19.4.4 Packet Tracer – Build a Switch and Router Network Answers

19.4.4 Packet Tracer – Build a Switch and Router Network Answers

Packet Tracer – Build a Switch and Router Network (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.

Addressing Table

Device

Interface

IP Address

Subnet Mask

Default Gateway

R1

G0/0/0

192.168.0.1

255.255.255.0

N/A

R1

G0/0/1

192.168.1.1

255.255.255.0

N/A

S1

VLAN 1

192.168.1.2

255.255.255.0

192.168.1.1

PC-A

NIC

192.168.1.3

255.255.255.0

192.168.1.1

PC-B

NIC

192.168.0.3

255.255.255.0

192.168.0.1

 

Objectives

Part 1: Configure Devices and Verify Connectivity

  • Assign static IP information to the PC interfaces.
  • Configure the router and switch.
  • Verify network connectivity.

Part 2: Display Device Information

  • Retrieve hardware and software information from the network devices.
  • Interpret the output from the routing table.
  • Display interface information on the router.
  • Display a summary list of the interfaces on the router and switch.

Part 3: Secure Remote Access to the Router

  • Set the IP domain name and generate secure keys.
  • Create an SSH user and configure VTY lines for SSH-only access.
  • Verify SSH Implementation.

Background / Scenario

In this lab, you will cable the equipment and configure the devices to match the Addressing Table. After the configurations have been saved, you will verify your configurations by testing for network connectivity.

After the devices have been configured and network connectivity has been verified, you will use IOS commands to retrieve information from the devices to answer questions about your network equipment. You will also access the router remotely via SSH.

Instructions

Part 1:  Configure Devices and Verify Connectivity

In Part 1, you will set up the network topology and configure basic settings, such as the interface IP addresses, device access, and passwords. Refer to the Addressing Table at the beginning of this activity for device names and address information.

Step 1:  Connect the devices.

The devices are already deployed in the workspace. You will connect them using the correct cables between the devices as listed below:

  • Connect PCA F0 to S1 F0/1.
  • Connect S1 G0/1 to R1 G0/0/1.
  • Connect R1 G0/0/0 to PCB F0.

Step 2:  Assign static IP information to the PC interfaces.

  1. Configure the IP address, subnet mask, and default gateway settings on PC-A.
  2. Configure the IP address, subnet mask, and default gateway settings on PC-B.
  3. Ping PC-B from a command prompt window on PC-A.

Question:

Why were the pings not successful?

Type your answers here.

The router interfaces (default gateways) have not been configured yet so the traffic is not being routed between subnets.

Step 3:  Configure R1.

Open configuration window

  1. Console into the router and enable privileged EXEC mode. (Hint: Use console cable and terminal on a PC)
  2. Enter configuration mode.
  3. Assign a device name to the router according to the Addressing Table.
  4. Assign class as the privileged EXEC encrypted password.
  5. Assign cisco as the console password and enable login.
  6. Encrypt the plaintext passwords.
  7. Create a banner that warns anyone accessing the device that unauthorized access is prohibited.
  8. Configure the IP addresses according to the Addressing Table and activate both Ethernet interfaces on the router.
  9. Save the running configuration to the startup configuration file.

Question:

Were the pings successful? Explain.

Type your answers here.

Yes. The router is routing the ping traffic across the two subnets. The default settings for the 2960 switch will automatically enable the interfaces that are connected to devices.

Step 4:  Configure S1.

Note: Most of the commands on the switch are similar to the commands on the router in this step. Use the help (?) context as necessary.

Open configuration window

  1. Console into the switch and enable privileged EXEC mode.
  2. Enter configuration mode.
  3. Assign a device name to the switch according to the Addressing Table.
  4. Assign class as the privileged EXEC encrypted password.
  5. Assign cisco as the console password and enable login.
  6. Encrypt the plaintext passwords.
  7. Create a banner that warns anyone accessing the device that unauthorized access is prohibited.
  8. Configure the IP address for the SVI for VLAN 1 according to the Addressing Table and activate the interface.
  9. Configure the default gateway according to the Addressing Table.
  10. Save the running configuration to the startup configuration file.

Part 2:  Display Device Information

Step 1:  Retrieve hardware and software information from the network devices.

  1. Use the show version command to answer the following questions about the router.

R1# show version

Cisco IOS XE Software, Version 03.16.05.S – Extended Support Release

Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5 (3)S5, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2017 by Cisco Systems, Inc.

Compiled Thu 19-Jan-17 11:24 by mcpre

 

Cisco IOS-XE software, Copyright (c) 2005-2017 by cisco Systems, Inc.

All rights reserved.  Certain components of Cisco IOS-XE software are

licensed under the GNU General Public License (“GPL”) Version 2.0.  The

software code licensed under GPL Version 2.0 is free software that comes

with ABSOLUTELY NO WARRANTY.  You can redistribute and/or modify such

GPL code under the terms of GPL Version 2.0.  For more details, see the

documentation or “License Notice” file accompanying the IOS-XE software,

or the applicable URL provided on the flyer accompanying the IOS-XE

software.

 

 

ROM: IOS-XE ROMMON

 

Router uptime is 1 hours, 23 minutes, 33 seconds

Uptime for this control processor is 1 hours, 23 minutes, 33 seconds

System returned to ROM by power-on

System image file is “bootflash:/isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin”

Last reload reason: PowerOn

<output omitted>

Question:

What is the name of the IOS image that the router is running?

Type your answers here.

isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin.

  1. Use the show version command to answer the following questions about the switch.

S1# show version

Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)FX, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2005 by Cisco Systems, Inc.

Compiled Wed 12-Oct-05 22:05 by pt_team

 

ROM: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX, RELEASE SOFTWARE (fc4)

 

System returned to ROM by power-on

 

Cisco WS-C2960-24TT (RC32300) processor (revision C0) with 21039K bytes of memory.

 

 

24 FastEthernet/IEEE 802.3 interface(s)

2 Gigabit Ethernet/IEEE 802.3 interface(s)

 

<output omitted>

 

Switch   Ports  Model              SW Version              SW Image

——   —–  —–              ———-              ———-

*    1   26     WS-C2960-24TT      12.2                    C2960-LANBASE-M

 

Configuration register is 0xF

Questions:

What is IOS software image and version running on the switch?

Type your answers here.

Software image is c2960-lanbasem and software version is12.2.

What is the model number of the switch?

Type your answers here.

WS-C2960-24TT.

Step 2:  Display the routing table on the router.

Use the show ip route command on the router to answer the following questions.

R1# show ip route

<output omitted>

Gateway of last resort is not set

 

     192.168.0.0/24 is variably subnetted, 2 subnets, 2 masks

C       192.168.0.0/24 is directly connected, GigabitEthernet0/0/0

L       192.168.0.1/32 is directly connected, GigabitEthernet0/0/0

     192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks

C       192.168.1.0/24 is directly connected, GigabitEthernet0/0/1

L       192.168.1.1/32 is directly connected, GigabitEthernet0/0/1

Questions:

What code is used in the routing table to indicate a directly connected network?

Type your answers here.

The C designates a directly connected network. An L designates a local interface. Both answers are correct.

How many route entries are coded with a C code in the routing table?

Type your answers here.

2

What interface types are associated to the C coded routes?

Type your answers here.

G0/0/0 and G0/0/1

Step 3:  Display interface information on the router.

Use the show interface g0/1 to answer the following questions.

R1# show interfaces g0/0/1

GigabitEthernet0/0/1 is up, line protocol is up (connected)

Hardware is Lance, address is 00d0.bcaa.5702 (bia 00d0.bcaa.5702)

Internet address is 192.168.1.1/24

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Full-duplex, 100Mb/s, media type is RJ45

ARP type: ARPA, ARP Timeout 04:00:00,

Last input 00:00:08, output 00:00:05, output hang never

Last clearing of “show interface” counters never

Input queue: 0/75/0 (size/max/drops); Total output drops: 0

Queueing strategy: fifo

Output queue :0/40 (size/max)

<output omitted>

Questions:

What is the operational status of the G0/0/1 interface?

Type your answers here.

GigabitEthernet0/1 is up, line protocol is up

What is the Media Access Control (MAC) address of the G0/01 interface?

Type your answers here.

MAC address will appear in the form of: xxxx.xxxx.xxxx, where each x will be replaced with a hexadecimal number. In this example, it is 00d0.bcaa.5702.

How is the Internet address displayed in this command?

Type your answers here.

Internet address is 192.168.1.1/24.

Step 4:  Display a summary list of the interfaces on the router and switch.

There are several commands that can be used to verify an interface configuration. One of the most useful of these is the show ip interface brief command. The command output displays a summary list of the interfaces on the device and provides immediate feedback to the status of each interface.

  1. Enter the show ip interface brief command on the router.

R1# show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

GigabitEthernet0/0/0   192.168.0.1     YES NVRAM  up                    up

GigabitEthernet0/0/1   192.168.1.1     YES NVRAM  up                    up

Serial0/1/0            unassigned      YES unset  down                  down

Serial0/1/1            unassigned      YES unset  down                  down

Vlan1                  unassigned      YES NVRAM  administratively down down

  1. Enter the show ip interface brief command on the switch.

S1# show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol

FastEthernet0/1        unassigned      YES unset  down                  down   

FastEthernet0/2        unassigned      YES unset  down                  down   

<output omitted>

GigabitEthernet0/1     unassigned      YES unset  up                    up     

GigabitEthernet0/2     unassigned      YES unset  down                  down   

Vlan1                  192.168.1.2     YES manual up                    up     

Close configuration window

Part 3:  Secure Remote Access to the Router

Step 1:  Set the IP domain name and generate secure keys.

  1. On R1, configure the domain name as academy.net.

R1(config)# ip domain-name academy.net

  1. Generate RSA keys with a 1024 key length.

R1(config)# crypto key generate rsa

The name for the keys will be: R1.academy.net

Choose the size of the key modulus in the range of 360 to 2048 for your

  General Purpose Keys. Choosing a key modulus greater than 512 may take

  a few minutes.

 

How many bits in the modulus [512]: 1024

% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

Step 2:  Create an SSH user and configure VTY lines for SSH-only access.

  1. Create a user with SSHuser as the username and cisco as the secret password.

R1(config)# username SSHuser secret cisco

  1. Configure the VTY lines to use the local username database for login credentials.

R1(config)# line vty 0 4

R1(config-line)# login local

  1. The VTY lines should only allow SSH for remote access.

R1(config-line)# transport input ssh

Close configuration window

Step 3:  Verify SSH Implementation.

  1. Click PCA, select Command Prompt in the Desktop tab.
  2. At the prompt, enter ssh -l SSHuser 192.168.1.1.
  3. Enter cisco when prompted for the password.

Question:

What is the displayed message?

Type your answers here.

The configured banner MOTD is displayed.

You should be at the prompt of R1. If you are not successful, verify the configurations are correct and the credentials were entered correctly.

Reflection

  1. If the G0/0/1 interface showed administratively down, what interface configuration command would you use to turn the interface up?

Type your answers here.

R1(config-if)# no shutdown

  1. What would happen if you had incorrectly configured interface G0/0/1 on the router with an IP address of 192.168.1.2?

Type your answers here.

PC-A would not be able to ping PC-B. This is because PC-B is on a different network than PC-A which requires the default-gateway router to route these packets. PC-A is configured to use the IP address of 192.168.1.1 for the default-gateway router, but this address is not assigned to any device on the LAN. Any packets that need to be sent to the default-gateway for routing will never reach their destination.

Script

Router R1

hostname R1

enable secret class

username SSHuser secret cisco

interface GigabitEthernet0/0/0

 ip address 192.168.0.1 255.255.255.0

 no shutdown

interface GigabitEthernet0/0/1

 ip address 192.168.1.1 255.255.255.0

 no shutdown

banner motd Unauthorized access prohibited!

service password-encryption

line con 0

 password cisco

 login

line vty 0 4

 login local

 transport input ssh

ip domain-name academy.net

crypto key generate rsa

1024

Switch S1

hostname S1

enable secret class

interface Vlan1

 ip address 192.168.1.2 255.255.255.0

 no shutdown

service password-encryption

ip default-gateway 192.168.1.1

banner motd Unauthorized Access is Prohibited.

line con 0

 password cisco

 login

 

Leave a comment