
12. When configuring dialer information, what are the requirements for setup? (Select three)
A. Encapsulation
B. Dialer maps
C. Access lists
D. Idle timeouts
E. Static routes
13. What are some advantages of using dialer profiles over legacy DDR and dialer maps? (Select three)
A. One ISDN interface can take on different characteristics based on the calls.
B. You can configure each B channel on a different subnet.
C. All aspects of dialer profiles are dynamic and do not have to be configured.
D. Each B channel can have different DDR parameters.
E. Dialer profiles have no advantages.
14. What command assigns an ISDN interface to a dialer pool?
A. Router(config-if)#dialer pool-member number
B. Router(config)#interface bri slot/port dialer-pool member number
C. Router(config-if)#ip assign dialer pool-member number
D. Router(config)#dialer pool-member number
E. Router(config-if)#pool-member dialer number
134 WAN Technologies CCNA 4 Labs and Study Guide
15. Which command displays information about the BRI interface’s three layers?
A. show isdn status
B. show isdn active
C. show interface bri0/0
D. debug isdn q921
E. debug isdn q931
16. What command helps troubleshoot call setup and termination?
A. debug ppp error
B. debug isdn q931
C. debug ppp negotiation
D. debug isdn q921
E. debug ppp authentication
17. What is the name of the reference point that connects the customer’s switching device and enablescalls between the various types of customer premises equipment?
A. R
B. S
C. T
D. U
E. NT1
F. NT2
18. A dialer profile consists of which three elements?
A. Dialer interface
B. Dialer pool
C. Virtual interface
D. Physical interface
E. Static routes
F. Dynamic routes
19. What does an ISDN PRI use for T1/E1 connections?
A. ISDN switch
B. DTE
C. DCE
D. CSU/DSU
E. LMI extensions
20. Each TE1 must be manually or statically assigned a unique identifier. What range of numbers is usedwhen statically assigning an identifier to a TE1 device?
A. 0–63
B. 1–63
C. 64–126
D. 64–128
Chapter 4: ISDN and DDR 135
Lab Exercises
Curriculum Lab 4-1: Configuring ISDN BRI (U-Interface)(4.2.1)Figure 4-1 Topology for Lab 4-1
Table 4-1 Lab Equipment Configuration
Router Router Fast Ethernet0 BRI 0 Address Adtran Designation Name Address/Subnet Mask Connection
Router 1 Ottawa 192.168.14.1/24 — BRI 1
The enable secret password for this router is class.
The enable, vty, and console password for this router is cisco.
Objective
■ Configure an ISDN router to make a successful connection to a local ISDN switch.
Background/Preparation
This lab assumes that a router with an ISDN BRI U interface is available. An Adtran Atlas550 ISDN emu-lator is used to simulate the ISDN switch and cloud. If an ISDN router is not available, review the lab andperform as many noninterface commands as possible.
Cable a network that is similar to the one in Figure 4-1. You can use any router that meets the interfacerequirements in Figure 4-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C, “Router Interface Summary Chart,” to correctly specify the interface identi-fiers based on the equipment in your lab. The 1721 series routers produced the configuration output in thislab. Another router might produce slightly different output. Execute the following tasks on each routerunless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E, “Erasing and Reloading the Router,” on all routersbefore you continue with this lab.
Task 1: Configure the RouterConfigure the hostname, console, vty, and enable passwords according to Table 4-1.
136 WAN Technologies CCNA 4 Labs and Study Guide
Task 2: Verify the ISDN BRI Switch TypeNot all ISDN switch types are the same worldwide, so the first step is to configure the ISDN TE1 device(the router) to tell it what ISDN switch type is in use. The ISDN telco provider provides this information.In this case, the ISDN switch type, which the Adtran simulator supports, is National ISDN-1 (NorthAmerica) and is configured on the router using the keyword basic-ni. To check the ISDN BRI status, issuethe following command before you issue configuration commands:
Ottawa#show isdn status
Ottawa#show isdn status
**** No Global ISDN Switchtype currently defined ****
ISDN BRI0 interface
dsl 0, interface ISDN Switchtype = none
Layer 1 Status:
DEACTIVATED
Layer 2 Status:
Layer 2 NOT Activated
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 0 CCBs = 0
The Free Channel Mask: 0x0
Number of L2 Discards = 0, L2 Session ID = 0
Total Allocated ISDN CCBs = 0
What is the Layer 1 status? Deactivated
What is the ISDN switch type? None
Task 3: Specify the Switch TypeStep 1. To specify the ISDN switch type, use the isdn switch-type command at the global configura-
tion mode prompt. You can review the different switch types that are available by using theisdn switch-type ? command:
Ottawa#configure terminal
Ottawa(config)#isdn switch-type ?
Ottawa(config)#isdn switch-type ?
basic-1tr6 1TR6 switch type for Germany
basic-5ess AT&T 5ESS switch type for the U.S.
basic-dms100 Northern DMS-100 switch type
basic-net3 NET3 switch type for UK and Europe
basic-ni National ISDN switch type
basic-qsig QSIG switch type
basic-ts013 TS013 switch type for Australia
ntt NTT switch type for Japan
vn3 VN3 and VN4 switch types for France
How many different switch types are available? 9
Step 2. To configure the router to communicate with a National ISDN-1 switch type, enter the following:
Ottawa(config)#isdn switch-type basic-ni
Chapter 4: ISDN and DDR 137
Task 4: Verify the Switch StatusCheck the state of the ISDN interface again:
Ottawa#show isdn status
Ottawa#show isdn status
Global ISDN Switchtype = basic-ni
ISDN BRI0 interface
dsl 0, interface ISDN Switchtype = basic-ni
Layer 1 Status:
DEACTIVATED
Layer 2 Status:
Layer 2 NOT Activated
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 0 CCBs = 0
The Free Channel Mask: 0x0
Number of L2 Discards = 0, L2 Session ID = 0
Total Allocated ISDN CCBs = 0
What is the Layer 1 status? Deactivated
What is the ISDN switch type? basic-ni
Task 5: Activate the BRI ConnectionActivate the ISDN BRI by using the no shutdown command at the interface configuration prompt:
Ottawa#configure terminal
Ottawa(config)#interface bri 0
Ottawa(config-if)#no shutdown
Task 6: Review the Switch StatusAt this stage, the ISDN BRI should be physically active, and one TEI should be negotiated. Enter the fol-lowing command to review the switch status:
Ottawa#show isdn status
Ottawa#show isdn status
Global ISDN Switchtype = basic-ni
ISDN BRI0 interface
dsl 0, interface ISDN Switchtype = basic-ni
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 0 CCBs = 0
The Free Channel Mask: 0x80000003
Number of L2 Discards = 0, L2 Session ID = 0
138 WAN Technologies CCNA 4 Labs and Study Guide
Total Allocated ISDN CCBs = 0
What is the Layer 1 status? Active
What is the ISDN switch type? basic-ni
Has the Layer 2 status changed? Yes
Task 7: Configure the ISDN SPIDsDepending on the region, you might have to specify ISDN SPIDs for the ISDN switch to respond to theISDN TE1 correctly. The SPIDs that the Adtran simulator supports are specified as isdn spid1 and isdnspid2. To configure the SPIDs, issue the following commands:
Ottawa(config)#interface bri 0
Ottawa(config-if)#isdn spid1 51055510000001 5551000
Ottawa(config-if)#isdn spid2 51055510010001 5551001
Task 8: Review the Switch StatusCheck the state of the ISDN interface again:
Ottawa#show isdn status
What does the output specify about SPID1?
TEI 64, ces = 1, state = 8(established)
spid1 configured, spid1 NOT sent, spid1 NOT valid
What does the output specify about SPID2?
TEI Not Assigned, ces = 2, state = 1(terminal down)
spid2 configured, spid2 NOT sent, spid2 NOT valid
If you examine this output carefully, you will see that the assigned SPID values have not been sent to theISDN switch and have not been verified. This is because you specified them after the ISDN interface wasenabled. To send the SPID values, you must reset the interface.
Task 9: Reset the InterfaceTo manually reset the ISDN BRI interface, issue the command clear interface bri 0. This command caus-es all ISDN parameters to be renegotiated. Issue the clear command on the router, and then check theISDN interface status. SPID1 and SPID2 are sent and validated:
Ottawa#clear interface bri 0
Ottawa#show isdn status
Ottawa#show isdn status
Global ISDN Switchtype = basic-ni
ISDN BRI0 interface
dsl 0, interface ISDN Switchtype = basic-ni
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 64, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
TEI = 65, Ces = 2, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Chapter 4: ISDN and DDR 139
TEI 64, ces = 1, state = 5(init)
spid1 configured, spid1 sent, spid1 valid
Endpoint ID Info: epsf = 0, usid = 70, tid = 1
TEI 65, ces = 2, state = 5(init)
spid2 configured, spid2 sent, spid2 valid
Endpoint ID Info: epsf = 0, usid = 70, tid = 2
Layer 3 Status:
0 Active Layer 3 Call(s)
Active dsl 0 CCBs = 0
The Free Channel Mask: 0x80000003
Number of L2 Discards = 0, L2 Session ID = 1
Total Allocated ISDN CCBs = 0
Have SPID1 and SPID2 been sent and verified? Yes
Task 10: Save the Configuration and RebootSave the configuration and reboot the router. This time, verify that the ISDN interface has correctly negoti-ated with the ISDN switch. Review activity on the ISDN interface by using the show isdn active com-mand:
Ottawa#copy running-config startup-config
Ottawa#reload
Ottawa#show isdn active
! Note to instructor: This is sample output and may not be identical to that producedlocally.
Ottawa#show isdn active
--------------------------------------------------------------
---------------------------------------
ISDN ACTIVE CALLS
--------------------------------------------------------------
---------------------------------------
Call Calling Called Remote Seconds Seconds Seconds
Charges
Type Number Number Name Used Left Idle
Units/Currency
--------------------------------------------------------------
---------------------------------------
Out 6120 Ottawa 165 74
45 0
The history table has a maximum of how many entries? 100
The history table data is retained for how long? 15 minutes
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Router>enable
Router#configure terminal
140 WAN Technologies CCNA 4 Labs and Study Guide
Router(config)#
Router(config)#hostname Ottawa
Ottawa(config)#enable password cisco
Ottawa(config)#enable secret class
Ottawa(config)#line console 0
Ottawa(config-line)#password cisco
Ottawa(config-line)#login
Ottawa(config-line)#exit
Ottawa(config)#line vty 0 4
Ottawa(config-line)#password cisco
Ottawa(config-line)#login
Ottawa(config-line)#exit
Ottawa(config)#interface bri 0
Ottawa(config-if)#isdn spid1 51055510000001 5551000
Ottawa(config-if)#isdn spid2 51055510010001 5551001
Ottawa(config-if)#no shutdown
Ottawa(config-if)#exit
Ottawa(config)#exit
Ottawa#copy running-config startup-config
Curriculum Lab 4-2: Configuring Legacy DDR (4.3.2)Figure 4-2 Topology for Lab 4-2
Table 4-2 Lab Equipment Configuration
Router Router Fast Ethernet0 SPID Numbers Phone Adtran Designation Name Address/Subnet Numbers Connection
Mask
Router 1 Tokyo 192.168.1.1/24 51055510000001 5551000 BRI 151055510010001 5551001
Router 2 Moscow 192.168.2.1/24 51055520000001 5552000 BRI 251055520010001 5552001
Chapter 4: ISDN and DDR 141
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
Objectives
■ Configure an ISDN router to make a legacy DDR call to another ISDN-capable router.
■ When the DDR connection is made successfully, augment the configuration to specify that only HTTPtraffic will bring up the link.
Background/Preparation
In this lab, two ISDN routers are required. If ISDN routers are not available, review the lab to becomefamiliar with the process. An Adtran Atlas550 ISDN emulator is used to simulate the switch/ISDN cloud.
Cable a network that is similar to the one in Figure 4-2. You can use any router that meets the interfacerequirements in Figure 4-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RouterConfigure the hostname, console, vty, and enable passwords according to Table 4-2. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Define the Switch Type and SPID NumbersYou must specify the switch type and SPID numbers on the routers:
Router(config)#hostname Tokyo
Tokyo(config)#enable secret class
Tokyo(config)#isdn switch-type basic-ni
Tokyo(config)#interface fastethernet 0
Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0
Tokyo(config-if)#no shutdown
Tokyo(config-if)#exit
Tokyo(config)#interface bri 0
Tokyo(config-if)#isdn spid1 51055510000001 5551000
Tokyo(config-if)#isdn spid2 51055510010001 5551001
Tokyo(config-if)#no shutdown
Router(config)# hostname Moscow
Moscow(config)# enable secret class
Moscow(config)# isdn switch-type basic-ni
Moscow(config)# interface fastethernet 0
Moscow(config-if)#ip address 192.168.2.1 255.255.255.0
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
142 WAN Technologies CCNA 4 Labs and Study Guide
Moscow(config)# interface bri 0
Moscow(config-if)#isdn spid1 51055520000001 5552000
Moscow(config-if)#isdn spid2 51055520010001 5552001
Moscow(config-if)#no shutdown
Task 3: Define the Static Routes for DDRStep 1. Use static and default routes rather than dynamic routing so that you can reduce the cost of the
dialup connection. To configure a static route, you must know the network address of the net-work to be reached and the IP address of the next router on the path to this destination:
Moscow#configure terminal
Moscow(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1
Tokyo#configure terminal
Tokyo(config)#ip route 0.0.0.0 0.0.0.0 192.168.3.2
Step 2. Execute the show ip route command to verify that the routes exist.
Task 4: Specify Interesting Traffic for DDRSpecify the traffic that will cause the DDR interface to dial up the remote router. For the moment, declarethat all IP traffic is “interesting.” You do this by using the dialer-list command:
Tokyo#configure terminal
Tokyo(config)#dialer-list 1 protocol ip permit
Tokyo(config)#interface bri 0
Tokyo(config-if)#dialer-group 1
Tokyo(config-if)#end
Task 5: Configure the DDR Dialer Information for Router 1Step 1. Configure the correct dialer information necessary for the correct function of the dialer profile
and dialer interface. This includes IP address information, PPP configuration, name, passwords,and dial number:
Tokyo#configure terminal
Tokyo(config)#interface bri 0
Tokyo(config-if)#ip address 192.168.3.1 255.255.255.0
Step 2. Configure the PPP information:
Tokyo#configure terminal
Tokyo(config)#username Moscow password class
Tokyo(config)#interface bri 0
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Step 3. Configure the dial information:
Tokyo#configure terminal
Tokyo(config)#interface bri 0
Tokyo(config-if)#dialer idle-timeout 120
Tokyo(config-if)#dialer map ip 192.168.3.2 name Moscow 5552000
Chapter 4: ISDN and DDR 143
Task 6: Configure the DDR Dialer Information for Router 2Moscow#configure terminal
Moscow(config)#dialer-list 1 protocol ip permit
Moscow(config)#username Tokyo password class
Moscow(config)#interface bri 0
Moscow(config-if)#ip address 192.168.3.2 255.255.255.0
Moscow(config-if)#dialer-group 1
Moscow(config-if)#encapsulation ppp
Moscow(config-if)#ppp authentication chap
Moscow(config-if)#dialer idle-timeout 120
Moscow(config-if)#dialer map ip 192.168.3.1 name Tokyo 5551000
Task 7: View the Tokyo Router ConfigurationTo view the configuration, use the show running-config command:
Tokyo#show running-config
What authentication is being used? CHAP
What are the ISDN SPIDs on the Tokyo router?
51055510000001 5551000 and 51055510010001 5551001
Task 8: Verify the DDR ConfigurationStep 1. Generate some interesting traffic across the DDR link from the remote Moscow router to verify
that connections are made correctly:
Tokyo#ping 192.168.2.1
Did the pings succeed? Yes
Step 2. If not, troubleshoot the router configuration.
Step 3. Use the show interface command and note that the output shows that the interface is “spoof-ing.” This provides a mechanism for the interface to simulate an active state for internalprocesses, such as routing, on the router. You can also use the show interface command to dis-play information about the B channel:
Tokyo#show interface bri 0
Step 4. After you complete the previous tasks, log off (by entering exit) and turn the router off. Then,remove and store the cables and adapter.
144 WAN Technologies CCNA 4 Labs and Study Guide
Curriculum Lab 4-3: Configuring Dialer Profiles (4.3.7)Figure 4-3 Topology for Lab 4-3
Table 4-3 Lab Equipment Configuration
Router Router Fast Ethernet0 SPID Phone Adtran Designation Name Address with Numbers Numbers Connection
Subnet Mask
Router 1 Tokyo 192.168.1.1/24 51055510000001 5551000 BRI 151055510010001 5551001
Router 2 Moscow 192.168.2.1/24 51055520000001 5552000 BRI 251055520010001 5552001
Router 3 Sydney 192.168.3.1/24 51055530000001 5553000 BRI 351055530010001 5553001
The enable secret password for all routers is class.
The enable, vty, and console password for all routers is cisco.
Objective
■ Configure ISDN dialer profiles on the routers, enabling a DDR call to be made from two remoterouters simultaneously into a central ISDN BRI router.
Background/Preparation
In this lab, three ISDN routers are required. If ISDN routers are not available, review the lab to becomefamiliar with the process. An Adtran Atlas550 ISDN emulator is used to simulate the switch/ISDN cloud.
Cable a network that is similar to the one in Figure 4-3. You can use any router that meets the interfacerequirements in Figure 4-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Chapter 4: ISDN and DDR 145
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RouterConfigure the hostname, console, vty, and enable passwords according to Table 4-3. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Define the Switch Type and SPID NumbersTo configure the switch type and SPID numbers, use the following commands:
Router(config)#hostname Tokyo
Tokyo(config)#enable secret class
Tokyo(config)#isdn switch-type basic-ni
Tokyo(config)#interface fastethernet 0
Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0
Tokyo(config-if)#no shutdown
Tokyo(config-if)#exit
Tokyo(config)#interface bri 0
Tokyo(config-if)#isdn spid1 51055510000001 5551000
Tokyo(config-if)#isdn spid2 51055510010001 5551001
Tokyo(config-if)#no shutdown
Router(config)#hostname Moscow
Moscow(config)#enable secret class
Moscow(config)#isdn switch-type basic-ni
Moscow(config)#interface fastethernet 0
Moscow(config-if)#ip address 192.168.2.1 255.255.255.0
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
Moscow(config)#interface bri 0
Moscow(config-if)#isdn spid1 51055520000001 5552000
Moscow(config-if)#isdn spid2 51055520010001 5552001
Moscow(config-if)#no shutdown
Router(config)#hostname Sydney
Sydney(config)#enable secret class
Sydney(config)#isdn switch-type basic-ni
Sydney(config)#interface fastethernet 0
Sydney(config-if)#ip address 192.168.3.1 255.255.255.0
Sydney(config-if)#no shutdown
Sydney(config-if)#exit
Sydney(config)#interface bri 0
Sydney(config-if)#isdn spid1 51055530000001 5553000
Sydney(config-if)#isdn spid2 51055530010001 5553001
Sydney(config-if)#no shutdown
146 WAN Technologies CCNA 4 Labs and Study Guide
Task 3: Define the Static Routes for DDRUse static and default routes rather than dynamic routing so that you can reduce the cost of the dialup con-nection. To configure a static route, you must know the network address of the network trying to bereached and the IP address of the next router on the path to this destination:
Moscow#configure terminal
Moscow(config)#ip route 0.0.0.0 0.0.0.0 192.168.253.1
Sydney#configure terminal
Sydney(config)#ip route 0.0.0.0 0.0.0.0 192.168.254.1
Tokyo#configure terminal
Tokyo(config)#ip route 192.168.2.0 255.255.255.0 192.168.253.2
Tokyo(config)#ip route 192.168.3.0 255.255.255.0 192.168.254.2
Task 4: Specify Interesting Traffic for DDRYou must define traffic as “interesting” to cause the DDR interface to dial up the remote router. For themoment, declare that all IP traffic is interesting by using the dialer-list command:
Moscow(config)#dialer-list 1 protocol ip permit
Moscow(config)#interface dialer 0
Moscow(config-if)#dialer-group 1
Sydney(config)#dialer-list 1 protocol ip permit
Sydney(config)#interface dialer 0
Sydney(config-if)#dialer-group 1
Tokyo#configure terminal
Tokyo(config)#dialer-list 1 protocol ip permit
Tokyo(config)#interface dialer 1
Tokyo(config-if)#description The Profile for the Moscow router
Tokyo(config-if)#dialer-group 1
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#description The Profile for the Sydney router
Tokyo(config-if)#dialer-group 1
Task 5: Configure the DDR Dialer InformationConfigure the correct dialer information that is necessary for the correct function of the dialer profile anddialer interface. This includes IP address information, PPP configuration, name, passwords, and dial number:
Tokyo(config)#interface dialer 1
Tokyo(config-if)#ip address 192.168.253.1 255.255.255.0
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#ip address 192.168.254.1 255.255.255.0
Tokyo(config-if)#interface bri 0
Tokyo(config-if)#encapsulation ppp
Chapter 4: ISDN and DDR 147
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#exit
Tokyo(config)#username Moscow password class
Tokyo(config)#username Sydney password class
Moscow(config)#interface dialer 0
Moscow(config-if)#ip address 192.168.253.2 255.255.255.0
Moscow(config-if)#interface bri 0
Moscow(config-if)#encapsulation ppp
Moscow(config-if)#ppp authentication chap
Moscow(config-if)#interface dialer 0
Moscow(config-if)#encapsulation ppp
Moscow(config-if)#ppp authentication chap
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
Moscow(config)#username Tokyo password class
Sydney(config)#interface dialer 0
Sydney(config-if)#ip address 192.168.254.2 255.255.255.0
Sydney(config-if)#interface bri 0
Sydney(config-if)#encapsulation ppp
Sydney(config-if)#ppp authentication chap
Sydney(config-if)#interface dialer 0
Sydney(config-if)#encapsulation ppp
Sydney(config-if)#ppp authentication chap
Sydney(config-if)#no shutdown
Sydney(config-if)#exit
Sydney(config)#username Tokyo password class
Task 6: Configure the Dialer InformationNext, you must configure the dial information to specify the remote name of the remote router in the dialerprofile, and the dial string (phone number) to use to contact this remote device. Use the commands in thefollowing steps to do this.
Step 1. To configure the dial information on Tokyo, use the following:
Tokyo(config)#interface dialer 1
Tokyo(config-if)#dialer remote-name Moscow
Tokyo(config-if)#dialer string 5552000
Tokyo(config-if)#dialer string 5552001
148 WAN Technologies CCNA 4 Labs and Study Guide
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer remote-name Sydney
Tokyo(config-if)#dialer string 5553000
Tokyo(config-if)#dialer string 5553001
Step 2. To configure the dial information on Moscow, use the following:
Moscow(config-if)#interface dialer 0
Moscow(config-if)#dialer remote-name Tokyo
Moscow(config-if)#dialer string 5551000
Moscow(config-if)#dialer string 5551001
Step 3. To configure the dial information on Sydney, use the following:
Sydney(config-if)#interface dialer 0
Sydney(config-if)#dialer remote-name Tokyo
Sydney(config-if)#dialer string 5551000
Sydney(config-if)#dialer string 5551001
Task 7: Associate the Dialer ProfilesFinally, associate the dialer profiles with the dialer interfaces that will be used, when needed. Create adialer pool and put the interfaces and the associated dialer profiles in a common pool. The commands fordoing this are as follows.
Step 1. On Tokyo, the commands issued would be as follows:
Tokyo(config-if)#interface bri 0
Tokyo(config-if)#dialer pool-member 1
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#dialer pool 1
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer pool 1
Step 2. On Moscow, the commands issued would be as follows:
Moscow(config-if)#interface bri 0
Moscow(config-if)#dialer pool-member 1
Moscow(config-if)#interface dialer 0
Moscow(config-if)#dialer pool 1
Step 3. Use the same commands to configure the Sydney router.
Task 8: Configure the Dialer TimeoutsStep 1. Configure a dialer idle-timeout of 60 seconds for each of the dialer interfaces:
Tokyo(config)#interface dialer 1
Tokyo(config-if)#dialer idle-timeout 60
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer idle-timeout 60
Step 2. Repeat these commands on Moscow and Sydney.
Chapter 4: ISDN and DDR 149
Task 9: View the Tokyo Router ConfigurationTo view the configuration, use the show running-config command:
Tokyo#show running-config
Tokyo#show running-config
Building configuration...
Current configuration : 1535 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname “Tokyo”
!
enable secret 5 $1$.Tf2$ph3oCXloaQGXpguejZTIJ0
!
username Moscow password 0 class
username Sydney password 0 class
ip subnet-zero
!
!
!
isdn switch-type basic-ni
!
!
!
interface FastEthernet0
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0
no ip address
shutdown
no fair-queue
!
interface BRI0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055510000001 5551000
isdn spid2 51055510010001 5551001
ppp authentication chap
!
150 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1
no ip address
shutdown
!
interface Dialer1
description The Profile for the Moscow router
ip address 192.168.253.1 255.255.255.0
encapsulation ppp
dialer pool 1
dialer remote-name Moscow
dialer idle-timeout 60
dialer string 5552000
dialer string 5552001
dialer-group 1
ppp authentication chap
!
interface Dialer2
description The Profile for the Sydney router
ip address 192.168.254.1 255.255.255.0
encapsulation ppp
dialer pool 1
dialer remote-name Sydney
dialer idle-timeout 60
dialer string 5553000
dialer string 5553001
dialer-group 1
ppp authentication chap
!
ip classless
ip route 192.168.2.0 255.255.255.0 192.168.253.2
ip route 192.168.3.0 255.255.255.0 192.168.254.2
ip http server
!
dialer-list 1 protocol ip permit
!
line con 0
password cisco
login
line aux 0
line vty 0 4
Chapter 4: ISDN and DDR 151
password cisco
login
!
end
How many username statements exist? 2
What authentication type is being used for PPP? CHAP
Which sections of the configuration list the authentication type? Interface Dialer
What are the dialer strings on the Tokyo router?
interface Dialer1
End string 5552000
dialer string 5552001
interface Dialer2
dialer string 5553000
dialer string 5553001
Task 10: Verify the DDR ConfigurationStep 1. Generate some interesting traffic across the DDR link from Moscow and Sydney to verify that
connections are made correctly and that the dialer profiles are functioning:
Moscow#ping 192.168.1.1
Sydney#ping 192.168.1.1
Did the pings succeed? Yes
Step 2. If not, troubleshoot the router configurations.
What other information was displayed when the ping was issued?
00:25:01: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:25:01: %DIALER-6-BIND: Interface BRI0:1 bound to profile Di0
00:25:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1,
changed state to up
Step 3. Use the show dialer command to see the reason for the call. This information is shown foreach channel:
Tokyo#show dialer
Tokyo#show dialer
BRI0 - dialer type = ISDN
Dial String Successes Failures Last DNIS Last status
0 incoming call(s) have been screened.
0 incoming call(s) rejected for callback.
BRI0:1 - dialer type = ISDN
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
BRI0:2 - dialer type = ISDN
Idle timer (120 secs), Fast idle timer (20 secs)
152 WAN Technologies CCNA 4 Labs and Study Guide
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Di1 - dialer type = DIALER PROFILE
Idle timer (60 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Number of active calls = 0
Dial String Successes Failures Last DNIS Last status
5552000 0 0 never - Default
5552001 0 0 never - Default
Di2 - dialer type = DIALER PROFILE
Idle timer (60 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Number of active calls = 0
Dial String Successes Failures Last DNIS Last status
5553000 0 0 never - Default
5553001 0 0 never - Default
Tokyo#
Which dialer strings are associated with Dialer1? 555-2000, 555-2001
What is the last status for dial string 5553000 in the Dialer2 readout? None
Step 4. Use the show interface command and note that the output shows that the interface is “spoof-ing.” This provides a mechanism for the interface to simulate an active state for internalprocesses, such as routing, on the router. You can also use the show interface command to dis-play information about the B channel:
Tokyo#show interface bri 0
Tokyo#show interface bri 0
BRI0 is up, line protocol is up (spoofing)
Hardware is PQUICC BRI with U interface
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Last input 00:00:01, output never, output hang never
Last clearing of “show interface” counters 00:28:42
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 48 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
365 packets input, 1549 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
362 packets output, 1522 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
Chapter 4: ISDN and DDR 153
0 output buffer failures, 0 output buffers swapped out
8 carrier transitions
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! Tokyo
Tokyo#configure terminal
Tokyo(config)#hostname Tokyo
Tokyo(config)#enable secret class
Tokyo(config)#isdn switch-type basic-ni
Tokyo(config)#interface fastethernet 0
Tokyo(config-if)#ip address 192.168.1.1 255.255.255.0
Tokyo(config-if)#no shutdown
Tokyo(config-if)#exit
Tokyo(config)#interface bri 0
Tokyo(config-if)#isdn spid1 51055510000001 5551000
Tokyo(config-if)#isdn spid2 51055510010001 5551001
Tokyo(config-if)#no shutdown
Tokyo(config-if)#exit
Tokyo(config-if)#ip route 192.168.2.0 255.255.255.0 192.168.253.2
Tokyo(config)#ip route 192.168.3.0 255.255.255.0 192.168.254.2
Tokyo(config)#dialer-list 1 protocol ip permit
Tokyo(config)#interface dialer 1
Tokyo(config-if)#description The Profile for the Moscow router
Tokyo(config-if)#dialer-group 1
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#description The Profile for the Sydney router
Tokyo(config-if)#dialer-group 1
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#ip address 192.168.253.1 255.255.255.0
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#ip address 192.168.254.1 255.255.255.0
Tokyo(config-if)#interface bri 0
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#encapsulation ppp
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#exit
Tokyo(config)#username Moscow password class
Tokyo(config)#username Sydney password class
Tokyo(config)#interface dialer 1
Tokyo(config-if)#dialer remote-name Moscow
Tokyo(config-if)#dialer string 5552000
Tokyo(config-if)#dialer string 5552001
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer remote-name Sydney
154 WAN Technologies CCNA 4 Labs and Study Guide
Tokyo(config-if)#dialer string 5553000
Tokyo(config-if)#dialer string 5553001
Tokyo(config-if)#exit
Tokyo(config-if)#interface bri 0
Tokyo(config-if)#dialer pool-member 1
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#dialer pool 1
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer pool 1
Tokyo(config-if)#exit
Tokyo(config-if)#interface dialer 1
Tokyo(config-if)#dialer idle-timeout 60
Tokyo(config-if)#interface dialer 2
Tokyo(config-if)#dialer idle-timeout 60
Tokyo(config-if)#exit
Tokyo(config)#exit
Tokyo#copy running-config startup-config
! Moscow
Router#configure terminal
Router(config)#hostname Moscow
Moscow(config)#enable secret class
Moscow(config)#isdn switch-type basic-ni
Moscow(config)#interface fastethernet 0
Moscow(config-if)#ip address 192.168.2.1 255.255.255.0
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
Moscow(config)#interface bri 0
Moscow(config-if)#isdn spid1 51055520000001 5552000
Moscow(config-if)#isdn spid2 51055520010001 5552001
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
Moscow(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.253.1
Moscow(config)#dialer-list 1 protocol ip permit
Moscow(config)#interface dialer 0
Moscow(config-if)#dialer-group 1
Moscow(config-if)#exit
Moscow(config-if)#interface dialer 0
Moscow(config-if)#ip address 192.168.253.2 255.255.255.0
Moscow(config-if)#interface bri 0
Moscow(config-if)#encapsulation ppp
Moscow(config-if)#ppp authentication chap
Moscow(config-if)#interface dialer 0
Moscow(config-if)#encapsulation ppp
Moscow(config-if)#ppp authentication chap
Moscow(config-if)#no shutdown
Moscow(config-if)#exit
Moscow(config)#username Tokyo password class
Chapter 4: ISDN and DDR 155
Moscow(config)#interface dialer 0
Moscow(config-if)#dialer remote-name Tokyo
Moscow(config-if)#dialer string 5551000
Moscow(config-if)#dialer string 5551001
Moscow(config-if)#exit
Moscow(config-if)#interface bri 0
Moscow(config-if)#dialer pool-member 1
Moscow(config-if)#interface dialer 0
Moscow(config-if)#dialer pool 1
Moscow(config-if)#exit
Moscow(config)#exit
Moscow#copy running-config startup-config
! Sydney
Router#configure terminal
Router(config)#hostname Sydney
Sydney(config)#enable secret class
Sydney(config)#isdn switch-type basic-ni
Sydney(config)#interface fastethernet 0
Sydney(config-if)#ip address 192.168.3.1 255.255.255.0
Sydney(config-if)#no shutdown
Sydney(config-if)#exit
Sydney(config)#interface bri 0
Sydney(config-if)#isdn spid1 51055530000001 5553000
Sydney(config-if)#isdn spid2 51055530010001 5553001
Sydney(config-if)#no shutdown
Sydney(config-if)#exit
Sydney(config-if)#ip route 0.0.0.0 0.0.0.0 192.168.254.1
Sydney(config)#dialer-list 1 protocol ip permit
Sydney(config)#interface dialer 0
Sydney(config-if)#dialer-group 1
Sydney(config-if)#exit
Sydney(config)#interface dialer 0
Sydney(config-if)#ip address 192.168.254.2 255.255.255.0
Sydney(config-if)#interface bri 0
Sydney(config-if)#encapsulation ppp
Sydney(config-if)#ppp authentication chap
Sydney(config-if)#interface dialer 0
Sydney(config-if)#encapsulation ppp
Sydney(config-if)#ppp authentication chap
Sydney(config-if)#no shutdown
Sydney(config-if)#exit
Sydney(config)#username Tokyo password class
Sydney(config)#interface dialer 0
Sydney(config-if)#dialer remote-name Tokyo
156 WAN Technologies CCNA 4 Labs and Study Guide
Sydney(config-if)#dialer string 5551000
Sydney(config-if)#dialer string 5551001
Sydney(config-if)#exit
Sydney(config)#interface bri 0
Sydney(config-if)#dialer pool-member 1
Sydney(config-if)#interface dialer 0
Sydney(config-if)#dialer pool 1
Sydney(config-if)#exit
Sydney(config)#exit
Sydney#copy running-config startup-config
Challenge Lab 4-4: Configuring Dialer Maps and DialerProfiles
You are hired as a consultant for a company that has three remote locations: Mo, Larry, and Curley. Thetask at hand is to set up ISDN across their WAN and the addressing on their internal network. The compa-ny wants you to use dialer maps on the Larry and Curley routers pointing to the Mo router. The Mo routerwill use dialer profiles pointing to the Larry and Curley routers.
This lab challenges your ability to configure dialer profiles and dialer maps in an ISDN environment.Figure 4-4 presents the topology for this lab.
Figure 4-4 ISDN Challenge Lab Topology
Chapter 4: ISDN and DDR 157
Internet172.16.0.1/24
Lo0
MO
LarryBRI 1/0
180.78.15.2/30
BRI 1/0
BRI 1/0194.65.14.1/30180.78.15.1/30
194.65.14.2/30
fa0/1fa0/0
fa0/1fa0/0Switch A Switch BCurley
Service Profile Identifiers:
Mo BRI/1: SPID 1 5105551000SPID 2 5105551001
Larry BRI/2: SPID 1 5105552000SPID 2 5105552001
Curley BRI/3: SPID 1 5105553000SPID 2 5105553001
Larry LAN Addresses192.168.100.0/24
Curley LAN Addresses193.168.100.0/24
ISDNCloud
(Adtran)
BRI 1
ISDN
BRI 3BRI 2
Dialer Map Dialer Map
Dialer Profiles
Task 1: PhysicalConnect and configure the devices as shown in Figure 4-4.
Task 2: Logical MoStep 1. Configure router Mo with encapsulation PPP on the BRI interface using CHAP authentication
and Multilink.
Step 2. Configure dialer profiles.
Step 3. Configure two dialer interfaces each using two dialer strings and given IP addresses (SPIDsremain in dialer-pool 1).
Step 4. Configure usernames and passwords:
■ Username Larry password 0 cisco.
■ Username Curley password 0 cisco.
Step 5. Permit both dialer lists.
Step 6. Configure router Mo with switch type basic-ni.
Step 7. Configure static routes to Larry and Curley dialer interfaces and to SwitchA and SwitchBLANs.
Step 8. Create access lists permitting both switched networks and the loopback on Mo.
Task 3: Logical LarryStep 1. Configure Larry with encapsulation PPP on the BRI interface using CHAP authentication and
Multilink.
Step 2. Use switch type basic-ni.
Step 3. Create dialer 0 to use the IP address 180.78.15.2 /30. Include dialer-pool, dialer-group, andpermit dialer-list.
Step 4. Configure Larry’s BRI using the appropriate SPIDs.
Step 5. Make sure that both B channels are used simultaneously.
Step 6. Configure username and password to Mo with password cisco.
Step 7. Configure interface fa0/0 on Larry with IP address 192.168.100.1 /24.
Step 8. Configure static routes to the Curley LAN and Mo’s loopback.
Step 9. Configure a default route out of BRI1/0.
Task 4: Logical CurleyStep 1. Configure Curley with encapsulation PPP on the BRI interface using CHAP authentication
and Multilink.
Step 2. Create dialer 0 with given IP address 194.65.14.2 /30. Include dialer-pool, dialer-group, andpermit dialer-list.
Step 3. Configure the BRI interface with the appropriate SPIDs.
Step 4. Configure username and password to Mo with password class.
Step 5. Configure interface fa0/0 with an IP address of 193.168.100.1 /24.
158 WAN Technologies CCNA 4 Labs and Study Guide
Step 6. Configure static routes to the Larry LAN and to the loopback on Mo.
Step 7. Configure a default route out of BRI 1/0.
Task 5: Switches Configure each switch with an IP address and appropriate default gateway for its network.
Task 6: VerificationThis lab is complete when you can ping every interface shown in Figure 4-4.
Mo#show running-config
Building configuration...
Current configuration : 1709 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Mo
!
enable secret 5 $1$0usK$RscXAJFH74Osj7ahj2Qqo.
!
username Larry password 0 cisco
username Curley password 0 class
memory-size iomem 25
ip subnet-zero
!
!
isdn switch-type basic-ni
!
!
!
interface Loopback0
ip address 172.16.0.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
no ip address
shutdown
no fair-queue
Chapter 4: ISDN and DDR 159
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055510000001 5551000
isdn spid2 51055510010001 5551001
ppp authentication chap
ppp multilink
!
interface Dialer0
ip address 180.78.15.1 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name Larry
dialer string 5552000
dialer string 5552001
dialer-group 1
ppp authentication chap
!
interface Dialer1
ip address 194.65.14.1 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name Curley
dialer string 5553000
dialer string 5553001
dialer-group 2
ppp authentication chap
!
!
ip classless
ip route 180.78.15.0 255.255.255.252 180.78.15.2
ip route 192.168.100.0 255.255.255.0 180.78.15.2
ip route 193.168.100.0 255.255.255.0 194.65.14.2
ip route 194.65.14.0 255.255.255.252 194.65.14.2
no ip http server
!
!
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
160 WAN Technologies CCNA 4 Labs and Study Guide
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
Larry#show running-config
Building configuration...
Current configuration : 1097 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Larry
!
enable secret 5 $1$5Jud$6ua9o9Z58aEpWAepfy0x1.
!
username Mo password 0 cisco
ip subnet-zero
!
!
isdn switch-type basic-ni
!
!
!
interface FastEthernet0/0
ip address 192.168.100.1 255.255.255.0
speed auto
speed auto
!
interface Serial0/0
no ip address
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
Chapter 4: ISDN and DDR 161
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055520000001 5552000
isdn spid2 51055520010001 5552001
ppp authentication chap
ppp multilink
!
interface Dialer0
ip address 180.78.15.2 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name Mo
dialer string 5551000
dialer-group 1
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 BRI1/0
ip route 172.16.0.0 255.255.255.0 180.78.15.1
ip route 193.168.100.0 255.255.255.0 180.78.15.1
no ip http server
!
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
Curley#show running-config
Building configuration...
Current configuration : 1133 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Curley
!
162 WAN Technologies CCNA 4 Labs and Study Guide
enable secret 5 $1$rNMq$pgKhyff67/X.hYe9ejz4c0
!
username Mo password 0 class
memory-size iomem 25
ip subnet-zero
!
!
isdn switch-type basic-ni
!
!
!
interface FastEthernet0/0
ip address 193.168.100.1 255.255.255.0
speed auto
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055530000001 5553000
isdn spid2 51055530010001 5553001
ppp authentication chap
ppp multilink
!
interface Dialer0
ip address 194.65.14.2 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name ISP
dialer string 5551001
dialer-group 1
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 BRI1/0
ip route 172.16.0.0 255.255.255.0 194.65.14.1
Chapter 4: ISDN and DDR 163
ip route 192.168.100.0 255.255.255.0 194.65.14.1
no ip http server
!
!
dialer-list 1 protocol ip permit
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end
SwitchA#show running-config
Building configuration...
Current configuration : 1476 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SwitchA
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
164 WAN Technologies CCNA 4 Labs and Study Guide
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
!
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
no ip address
!
interface FastEthernet0/12
no ip address
!
interface FastEthernet0/13
no ip address
!
interface FastEthernet0/14
no ip address
!
interface FastEthernet0/15
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
Chapter 4: ISDN and DDR 165
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.100.2 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.100.1
ip http server
!
!
line con 0
line vty 5 15
!
end
SwitchB#show running-config
Building configuration...
Current configuration : 1476 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SwitchB
!
!
ip subnet-zero
!
166 WAN Technologies CCNA 4 Labs and Study Guide
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
!
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
no ip address
!
interface FastEthernet0/12
no ip address
!
interface FastEthernet0/13
no ip address
!
interface FastEthernet0/14
Chapter 4: ISDN and DDR 167
no ip address
!
interface FastEthernet0/15
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 193.168.100.2 255.255.255.0
no ip route-cache
!
ip default-gateway 193.168.100.1
ip http server
!
!
line con 0
line vty 5 15
!
end
168 WAN Technologies CCNA 4 Labs and Study Guide
CHAPTER 5
Frame Relay
The Study Guide portion of this chapter uses a combination of fill-in-the-blank, multiple-choice, and open-ended question exercises to test your knowledge of the theory of Frame Relay terminology, bandwidth, andflow control. This chapter also discusses the importance of Frame Relay addressing, map statements, andthe use of Inverse Address Resolution Protocol (ARP) and Local Management Interface (LMI) operation.
The Lab Exercises portion of this chapter includes all the online curriculum labs and three challenge labsto ensure that you have mastered the practical, hands-on skills needed for Frame Relay maps, subinterfaceconfiguration, and troubleshooting.
Study Guide
Frame Relay ConceptsFrame Relay is a standalone packet-switched technology that operates using virtual circuits to connectLANs across a cloud. It uses switched virtual circuits (SVCs) (less common) and permanent virtual cir-cuits (PVCs), which the carrier preconfigures, to join locations. Frame Relay also provides no error-check-ing technology, because it was designed to run on digital, high-quality lines. A Frame Relay edge routermay have multiple PVCs toward different locations and labels each one with a data-link connection identi-fier (DLCI). Each PVC has its own set amount of bandwidth inside the cloud; this is called the committedinformation rate (CIR), which is the method of flow control for Frame Relay. Commonly, Frame Relaynetworks are set up in either star (hub-and-spoke), Frame Relay star, full-mesh, or partial-mesh topologies.In a star topology, all the edge routers connect to a central location, as opposed to a Frame Relay star,where the edge routers connect to a cloud. Mesh and partial-mesh topologies connect every location, or atleast most of them, to one another. Local Management Interfaces (LMI) extensions are also provided withFrame Relay to reduce the transfer delay between two locations. LMIs include mechanisms to keep trackof keepalive messages and VC status and a mechanism with flow control; LMI types are Cisco, Q933a,and ANSI. LMIs combined with Inverse ARP allow a router to associate a DLCI with a network layeraddress; this allows the router to learn PVCs dynamically.
Concept Questions1. Compare a PVC to an SVC.
A PVC is a temporary connection brought up in the carrier’s cloud when communication with aremote site is initiated. The connection is considered permanent because data takes the same path toand from each location every time. An SVC is a switched connection that is not mapped inside thecarrier’s network and that takes a different path each time data is sent between locations. It is treatedas a one-time connection.
2. LMI is a signaling standard that allows DTEs to dynamically acquire information about a network’sstatus. Keepalive messages are one example of status messages that are sent. Explain how routers usekeepalive messages.
Keepalive messages allow connecting devices to know that the link is active. When no keepalives arereceived, the connecting devices view the link as inactive or down.
3. Explain how a DLCI is used to route Frame Relay traffic.
A DLCI is used to identify a virtual circuit between a CPE and the Frame Relay switch. The FrameRelay switch maps the DLCI to a circuit between two remote routers to provide a permanent thor-oughfare between them.
Configuring Frame RelayTo configure Frame Relay, go into the serial interface connected to the frame cloud or frame switch andenter encapsulation frame-relay [cisco | ietf]. cisco is the default encapsulation and should be used onlyif you’re connecting to another Cisco router. You should use the ietf encapsulation option when connectingnon-Cisco routers.
You can also set the LMI type with the command frame-relay lmi-type [cisco | q933a | ansi]. This is notnecessary for Cisco IOS Software Release 11.2 and later, because LMI types are automatically discovered.
170 WAN Technologies CCNA 4 Labs and Study Guide
Chapter 5: Frame Relay 171
You might need to statically configure a Frame Relay map with the command frame-relay map [protocol][network address] [dlci] broadcast when Inverse ARP is not available on the router. The broadcast key-word allows routing updates to be sent across the cloud. The use of a subinterface enables you to use one interface to connect multiple locations, avoiding the need to purchase more equipment. Each subinter-face can be set up as a point-to-point or point-to-multipoint interface (interface serial [number]/[number].[subinterface number] [point-to-point | point-to-multipoint]). Point-to-point is used when eachsubinterface will act as point-to-point connection to another interface. The subinterfaces must also be onthe same subnet, separate from others. A point-to-multipoint interface is used when connecting multiplelocations. In this case, all connecting interfaces must be on the same subnet. To verify the configurations,you can use the show frame-relay map and show frame-relay pvc commands to display PVC informa-tion. To clear out any dynamically learned maps, use the command clear frame-relay inarp.
Concept Questions1. Explain why using subinterfaces resolves the split-horizon issue without your having to disable the
feature.
Split horizon prevents routing updates from being sent across the same interface in which they werereceived. Turning this feature off increases the chances of a routing loop occurring. Subinterfaces arelogical subdivisions of a physical interface. This allows each subinterface to look as though it is a sep-arate physical interface, therefore allowing the update to be sent.
2. Forward explicit congestion notification (FECN) and backward explicit congestion notification(BECN) are used for traffic shaping. Explain each one’s purpose and how they are used to notifydevices of congestion.
FECNs are sent to the destination device, indicating that congestion has occurred. BECNs are sent tothe transmitting router, instructing it to reduce the rate at which it is sending packets into the FrameRelay network. Traffic shaping must be configured for the router to respond to BECN notification.
3. You are troubleshooting a Frame Relay network that is not functioning. What commands can you useto determine the cause of the problem, and what information do these commands display?
show interface serial 0 displays the following:
■ Encapsulation, Layer 1 and 2 information, DLCI and LMI information
show frame-relay pvc displays the following:
■ The status of each configured VC
■ Traffic statistics
■ BECN and FECN packets received by the router
show frame-relay map displays the following:
■ Current map entries
■ The IP address of the remote router and the DLCI it is mapped to
■ Connection status
show frame-relay lmi displays the following:
■ LMI traffic statistics
■ The number of status messages exchanged between the router and Frame Relay switch
Chapter Review QuestionsFor multiple-choice questions 1 through 20, circle the correct answers. Some questions have more thanone answer.
1. Which of the following are valid Frame Relay LMI types? (Select three)
A. Cisco
B. Q921
C. Q931
D. Q933a
E. ANSI
F. IETF
G. Annex A
H. Annex D
2. Which of the following are true of point-to-point subinterfaces? (Select all that apply)
A. They are used to establish one PVC connection.
B. They are used to establish multiple PVC connections.
C. Each pair of point-to-point routers requires its own subnet.
D. All participating interfaces are in the same subnet.
E. The split-horizon rule does not apply to routing update traffic.
3. DLCI numbers range from 0 through 1023. What range of numbers is available to subscribers?
A. 0–1023
B. 1–15 and 1008–1022
C. 992–1007
D. 16–991
4. When a Frame Relay switch notices its queue increasing, what does it use to reduce the flow offrames it receives?
A. Explicit correction notifications
B. Error correction notifications
C. Explicit congestion notifications
D. Error congestion notifications
5. What command enables you to configure the local DLCI on the subinterface?
A. Router(config)#frame-relay interface dlci [number]
B. Router(config-if)#frame-relay interface dlci [number]
C. Router(config)#frame relay interface-dlci [number]
D. Router(config-subif)#frame-relay interface-dlci [number]
6. Which of the following are true of the Local Management Interface? (Select all that apply)
A. Cisco IOS Software Release 11.2 or later allows the router to automatically determine the LMItype used by the switch.
B. It is used between the DCE and the Frame switch in the carrier’s network.
C. It is used between the DTE and the Frame switch in the carrier’s network.
D. It can be used only with Inverse ARP enabled.
172 WAN Technologies CCNA 4 Labs and Study Guide
7. Which of the following are displayed when you use the command show frame-relay lmi? (Select two)
A. LMI type
B. DLCI number
C. The number of status messages sent and received between the router and the Frame switch
D. Current map entries and their status
E. The number of status messages sent and received for each configured PVC
8. When you configure Frame Relay subinterfaces, which of the following must not be configured?
A. Frame Relay encapsulation on the physical interface
B. The DLCI numbers on the subinterface
C. The subinterface type as multipoint
D. The IP address on the physical interface
E. The IP address on the subinterface
9. What would be the result if the broadcast keyword at the end of the following command line wereomitted?
frame-relay map ip 131.108.123.1 100 broadcast
A. Routing updates would be forwarded.
B. Routing updates would not be forwarded.
C. The statement would be broadcast to all other routers in the frame network.
D. The router would be prevented from becoming a broadcast firewall.
10. Which of the following solve the split-horizon quandary in a Frame Relay environment with multipleconnections over a single physical interface? (Select two)
A. Partial-mesh topology
B. Full-mesh topology
C. Subinterfaces
D. Point-to-point topology
11. Which of the following are true of multipoint subinterfaces? (Select all that apply)
A. They are used to establish one PVC connection.
B. They are used to establish multiple PVC connections.
C. Each pair of point-to-point routers requires its own subnet.
D. All participating interfaces are in the same subnet.
E. The split-horizon rule does not apply to routing update traffic.
F. The split-horizon rule is applied because the subinterface acts like an NBMA interface.
12. What two methods allow a router to associate network layer and data link layer addresses?
A. Inverse ARP with LMI messages
B. Inverse RARP
C. Reverse ARP
D. Frame Relay map
E. DLCI status messages
F. FECN
G. BECN
Chapter 5: Frame Relay 173
13. What is used to distinguish between various PVCs on a single line?
A. LMI
B. LAPF
C. DLCI
D. LAPD
14. What are DLCI 0 and DLCI 1023 reserved for?
A. Cisco LMI type is 0, and Q933a LMI type is 1023.
B. Q933a LMI type is 0, and Cisco LMI type is 1023.
C. Cisco LMI type is 0, and Q931 LMI type is 1023.
D. IETF LMI type is 0, and Cisco LMI type is 1023.
15. Which of the following are true of DLCI values? (Select three)
A. They have local significance.
B. They have global significance.
C. They are unique to the physical channel on which they reside.
D. Different DLCI values can be used at each end to refer to the same VC.
E. DLCI values must be the same on each end when referring to the same VC.
16. How does a switch identify frames that exceed the CIR?
A. DE
B. FECN
C. BECN
D. LAPF
17. What are the possible connection states that a VC could be in when using the show frame-relay pvccommand? (Select three)
A. Active
B. Passive
C. Inactive
D. Deleted
E. Unknown
18. When configuring Frame Relay, what can you do to prevent split-horizon problems? (Select two)
A. Use a physical interface to route traffic for multiple PVCs.
B. Configure a separate subinterface for each PVC.
C. Configure a separate subinterface for multiple PVCs.
D. Disable split horizon.
174 WAN Technologies CCNA 4 Labs and Study Guide
19. Most ISPs disable the use of Inverse ARP in their networks. What command is the alternative solutionwhen they cannot be dynamically mapped?
A. frame-relay inverse-arp
B. frame-relay map
C. frame-relay interface-type
D. frame-relay ip map
20. Which of the following appear when you use the show frame-relay pvc command? (Select all that apply)
A. Status of each configured connection
B. Traffic statistics
C. IP address of the remote location
D. Map entries
E. The number of FECN and BECN entries received by the router
Chapter 5: Frame Relay 175
Lab Exercises
Curriculum Lab 5-1: Configuring Frame Relay (5.2.1)Figure 5-1 Topology for Lab 5-1
Table 5-1 Lab Equipment Configuration
Router Designation Router Name Fast Ethernet 0 Adtran ConnectionAddress/Subnet Mask
Router 1 Cork 192.168.14.1/24 1/1
The enable secret password for this router is class.
The enable, vty, and console password for this router is cisco.
Objective
■ Configure a router to establish a connection to a local Frame Relay switch.
Background/Preparation
This lab uses an Adtran Atlas550 Frame Relay to simulate the Frame Relay switch/cloud.
The Cork Wholesale Food Company has just had a Frame Relay circuit installed to its local central office(CO) by the telco carrier. The network administrator must confirm that the router and Frame Relay switchcan communicate successfully.
Cable a network that is similar to the one in Figure 5-1. You can use any router that meets the interfacerequirements in Figure 5-1 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C, “Router Interface Summary Chart,” to correctly specify the interface identi-fiers based on the equipment in your lab. The 1721 series routers produced the configuration output in thislab. Another router might produce slightly different output. Execute the following tasks on each routerunless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E, “Erasing and Reloading the Router,” on all routersbefore you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 5-1. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
176 WAN Technologies CCNA 4 Labs and Study Guide
Task 2: Configure the Serial InterfaceStep 1. In Frame Relay, the customer router is considered to be the DTE device. To configure the serial
interface, you must define the Layer 2 Frame Relay frame type. To configure the frame type,use the following commands:
Cork#configure terminal
Cork(config)#interface serial 0
Cork(config-if)#encapsulation frame-relay IETF
Step 2. Next, you need to configure the format of the Frame Relay management protocol. To configurethe Local Management Interface (LMI) type, use the following commands:
Cork(config-if)#frame-relay lmi-type ansi
Cork(config-if)#no shutdown
Cork(config-if)#ctrl+z
Task 3: Verify the Frame Relay ConfigurationTo verify the configuration, use the show interface commands that are related to Frame Relay. To view theserial interface configuration, enter the following command:
Cork#show interface serial 0
Serial0 is up, line protocol is up
Hardware is PowerQUICC Serial
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation FRAME-RELAY IETF, loopback not set
Keepalive set (10 sec)
LMI enq sent 7, LMI stat recvd 7, LMI upd recvd 0, DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0
LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE
Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface
broadcasts 0
Last input 00:00:04, output 00:00:04, output hang never
Last clearing of “show interface” counters 00:01:34
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
7 packets input, 128 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
7 packets output, 98 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Chapter 5: Frame Relay 177
What is the state of the interface? Serial 0 is up, line protocol is up.
What is the encapsulation type? frame-relay ietf
What state is the DTE LMI in? Up
What is the LMI type? ANSI Annex D
Task 4: Review Switch AssignmentsTo verify that the DLCIs are defined on the switch, use show frame-relay pvc. The DLCIs are learned bythe router via LMI and can be viewed:
Cork#show frame-relay pvc
Cork#show frame-relay pvc
PVC Statistics for interface Serial0 (Frame Relay DTE)
Active Inactive Deleted Static
Local 0 0 0 0
Switched 0 0 0 0
Unused 0 3 0 0
DLCI = 102, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE =
Serial0
input pkts 0 output pkts 0 in bytes 0
out bytes 0 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 0 out bcast bytes 0
switched pkts 0
Detailed packet drop counters:
no out intf 0 out intf down 0 no out PVC 0
in PVC down 0 out PVC down 0 pkt too big 0
shaping Q full 0 pkt above DE 0 policing drop 0
pvc create time 00:02:30, last time pvc status changed 00:02:30
DLCI = 103, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE =
Serial0
input pkts 0 output pkts 0 in bytes 0
out bytes 0 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 0 out bcast bytes 0
switched pkts 0
Detailed packet drop counters:
no out intf 0 out intf down 0 no out PVC 0
in PVC down 0 out PVC down 0 pkt too big 0
shaping Q full 0 pkt above DE 0 policing drop 0
pvc create time 00:02:31, last time pvc status changed 00:02:31
178 WAN Technologies CCNA 4 Labs and Study Guide
DLCI = 104, DLCI USAGE = UNUSED, PVC STATUS = INACTIVE, INTERFACE =
Serial0
input pkts 0 output pkts 0 in bytes 0
out bytes 0 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 0 out bcast bytes 0
switched pkts 0
Detailed packet drop counters:
no out intf 0 out intf down 0 no out PVC 0
in PVC down 0 out PVC down 0 pkt too big 0
shaping Q full 0 pkt above DE 0 policing drop 0
pvc create time 00:02:32, last time pvc status changed 00:02:32
What DLCI numbers are available on the switch? 102, 103, 104
What is the PVC status of the first DLCI? Inactive
Task 5: Check the Frame Relay MapThe output from the show frame-relay map command shows that none of the DLCIs defined on theswitch are in use. The PVC is inactive, and there is no current mapping between the Layer 2 DLCI andLayer 3 IP address.
Why is this?
There is no output because there is no mapping between the DLCI and IP.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! Cork
Router#configure terminal
Router(config)#hostname Cork
Cork(config)#enable password cisco
Cork(config)#enable secret class
Cork(config)#line con 0
Cork(config-line)#password cisco
Cork(config-line)#login
Cork(config-line)#line vty 0 4
Cork(config-line)#password cisco
Cork(config-line)#login
Cork(config-line)#exit
Cork(config)#exit
Cork#copy running-config startup-config
Cork Frame Relay Configuration
Cork#configure terminal
Cork(config)#interface serial 0
Cork(config-if)#encapsulation frame-relay ietf
Cork(config-if)#frame-relay lmi-type ansi
Chapter 5: Frame Relay 179
Cork(config-if)#no shutdown
Cork(config-if)#exit
Cork(config)#exit
Cork#copy running-config startup-config
Curriculum Lab 5-2: Configuring Frame Relay PVC (5.2.2)Figure 5-2 Topology for Lab 5-2
Table 5-2 Lab Equipment Configuration
Router Router Interface Serial 0 Fast Ethernet 0 DLCI Designation Name Type Address/Subnet Address/Subnet Number
Mask Mask
Router 1 Washington DCE 192.168.1.1/24 192.168.3.1/24 102
Router 2 Dublin DTE 192.168.1.2/24 192.168.2.1/24 102
The enable secret password for both routers is class.
The enable, vty, and console password for both routers is cisco.
Objective
■ Configure two routers back to back as a Frame Relay PVC. You will do this manually, in the absenceof a Frame Relay switch, so there will be no LMI.
Background/Preparation
Cable a network that is similar to the one in Figure 5-2. You can use any router that meets the interfacerequirements in Figure 5-2 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 5-2. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
180 WAN Technologies CCNA 4 Labs and Study Guide
Task 2: Configure the Washington Serial InterfaceFirst, define the Frame Relay frame type to be used on this link. To configure the encapsulation type, usethe command encapsulation frame-relay ietf. Disable keepalive messages because there is no FrameRelay switch in this configuration (and consequently no Frame Relay DCE):
Washington#configure terminal
Washington(config-if)#interface serial 0
Washington(config-if)#encapsulation frame-relay ietf
Washington(config-if)#no keepalive
Washington(config-if)#ip address 192.168.1.1 255.255.255.0
Washington(config-if)#no shutdown
Task 3: Configure the Frame Relay Map on WashingtonWhen you are sending an Ethernet frame to a remote IP address, you must discover the remote MACaddress so that you can construct the correct frame type. Frame Relay needs a similar mapping.
The remote IP address needs to be mapped to the local DLCI (Layer 2 address) so that the correctlyaddressed frame can be created locally for this PVC. Because you cannot map the DLCI automatically,with LMI disabled, you must create this map manually by using the frame-relay map command. Thebroadcast parameter allows IP broadcasts to use the same mapping for crossing this PVC:
Washington(config-if)#frame-relay map ip 192.168.1.2 102 ietf broadcast
Task 4: Configure the DCE on WashingtonIn this configuration using DCE cables, a clock signal is necessary. The bandwidth command is optional,but it is a wise choice for verifying bandwidth transmission. Another option is to describe the connectionby using the description command. This is useful so that you can record information about the PVC, suchas a remote contact person and the leased-line circuit identifier:
Washington(config-if)#clockrate 64000
Washington(config-if)#bandwidth 64
Washington(config-if)#description PVC to Dublin, DLCI 102, Circuit #DASS465875, ContactJohn Tobin (061-8886745)
Task 5: Configure the Dublin RouterConfigure the Dublin router by using the following commands:
Dublin#configure terminal
Dublin(config-if)#interface serial 0
Dublin(config-if)#encapsulation frame-relay ietf
Dublin(config-if)#no keepalive
Dublin(config-if)#no shutdown
Dublin(config-if)#ip address 192.168.1.2 255.255.255.0
Dublin(config-if)#frame-relay map ip 192.168.1.1 102 ietf broadcast
Dublin(config-if)#bandwidth 64
Dublin(config-if)#description PVC to Washington, DLCI 102, Circuit #DASS465866 ContactPat White (091-6543211)
Chapter 5: Frame Relay 181
Task 6: Verify the Frame Relay PVCOn the Washington router, enter the command show frame-relay pvc:
Washington#show frame-relay pvc
Washington#show frame-relay pvc
PVC Statistics for interface Serial0 (Frame Relay DTE)
Active Inactive Deleted Static
Local 0 0 0 1
Switched 0 0 0 0
Unused 0 0 0 0
DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = STATIC, INTERFACE =
Serial0
input pkts 5 output pkts 5 in bytes 520
out bytes 520 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 0 out bcast bytes 0
pvc create time 00:07:26, last time pvc status changed 00:03:18
What DLCI number is reported? 102
What is the PVC status? STATIC
What is the value of the DLCI USAGE? LOCAL
Task 7: Display the Frame Relay MapTo view the Layer 2 to Layer 3 mapping, use the show frame-relay map command at the privilegedEXEC mode prompt:
Washington#show frame-relay map
Washington#show frame-relay map
Serial0 (up): ip 192.168.1.2 dlci 102(0x66,0x1860), static,
broadcast, IETF
What is the IP address shown? 192.168.1.2
In what state is interface serial 0? Up
Task 8: Verify Frame Relay ConnectivityStep 1. From the Washington router, ping the Dublin router serial interface:
Washington#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Washington#
Did the ping succeed? Yes
182 WAN Technologies CCNA 4 Labs and Study Guide
Step 2. If not, troubleshoot router configurations.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
! Washington
Router#configure terminal
Router(config)#hostname Washington
Washington(config)#enable password cisco
Washington(config)#enable secret class
Washington(config)#line con 0
Washington(config-line)#password cisco
Washington(config-line)#login
Washington(config-line)#line vty 0 4
Washington(config-line)#password cisco
Washington(config-line)#login
Washington(config-line)#interface fastethernet 0
Washington(config-if)#ip address 192.168.3.1 255.255.255.0
Washington(config-if)#no shutdown
Washington(config-if)#exit
Washington(config)#exit
Washington#copy running-config startup-config
! Washington Frame Relay Configuration
Washington#configure terminal
Washington(config)#interface serial 0
Washington(config-if)#encapsulation frame-relay ietf
Washington(config-if)#no keepalive
Washington(config-if)#ip address 192.168.1.1 255.255.255.0
Washington(config-if)#no shutdown
Washington(config-if)#frame-relay map ip 192.168.1.2 102 ietf broadcast
Washington(config-if)#clock rate 64000
Washington(config-if)#bandwidth 64
Washington(config-if)#description PVC to Dublin, DLCI 102, Circuit
#DASS465875, Contact John Tobin (061-8886745)
Washington(config-if)#exit
Washington#copy running-config startup-config
! Dublin
Router#configure terminal
Router(config)#hostname Dublin
Dublin(config)#enable password cisco
Dublin(config)#enable secret class
Dublin(config)#line console 0
Dublin(config-line)#password cisco
Dublin(config-line)#login
Dublin(config-line)#line vty 0 4
Chapter 5: Frame Relay 183
Dublin(config-line)#password cisco
Dublin(config-line)#login
Dublin(config-line)#interface fastethernet 0
Dublin(config-if)#ip address 192.168.2.1 255.255.255.0
Dublin(config-if)#no shutdown
Dublin(config-if)#exit
Dublin(config)#exit
Dublin#copy running-config startup-config
! Dublin Frame Relay Configuration
Dublin#configure terminal
Dublin(config)#interface serial 0
Dublin(config-if)#encapsulation frame-relay ietf
Dublin(config-if)#no keepalive
Dublin(config-if)#no shutdown
Dublin(config-if)#ip address 192.168.1.2 255.255.255.0
Dublin(config-if)#frame-relay map ip 192.168.1.1 102 ietf broadcast
Dublin(config-if)#bandwidth 64
Dublin(config-if)#$description PVC to Washington, DLCI 102,Circuit
#DASS465866 Contact Pat White (091-6543211)
Dublin(config-if)#exit
Dublin(config)#exit
Dublin#copy running-config startup-config
Curriculum Lab 5-3: Configuring Frame RelaySubinterfaces (5.2.5)Figure 5-3 Topology for Lab 5-3
184 WAN Technologies CCNA 4 Labs and Study Guide
Table 5-3 Lab Equipment Configuration
Router Router Interface Serial 0 DLCI Fast Ethernet 0 Designation Name Type Address/Subnet Number Address/Subnet
Mask
Router 1 Amsterdam DTE 192.168.4.1/24 102 192.168.1.1/24192.168.5.1/24 103
Router 2 Paris DTE 192.168.4.2/24 201 192.168.2.1/24192.168.6.1/24 203
Router 3 Berlin DTE 192.168.5.2/24 301 192.168.3.1/24192.168.6.2/24 302
The enable secret password for all routers is class.
The enable, vty, and console password for all routers is cisco.
The routing protocol for all routers is IGRP 100.
Objective
■ Configure three routers in a full-mesh Frame Relay network.
Background/Preparation
This lab uses an Adtran Atlas550 Frame Relay to simulate the switch/Frame Relay cloud.
Cable a network that is similar to the one in Figure 5-3. You can use any router that meets the interfacerequirements in Figure 5-3 (that is, 800, 1600, 1700, 2500, and 2600 routers, or a combination). See theinformation in Appendix C to correctly specify the interface identifiers based on the equipment in your lab.The 1721 series routers produced the configuration output in this lab. Another router might produce slightlydifferent output. Execute the following tasks on each router unless you are specifically instructed otherwise.
Start a HyperTerminal session.
Implement the procedure documented in Appendix E on all routers before you continue with this lab.
Task 1: Configure the RoutersConfigure the hostname, console, vty, and enable passwords according to Table 5-3. If you have difficultydoing this, see Lab 1-1, “Configuring NAT.”
Task 2: Configure the Serial 0 InterfacesStep 1. Define the Frame Relay encapsulation type to be used on this link by using the following com-
mands:
Amsterdam#configure terminal
Amsterdam(config)#interface serial 0
Amsterdam(config-if)#encapsulation frame-relay ietf
Amsterdam(config-if)#frame-relay lmi-type ansi
Step 2. Use a description field to store relevant information, such as the circuit number, if you have toreport a line fault:
Amsterdam(config-if)#description Circuit #KPN465555
Amsterdam(config-if)#no shutdown
Chapter 5: Frame Relay 185
Step 3. The same commands are used to configure the Berlin and Paris routers:
Paris(config)#interface serial 0
Paris(config-if)#encapsulation frame-relay ietf
Paris(config-if)#frame-relay lmi-type ansi
Paris(config-if)#description Circuit #FRT372826
Paris(config-if)#no shutdown
Berlin(config)#interface serial 0
Berlin(config-if)#encapsulation frame-relay ietf
Berlin(config-if)#frame-relay lmi-type ansi
Berlin(config-if)#description Circuit #DTK465866
Berlin(config-if)#no shutdown
Task 3: Create Subinterfaces on the Amsterdam RouterFor each of the PVCs, create a subinterface on the serial port. This subinterface will be a point-to-pointconfiguration. For consistency and future troubleshooting, use the DLCI number as the subinterface num-ber. The commands to create a subinterface are as follows:
Amsterdam(config-if)#interface serial 0.102 point-to-point
Amsterdam(config-if)#description PVC to Paris, DLCI 102, Contact Rick Voight(+33-1-5534-2234) Circuit #FRT372826
Amsterdam(config-if)#ip address 192.168.4.1 255.255.255.0
Amsterdam(config-if)#frame-relay interface-dlci 102
Amsterdam(config-if)#interface serial 0.103 point-to-point
Amsterdam(config-if)#description PVC to Berlin, DLCI 103, Contact P Wills(+49- 61 03 / 765 72 00) Circuit #DTK465866
Amsterdam(config-if)#ip address 192.168.5.1 255.255.255.0
Amsterdam(config-if)#frame-relay interface-dlci 103
Task 4: Create Subinterfaces on the Paris RouterTo configure the subinterfaces on the Paris router, use the following commands:
Paris(config-if)#interface Serial 0.201 point-to-point
Paris(config-if)#description PVC to Amsterdam, DLCI 201, Contact Peter Muller (+31 20623 32 67) Circuit #KPN465555
Paris(config-if)#ip address 192.168.4.2 255.255.255.0
Paris(config-if)#frame-relay interface-dlci 201
Paris(config-if)#interface Serial 0.203 point-to-point
Paris(config-if)#description PVC to Berlin, DLCI 203, Contact Peter Willis (+49- 61 03 /7 66 72 00) Circuit #DTK465866
Paris(config-if)#ip address 192.168.6.1 255.255.255.0
Paris(config-if)#frame-relay interface-dlci 203
Task 5: Create Subinterfaces on the Berlin RouterTo configure the subinterfaces on the Berlin router, use the following commands:
Berlin(config-if)#interface Serial 0.301 point-to-point
Berlin(config-if)#description PVC to Amsterdam, DLCI 301, Contact Peter Muller (+31 20
186 WAN Technologies CCNA 4 Labs and Study Guide
623 32 67) Circuit #KPN465555
Berlin(config-if)#ip address 192.168.5.2 255.255.255.0
Berlin(config-if)#frame-relay interface-dlci 301
Berlin(config-if)#interface Serial 0.302 point-to-point
Berlin(config-if)#description PVC to Paris, DLCI 302, Contact Rick Voight (+33-1-5534-2234) Circuit #FRT372826
Berlin(config-if)#ip address 192.168.6.2 255.255.255.0
Berlin(config-if)#frame-relay interface-dlci 302
Task 6: Configure IGRP RoutingTo configure the routing protocol IGRP 100, use the following configuration:
Amsterdam(config)#router igrp 100
Amsterdam(config-router)#network 192.168.1.0
Amsterdam(config-router)#network 192.168.4.0
Amsterdam(config-router)#network 192.168.5.0
Paris(config)#router igrp 100
Paris(config-router)#network 192.168.2.0
Paris(config-router)#network 192.168.4.0
Paris(config-router)#network 192.168.6.0
Berlin(config)#router igrp 100
Berlin(config-router)#network 192.168.3.0
Berlin(config-router)#network 192.168.5.0
Berlin(config-router)#network 192.168.6.0
Task 7: Verify the Frame Relay PVCOn the Amsterdam router, issue the command show frame-relay pvc:
Amsterdam#show frame-relay pvc
Amsterdam#show frame-relay pvc
PVC Statistics for interface Serial0 (Frame Relay DTE)
Active Inactive Deleted Static
Local 2 1 0 0
Switched 0 0 0 0
Unused 0 0 0 0
DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE =
Serial0.102
input pkts 13 output pkts 14 in bytes 2180
out bytes 2254 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
153 - 489 CCNA 4: WAN Technologies v 3.1 - Lab 5.2.5 Copyright ? 2003, Cisco Systems,Inc.
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
Chapter 5: Frame Relay 187
out bcast pkts 14 out bcast bytes 2254
pvc create time 00:14:27, last time pvc status changed 00:02:59
DLCI = 103, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE =
Serial0.103
input pkts 16 output pkts 14 in bytes 2258
out bytes 2307 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 9 out bcast bytes 1787
pvc create time 00:14:29, last time pvc status changed 00:02:02
DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = INACTIVE, INTERFACE =
Serial0
input pkts 0 output pkts 0 in bytes 0
out bytes 0 dropped pkts 0 in pkts dropped 0
out pkts dropped 0 out bytes dropped 0
in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
out BECN pkts 0 in DE pkts 0 out DE pkts 0
out bcast pkts 0 out bcast bytes 0
pvc create time 00:14:30, last time pvc status changed 00:06:13
How many active local PVCs exist? 2
What is the interface value? Serial0.102, Serial0.103
What is the PVC status? Active
Which DLCI number is inactive? 104
From this, you can see that three DLCIs are defined on this Frame Relay circuit, and only two of them arein use. This is the way the Adtran 550 emulator has been configured. It is useful output because it showswhat you would see if a DLCI were defined on the Frame Relay switch but not configured on the router.The other DLCIs, 102 and 103, are active and are associated with their respective subinterfaces. It alsoshows that some packets have passed across the PVC.
Task 8: Show the Frame Relay MapsLook at the Frame Relay maps by entering the command show frame-relay map at the privileged EXECmode prompt:
Amsterdam#show frame-relay map
Amsterdam#show frame-relay map
Serial0.103 (up): point-to-point dlci, dlci 103(0x67,0x1870), broadcast
status defined, active
Serial0.102 (up): point-to-point dlci, dlci 102(0x66,0x1860), broadcast
status defined, active
What is the status of the links? Up
What type are the DLCIs defined as? Point-to-point
Are the DLCIs the same on the Paris router? No
188 WAN Technologies CCNA 4 Labs and Study Guide
Task 9: Show the LMIsLook at the LMI statistics by using the show frame-relay lmi command:
Amsterdam#show frame-relay lmi
Amsterdam#show frame-relay lmi
LMI Statistics for interface Serial0 (Frame Relay DTE) LMI TYPE = ANSI
Invalid Unnumbered info 0 Invalid Prot Disc 0
Invalid dummy Call Ref 0 Invalid Msg Type 0
Invalid Status Message 0 Invalid Lock Shift 0
Invalid Information ID 0 Invalid Report IE Len 0
Invalid Report Request 0 Invalid Keep IE Len 0
Num Status Enq. Sent 55 Num Status msgs Rcvd 56
Num Update Status Rcvd 0 Num Status Timeouts 0
Which fields have nonzero counter values?
Num Status Enq. Sent, Num Status msgs Rcvd
What is the LMI type? ANSI
Task 10: Check the Routing ProtocolStep 1. Use the show ip route command to verify that the PVCs are up and active:
Amsterdam#show ip route
Amsterdam#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B –
BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.4.0/24 is directly connected, Serial0.102
C 192.168.5.0/24 is directly connected, Serial0.103
I 192.168.6.0/24 [100/10476] via 192.168.4.2, 00:01:06, Serial0.102
[100/10476] via 192.168.5.2, 00:01:20, Serial0.103
C 192.168.1.0/24 is directly connected, FastEthernet0
I 192.168.2.0/24 [100/8486] via 192.168.4.2, 00:01:06, Serial0.102
I 192.168.3.0/24 [100/8486] via 192.168.5.2, 00:01:20, Serial0.103
Is the routing protocol working? Yes
Step 2. If not, troubleshoot the router configurations.
List the IGRP routes.
I 192.168.6.0/24 [100/10476] via 192.168.4.2, 00:01:06, Serial0.102
[100/10476] via 192.168.5.2, 00:01:20, Serial0.103
Chapter 5: Frame Relay 189
I 192.168.2.0/24 [100/8486] via 192.168.4.2, 00:01:06, Serial0.102
I 192.168.3.0/24 [100/8486] via 192.168.5.2, 00:01:20, Serial0.103
Task 11: Verify ConnectivityStep 1. Ping the Fast Ethernet interfaces.
Amsterdam#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Amsterdam#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/39/40 ms
Amsterdam#ping 192.168.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/40/40 ms
Did the pings succeed? Yes
Step 2. If not, troubleshoot the router configurations and repeat this task.
After you complete the previous tasks, log off (by entering exit) and turn the router off. Then, remove andstore the cables and adapter.
Amsterdam
Router#configure terminal
Router(config)#hostname Amsterdam
Amsterdam(config)#enable password cisco
Amsterdam(config)#enable secret class
Amsterdam(config)#line con 0
Amsterdam(config-line)#password cisco
Amsterdam(config-line)#login
Amsterdam(config-line)#line vty 0 4
Amsterdam(config-line)#password cisco
Amsterdam(config-line)#login
Amsterdam(config-line)#interface fastethernet 0
Amsterdam(config-if)#ip address 192.168.1.1 255.255.255.0
Amsterdam(config-if)#no shutdown
Amsterdam(config-if)#exit
Amsterdam(config)#exit
Amsterdam#copy running-config startup-config
! Amsterdam Frame Relay and IGRP Configuration
Amsterdam#configure terminal
190 WAN Technologies CCNA 4 Labs and Study Guide
Amsterdam(config)#interface serial 0
Amsterdam(config-if)#encapsulation frame-relay ietf
Amsterdam(config-if)#frame-relay lmi-type ansi
Amsterdam(config-if)#description Circuit #KPN465555
Amsterdam(config-if)#no shutdown
Amsterdam(config-if)#interface serial 0.102 point-to-point
Amsterdam(config-subif)#description PVC to Paris, DLCI 102, contact Rick
Voight(+33-1-5534-2234) Circuit #FRT372826
Amsterdam(config-subif)#ip address 192.168.4.1 255.255.255.0
Amsterdam(config-subif)#frame-relay interface-dlci 102
Amsterdam(config-fr-dlci)#interface serial 0.103 point-to-point
Amsterdam(config-subif)#description PVC to Berlin, DLCI 103, Contact P
Wills (+49- 61 03 / 7 65 72 00) Circuit #DTK465866
Amsterdam(config-subif)#ip address 192.168.5.1 255.255.255.0
Amsterdam(config-subif)#frame-relay interface-dlci 103
Amsterdam(config-fr-dlci)#router igrp 100
Amsterdam(config-router)#network 192.168.1.0
Amsterdam(config-router)#network 192.168.4.0
Amsterdam(config-router)#network 192.168.5.0
Amsterdam(config-router)#exit
Amsterdam(config)#exit
Amsterdam#copy running-config startup-config
! Paris
Router#configure terminal
Router(config)#hostname Paris
Paris(config)#enable password cisco
Paris(config)#enable secret class
Paris(config)#line con 0
Paris(config-line)#password cisco
Paris(config-line)#login
Paris(config-line)#line vty 0 4
Paris(config-line)#password cisco
Paris(config-line)#login
Paris(config-line)#interface fastethernet 0
Paris(config-if)#ip address 192.168.2.1 255.255.255.0
Paris(config-if)#no shutdown
Paris(config-if)#exit
! Paris Frame Relay and IGRP Configuration
Paris#configure terminal
Paris(config)#interface serial 0
Paris(config-if)#encapsulation frame-relay ietf
Paris(config-if)#frame-relay lmi-type ansi
Paris(config-if)#description Circuit #FRT372826
Chapter 5: Frame Relay 191
Paris(config-if)#no shutdown
Paris(config-if)#interface Serial 0.201 point-to-point
Paris(config-subif)#description PVC to Amsterdam, DLCI 201, Contact Peter
Muller (+31 20 623 32 67) Circuit #KPN465555
Paris(config-subif)#ip address 192.168.4.2 255.255.255.0
Paris(config-subif)#frame-relay interface-dlci 201
Paris(config-fr-dlci)#interface Serial 0.203 point-to-point
Paris(config-subif)#description PVC to Berlin, DLCI 203, Contact Peter
Willis (+49- 61 03 / 7 66 72 00) Circuit #DTK465866
Paris(config-subif)#ip address 192.168.6.1 255.255.255.0
Paris(config-subif)#frame-relay interface-dlci 203
Paris(config-fr-dlci)#router igrp 100
Paris(config-router)#network 192.168.2.0
Paris(config-router)#network 192.168.4.0
Paris(config-router)#network 192.168.6.0
Paris(config-router)#exit
Paris(config)#exit
Paris#copy running-config startup-config
! Berlin
Router#configure terminal
Router(config)#hostname Berlin
Berlin(config)#enable password cisco
Berlin(config)#enable secret class
Berlin(config)#line con 0
Berlin(config-line)#password cisco
Berlin(config-line)#login
Berlin(config-line)#line vty 0 4
Berlin(config-line)#password cisco
Berlin(config-line)#login
Berlin(config-line)#interface fastethernet 0
Berlin(config-if)#ip address 192.168.3.1 255.255.255.0
Berlin(config-if)#no shutdown
Berlin(config-if)#exit
Berlin(config)#exit
Berlin#copy running-config startup-config
! Berlin Frame Relay and IGRP Configuration
Berlin#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Berlin(config)#interface serial 0
Berlin(config-if)#encapsulation frame-relay ietf
Berlin(config-if)#frame-relay lmi-type ansi
Berlin(config-if)#description Circuit #DTK465866
Berlin(config-if)#no shutdown
192 WAN Technologies CCNA 4 Labs and Study Guide
Berlin(config-if)#interface Serial 0.301 point-to-point
Berlin(config-subif)#description PVC to Amsterdam, DLCI 301, Contact Peter
Muller (+31 20 623 32 67) Circuit #KPN465555
Berlin(config-subif)#ip address 192.168.5.2 255.255.255.0
Berlin(config-subif)#frame-relay interface-dlci 301
Berlin(config-fr-dlci)#interface Serial 0.302 point-to-point
Berlin(config-subif)#$ description PVC to Paris, DLCI 302, Contact Rick
Voight (+33-1-5534-2234) Circuit #FRT372826
Berlin(config-subif)#ip address 192.168.6.2 255.255.255.0
Berlin(config-subif)#frame-relay interface-dlci 302
Berlin(config-subif)#exit
Berlin(config-if)#exit
Berlin(config)#router igrp 100
Berlin(config-router)#network 192.168.3.0
Berlin(config-router)#network 192.168.5.0
Berlin(config-router)#network 192.168.6.0
Berlin(config-router)#exit
Berlin(config)#exit
Berlin#copy running-config startup-config
Challenge Lab 5-4: Four-Interface Frame Relay Switch This lab teaches you how to make a router into a four-interface Frame Relay switch. It is intended for useif an Adtran is unavailable. It lets you convert a router into a Frame Relay switch. You must have a WIC2Tinserted in both WIC slots on the router. You can complete this lab using a 1721, 1760, or 2600 router thathas two serial WICs available. Figure 5-4 presents the topology for this lab.
Figure 5-4 Network Topology for Lab 5-4
Chapter 5: Frame Relay 193
FrameSwitch
DLCI [101]DLCI [102]DLCI [103]
DLCI [201]DLCI [202]DLCI [203]
DLCI [301]DLCI [302]DLCI [303]
S0/0 S1/0
S0/1 S1/1
DLCI [401]DLCI [402]DLCI [403]
Task 1Erase the NVRAM and restart the router.
Task 2Rename the router Frame_Switch:
Router(config)#Frame_Switch
Task 3Enable Frame Relay switching on the router using the following command:
Frame_Switch (config)#frame-relay switching
This command enables you to create PVCs on the router interfaces. You must do this before configuringany interfaces.
Task 4For the router to act as a Frame Relay switch, configure the following command on each interface:
Frame_Switch (config-if)#frame-relay interface-type dce
Task 5Configure each router interface to use the IETF encapsulation type:
Frame_Switch (config-if)#encapsulation frame-relay ietf
Task 6Configure Frame Relay PVC static routes on each interface. Following is a list of how each PVC shouldbe mapped on the appropriate interfaces:
■ Interface Serial 0/0:
■ DLCI 101 to DLCI 201 on interface Serial 0/1
■ DLCI 102 to DLCI 301 on interface Serial 1/0
■ DLCI 103 to DLCI 401 on interface Serial 1/1
■ Interface Serial 0/1:
■ DLCI 201 to DLCI 101 on interface Serial 0/0
■ DLCI 202 to DLCI 302 on interface Serial 1/0
■ DLCI 203 to DLCI 402 on interface Serial 1/1
■ Interface Serial 1/0:
■ DLCI 301 to DLCI 102 on interface Serial 0/0
■ DLCI 302 to DLCI 202 on interface Serial 1/0
■ DLCI 303 to DLCI 403 on interface Serial 1/1
■ Interface Serial 1/1:
■ DLCI 401 to DLCI 103 on interface Serial 0/0
194 WAN Technologies CCNA 4 Labs and Study Guide
■ DLCI 402 to DLCI 203 on interface Serial 1/0
■ DLCI 403 to DLCI 303 on interface Serial 1/1
Task 7Proceed to Challenge Lab 5-5, “Frame Relay Switch Challenge Lab 1.”
Frame_Switch#show running-config
Building configuration...
Current configuration : 1415 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Frame_Switch
!
!
ip subnet-zero
!
frame-relay switching
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
no ip address
encapsulation frame-relay IETF
no fair-queue
clockrate 64000
frame-relay intf-type dce
frame-relay route 101 interface Serial0/1 201
frame-relay route 102 interface Serial1/1 301
frame-relay route 103 interface Serial1/0 401
!
interface Serial0/1
no ip address
encapsulation frame-relay IETF
clockrate 64000
frame-relay intf-type dce
Chapter 5: Frame Relay 195
frame-relay route 201 interface Serial0/0 101
frame-relay route 202 interface Serial1/0 302
frame-relay route 203 interface Serial1/1 402
!
interface Serial1/0
no ip address
encapsulation frame-relay IETF
clockrate 64000
frame-relay intf-type dce
frame-relay route 301 interface Serial0/0 102
frame-relay route 302 interface Serial0/1 202
frame-relay route 303 interface Serial1/1 403
!
interface Serial1/1
no ip address
encapsulation frame-relay IETF
clockrate 64000
frame-relay intf-type dce
frame-relay route 401 interface Serial0/0 103
frame-relay route 402 interface Serial0/1 203
frame-relay route 403 interface Serial1/0 303
!
ip classless
no ip http server
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
!
no scheduler allocate
end
Challenge Lab 5-5: Frame Relay Switch Challenge Lab 1As the network administrator, you are required to set up a network using Frame Relay maps that will allowmultiple Open Shortest Path First (OSPF) areas to communicate over a secure path through the FrameRelay cloud. You also need to set up the internal network addressing using virtual-length subnet masks(VLSMs) and classless interdomain routing (CIDR). You need a strong grasp of Dynamic Host ControlProtocol (DHCP) and Network Address Translation (NAT) to complete this lab. Figure 5-5 shows the net-work topology for this lab using a Frame Relay switch, and Figure 5-6 shows the same topology using anAdtran.
196 WAN Technologies CCNA 4 Labs and Study Guide
Figure 5-5 Challenge Lab Diagram Using a Frame Relay Switch
Figure 5-6 Challenge Lab Diagram Using an Adtran
Chapter 5: Frame Relay 197
Lo0200.154.69.1/32
Web Server
ISP
West
S0/0
FA0/24
FA0/0
FA0/1
FA0/24West_S2 West_S1FA0/24
FA0/24 East_S2
West LANVLAN1–14 Hosts
VLAN10 (Students) – 28 HostsVLAN20 (Teachers) – 14 Hosts
VLAN30 (Administration) – 30 Hosts192.168.100.0/24
East LANVLAN1 – 60 Hosts
VLAN10 (Students) – 240 HostsVLAN20 (Teachers) – 60 Hosts
VLAN30 (Administration) – 30 Hosts192.168.10.0/23
Frame Switch
S0/0
S1/0S0/1S0/0
S0/0
EastFA0/0
FA0/1
East_S1
DLCI [201] DLCI [301]
DLCI [102]DLCI [101]
Area 0
Area 51 Area 61DLCI [302]DLCI [202]
Lo0200.154.69.1/32
Web Server
ISP
West
S0/0
FA0/24
FA0/0
FA0/1
FA0/24West_S2 West_S1FA0/24
FA0/24 East_S2
VLAN1–14 HostsVLAN10 (Students) – 28 HostsVLAN20 (Teachers) – 14 Hosts
VLAN30 (Administration) – 30 Hosts
East LANVLAN1 – 60 Hosts
VLAN10 (Students) – 240 HostsVLAN20 (Teachers) – 60 Hosts
VLAN30 (Administration) – 30 Hosts192.168.10.0/23
Adtran
1/1
2/11/2S0/0
S0/0
EastFA0/0
FA0/1
East_S1
DLCI [201] DLCI [301]
DLCI [103]DLCI [102]
Area 0
Area 51 Area 61DLCI [302]DLCI [203]
Table 5-4 Lab Equipment Configuration
Router Serial Interface Interface Loopback 0 DLCI Numbers Enable Secret Name Address Type Address Password
ISP 64.53.18.1 /29 DTE 200.154.69.1/32 101, 102 cisco
East 64.53.18.2 /29 DTE — 301, 302 cisco
West 64.53.18.3 /29 DTE — 201, 202 cisco
Note:This lab gives you the option of using a Frame Relay switch as the cloud or an Adtran if one is available. You cancomplete this lab exercise using any 1721, 1760, or 2600 series routers. The Frame Relay switch can be configuredusing Lab 5-4 and should follow the diagram in Figure 5-5 for the correct DLCI numbers. If an Adtran is available,follow the diagram in Figure 5-6 for the correct DLCI numbers.
Objectives
■ Configure Frame Relay using a router as the Frame Switch.
■ Multiple area OSPF with authentication.
■ DHCP.
■ NAT and PAT.
■ VLANs and inter-VLAN routing.
Task 1Cable and configure the equipment according to Figure 5-5 or 5-6, depending on whether you are using aFrame Relay switch or an Adtran.
Instructor’s initials _____________
Task 2Step 1. Configure Frame Relay using the appropriate DLCIs.
Step 2. Ping each neighbor’s serial interface to verify correct configuration.
Instructor’s initials _____________
Task 3Step 1. Configure East_Switch1 and West_Switch1 as VLAN Trunking Protocol (VTP) servers and the
remaining switches as VTP clients.
Step 2. Configure all switches as part of the cisco VTP domain.
Step 3. Create the following VLANs on both server switches as follows:
■ VLAN 1
■ VLAN 10: Students
■ VLAN 20: Teachers
■ VLAN 30: Administrators
198 WAN Technologies CCNA 4 Labs and Study Guide
Step 4. Assign the VLANs to the appropriate ports:
■ VLAN 1: All unassigned ports
■ VLAN 10: Ports 6–10 (ports 3–6 if you’re using a 12-port switch)
■ VLAN 20: Ports 11–15 (ports 7–9 if you’re using a 12-port switch)
■ VLAN 30: Ports 16–20 (ports 10–11 if you’re using a 12-port switch)
Step 5. Configure inter-VLAN routing using IEEE 802.1q encapsulation and the appropriate address-ing scheme according to the diagram.
Instructor’s initials _____________
Task 4Step 1. Configure OSPF on each router using process ID 1.
Step 2. With multiple areas inside the OSPF environment, be sure to use the appropriate wildcard maskand area ID.
Step 3. The following commands must be configured on each OSPF router for Frame Relay to functionacross the Frame Switch. (Use Step 3 only when using a router as a Frame Relay switch.)
ISP(config)#router ospf 1
ISP(config-router)#neighbor 64.53.18.2 priority 1
ISP(config-router)#neighbor 64.53.18.3 priority 1
Step 4. Verify functionality using the show ip route command.
Do not configure authentication yet!
Instructor’s initials _____________
Task 5Step 1. Configure DHCP on the East and West routers based on VLAN subnet information.
Step 2. Exclude the first three addresses from each pool.
Instructor’s initials _____________
Task 6Step 1. Configure NAT on the East and West routers.
Step 2. East router will use 24.83.68.0/25 for its NAT pool:
■ Create a dynamic NAT pool for VLAN 1.
■ All users from VLAN 10 will access the outside world using one IP address.
■ All users from VLAN 20 will access the outside world using one IP address.
■ Create a dynamic NAT pool for VLAN 30.
Step 3. West router will use 161.73.29.0/26 for its NAT pool:
■ Create a dynamic NAT pool for VLAN 1.
■ Create a dynamic NAT pool for VLAN 10.
■ Create a dynamic NAT pool for VLAN 20.
■ All users from VLAN 30 will access the outside world using one IP address.
Instructor’s initials _____________
Chapter 5: Frame Relay 199
Task 7Step 1. Configure OSPF authentication on each router.
Step 2. Configure the OSPF authentication key as fred.
You have the choice of using plain text or encrypted options for authentication.
Instructor’s initials _____________
Task 8Configure the ISP router as a web server.
Instructor’s initials _____________
Task 9Verify configuration using the appropriate commands. Hosts from each LAN should be able to open abrowser and connect to the ISP web server.
Instructor’s initials _____________ISP#show running-config
Building configuration...
Current configuration : 1094 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
!
memory-size iomem 25
ip subnet-zero
!
!
!
!
!
interface Loopback0
description Web Server
ip address 200.154.69.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
description Frame Switch
ip address 64.53.18.1 255.255.255.248
encapsulation frame-relay IETF
200 WAN Technologies CCNA 4 Labs and Study Guide
frame-relay map ip 64.53.18.2 102 broadcast
frame-relay map ip 64.53.18.3 101 broadcast
no frame-relay inverse-arp
ip ospf authentication-key secret fred
no shut
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 64.53.18.1 0.0.0.0 area 0
neighbor 64.53.18.3 priority 1
neighbor 64.53.18.2 priority 1
default-information originate
area 0 authentication
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 24.83.68.0 255.255.255.128 64.53.18.2
ip route 161.73.29.0 255.255.255.192 64.53.18.3
ip http server
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
West#show running-config
Building configuration...
Current configuration : 2840 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname West
!
!
ip subnet-zero
Chapter 5: Frame Relay 201
ip dhcp excluded-address 192.168.100.81 192.168.100.83
ip dhcp excluded-address 192.168.100.33 192.168.100.35 only exclude 3 addresses? 33-35q
ip dhcp excluded-address 192.168.100.65 192.168.100.67 only exclude 3 addresses? 65-67
ip dhcp excluded-address 192.168.100.1 192.168.100.3
!
ip dhcp pool Vlan1
network 192.168.100.80 255.255.255.240
default-router 192.168.100.81
!
ip dhcp pool Students
network 192.168.100.32 255.255.255.224
default-router 192.168.100.33
!
ip dhcp pool Administration
network 192.168.100.0 255.255.255.224
default-router 192.168.100.1
!
ip dhcp pool Teachers
network 192.168.100.64 255.255.255.240
default-router 192.168.100.65
!
!
!
!
!
interface FastEthernet0/0
no shut
no ip address
speed auto
!
interface FastEthernet0/0.1
description Vlan1
encapsulation dot1Q 1 native
ip address 192.168.100.81 255.255.255.240
ip nat inside
!
interface FastEthernet0/0.10
description Students
encapsulation dot1Q 10
ip address 192.168.100.33 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Teachers
encapsulation dot1Q 20
ip address 192.168.100.65 255.255.255.240
ip nat inside
!
interface FastEthernet0/0.30
description Administration
encapsulation dot1Q 30
ip address 192.168.100.1 255.255.255.224
202 WAN Technologies CCNA 4 Labs and Study Guide
ip nat inside
!
interface Serial0/0
ip address 64.53.18.3 255.255.255.248
ip nat outside
encapsulation frame-relay IETF
no fair-queue
frame-relay map ip 64.53.18.1 201 broadcast
frame-relay map ip 64.53.18.2 202 broadcast
no frame-relay inverse-arp
ip ospf authentication-key secret fred
no shut
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 64.53.18.3 0.0.0.0 area 0
network 192.168.100.1 0.0.0.0 area 51
network 192.168.100.33 0.0.0.0 area 51
network 192.168.100.65 0.0.0.0 area 51
network 192.168.100.81 0.0.0.0 area 51
neighbor 64.53.18.2 priority 1
neighbor 64.53.18.1 priority 1
area 0 authentication
!
ip nat pool Vlan1 161.73.29.1 161.73.29.14 netmask 255.255.255.192
ip nat pool Students 161.73.29.15 161.73.29.43 netmask 255.255.255.192
ip nat pool Teachers 161.73.29.44 161.73.29.58 netmask 255.255.255.192
ip nat pool Administration 161.73.29.59 161.73.29.59 netmask 255.255.255.192
ip nat inside source list 1 pool Vlan1
ip nat inside source list 2 pool Students
ip nat inside source list 3 pool Teachers
ip nat inside source list 4 pool Administration overload
ip classless
ip route 24.83.68.0 255.255.255.128 Serial0/0
no ip http server
!
!
access-list 1 permit 192.168.100.80 0.0.0.15
access-list 2 permit 192.168.100.32 0.0.0.31
access-list 3 permit 192.168.100.64 0.0.0.15
access-list 4 permit 192.168.100.0 0.0.0.31
!
line con 0
logging synchronous
line aux 0
Chapter 5: Frame Relay 203
line vty 0 4
login
!
end
East#show running-config
Building configuration...
Current configuration : 2773 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname East
!
!
memory-size iomem 25
ip subnet-zero
ip dhcp excluded-address 192.168.11.1 192.168.11.3
ip dhcp excluded-address 192.168.10.1 192.168.10.3
ip dhcp excluded-address 192.168.11.65 192.168.11.67
ip dhcp excluded-address 192.168.11.129 192.168.11.131
!
ip dhcp pool Vlan1
network 192.168.11.0 255.255.255.192
default-router 192.168.11.1
!
ip dhcp pool Students
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
!
ip dhcp pool Teachers
network 192.168.11.64 255.255.255.192
default-router 192.168.11.65
!
ip dhcp pool Administration
network 192.168.11.128 255.255.255.224
default-router 192.168.11.129
!
!
!
!
!
interface FastEthernet0/0
204 WAN Technologies CCNA 4 Labs and Study Guide
no shut
no ip address
speed auto
!
interface FastEthernet0/0.1
description Vlan1
encapsulation dot1Q 1 native
ip address 192.168.11.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Students
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.20
description Teachers
encapsulation dot1Q 20
ip address 192.168.11.65 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.30
description Administration
encapsulation dot1Q 30
ip address 192.168.11.129 255.255.255.224
ip nat inside
!
interface Serial0/0
ip address 64.53.18.2 255.255.255.248
ip nat outside
encapsulation frame-relay IETF
frame-relay map ip 64.53.18.1 301 broadcast
frame-relay map ip 64.53.18.3 302 broadcast
no frame-relay inverse-arp
ip ospf authentication-key secret fred
no shut
!
interface Serial0/1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 64.53.18.2 0.0.0.0 area 0
network 192.168.10.1 0.0.0.0 area 61
Chapter 5: Frame Relay 205
network 192.168.11.1 0.0.0.0 area 61
network 192.168.11.65 0.0.0.0 area 61
network 192.168.11.129 0.0.0.0 area 61
neighbor 64.53.18.1 priority 1
neighbor 64.53.18.3 priority 1
area 0 authentication
!
ip nat pool Vlan1 24.83.68.1 24.83.68.60 netmask 255.255.255.128
ip nat pool Students 24.83.68.61 24.83.68.61 netmask 255.255.255.128
ip nat pool Teachers 24.83.68.62 24.83.68.62 netmask 255.255.255.128
ip nat pool Administration 24.83.68.65 24.83.68.95 netmask 255.255.255.128
ip nat inside source list 1 pool Vlan1
ip nat inside source list 2 pool Students overload
ip nat inside source list 3 pool Teachers overload
ip nat inside source list 4 pool Administration
ip classless
ip route 161.73.29.0 255.255.255.192 Serial0/0
no ip http server
!
!
access-list 1 permit 192.168.11.0 0.0.0.63
access-list 2 permit 192.168.10.0 0.0.0.255
access-list 3 permit 192.168.11.64 0.0.0.63
access-list 4 permit 192.168.11.128 0.0.0.31
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
end
West_Switch1#show running-config
Building configuration...
Current configuration : 1984 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname West_Switch1
206 WAN Technologies CCNA 4 Labs and Study Guide
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 10
no ip address
!
Chapter 5: Frame Relay 207
interface FastEthernet0/11
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
switchport access vlan 30
no ip address
!
interface FastEthernet0/17
switchport access vlan 30
no ip address
!
interface FastEthernet0/18
switchport access vlan 30
no ip address
!
interface FastEthernet0/19
switchport access vlan 30
no ip address
!
interface FastEthernet0/20
switchport access vlan 30
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
208 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
switchport mode trunk
no ip address
!
interface Vlan1
ip address 192.168.100.82 255.255.255.240
no ip route-cache
no shut
!
ip default-gateway 192.168.100.81
ip http server
!
!
line con 0
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
West_Switch2#show running-config
Building configuration...
Current configuration : 1927 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname West_Switch2
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
Chapter 5: Frame Relay 209
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 10
no ip address
!
interface FastEthernet0/11
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
210 WAN Technologies CCNA 4 Labs and Study Guide
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
switchport access vlan 30
no ip address
!
interface FastEthernet0/17
switchport access vlan 30
no ip address
!
interface FastEthernet0/18
switchport access vlan 30
no ip address
!
interface FastEthernet0/19
switchport access vlan 30
no ip address
!
interface FastEthernet0/20
switchport access vlan 30
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
no ip address
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
switchport mode trunk
no ip address
!
interface Vlan1
ip address 192.168.100.83 255.255.255.240
Chapter 5: Frame Relay 211
no ip route-cache
no shut
!
ip default-gateway 192.168.100.81
ip http server
!
!
line con 0
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
East_Switch1#show running-config
Building configuration...
Current configuration : 1980 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname East_Switch1
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
no ip address
!
212 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 10
no ip address
!
interface FastEthernet0/11
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
Chapter 5: Frame Relay 213
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
switchport access vlan 30
no ip address
!
interface FastEthernet0/17
switchport access vlan 30
no ip address
!
interface FastEthernet0/18
switchport access vlan 30
no ip address
!
interface FastEthernet0/19
switchport access vlan 30
no ip address
!
interface FastEthernet0/20
switchport access vlan 30
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
switchport mode trunk
no ip address
!
interface Vlan1
ip address 192.168.11.2 255.255.255.192
no ip route-cache
no shut
!
ip default-gateway 192.168.11.1
ip http server
!
!
line con 0
214 WAN Technologies CCNA 4 Labs and Study Guide
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
East_Switch2#show running-config
Building configuration...
Current configuration : 1925 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname East_Switch2
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
Chapter 5: Frame Relay 215
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 10
no ip address
!
interface FastEthernet0/11
switchport access vlan 20
no ip address
!
interface FastEthernet0/12
switchport access vlan 20
no ip address
!
interface FastEthernet0/13
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
switchport access vlan 20
no ip address
!
interface FastEthernet0/16
switchport access vlan 30
no ip address
!
interface FastEthernet0/17
switchport access vlan 30
216 WAN Technologies CCNA 4 Labs and Study Guide
no ip address
!
interface FastEthernet0/18
switchport access vlan 30
no ip address
!
interface FastEthernet0/19
switchport access vlan 30
no ip address
!
interface FastEthernet0/20
switchport access vlan 30
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
switchport mode trunk
no ip address
!
interface Vlan1
ip address 192.168.11.3 255.255.255.192
no ip route-cache
no shut
!
ip default-gateway 192.168.11.1
ip http server
!
!
line con 0
logging synchronous
line vty 0 4
login
line vty 5 15
login
!
end
Chapter 5: Frame Relay 217
West_S1#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x2A 0x44 0x1E 0x28 0xD1 0xEC 0xAA 0x77
West_S2#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x2A 0x44 0x1E 0x28 0xD1 0xEC 0xAA 0x77
East_S1#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x0B 0xCB 0xF4 0x3E 0x7A 0xEC 0x8A 0x49
East_S2#show vtp status
VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 64
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : cisco
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x0B 0xCB 0xF4 0x3E 0x7A 0xEC 0x8A 0x49
218 WAN Technologies CCNA 4 Labs and Study Guide
Challenge Lab 5-6: Frame-Relay Challenge Lab 2You are the network administrator of an international organization that has multiple sites around the world.Your task is to set up Frame Relay across the London, China, and Ireland routers. Enhanced InteriorGateway Routing Protocol (EIGRP) should be used to communicate between them. The Ireland andScotland routers will use ISDN with static routes. In addition, you must set up the internal network off theScotland router using VLSM, DHCP, and NAT. Figure 5-7 shows the network topology for this lab, andTable 5-5 lists the router interface details.
Figure 5-7 Network Topology for Challenge Lab 5-6
Table 5-5 Lab Equipment Configuration
Router Serial Interface Loopback 0 Loopback 1 Address Enable SecretName Address Address
China 200.200.200.3/30 132.16.83.1/30 — cisco
London 200.200.200.1/30 24.72.48.1/30 69.118.96.1/30 cisco
Ireland 200.200.200.2/30 — — cisco
Scotland — 116.232.192.1/30 137.213.181.1/30 cisco
Note: This lab can be done using any 1721, 1760, and 2600 series routers.
Objectives
■ Configure Frame Relay.
■ Configure ISDN using dialer profiles and interfaces.
■ Use EIGRP as the routing protocol.
■ Configure DHCP, NAT, and PAT.
■ Configure VLANs and inter-VLAN routing.
Chapter 5: Frame Relay 219
Lo0132.16.83.1/30
Web Server
China
Scotland
DHCP
ISDN
2/1
1/21/1
DLCI [301] DLCI [302]
DLCI [201]Scotland LAN Addressing
192.168.1.0/23
NAT Address Pool194.18.26.0/26
DLCI [203]
DLCI [102]
DLCI [103]London
WAN Cloud(Frame Switch)
VLAN1
VLAN10
4–9
VLAN15
10–14
VLAN
20
15–19
Fa0/1
Fa0/1
Fa0/1
Fa0/0
Fa0/2
Fa0/2 Fa0/3
BRI 0/0BRI 0/0BRI 1 BRI 2
DumfriesDundee
VLANSManagement 1 = 28 Hosts
Design 10 = 254 HostsSecurity 15 = 60 Hosts
Research 20 = 53 Hosts
Ireland
S0/0
Task 1Cable and configure the equipment according to the diagram in Figure 5-7.
Instructor’s initials _____________
Task 2Step 1. Configure Frame Relay using the appropriate DLCIs.
Step 2. Ping each neighbor’s serial interface to verify correct configuration.
Instructor’s initials _____________
Task 3Step 1. Configure the Dumfries and Dundee switches with an available IP address from VLAN 1.
Step 2. Configure the Dumfries switch as a VTP server and the Dundee switch as a VTP client.
Step 3. Configure all switches as part of the cisco VTP domain.
Step 4. Create the following VLANs:
■ VLAN 1: Management
■ VLAN 10: Design
■ VLAN 15: Security
■ VLAN 20: Research
Step 5. Assign the VLANs to the appropriate ports:
■ VLAN 1: All unassigned ports
■ VLAN 10: Ports 4–9
■ VLAN 15: Ports 10–14
■ VLAN 20: Ports 15–19
Step 6. Configure inter-VLAN routing using IEEE 802.1q encapsulation and the appropriate address-ing scheme according to the diagram in Figure 5-7.
Instructor’s initials _____________
Task 4Step 1. Configure EIGRP on the London, China, and Ireland routers using AS100.
Step 2. Create a default route on the Scotland router.
Step 3. Create static routes on the Ireland router to the LAN addresses on the Scotland router, andpoint them to the dialer interface address of the Scotland router.
Step 4. Propagate static routes inside the EIGRP domain.
Step 5. Create a default route on the Scotland router, and point it to the dialer interface address of theIreland router.
Step 6. Verify functionality using the show ip route command on all routers.
Instructor’s initials _____________
220 WAN Technologies CCNA 4 Labs and Study Guide
Task 5Step 1. Configure ISDN on the Scotland and Ireland routers.
Step 2. Use the appropriate SPIDs on the ISDN BRI interfaces.
Step 3. Configure CHAP as the authentication protocol using cisco as the password.
Step 4. Use the ISDN switch type basic-ni.
Step 5. Allow ISDN to load-balance across both B channels.
Step 6. Create dialer profiles.
Step 7. Create dialer interfaces using the following addresses:
■ Ireland: 193.15.63.1 255.255.255.252
■ Scotland: 193.15.63.2 255.255.255.252
Step 8. Allow all IP traffic to turn the ISDN line on.
Step 9. Do not advertise either address in EIGRP. This will cause the interface to flap uncontrollably.
Instructor’s initials _____________
Task 6Step 1. Configure DHCP on the Scotland router.
Step 2. Exclude the first three addresses from each pool.
Instructor’s initials _____________
Task 7Step 1. Configure NAT on the Scotland router.
Step 2. Use the 194.18.26.0 /26 address for its NAT pool:
■ Create a dynamic NAT pool for VLAN 1.
■ All users from VLAN 10 will access the outside world using one IP address.
■ Prevent VLAN 15 from accessing the outside world so that a NAT pool is not required.
■ All users from VLAN 20 will access the outside world using one IP address.
Instructor’s initials _____________
Task 8Configure the China router as an HTTP server.
Instructor’s initials _____________
Task 9Verify configuration using the appropriate commands. DHCP-enabled hosts should receive a differentaddress.
Instructor’s initials _____________
London#show running-config
Building configuration...
Chapter 5: Frame Relay 221
Current configuration : 861 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname London
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 24.72.48.1 255.255.255.252
!
interface Loopback1
ip address 69.118.96.1 255.255.255.252
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
ip address 200.200.200.1 255.255.255.0
encapsulation frame-relay IETF
no fair-queue
frame-relay map ip 200.200.200.2 203 broadcast
frame-relay map ip 200.200.200.3 201 broadcast
!
interface Serial0/1
no ip address
shutdown
!
router eigrp 100
network 24.0.0.0
network 69.0.0.0
network 200.200.200.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
222 WAN Technologies CCNA 4 Labs and Study Guide
no ip http server
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
no scheduler allocate
end
China#show running-config
Building configuration...
Current configuration : 835 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname China
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 132.16.83.1 255.255.255.252
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
ip address 200.200.200.3 255.255.255.0
encapsulation frame-relay IETF
frame-relay map ip 200.200.200.1 102 broadcast
frame-relay map ip 200.200.200.2 103 broadcast
Chapter 5: Frame Relay 223
!
interface Serial0/1
no ip address
shutdown
!
!
interface BRI1/0
no ip address
shutdown
!
router eigrp 100
network 132.16.0.0
network 200.200.200.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
ip http server
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
no scheduler allocate
end
Ireland#show running-config
Building configuration...
Current configuration : 1415 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Ireland
!
!
username Scotland password 0 cisco
ip subnet-zero
224 WAN Technologies CCNA 4 Labs and Study Guide
!
!
isdn switch-type basic-ni
!
!
!
interface FastEthernet0/0
no ip address
shutdown
speed auto
!
interface Serial0/0
ip address 200.200.200.2 255.255.255.0
encapsulation frame-relay IETF
frame-relay map ip 200.200.200.1 302 broadcast
frame-relay map ip 200.200.200.3 301 broadcast
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055510000001 5551000
isdn spid2 51055510010001 5551001
ppp authentication chap
ppp multilink
!
interface Dialer0
ip address 193.15.63.1 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name Scotland
dialer string 5552000
dialer string 5552001
dialer-group 1
ppp authentication chap
!
router eigrp 100
redistribute static
network 200.200.200.0
auto-summary
no eigrp log-neighbor-changes
Chapter 5: Frame Relay 225
!
ip classless
ip route 116.232.192.0 255.255.255.252 193.15.63.2
ip route 137.213.181.0 255.255.255.252 193.15.63.2
ip route 192.18.26.0 255.255.255.0 193.15.63.2
ip route 193.15.63.0 255.255.255.0 193.15.63.2
no ip http server
!
!
dialer-list 1 protocol ip permit
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
end
Scotland#show running-config
Building configuration...
Current configuration : 2803 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Scotland
!
!
username Ireland password 0 cisco
memory-size iomem 25
ip subnet-zero
ip dhcp excluded-address 192.168.1.1 192.168.1.3
ip dhcp excluded-address 192.168.2.1 192.168.2.3
ip dhcp excluded-address 192.168.1.33 192.168.1.35
ip dhcp excluded-address 192.168.1.97 192.168.1.99
!
ip dhcp pool Management
network 192.168.1.0 255.255.255.224
default-router 192.168.1.1
!
226 WAN Technologies CCNA 4 Labs and Study Guide
ip dhcp pool Design
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
!
ip dhcp pool Security
network 192.168.1.32 255.255.255.192
default-router 192.168.1.33
!
ip dhcp pool Research
network 192.168.1.96255.255.255.192
default-router 192.168.1.97
!
!
isdn switch-type basic-ni
!
!
!
interface FastEthernet0/0
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.10
description Design
encapsulation dot1Q 10
ip address 192.168.2.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0.15
description Security
encapsulation dot1Q 15
ip address 192.168.1.33 255.255.255.192
!
interface FastEthernet0/0.20
description Research
encapsulation dot1Q 20
ip address 192.168.1.97 255.255.255.192
ip nat inside
!
interface Serial0/0
no ip address
Chapter 5: Frame Relay 227
shutdown
!
interface Serial0/1
no ip address
shutdown
!
interface BRI0/0
no ip address
ip nat outside
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-ni
isdn spid1 51055520000001 5552000
isdn spid2 51055520010001 5552001
ppp authentication chap
ppp multilink
ip access-group 101 out
!
interface Dialer0
ip address 193.15.63.2 255.255.255.252
ip nat outside
encapsulation ppp
dialer pool 1
dialer remote-name Ireland
dialer string 5551000
dialer string 5551001
dialer-group 1
ppp authentication chap
!
ip nat pool Management 194.18.26.1 194.18.26.61 netmask 255.255.255.192
ip nat pool Design 194.18.26.62 194.18.26.62 netmask 255.255.255.192
ip nat pool Research 194.18.26.94 194.18.26.94 netmask 255.255.255.192
ip nat inside source list 1 pool Management
ip nat inside source list 2 pool Design overload
ip nat inside source list 3 pool Research overload
ip classless
ip route 0.0.0.0 0.0.0.0 193.15.63.1
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.31
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 3 permit 192.168.1.96 0.0.0.63
access-list 101 deny ip 192.168.1.32 0.0.0.63 any
access-list 101 permit any any
dialer-list 1 protocol ip permit
!
line con 0
228 WAN Technologies CCNA 4 Labs and Study Guide
logging synchronous
line aux 0
line vty 0 4
!
no scheduler allocate
end
Dumfries#show running-config
Building configuration...
Current configuration : 2028 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Dumfries
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
switchport mode trunk
no ip address
!
interface FastEthernet0/3
switchport mode trunk
no ip address
!
interface FastEthernet0/4
switchport access vlan 10
Chapter 5: Frame Relay 229
no ip address
!
interface FastEthernet0/5
switchport access vlan 10
no ip address
!
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 15
no ip address
!
interface FastEthernet0/11
switchport access vlan 15
no ip address
!
interface FastEthernet0/12
switchport access vlan 15
no ip address
!
interface FastEthernet0/13
switchport access vlan 20
no ip address
!
interface FastEthernet0/14
switchport access vlan 20
no ip address
!
interface FastEthernet0/15
switchport access vlan 20
no ip address
!
230 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/16
switchport access vlan 20
no ip address
!
interface FastEthernet0/17
switchport access vlan 20
no ip address
!
interface FastEthernet0/18
switchport access vlan 20
no ip address
!
interface FastEthernet0/19
switchport access vlan 20
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.1.2 255.255.255.224
no ip route-cache
no shut
!
interface Vlan10
no ip address
no ip route-cache
!
interface Vlan15
no ip address
no ip route-cache
!
interface Vlan20
no ip address
Chapter 5: Frame Relay 231
no ip route-cache
!
ip default-gateway 193.15.63.2
ip http server
!
!
line con 0
logging synchronous
line vty 5 15
!
end
Dundee#show running-config
Building configuration...
Current configuration : 1972 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Dundee
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
switchport mode trunk
no ip address
!
interface FastEthernet0/3
no ip address
!
232 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/4
switchport access vlan 10
no ip address
!
interface FastEthernet0/5
switchport access vlan 10
no ip address
!
interface FastEthernet0/6
switchport access vlan 10
no ip address
!
interface FastEthernet0/7
switchport access vlan 10
no ip address
!
interface FastEthernet0/8
switchport access vlan 10
no ip address
!
interface FastEthernet0/9
switchport access vlan 10
no ip address
!
interface FastEthernet0/10
switchport access vlan 15
no ip address
!
interface FastEthernet0/11
switchport access vlan 15
no ip address
!
interface FastEthernet0/12
switchport access vlan 15
no ip address
!
interface FastEthernet0/13
switchport access vlan 15
no ip address
!
interface FastEthernet0/14
switchport access vlan 15
no ip address
!
interface FastEthernet0/15
switchport access vlan 20
Chapter 5: Frame Relay 233
no ip address
!
interface FastEthernet0/16
switchport access vlan 20
no ip address
!
interface FastEthernet0/17
switchport access vlan 20
no ip address
!interface FastEthernet0/18
switchport access vlan 20
no ip address
!
interface FastEthernet0/19
switchport access vlan 20
no ip address
!
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.1.3 255.255.255.224
no ip route-cache
!
interface Vlan10
no ip address
no ip route-cache
!
interface Vlan15
no ip address
no ip route-cache
!
interface Vlan20
no ip address
234 WAN Technologies CCNA 4 Labs and Study Guide
no ip route-cache
!
ip default-gateway 192.168.1.1
ip http server
!
!
line con 0
line vty 5 15
!
end
Chapter 5: Frame Relay 235
This page intentionally left blank
CHAPTER 6
Introduction to Network Administration
The Study Guide portion of this chapter uses a combination of multiple-choice and open-ended questionexercises to test your knowledge of the theory of network administration.
This chapter contains no lab exercises.
Study Guide
Workstations and ServersWorkstations are regular computers that run multiple applications (word processing, spreadsheets, and soon) and allow multiple users to access information from a single location. They can run using one of sever-al different platforms such as Windows, UNIX/Linux, or even Macintosh.
One specific type of workstation is a diskless workstation. A diskless workstation contains no drives forstorage, making it unable to upload or download anything in the network. This aspect makes a disklessworkstation ideal for networks that have security as a top priority. Laptops can serve as a mobile worksta-tion if they are connected to the network (for example, wireless). Servers are workstations with differentsoftware and much more hardware, including memory and processing speed. This is because they must beoperational all the time and capable of handling several simultaneous requests. Both servers and worksta-tions have network operating systems that allow access to network resources and functions. Windows NTby Microsoft was the first network operating system designed to operate on large-scale networks withworkgroup servers. Windows 2000 was then released as an “all-in-one” network operating system for largeand small networks and single standalone computers. It also allows plug-and-play devices. Another versionof a network operating system is UNIX, including variations such as Linux, which is an open-source pro-gramming code.
Concept Questions1. Why is a diskless workstation preferred in a high-security situation as opposed to a regular worksta-
tion or a laptop?
A diskless workstation is preferable over an ordinary workstation or a laptop because it has no storagedrives, and therefore it cannot download or upload anything inside the network. This also preventsviruses from being spread and infecting the network.
2. Compare and contrast Windows and UNIX platforms as network operating systems.
UNIX is a command-line operating system that is similar to the command-line interface of a Ciscorouter. It is a network operating system mainly used in large financial institutions. Linux is an open-source operating system derived from UNIX. This feature allows different companies and individualsto create their own variations of Linux to suit their needs. Windows, on the other hand, is a GUI-basedoperating system that cannot be modified. It is the standard operating system found on most PCstoday and is designed for both personal and corporate environments.
Network ManagementManaging a network involves an array of tasks to keep the network operational, including the ability togrow or scale your network, routing and rerouting traffic, managing security, dealing with costs and budg-ets, and much more. Standards have been created for network management by the InternationalOrganization for Standardization (ISO). These standards are also encompassed within Simple NetworkManagement Protocol (SNMP) and Common Management Information Protocol (CMIP), which bothallow management of different platforms. SNMP is the most popular protocol used for managing corpo-rate, connected networks. The four parts that allow SNMP to operate are a network management agent,station, information base, and protocol. The management station and agent work together to monitoroccurrences such as the status of interfaces, virtual circuits, sent and received broadcast messages, and soon. Management Information Bases (MIBs) are used as banks of information about a device. Most MIBsare vendor-specific to help manage that particular device in the way it functions. Management agents are
238 WAN Technologies CCNA 4 Labs and Study Guide
Chapter 6: Introduction to Network Administration 239
embedded within the software of network devices to send clear-text messages, or community strings, to themanagement station. A rule of thumb in SNMP is to collect the least amount of information over a wide-spread interval. The string acts as the message’s password, and ro (read-only) and rw (read-write) tellwhether the management station can make changes to the MIB.
Remote Monitoring (RMON) is a MIB that allows for remote monitoring of networks. It divides the taskof monitoring into nine groups of aspects that it oversees: Statistics, History, Alarm, Host, HostTopN,Traffic Matrix, Filter, Packet Capture, and Event. Syslog is a utility used within Cisco devices to reporterrors. Syslog tags every error with a number, ranging from 0 to 7, that indicates the error’s level of severity.If the syslog report has a 0 attached to it, the severity is great, whereas 7 indicates a minor severity. Thelevel numbers are equivalent to the following (in order from 0 to 7): emergencies, alerts, critical, errors,warnings, notifications, informational, and debugging. The default severity level for all Cisco IOS syslogreports is 6. To enable syslog on a Cisco device, enter the command logging on in global configurationmode, which sends the logs to every destination that can read them. If there is a specific device to whichthe logs are to be sent, use the command logging [ip address | hostname].
Concept Questions1. Management agents are embedded in the software of all network devices to report back to the man-
agement station. What are some of the things that the management agents keep track of and report tothe management station?
Agents report the status of the device’s interfaces, any virtual circuits, and other things. Whenever anagent sends a message, it does so after a trap that captures an event such as an interface changing state.However, the device must be configured to send the messages to a management station or stations.
2. Explain how SNMP can be used in conjunction with software or other devices to enhance networkmonitoring.
WhatsUp Professional 2006 (formally known as WhatsUp Gold) monitoring software can be usedwith SNMP to send messages to an Exchange server. The Exchange server then sends messages to thenetwork engineer’s Blackberry, cell phone, pager, or e-mail to immediately inform him of changeswithin the network or other information about the network as it happens.
Chapter Review QuestionsFor multiple-choice questions 1 through 20, circle the correct answers. Some questions have more thanone answer.
1. What are the operating systems that a client workstation may operate on? (Select three)
A. Sun Microsystems
B. Windows
C. Solaris
D. UNIX
E. Macintosh
2. What features of a diskless workstation provide security? (Select two)
A. It contains no drives.
B. It is used only for storage.
C. It is unable to download or upload files.
D. It is physically isolated from the rest of the network.
E. All information is stored on an external hard drive.
3. There are workstations that perform low- and high-end tasks. What are some of the tasks that a high-end workstation may perform? (Select three)
A. Word processing
B. Graphic design
C. Circuit design
D. Spreadsheets
E. Weather data analysis
4. Servers provide a variety of services on request from devices within the network. What are some ofthe services provided? (Select three)
A. DHCP requests
B. FTP file transfers
C. Equipment management
D. Print jobs
E. Doubles as a backup workstation
5. Why are servers equipped with much more memory and processing power than a regular workstation?(Select two)
A. They must be able to handle simultaneous requests from multiple workstations.
B. They serve as a backup to every workstation in case one of them malfunctions.
C. Servers are used for heavy data analysis and computer graphics animation.
D. They function as storage facilities for network devices.
E. Workstations are actually equipped with more hardware.
6. Which network operating system was released to operate on large and small-scale networks andremote computers?
A. UNIX
B. Windows 2000
C. Windows NT
D. Red Hat Linux
E. Mac OS X
7. What protocols are used to help manage computer networks? (Select two)
A. CMIP
B. SMTP
C. CMNP
D. SNMP
E. ISO Network Management Protocol
8. Which commands send all syslog entries to a specific location? (Select two)
A. Router(config)#logging ip address
B. Router(config-if)#logging hostname
C. Router(config-if)#logging ip address
D. Router(config)#logging hostname
E. Router(config)#logging syslog ip address
240 WAN Technologies CCNA 4 Labs and Study Guide
9. What service does a Domain Name System (DNS) provide to a PC when accessing a website?
A. It routes your request to the correct website.
B. It provides the IP address for the website.
C. It converts the website name into an IP address and then redirects your request to the website.
D. It tells your router which path to take to get to the website.
10. Which devices in an SNMP-managed network communicate with one another and are responsible forreporting network errors?
A. Management agent and protocol
B. Management agent and information base
C. Management station and agent
D. Management protocol and information base
E. Management station and information base
11. What are some of the things that a management agent can monitor about a particular device? (Selectthree)
A. Status of virtual circuits
B. Whether the device is powered on
C. The size and number of packets that travel through the device
D. If anyone is in a Telnet session in the network
E. The states of the device’s interfaces
12. What type of messages are sent to the remote management station from the management agents in thenetwork?
A. UDP error messages
B. MD5 encrypted updates
C. TCP synchronous messages
D. TCP acknowledgments
E. ICMP packets
13. A network management station (NMS) obtains information on the operation of the network from aMIB. What message types does the MIB send back to the NMS? (Select three)
A. Bulk
B. Get
C. Set
D. Log
E. Trap
14. When SNMPv2c was introduced, what two additional functions were added?
A. GetNextRequest
B. SetRequest
C. GetBulkRequest
D. 64-bit counters
E. GetRequestBulk
Chapter 6: Introduction to Network Administration 241
15. What is true about the command snmp-server community string rw?
A. The management station can obtain only MIB objects.
B. The management station can create a copy of the information base.
C. The management station and other local devices may modify the MIB.
D. The management station can retrieve and change MIB items.
E. The management station cannot do anything at all.
16. The syslog utility in Cisco is used to mark errors with a severity level number ranging from 0 to 7.What is the default severity level?
A. Notifications
B. Informational
C. Debugging
D. Emergencies
E. Alerts
17. What command tells the device where to send all SNMP entries?
A. Router(config)#snmp-server manage text
B. Router(config-if)#snmp-server agent text
C. Router(config)#snmp-server location text
D. Router(config)#snmp-server agent text
E. Router(config-if)#snmp-server manage text
18. What is the purpose of the SNMP community string? (Select two)
A. It is the name of the router connecting to the SNMP server.
B. It acts like a password.
C. It is encrypted.
D. It is in plain text.
19. What are the four parts of the ISO model for network management?
A. Organization
B. Information
C. Fault
D. Configuration
E. Communication
F. Performance
G. Functional
20. What feature of the MAC OS X is considered a cross between Microsoft Windows XP and Linux X Window System GUI?
A. Apple
B. Aqua
C. Darwin
D. AppleTalk
242 WAN Technologies CCNA 4 Labs and Study Guide
Lab ExercisesThis chapter contains no lab exercises.
Chapter 6: Introduction to Network Administration 243
This page intentionally left blank
APPENDIX A
Troubleshooting Questions and Lab Exercise
Troubleshooting Questions1. Which of the following display when you use the command show controller serial 0? (Select all that
apply)
A. Clock rate
B. Bandwidth
C. Cable type
D. DTE or DCE
E. Line up, protocol up
2. When troubleshooting OSPF, which of the following would cause configuration issues? (Select all thatapply)
A. Incorrect timers
B. Misconfigured areas
C. Authentication seen in plain text
D. Incorrect address and subnet mask
E. No DR and BDR
3. Which command displays the WAN encapsulation currently being used?
A. show encapsulation
B. show ip route
C. show interface serial 0
D. show ip interface serial 0
4. Which of the following display when you use the show ip route command? (Select all that apply)
A. Metric
B. Routing protocol
C. Line up, protocol down
D. Connected networks
E. Learned networks
F. Name of router advertising learned routes
G. Number of routers in network
5. What commands are necessary when you completely erase a switch’s configurations? (Select all that apply)
A. erase startup-config
B. delete flash
C. reboot
D. delete flash:vlan.dat
E. reload
F. erase running-config
6. Which of the following would cause a Frame Relay connection to fail when using map statements?(Select all that apply)
A. Misconfigured DLCI
B. Inverse ARP disabled
C. Broadcast statement missing
D. Misconfigured routing protocol
E. Misconfigured map statements
7. Which of the following must be done for a successful PAT configuration? (Select all that apply)
A. Create an ACL
B. Create a NAT pool
C. Static keyword
D. Overload keyword
E. Apply ACL to NAT pool
F. Sufficient number of addresses in NAT pool
8. Which command produces the following output?
*Mar 1 00:40:52.202: ISDN BR1/0 Q921: User RX <- RRp sapi=0 tei=64 nr=21
*Mar 1 00:40:52.202: ISDN BR1/0 Q921: User TX -> RRf sapi=0 tei=64 nr=14
*Mar 1 00:40:52.467: %ISDN-6-DISCONNECT: Interface BRI1/0:1 disconnected from
5552000 Scotland, call lasted 430 seconds
*Mar 1 00:40:52.471: ISDN BR1/0 Q921: User TX -> INFO sapi=0 tei=64, ns=21 nr=1
4
*Mar 1 00:40:52.499: ISDN BR1/0 Q921: User RX <- RR sapi=0 tei=64 nr=22
*Mar 1 00:40:52.511: ISDN BR1/0 Q921: User RX <- INFO sapi=0 tei=64, ns=14 nr=2
2
*Mar 1 00:40:52.515: ISDN BR1/0 Q921: User TX -> RR sapi=0 tei=64 nr=15
*Mar 1 00:40:52.515: %LINK-3-UPDOWN: Interface BRI1/0:1, changed state to down
*Mar 1 00:40:52.519: %DIALER-6-UNBIND: Interface BR1/0:1 unbound from profile D
A. debug isdn
B. debug isdn status
C. debug q931
D. debug q921
9. What command displays the number of ISDN lines that were established?
A. show interface serial 0
B. show encapsulation ppp
C. show isdn active
D. show dialer
10. Which command propagates a default route when you use OSPF?
A. redistribute static
B. Nothing (because it’s automatic)
C. default information-originate
D. redistribute default
246 WAN Technologies CCNA 4 Labs and Study Guide
Appendix A: Troubleshooting Questions and Lab Exercise 247
11. Which of the following causes an EIGRP route to be put in the “Stuck in active” state?
A. Misconfigured area
B. Misconfigured timers
C. Wrong autonomous system number
D. No response from a query
E. DUAL not working properly
12. What must be done for a router to become the DR in an OSPF environment?
A. Assign it the highest-priority number.
B. Assign it the highest loopback address.
C. Assign it the highest configured IP address on one of its interfaces.
D. Put at least one interface in area 0.
13. What should be added to the end of a static route to make sure it is used only when the primary rout-ing protocol goes down?
A. High metric
B. Low metric
C. Higher administrative distance than the routing protocol
D. Lower administrative distance than the routing protocol
E. Nothing
14. What command displays real-time events as they occur on a router?
A. show
B. debug
C. show run
D. show events
15. You are running RIPv2 in your network and have a destination that is reachable by some locations butnot by all. Which of the following causes this problem to occur?
A. There are more than 15 routers in your network.
B. The network statement was not properly configured.
C. The network was not being advertised.
D. The network is down.
16. Which command displays the DHCP addresses currently in use?
A. show ip dhcp
B. show ip dhcp addresses
C. show ip dhcp binding
D. show ip dhcp statistics
17. Which of the following causes the following to occur: “Serial 0 is up, line protocol is down”? (Selectall that apply)
A. Clock rate not detected
B. Administratively down
C. No keepalives
D. Wrong clock rate
18. Which command produces the following output?
BRI1/0 - dialer type = ISDN
Dial String Successes Failures Last DNIS Last status
0 incoming call(s) have been screened.
0 incoming call(s) rejected for callback.
BRI1/0:1 - dialer type = ISDN
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
BRI1/0:2 - dialer type = ISDN
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Di0 - dialer type = DIALER PROFILE
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
Number of active calls = 0
A. show isdn status
B. show dialer
C. show isdn dialer
D. show q921
19. Which routing protocols are suitable for VLSM and CIDR? (Select all that apply)
A. RIP
B. RIPv2
C. OSPF
D. EIGRP
E. IGRP
F. Static routes
G. IS-IS
20. You just configured a switch and noticed that it is not propagating the VLAN information to the otherswitches on your network. What would cause this to happen? (Select all that apply)
A. The switch is in the wrong domain.
B. Misconfigured VLAN numbers
C. The switch is in server mode.
D. The switch is in transparent mode.
E. The switch is in client mode.
248 WAN Technologies CCNA 4 Labs and Study Guide
21. You configured NAT on a router that is using inter-VLAN routing. You put the ip nat inside com-mand on the physical interface and the ip nat outside command on the outside interface, but nothingis being translated. You checked your configurations, and everything was done correctly. What couldbe the problem?
A. There are too many hosts with not enough addresses.
B. The ip nat inside command should be put on the subinterfaces.
C. The ip nat inside command should be put on the outside interface.
D. PAT is being used.
22. You work for an ISP. A customer needs an IP address for 4519 hosts. You decide to summarize agroup of Class C addresses because a Class B would waste a large number of addresses. How manyClass C addresses need to be summarized?
A. 1
B. 10
C. 15
D. 18
23. Which command produces the following?
Pro Inside global Inside local Outside local Outside global
--- 194.18.26.1 192.168.100.99 --- ---
--- 194.18.26.2 192.168.100.98 --- ---
--- 194.18.26.15 192.168.100.66 --- ---
A. show ip dhcp binding
B. show ip nat translations
C. show nat translations
D. show translations
24. Which of the following does LCP negotiate when establishing a PPP connection?
A. Q.931
B. IPCP
C. Multilink
D. CHAP
E. Callback
25. Which command would you use to terminate a vty session?
A. close
B. disable
C. disconnect
D. suspend
E. exit
26. If you can dial across an ISDN connection but your session is dropped immediately upon connecting,what could be the cause? (Select two)
A. Incorrect SPIDs
B. LCP not connecting
C. Username and passwords were not set.
D. Wrong username and/or password
Appendix A: Troubleshooting Questions and Lab Exercise 249
27. Which command produces the following output?
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 24.0.0.0/8, 1 successors, FD is 20640000
via 200.200.200.1 (20640000/128256), Serial0/0
P 69.0.0.0/8, 1 successors, FD is 20640000
via 200.200.200.1 (20640000/128256), Serial0/0
P 116.232.192.0/30, 1 successors, FD is 40512000
via Rstatic (40512000/0)
P 132.16.0.0/16, 1 successors, FD is 20640000
via 200.200.200.3 (20640000/128256), Serial0/0
P 200.200.200.0/24, 1 successors, FD is 20512000
via Connected, Serial0/0
P 194.18.26.0/26, 1 successors, FD is 46226176
A. show ip protocol
B. show ip ospf database
C. show ip eigrp topology
D. show ip eigrp neighbors
28. Which command produces the following output?
IP address Hardware address Lease expiration Type
192.168.100.3 0100.1422.3497.93 Mar 02 1993 12:14 AM Automatic
192.168.100.66 0100.123f.49e5.20 Mar 02 1993 12:33 AM Automatic
A. show dhcp addresses
B. show ip dhcp addresses
C. show ip dhcp binding
D. show ip nat translations
29. In an ISDN environment, what would be the result of advertising the dialer interface over a routingprotocol?
A. Routing protocols are corrupted.
B. The dialer interface continuously flaps.
C. The network will not be advertised in routing updates.
D. Nothing; everything would work fine.
30. What is the purpose of the frame-relay inverse-arp command?
A. To create dynamic maps
B. To create an ARP table across a Frame Relay network
C. To create static maps
D. To reverse the inverse table of RARP
250 WAN Technologies CCNA 4 Labs and Study Guide
Lab A-1: WAN TroubleshootingFigure A-1 Topology for Lab A-1
Complete the lab exercise by isolating and correcting the problems outlined in the scenario. This lab testsyour ability to use a troubleshooting methodology and commands to isolate and correct network problems.When complete, all hosts should be able to telnet and ping to each device in the network. Make sure thatthe diagram is correctly cabled before proceeding.
Note
This lab can be performed one of two ways. The students can cable the lab and load the broken configs themselves,before proceeding to troubleshoot the scenario. Alternatively, you may choose to set up the lab for them. You mighteven consider miscabling the lab to add bugs.
Objectives
■ List problems found and document corrections that solve each issue.
■ Verify that the network has been restored and that no new problems were created from unnecessarychanges.
Scenario
You are the “on-call” network administrator for the weekend, and so far nothing new has come up. Youdecide to enjoy the afternoon by catching a movie with your friends when you receive an urgent message“Please call the office immediately; nothing seems to be working, and the network is down.” You call theoffice and find out that a disgruntled ex-employee sabotaged the network. You leave for the office immedi-ately, to the dismay of your friends.
Appendix A: Troubleshooting Questions and Lab Exercise 251
192.168.2.0/24
Switch 2
R 2
192.168.1.0/24
Switch 1
R 1
192.168.2.0/24Switch 3
R 3Frame Switch
Area 51
Area 4 Area 61
OSPF Area 0
2/1
1/1 1/2S0/0
S0/0
S0/0
DLCI 301DLCI 302
DLCI 101DLCI 103
VLANsManagement 1 = 60 hosts
Retail 10 = 28 hostsWholesale 20 = 14 hosts
SwitchesFa 0/1 = Trunk
Fa 0/6–0/10 = VLAN 10Fa 0/11–0/15 = VLAN 20
Fa0/0
Fa0/1
Fa0/0
Fa0/1
Fa0/2
Web Server192.168.3.3/26
Back at the office, you find the following problems:
■ You are unable to get into the R1 router.
■ Routes from remote locations are not seen.
■ NAT is not functioning properly on Router 2 for the Wholesale department.
■ Hosts on the R3 LAN cannot access the network.
Troubleshooting Log
Fill in the problems and solutions for each network device in the following table.
Network Device Problems Solutions
R1 Password is unknown. Perform password recovery.Not neighboring with other OSPF routers. Change ip ospf network point-to-Not receiving OSPF routing updates. point command to point-multipoint
on Serial 0/0. broadcast keyword missing from Frame Relay map statement.
Switch_1 Wrong native VLAN on trunk. Change native VLAN from 2 back to VLAN 1.
R2 OSPF authentication failing. Change authentication key to cisco.NAT not functioning on access-list 3 permit 192.168.2.96Wholesale VLAN. 0.0.0.15 missing.
Switch_2 Trunk port disabled. no shut command on the trunk port.Cannot telnet. Set vty password to cisco.
R3: Incorrect subnet mask on serial 0/0. Put correct mask: 255.255.255.248Hosts on Retail VLAN cannot ping default-router 192.168.3.97 outside their network command missing.
Switch_3 No VLANs configured on switch ports. Assigns switch ports to proper VLANs based on diagram.
Student name _____________________________________
Instructor’s initials _______
Bugged ConfigsR1#show running-config
Building configuration...
Current configuration : 2226 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1
252 WAN Technologies CCNA 4 Labs and Study Guide
!
ip subnet-zero
ip dhcp excluded-address 192.168.1.1 192.168.1.2
ip dhcp excluded-address 192.168.1.65
!
ip dhcp pool Management
network 192.168.1.0 255.255.255.192
default-router 192.168.1.1
!
ip dhcp pool Retail
network 192.168.1.64 255.255.255.224
default-router 192.168.1.65
!
!
!
!
!
interface FastEthernet0/0
no shut
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Retail VLAN
encapsulation dot1Q 10
ip address 192.168.1.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Wholesale VLAN
encapsulation dot1Q 20
ip address 192.168.1.97 255.255.255.240
ip nat inside
!
interface Serial0/0
no shut
description To WAN Cloud
ip address 10.10.10.1 255.255.255.248
Appendix A: WTroubleshooting Questions and Lab Exercise 253
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cisco
ip ospf network point-to-point
no fair-queue
frame-relay map ip 10.10.10.2 101
frame-relay map ip 10.10.10.3 103
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.1 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 4
network 192.168.1.65 0.0.0.0 area 4
network 192.168.1.97 0.0.0.0 area 4
!
ip nat pool Management 63.49.18.1 63.49.18.60 netmask 255.255.255.0
ip nat pool Retail 63.49.18.65 63.49.18.65 netmask 255.255.255.0
ip nat pool Wholesale 63.49.18.97 63.49.18.110 netmask 255.255.255.0
ip nat inside source list 1 pool Management
ip nat inside source list 2 pool Retail overload
ip nat inside source list 3 pool Wholesale
ip classless
ip route 181.16.57.0 255.255.255.0 10.10.10.2
ip route 200.169.54.0 255.255.255.0 10.10.10.3
no ip http server
!
!
access-list 1 permit 192.168.1.0 0.0.0.63
access-list 2 permit 192.168.1.64 0.0.0.31
access-list 3 permit 192.168.1.96 0.0.0.15
!
line con 0
logging synch
password class
login
254 WAN Technologies CCNA 4 Labs and Study Guide
line aux 0
line vty 0 4
password cisco
login
!
end
R2#show running-config
Building configuration...
Current configuration : 2260 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
!
ip subnet-zero
ip dhcp excluded-address 192.168.2.1 192.168.2.2
ip dhcp excluded-address 192.168.2.65
ip dhcp excluded-address 192.168.2.97
!
ip dhcp pool Management
network 192.168.2.0 255.255.255.192
default-router 192.168.2.1
!
ip dhcp pool Retail
network 192.168.2.64 255.255.255.224
default-router 192.168.2.65
!
ip dhcp pool Wholesale
network 192.168.2.96 255.255.255.240
default-router 192.168.2.97
!
!
!
!
!
interface FastEthernet0/0
no shut
Appendix A: Troubleshooting Questions and Lab Exercise 255
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management
encapsulation dot1Q 1 native
ip address 192.168.2.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Retail
encapsulation dot1Q 10
ip address 192.168.2.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Wholesale
encapsulation dot1Q 20
ip address 192.168.2.97 255.255.255.240
ip nat inside
!
interface Serial0/0
no shut
description to WAN Cloud
ip address 10.10.10.2 255.255.255.248
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cysco
ip ospf network point-to-multipoint
no fair-queue
frame-relay map ip 10.10.10.1 202 Broadcast
frame-relay map ip 10.10.10.3 203 Broadcast
!
interface Serial0/1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 51
network 192.168.2.65 0.0.0.0 area 51
256 WAN Technologies CCNA 4 Labs and Study Guide
network 192.168.2.97 0.0.0.0 area 51
!
ip nat pool Management 181.16.57.1 181.16.57.60 netmask 255.255.255.0
ip nat pool Retail 181.16.57.65 181.16.57.87 netmask 255.255.255.0
ip nat pool Wholesale 181.16.57.97 181.16.57.110 netmask 255.255.255.0
ip nat inside source list 1 pool Marketing
ip nat inside source list 2 pool Retail
ip nat inside source list 3 pool Wholesale
ip classless
ip route 63.49.18.0 255.255.255.0 10.10.10.1
ip route 200.169.54.0 255.255.255.0 10.10.10.3
no ip http server
!
!
access-list 1 permit 192.168.2.0 0.0.0.63
access-list 2 permit 192.168.2.64 0.0.0.31
!
line con 0
logging synch
password class
login
line aux 0
line vty 0 4
password cisco
login
!
end
R2#
R3#show running-config
Building configuration...
Current configuration : 2420 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
!
ip subnet-zero
Appendix A: Troubleshooting Questions and Lab Exercise 257
ip dhcp excluded-address 192.168.3.1 192.168.3.2
ip dhcp excluded-address 192.168.3.65
ip dhcp excluded-address 192.168.3.97
!
ip dhcp pool Management
network 192.168.3.0 255.255.255.192
default-router 192.168.3.1
!
ip dhcp pool Retail
network 192.168.3.96 255.255.255.224
!
ip dhcp pool Wholesale
network 192.168.3.96 255.255.255.240
default-router 192.168.3.97
!
!
!
!
!
interface FastEthernet0/0
no shut
no ip address
speed auto
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 192.168.3.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Retail VLAN
encapsulation dot1Q 10
ip address 192.168.3.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Wholesale VLAN
encapsulation dot1Q 20
ip address 192.168.3.97 255.255.255.240
ip nat inside
!
interface Serial0/0
no shut
258 WAN Technologies CCNA 4 Labs and Study Guide
description To WAN cloud
ip address 10.10.10.3 255.255.255.240
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cisco
ip ospf network point-to-multipoint
no fair-queue
frame-relay map ip 10.10.10.1 302 Broadcast
frame-relay map ip 10.10.10.2 301 Broadcast
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.3 0.0.0.0 area 0
network 192.168.3.1 0.0.0.0 area 61
network 192.168.3.65 0.0.0.0 area 61
network 192.168.3.97 0.0.0.0 area 61
!
ip nat pool Management 200.169.54.4 200.169.54.60 netmask 255.255.255.0
ip nat pool Retail 200.169.54.65 200.169.54.87 netmask 255.255.255.0
ip nat pool Wholesale 200.169.54.97 200.169.54.97 netmask 255.255.255.0
ip nat inside source list 1 pool Management
ip nat inside source list 2 pool Retail
ip nat inside source list 3 pool Wholesale overload
ip nat inside source static 192.168.3.3 200.169.54.3
ip classless
ip route 63.49.18.0 255.255.255.0 10.10.10.1
ip route 181.16.57.0 255.255.255.0 10.10.10.2
no ip http server
!
!
access-list 1 permit 192.168.3.0 0.0.0.63
access-list 2 permit 192.168.3.64 0.0.0.31
access-list 3 permit 192.168.3.96 0.0.0.15
!
line con 0
password class
logging synchronous
Appendix A: Troubleshooting Questions and Lab Exercise 259
login
line aux 0
line vty 0 4
password cisco
login
!
end
R3#
Switch1#show running-config
Building configuration...
Current configuration : 1443 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch1
!
VLAN 10
name Retail
VLAN 20
name Wholesale
exit
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport trunk native 2
switchport mode trunk
!
interface FastEthernet0/2
260 WAN Technologies CCNA 4 Labs and Study Guide
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
switchport access vlan 20
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport access vlan 20
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
Appendix A: Troubleshooting Questions and Lab Exercise 261
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.1.2 255.255.255.192
no ip route-cache
no shut
!
ip default-gateway 192.168.1.1
ip http server
!
line con 0
logging synch
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end
Switch2#show running-config
Building configuration...
Current configuration : 1421 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch2
262 WAN Technologies CCNA 4 Labs and Study Guide
!
vlan 10
name Retail
vlan 20
name Wholesale
exit
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport mode trunk
shutdown
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
switchport access vlan 10
!
Appendix A: Troubleshooting Questions and Lab Exercise 263
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
switchport access vlan 20
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport access vlan 20
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.2.2 255.255.255.192
no ip route-cache
no shut
!
ip default-gateway 192.168.2.1
ip http server
!
line con 0
logging sync
line vty 5 15
!
264 WAN Technologies CCNA 4 Labs and Study Guide
end
Switch3#show running-config
Building configuration...
Current configuration : 1524 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch3
!
vlan 10
name Retail
vlan 20
name Wholesale
exit
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
Appendix A: Troubleshooting Questions and Lab Exercise 265
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
!
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
no ip address
!
interface FastEthernet0/12
no ip address
!
interface FastEthernet0/13
no ip address
!
interface FastEthernet0/14
no ip address
!
interface FastEthernet0/15
no ip address
!
interface FastEthernet0/16
no ip address
!
interface FastEthernet0/17
no ip address
!
interface FastEthernet0/18
no ip address
!
interface FastEthernet0/19
no ip address
!
266 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/20
no ip address
!
interface FastEthernet0/21
no ip address
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
!
interface FastEthernet0/22
no ip address
!
interface FastEthernet0/23
no ip address
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 192.168.3.2 255.255.255.192
no ip route-cache
no shut
!
ip default-gateway 192.168.3.1
ip http server
!
!
line con 0
logging sync
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
end
Fixed ConfigsR3#show running-config
Appendix A: Troubleshooting Questions and Lab Exercise 267
Building configuration...
Current configuration : 2518 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1
!
ip subnet-zero
ip dhcp excluded-address 192.168.3.1 192.168.3.2
ip dhcp excluded-address 192.168.3.65
ip dhcp excluded-address 192.168.3.97
!
ip dhcp pool Management
network 192.168.3.0 255.255.255.192
default-router 192.168.3.1
!
ip dhcp pool Retail
network 192.168.3.64 255.255.255.224
default-router 192.168.3.65
!
ip dhcp pool Wholesale
network 192.168.3.96 255.255.255.240
default-router 192.168.3.97
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
no shut
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 192.168.3.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
268 WAN Technologies CCNA 4 Labs and Study Guide
description Retail VLAN
encapsulation dot1Q 10
ip address 192.168.3.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Wholesale VLAN
encapsulation dot1Q 20
ip address 192.168.3.97 255.255.255.240
ip nat inside
!
interface Serial0/0
description To WAN cloud
no shut
ip address 10.10.10.3 255.255.255.248
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cisco
ip ospf network point-to-multipoint
ip ospf demand-circuit
no fair-queue
frame-relay map ip 10.10.10.1 302 broadcast
frame-relay map ip 10.10.10.2 301 broadcast
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.3 0.0.0.0 area 0
network 192.168.3.1 0.0.0.0 area 61
network 192.168.3.65 0.0.0.0 area 61
network 192.168.3.97 0.0.0.0 area 61
!
ip nat pool Management 200.169.54.4 200.169.54.60 netmask 255.255.255.0
ip nat pool Retail 200.169.54.65 200.169.54.87 netmask 255.255.255.0
ip nat pool Wholesale 200.169.54.97 200.169.54.97 netmask 255.255.255.0
ip nat inside source list 1 pool Management
ip nat inside source list 2 pool Retail
ip nat inside source list 3 pool Wholesale overload
Appendix A: Troubleshooting Questions and Lab Exercise 269
ip nat inside source static 192.168.3.3 200.169.54.3
ip classless
ip route 63.49.18.0 255.255.255.0 10.10.10.1
ip route 181.16.57.0 255.255.255.0 10.10.10.2
no ip http server
!
!
access-list 1 permit 192.168.3.0 0.0.0.63
access-list 2 permit 192.168.3.64 0.0.0.31
access-list 3 permit 192.168.3.96 0.0.0.15
!
line con 0
password class
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
no scheduler allocate
end
R2#show running-config
Building configuration...
Current configuration : 2390 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1
!
ip subnet-zero
ip dhcp excluded-address 192.168.2.1 192.168.2.2
ip dhcp excluded-address 192.168.2.65
ip dhcp excluded-address 192.168.2.97
!
ip dhcp pool Management
network 192.168.2.0 255.255.255.192
default-router 192.168.2.1
270 WAN Technologies CCNA 4 Labs and Study Guide
!
ip dhcp pool Retail
network 192.168.2.64 255.255.255.224
default-router 192.168.2.65
!
ip dhcp pool Wholesale
network 192.168.2.96 255.255.255.240
default-router 192.168.2.97
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
no shut
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 192.168.2.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Retail VLAN
encapsulation dot1Q 10
ip address 192.168.2.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
description Wholesale VLAN
encapsulation dot1Q 20
ip address 192.168.2.97 255.255.255.240
ip nat inside
!
interface Serial0/0
description to WAN Cloud
no shut
ip address 10.10.10.2 255.255.255.248
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cisco
ip ospf network point-to-multipoint
ip ospf demand-circuit
no fair-queue
Appendix A: Troubleshooting Questions and Lab Exercise 271
frame-relay map ip 10.10.10.1 202 broadcast
frame-relay map ip 10.10.10.3 203 broadcast
!
interface Serial0/1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 51
network 192.168.2.65 0.0.0.0 area 51
network 192.168.2.97 0.0.0.0 area 51
!
ip nat pool Management 181.16.57.1 181.16.57.60 netmask 255.255.255.0
ip nat pool Retail 181.16.57.65 181.16.57.87 netmask 255.255.255.0
ip nat pool Wholesale 181.16.57.97 181.16.57.110 netmask 255.255.255.0
ip nat inside source list 1 pool Marketing
ip nat inside source list 2 pool Retail
ip nat inside source list 3 pool Wholesale
ip classless
ip route 63.49.18.0 255.255.255.0 10.10.10.1
ip route 200.169.54.0 255.255.255.0 10.10.10.3
no ip http server
!
!
access-list 1 permit 192.168.2.0 0.0.0.63
access-list 2 permit 192.168.2.64 0.0.0.31
access-list 3 permit 192.168.2.96 0.0.0.15
!
line con 0
password class
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
no scheduler allocate
end
R1#show running-config
Building configuration...
272 WAN Technologies CCNA 4 Labs and Study Guide
Current configuration : 2318 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
enable secret 5 $1$Lt15$vAE/GOt4IUUmeXxn8ZZPR1
!
ip subnet-zero
ip dhcp excluded-address 192.168.1.1 192.168.1.2
ip dhcp excluded-address 192.168.1.65
!
ip dhcp pool Management
network 192.168.1.0 255.255.255.192
default-router 192.168.1.1
!
ip dhcp pool Retail
network 192.168.1.64 255.255.255.224
default-router 192.168.1.65
!
!
!
!
!
interface FastEthernet0/0
no ip address
speed auto
no shut
!
interface FastEthernet0/0.1
description Management VLAN
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.192
ip nat inside
!
interface FastEthernet0/0.10
description Retail VLAN
encapsulation dot1Q 10
ip address 192.168.1.65 255.255.255.224
ip nat inside
!
interface FastEthernet0/0.20
Appendix A: Troubleshooting Questions and Lab Exercise 273
description Wholesale VLAN
encapsulation dot1Q 20
ip address 192.168.1.97 255.255.255.240
ip nat inside
!
interface Serial0/0
description To WAN Cloud
no shut
ip address 10.10.10.1 255.255.255.248
ip nat outside
encapsulation frame-relay
ip ospf authentication-key cisco
ip ospf network point-to-multipoint
ip ospf demand-circuit
no fair-queue
frame-relay map ip 10.10.10.2 101 broadcast
frame-relay map ip 10.10.10.3 103 broadcast
!
interface Serial0/1
no ip address
shutdown
!
interface BRI1/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
area 0 authentication
network 10.10.10.1 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 4
network 192.168.1.65 0.0.0.0 area 4
network 192.168.1.97 0.0.0.0 area 4
!
ip nat pool Management 63.49.18.1 63.49.18.60 netmask 255.255.255.0
ip nat pool Retail 63.49.18.65 63.49.18.65 netmask 255.255.255.0
ip nat pool Wholesale 63.49.18.97 63.49.18.110 netmask 255.255.255.0
ip nat inside source list 1 pool Management
ip nat inside source list 2 pool Retail overload
ip nat inside source list 3 pool Wholesale
ip classless
ip route 181.16.57.0 255.255.255.0 10.10.10.2
ip route 200.169.54.0 255.255.255.0 10.10.10.3
no ip http server
!
!
274 WAN Technologies CCNA 4 Labs and Study Guide
access-list 1 permit 192.168.1.0 0.0.0.63
access-list 2 permit 192.168.1.64 0.0.0.31
access-list 3 permit 192.168.1.96 0.0.0.15
!
line con 0
password class
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
no scheduler allocate
end
Switch1#show running-config
Building configuration...
Current configuration : 1491 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch1
vlan 1
no shut
vlan 10
name Retail
no shut
vlan 20
name Wholesale
no shut
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
Appendix A: Troubleshooting Questions and Lab Exercise 275
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
switchport access vlan 20
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport access vlan 20
!
interface FastEthernet0/16
!
276 WAN Technologies CCNA 4 Labs and Study Guide
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.1.2 255.255.255.192
no ip route-cache
!
ip default-gateway 192.168.1.1
ip http server
!
line con 0
logging synchronous
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
!
end
Switch2#show running-config
Building configuration...
Current configuration : 1470 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
Appendix A: Troubleshooting Questions and Lab Exercise 277
!
hostname Switch2
vlan 1
no shut
vlan 10
name Retail
no shut
vlan 20
name Wholesale
no shut
!
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
278 WAN Technologies CCNA 4 Labs and Study Guide
switchport access vlan 10
!
interface FastEthernet0/11
switchport access vlan 20
!
interface FastEthernet0/12
switchport access vlan 20
!
interface FastEthernet0/13
switchport access vlan 20
!
interface FastEthernet0/14
switchport access vlan 20
!
interface FastEthernet0/15
switchport access vlan 20
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.2.2 255.255.255.192
no ip route-cache
!
ip default-gateway 192.168.2.1
ip http server
!
line con 0
line vty 0 4
password cisco
login
Appendix A: Troubleshooting Questions and Lab Exercise 279
line vty 5 15
password cisco
login
!
!
end
280 WAN Technologies CCNA 4 Labs and Study Guide
Appendix B
Adtran Configuration Lab
Objectives
■ Manually configure an Adtran for ISDN, Frame Relay, and POTS.
■ Verify configurations.
Task 1: Log in to AdtranStep 1. Use a straight-through cable from the PC NIC to the Adtran Ethernet port.
Step 2. Configure the PC to IP address 10.0.0.2/24.
Step 3. Open the command prompt and enter the following command (see Figure B-1):
C:\>telnet 10.0.0.1
The default IP address for the Ethernet interface on the Adtran is 10.0.0.1.
This allows you to telnet into the Adtran.
Figure B-1 Telnet to Adtran
Step 4. Enter the default login password of password (see Figure B-2).
Figure B-2 Insert Default Password at Login Screen
Task 2: Set Up ISDN BRI Switch EmulationStep 1. Using the arrow keys, scroll down to Dial Plan on the left (see Figure B-3).
Figure B-3 Main Menu of the Adtran
NoteThe mouse will not work in this mode.
Step 2. Using the right-arrow key, select User Term (see Figure B-4).
Figure B-4 Select User Term
Step 3. Configure the ISDN Slot info (see Figure B-5).
Press Enter to change the Slot/Service setting.
Slot 1: U-BRI-4
Figure B-5 Configure User Term
Step 4. Using the right arrow, change the Port/Packet Endpoint (PEP) setting as follows:
Port 1: QUAD BRI (see Figure B-5)
282 WAN Technologies CCNA 4 Labs and Study Guide
Appendix B: Adtran Configuration Lab 283
Step 5. Using the right arrow, scroll to the In#Accept value and press Enter.
Select Accept Number and press Enter (see Figure B-6).
Figure B-6 Configure Two Accept Numbers
Step 6. Configure two numbers per slot (see Figure B-6).
1st Port number: 555-1000
2nd Port number: 555-1001
Note
To insert a new line, press the letter I.
To delete a line, press the letter D.
Return to the preceding screen.
Step 7. Select an interface under Slot/Svc and press Enter (see Figure B-7).
Figure B-7 Select an Interface
Step 8. Select Interface Configuration (see Figure B-8).
Select SPID list and press Enter.
Figure B-8 Select SPID List
Step 9. Configure the SPID list as shown for each port (see Figure B-9).
Figure B-9 Configure SPID List
Step 10. Repeat Steps 3 through 9 for all four ISDN ports.
When you have finished, the configuration should look like Figure B-10.
Figure B-10 Completed Configuration of ISDN Ports
Note
When selecting port/PEP, each port must be a different number:
■ Slot 1: 1>QUAD BR
■ Slot 2: 2>QUAD BR
and so on.
Press the left-arrow key until you return to the main menu.
284 WAN Technologies CCNA 4 Labs and Study Guide
Task 3: Set Up Analog POTS Switch Emulation (from the Main Menu)
Step 1. Scroll down to Dial Plan and press Enter (see Figure B-11).
Figure B-11 Select a Dial Plan
Step 2. Select User Term (see Figure B-12) and press Enter.
Figure B-12 Select User Term
Step 3. Configure a fifth line with the slot configured for FXS-8 (see Figure B-13).
Configure Port/PEP as FXS 3/1.
To insert a new line, press the letter I.
Figure B-13 Create and Configure a Fifth Line
Step 4. Select In#Accept.
Configure the Accept Number as shown (see Figure B-14).
Appendix B: Adtran Configuration Lab 285
Figure B-14 Configure the Accept Number
Task 4: Configuring Frame Relay (from the Main Menu)Step 1. Scroll down and select Packet Manager (see Figure B-15).
Select Packet Endpoints and press Enter.
Figure B-15 Select Packet Endpoints
Step 2. Select Config and press Enter (see Figure B-16).
Figure B-16 Select Config
Step 3. Configure endpoints as shown (see Figure B-17).
Name each endpoint.
Select Frame Relay Protocol for each.
Using the right-arrow key, move over to Config and press Enter.
286 WAN Technologies CCNA 4 Labs and Study Guide
Figure B-17 Configure Each Endpoint Name
Note
To insert a new line, press the letter I.
To delete a line, press the letter D.
Return to the preceding screen.
Step 4. Configure Signaling Role as Network (see Figure B-18).
Configure Signaling Type as Annex D.
Scroll down to Sublinks and press Enter.
Figure B-18 Configure Signaling Type
Step 5. Configure as shown in Figures B-19, B-20, B-21, and B-22.
Name DLCIs and DLCI number for each sublink.
Figure B-19 Chicago Port
Appendix B: Adtran Configuration Lab 287
Figure B-20 Los Angeles Port
Figure B-21 New York Port
Figure B-22 Texas Port
Step 6. Repeat Steps 4 and 5 for each Frame Relay port.
Note
To insert a new line, press the letter I.
To delete a line, press the letter D.
Return to the preceding screen.
Step 7. All DLCIs and DLCI number should be configured as shown in Figures B-19, B-20, B-21,and B-22.
Step 8. Return to the main menu.
Step 9. Use the down arrow to go down to Packet Manager (see Figure B-23).
Select Packet Cncts and press Enter.
288 WAN Technologies CCNA 4 Labs and Study Guide
Figure B-23 Select Packet Cncts
Step 10. Configure Packet Cncts as shown (see Figure B-24).
Figure B-24 Configure Packet Cncts
Step 11. Return to the main menu.
Step 12. Scroll down to Dedicated Maps (see Figure B-25).
Use the down arrow to scroll to Create/Edit Maps and press Enter.
Figure B-25 Select Create/Edit Maps
Step 13. Use the right-arrow key and select Connects (see Figure B-26).
Appendix B: Adtran Configuration Lab 289
Figure B-26 Select Connects
Step 14. Configure each port as shown in Figure B-27.
Each of the four slots should be directed to a location as shown.
Figure B-27 Final Port Configuration
Note
To insert a new line, press the letter I.
To delete a line, press the letter D.
Return to the preceding screen.
Return to the main menu.
290 WAN Technologies CCNA 4 Labs and Study Guide
APPENDIX C
Router Interface Summary Chart
For most of the CCNA 4 labs, you need to examine the following chart to correctly reference the routerinterface identifiers to use in commands based on the equipment in your lab.
Router Ethernet Ethernet Serial SerialModel Interface 1 Interface 2 Interface 1 Interface 2
800 (806) Ethernet 0 (E0) Ethernet 1 (E1) — —
1600 Ethernet 0 (E0) Ethernet 1 (E1) Serial 0 (S0) Serial 1 (S1)
1700 FastEthernet 0 (FA0) FastEthernet 1 (FA1) Serial 0 (S0) Serial 1 (S1)
2500 Ethernet 0 (E0) Ethernet 1 (E1) Serial 0 (S0) Serial 1 (S1)
2600 FastEthernet 0/0 FastEthernet 0/1 Serial 0/0 Serial 0/1 (S0/1)(FA0/0) (FA0/1) (S0/0)
To find out exactly how the router is configured, look at the interfaces to identify what type of and howmany interfaces the router has. There is no way to effectively list all the combinations of configurations foreach router class. The chart provides the identifiers for the possible combinations of interfaces in thedevice. This interface chart does not include any other type of interface, even though a specific routermight contain one. An example of this is an ISDN BRI interface. The string in parentheses is the legalabbreviation that you can use in Cisco IOS Software commands to represent the interface.
This page intentionally left blank
APPENDIX D
Erasing and Reloading the Switch
For the majority of the labs in CCNA 4 focusing on switch configuration, it is necessary to start with abasic unconfigured switch; otherwise, the configuration parameters you enter might combine with previousones and produce unpredictable results. The instructions here allow you to prepare the switch before per-forming the lab so that previous configuration options do not interfere with your configurations.
The following is the procedure for clearing out previous configurations and starting with an unconfiguredswitch. Instructions are provided for the 2900, 2950, and 1900 series switches.
2900 and 2950 Series SwitchesStep 1. Disconnect the switch to be erased from all other switches. Verify that there is no uplink or
backbone cabling to any other switch; otherwise, VLAN configuration information can betransferred automatically.
Step 2. Enter privileged EXEC mode by entering enable.
If prompted for a password, enter class (if that does not work, ask the instructor):
Switch> enable
Step 3. Remove the VLAN database information file.
Switch# delete flash:vlan.dat
Delete filename [vlan.dat]?[Enter]
Delete flash:vlan.dat? [confirm][Enter]
If there is no VLAN file, this message appears:
%Error deleting flash:vlan.dat (No such file or directory)
Step 4. Remove the switch startup configuration file from NVRAM.
Switch# erase startup-config
The responding line prompt will be this:
Erasing the nvram filesystem will remove all files! Continue? [confirm]
Press Enter to confirm.
The response should be this:
Erase of nvram: complete
Step 5. Check that VLAN information was deleted.
Verify that the VLAN configuration was deleted in Step 3 using the show vlan command. Ifprevious VLAN configuration information (other than the default management VLAN 1) is stillpresent, you must power-cycle the switch (hardware restart) instead of issuing the reload com-mand. To power-cycle the switch, remove the power cord from the back of the switch orunplug it. Then plug it back in.
If the VLAN information was successfully deleted in Step 3, go to Step 6 and restart the switchusing the reload command.
Step 6. Software restart (using the reload command).
Note
This step is not necessary if the switch was restarted using the power-cycle method.
A. In privileged EXEC mode, enter the command reload.Switch(config)# reload
The responding line prompt will be this:
System configuration has been modified. Save? [yes/no]:
B. Type n and then press Enter.
The responding line prompt will be this:
Proceed with reload? [confirm][Enter]
The first line of the response will be this:Reload requested by console.
After the switch has reloaded, the line prompt will be this:Would you like to enter the initial configuration dialog? [yes/no]:
C. Type n and then press Enter.
The responding line prompt will be this:Press RETURN to get started![Enter]
1900 Series SwitchesStep 1. Remove VLAN Trunking Protocol (VTP) information.
#delete vtp
This command resets the switch with VTP parameters set to factory defaults.
All other parameters will be unchanged.
Reset system with VTP parameters set to factory defaults, [Y]es or [N]o?
Type y and press Enter.
Step 2. Remove the switch startup configuration from NVRAM.
#delete nvram
This command resets the switch with factory defaults. All system
parameters will revert to their default factory settings. All static
and dynamic addresses will be removed.
Reset system with factory defaults, [Y]es or [N]o?
Type y and press Enter.
294 WAN Technologies CCNA 4 Labs and Study Guide
APPENDIX E
Erasing and Reloading the Router
For some of the CCNA 4 labs, it is necessary to start with a basic unconfigured router; otherwise, the con-figuration parameters you enter might combine with previous ones and produce unpredictable results. Theinstructions here allow you to prepare the router before performing the lab so that previous configurationoptions do not interfere with your configurations.
The following is the procedure for clearing out previous configurations and starting with an unconfiguredrouter.
Step 1. Enter privileged EXEC mode by entering enable.
Router> enable
If prompted for a password, enter class. (If that does not work, ask your instructor.)
Step 2. In privileged EXEC mode, enter the command erase startup-config.
Router# erase startup-config
The response from the router will be this:
Erasing the nvram filesystem will remove all files! Continue? [confirm]
Step 3. Press Enter to confirm.
The response will be this:
Erase of nvram: complete
Step 4. In privileged EXEC mode, enter the command reload.
Router# reload
response:
System configuration has been modified. Save? [yes/no]:
Type n and then press Enter.
The router responds with this:
Proceed with reload? [confirm]
Step 5. Press Enter to confirm.
The first line of the response will be this:
Reload requested by console.
After the router reloads, the prompt will be this:
Would you like to enter the initial configuration dialog? [yes/no]:
Step 6. Type n and then press Enter.
The responding prompt will be this:
Press RETURN to get started!
Step 7. Press Enter.
Now, the router is ready for you to perform the assigned lab.