Icnd 210 Cag
-
Upload
epnhendrix -
Category
Documents
-
view
418 -
download
4
Transcript of Icnd 210 Cag
ICND2
Interconnecting Cisco Networking Devices Part 2 Course Administration Guide
For Student Guide Version 1.0
Text Part Number: N/A
DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED “AS IS.” CISCO MAKES AND YOU RECEIVE NO WARRANTIES IN CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN ANY OTHER PROVISION OF THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. This learning product may contain early release content, and while Cisco believes it to be accurate, it falls subject to the disclaimer above.
ICND2
Course Management
Cisco CCNA Curriculum Changes in 2007 Designed to Job Tasks
The CCNA® curriculum was revised in 2007 to teach and test on-the-job tasks, skills, and knowledge that are expected of a CCNA graduate. The following course and exam objectives were designed from the job tasks.
Describe how a network works
— Describe the purpose and functions of various network devices
— Select the components required to meet a network specification
— Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network
— Describe common networked applications including web applications
— Describe the purpose and basic operation of the protocols in the OSI and TCP models
— Describe the implementation of VoIP in a small network
— Interpret network diagrams
— Determine the path between two hosts across the Internet
— Describe the components required for network and Internet communications
— Identify and correct common network problems at Layers 1, 2, 3, and 7 using a layered model approach
— Differentiate between LAN and WAN operation and features
Configure, verify, and troubleshoot a switch with VLANs and inter switch communications
— Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts
— Explain the technology and media access control method for Ethernet networks
— Explain network segmentation and basic traffic management concepts
— Explain basic switching concepts and the operation of Cisco switches
2 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
— Perform and verify initial switch configuration tasks including remote access management
— Verify network status and switch operation using basic utilities (ping, traceroute, Telnet, SSH, ARP, ipconfig), show and debug commands
— Identify and resolve common switched network media issues, configuration issues, autonegotiation, and SwitchHardware failures
— Describe enhanced switching technologies (VTP, RSTP, VLAN, PVSTP, 802.1Q)
— Describe how VLANs create logically separate networks and the need for routing between them
— Configure, verify, and troubleshoot VLANs
— Configure, verify, and troubleshoot trunking on Cisco switches
— Configure, verify, and troubleshoot inter-VLAN routing
— Configure, verify, and troubleshoot VTP
— Configure, verify, and troubleshoot RSTP operation
— Interpret the output of various show and debug commands to verify the operational status of a Cisco switched network
— Implement basic switch security (port security, unassigned ports, trunk access, management VLAN other than VLAN 1, and so on)
Implement an IP addressing scheme and IP services to meet network requirements
— Describe the operation and benefits of using private and public IP addressing
— Explain the operation and benefits of using DHCP and DNS
— Configure, verify, and troubleshoot DHCP operation on a router
— Implement static and dynamic addressing services for hosts in a LAN environment.
— Configure a device to support NAT and DHCP
— Calculate and apply a VLSM IP addressing design to a network
— Determine the appropriate classless addressing scheme using VLSM and summarization to satisfy addressing requirements in LAN and WAN environments
— Describe the technological requirements for running IPv6 (such as, protocols, dual stack, tunneling, and so on)
— Describe IPv6 addresses
— Identify and correct common problems associated with IP addressing and host configurations
— Configure, verify, and troubleshoot basic router operation and routing on Cisco devices
— Describe basic routing concepts (packet forwarding and router lookup process)
— Describe the operation of Cisco routers (router bootup process, POST, and router components)
— Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts
— Configure, verify, and troubleshoot RIPv2
© 2007 Cisco Systems, Inc. Course Administration Guide 3
— Access and use the router CLI to set basic parameters
— Connect, configure, and verify the operation status of a device interface
— Verify device configuration and network connectivity using ping, traceroute, telnet, SSH, or other utilities
— Perform and verify routing configuration tasks for a static or default route given specific routing requirements
— Manage Cisco IOS configuration files (save, edit, upgrade, and restore)
— Manage Cisco IOS Software images
— Compare and contrast methods of routing and routing protocols
— Configure, verify, and troubleshoot OSPF
— Configure, verify, and troubleshoot EIGRP
— Verify configuration and connectivity using ping, traceroute, and Telnet or SSH
— Troubleshoot routing implementation issues
— Verify router hardware and software operation using show and debug commands.
— Implement basic router security
— Install a small wireless network
— Describe standards associated with wireless media (802.11a, b, g, and n and Wi-Fi)
— Identify and describe the purpose of the components in a small wireless network
— Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point
— Describe wireless security concerns and explain how to configure WPA security (open, WEP, WPA1, and WPA2)
— Identify common issues with implementing wireless networks
— Identify security threats to a small network and describe general methods to mitigate those threats
— Describe modern, increasing network security threats and explain the need to implement a comprehensive security policy to mitigate the threats
— Explain general methods to mitigate common security threats to network devices, hosts, and applications
— Describe the functions of common security appliances and applications
— Describe security recommended practices including initial steps to secure network devices
— Describe the components of a VPN (importance, benefits, role, and impact)
— Identify Cisco VPN Client issues
— Implement and troubleshoot NAT and ACLs.
— Describe the purpose and types of ACLs
— Configure and apply ACLs based on network filtering requirements
— Configure and apply an ACL to limit Telnet and SSH access to the router
— Verify and monitor ACLs in a network environment
4 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
— Troubleshoot ACL implementation issues
— Explain the basic operation of NAT
— Use CLI to configure NAT with specific network requirements
— Troubleshoot NAT implementation issues
— Implement and verify WAN links
— Describe different methods for connecting to a WAN
— Configure and verify a basic WAN serial connection
— Configure and verify Frame Relay on Cisco routers
— Configure and verify a PPP connection between Cisco routers
— Troubleshoot WAN implementation issues
CCNA Curriculum in the Certification Pyramid Changes to the CCNA curriculum are intended to maintain the integrity and quality of the CCNA certification as the premier industry networking certification. CCNA certification remains the foundation for Professional- and Expert-level certifications, and for many Specialist certifications.
The CCNA curriculum was adjusted in mid-2007 to better fit and prepare for the Cisco CCNP® curriculum, as revised earlier in 2007. Topics and skills are introduced in CCNA as preparation for further study in the CCNP curriculum. The Course Administration Guides (CAGs) of each course within the curriculum specify the depth to teach on these topics, and when to recommend more advanced courses to students.
The Cisco Certified Entry Networking Technician (CCENT™) certification was introduced in mid-2007. The CCENT certification is attained by passing the Interconnecting Cisco Networking Devices Part 1 (ICND1) exam. This new certification, which is a step below CCNA certification, is a preparation and partial-completion of CCNA certification. CCENT certification may also be used as a prerequisite for specializations that do not require all of the skills and knowledge of CCNA certification.
During the transition from Introduction to Cisco Networking Technologies (INTRO) and ICND to ICND1 and ICND2, the CCNA certification website details how to qualify for CCNA certification by passing combinations of the INTRO, ICND, and CCNA exams and the ICND1, ICND2, and CCNA exams.
ICND1 and ICND2 Compared to INTRO and ICND Designed to Job Tasks
The CCNA curriculum was revised to base all topics and activities on the job tasks that are expected of a CCNA graduate. Course objectives were revised to teach and practice these job tasks. The list of job tasks for the curriculum was subdivided into task lists for each course. Each task list includes all skills and knowledge taught in the course, and the CAG specifies the depth to teach for each task. The course task list is detailed in the CAG for the course.
© 2007 Cisco Systems, Inc. Course Administration Guide 5
Two Equally Balanced Parts The CCNA curriculum is now composed of two balanced courses. Each course is a self-contained course with labs positioned throughout to practice skills soon after discussion. Each is a five-day course.
ICND1 Goal: Upon completing the ICND1 course, the learner should have the knowledge and skills necessary to install, operate, and troubleshoot a small branch office enterprise network, including configuring a switch, a router, and connecting to a WAN and implementing network security. A learner should be able to complete configuration and implementation of a small branch office network under supervision.
ICND2 Goal: Upon completing the ICND2 course, the learner should have the knowledge and skills necessary to install, operate, and troubleshoot a small to medium-size branch office enterprise network, including configuring several switches and routers, connecting to a WAN, and implementing network security. A learner should be ready to participate on a team to implement a small to medium-size branch office network and to serve on a tier-one help desk or network operating center.
Lessons have been moved from ICND (which is now ICND2) into ICND1. PPP, Network Address Translation (NAT) and Port Address Translation (PAT), and RIP version 2 (RIPv2) are introduced, and configuration skills are developed in ICND1. In ICND2, more advanced skills build on these foundations. This shift of topics results in a more comfortable allotment of time for ICND2.
ICND1 is a prerequisite to ICND2; a learner cannot participate and complete ICND2 without mastering the skills and knowledge of ICND1. Unlike INTRO, ICND1 is not simply a collection of background topics, but it is a complete, self-contained course with frequent lab practices.
Topics Added and Deleted The ISDN and Interior Gateway Routing Protocol (IGRP) topics have been removed because they are outdated and are no longer commonly encountered at an Associate level. The following new topics and lessons were added:
Network security topics and lessons have been added. Learners secure switches, routers, and ports, and implement basic network security. Learners do not design security policy but implement only basic security measures according to a given policy.
Connecting a WLAN to a network was added to ICND1. Only the client security aspects are discussed. The learner is not expected to implement wireless access points. The learner troubleshoots client connectivity. To avoid the expense of adding WLAN equipment, no lab is specified.
Learners are still directed to verify changes and configurations they have made. Troubleshooting topics and lessons have been added to broaden the job tasks of a CCNA graduate. Troubleshooting tasks are positioned as part of day-to-day or “Day Two” activities. CCNA learners would be expected to perform elementary troubleshooting when they are acting as members of a network operations center or help desk.
Although Telnet is still taught, students are encouraged to employ SSH as the preferred method of remotely accessing devices.
Learners are expected to be proficient in configuring with both command-line interface (CLI) and Cisco Router and Security Device Manager (SDM).
6 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Labs have been updated as follows:
ICND1 and ICND2 are each five-day courses, which allows the learner to have more practice in labs. Lab activities are about 40 percent of each course time budget. This lecture-to-lab ratio can be further refined.
Labs occur throughout the courses, requiring students to practice each set of skills and job tasks soon after they are discussed. Labs are positioned within modules but can be collected at the end of each module at the convenience of the instructor or availability of lab equipment.
All labs are designed for remote access.
The lab topology and equipment list are common to both ICND1 and ICND2. Cisco equipment that is currently available, including Cisco Integrated Services Routers, is specified. Note that the specified Cisco IOS Software version introduces a restriction on device naming; this is documented in the CAGs and Lab Guides.
Labs are not “cookbook” labs; students are not expected to rigidly perfom each step in the Lab Guide. The CAG describes how to introduce and conduct each lab. The Lab Guide presents the objective and scenario for the lab and a series of tasks to be performed. A solution or sample is provided at the end of the Lab Guide. The Instructor should reference the CAG and employ the Lab Guide to mentor students during labs, maximizing their hands-on experience.
The concluding lab activity of ICND1 is a “capstone” lab in which the student will pull together all the knowledge and skills of the course to implement a small branch office.
The first module—and the first student activity—of ICND2 is a “warm-up” lab. Learners review and practice the skills and knowledge of the prerequisite ICND1 to implement a small branch office network. This network is the basis for ICND2 labs, in which the student extends the features and functionality of the network. This lab is positioned at the beginning of the ICND2 course for the instructor to assess the students completion of the prerequisites and readiness to deepen their skills and knowledge in ICND2.
Overview Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 is a five-day instructor-led course that focuses on using Cisco Catalyst switches and Cisco routers that are connected in LANs and WANs and are typically found at medium-sized network sites.
Outline The Course Management section of the Course Administration Guide includes these topics:
Overview
Course Instruction Details
Course Delta Information
Course Evaluations
Course Version This course supersedes Interconnecting Cisco Network Devices (ICND) v2.3.
© 2007 Cisco Systems, Inc. Course Administration Guide 7
Course Objectives Upon completing this course, the learner will be able to meet these overall objectives:
Review how to configure and troubleshoot a small network
Expand the switched network from a small LAN to a medium-sized LAN with multiple switches, supporting VLANs, trunking, and spanning tree
Describe routing concepts as they apply to a medium-sized network and discuss considerations when implementing routing on the network
Configure, verify, and troubleshoot OSPF
Configure, verify, and troubleshoot EIGRP
Determine how to apply ACLs based on network requirements, and to configure, verify, and troubleshoot ACLs on a medium-sized network
Describe when to use NAT or PAT on a medium-sized network and configure NAT or PAT on routers
Identify and implement the appropriate WAN technology based on network requirements
Target Audience The primary audience for this course is as follows:
Network administrators
Network engineers
Network managers
Systems engineers
The secondary audience for this course is as follows:
Network designers
Project managers
The tertiary audience for this course is as follows:
Program managers
Learner Skills and Knowledge The knowledge and skills that a learner must have before attending this course are as follows:
Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
The ability to install, configure, and troubleshoot a small network
8 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Course Instruction Details This topic provides the information that you need to prepare the course materials and set up the classroom environment.
Instructor Requirements To teach this course, instructors must have attended the following training or completed the following requirements:
An active Cisco Certified Systems Instructor who has been certified to teach INTRO and ICND must complete the CCNA Instructor Update Briefing.
All other Cisco Certified Systems Instructors in good standing will need to do the following:
— Complete the ICND1 course as a learner.
— Attend the ICND2 course as a learner.
— Pass the CCNA certification test (or both the ICND1 and ICND2 certification tests).
— For instructors who have yet to take the certification test but have completed the courses, certifications will be provisional. The guidelines for ICND instructors apply.
A Cisco Certified Systems Instructor who is certified in technology and is a WAN-certified instructor is part of a “common pool” and may teach courses in either area. All other Cisco Certified Systems Instructors may only teach courses in the area of specialization for which they are certified.
Note Submit questions concerning instructor certification to [email protected].
Classroom Reference Materials These items should be available for the learner during the course:
Student guide
Lab guide
Class Environment This information describes recommended class size and classroom setup:
Room set up classroom style with chairs and tables large enough for 16 learners
Eight pairs of chairs sharing access to eight laptops or eight PCs
A projector to display course Microsoft PowerPoint slides; projection screen as needed
Sufficient power for all equipment
For local labs, rack and floor space to locate all equipment
For remote lab delivery, access to the Internet for all learners and the instructor
© 2007 Cisco Systems, Inc. Course Administration Guide 9
Course Flow This is the suggested course schedule. You may make adjustments based on the skills, knowledge, and preferences of the learners in attendance. The presentation of all topics is optional for noncertification offerings, but you are encouraged to use them because they are designed to reinforce the lesson concepts and ensure that learners apply some of the concepts.
Day 1: Course Introduction, Small Network Implementation, and Medium-Sized Switched Network Construction
8:30–9:20 (0830–0920)
Course Introduction
9:30–10:20 (0930–1020)
Introducing the Review Lab
10:30–12:00 (1030–1200)
Lab 1-1: Implementing a Small Network (Review Lab)
12:00–1:00 (1200–1300)
Lunch
1:00–1:50 (1300–1350)
Implementing VLANs and Trunks
2:00–2:50 (1400–1450)
Implementing VLANs and Trunks (Cont.)
Improving Performance with Spanning Tree
3:00–3:50 (1500–1550)
Improving Performance with Spanning Tree (Cont.)
4:00–5:00 (1600–1700)
Routing Between VLANS
Securing the Expanded Network
5:00 (1700) Day ends
Day 2: Medium-Sized Switched Network Construction and Medium-Sized Routed Network Construction
8:00–8:30 (0800–0830)
Review of Day 1
8:30–9:20 (0830–0920)
Lab 2-1: Configuring Expanded Switched Networks
9:30–12:00 (0930–1200)
Lab 2-1: Configuring Expanded Switched Networks (Cont.)
12:00–1:00 (1200–1300)
Lunch
1:00–1:50 (1300–1350)
Troubleshooting Switched Networks
2:00–2:50 (1400–1450)
Lab 2-2: Troubleshooting Switched Networks
3:00–5:00 (1500–1700)
Reviewing Routing Operations
5:00 (1700) Day ends
10 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Day 3: Medium-Sized Routed Network Construction, Single-Area OSPF Implementation, and EIGRP Implementation
8:00–8:30 (0800–0830)
Review of Day 2
8:30–9:20 (0830–0920)
Reviewing Routing Operations (Cont.)
Implementing VLSM
9:30–12:00 (0930–1200)
Implementing OSPF
12:00–1:00 (1200–1300)
Lunch
1:00–1:50 (1300–1350)
Lab 4-1: Implementing OSPF
2:00–2:50 (1400–1450)
Troubleshooting OSPF
3:00–5:00 (1500–1700)
Lab 4-2: Troubleshooting OSPF
Implementing EIGRP
5:00 (1700) Day ends
Day 4: EIGRP Implementation, Access Control Lists, and Address Space Management
8:00–8:30 (0800–0830)
Review of Day 3
8:30–9:20 (0830–0920)
Implementing EIGRP (Cont.)
Lab 5-1: Implementing EIGRP
9:30–12:00 (0930–1200)
Troubleshooting EIGRP
Lab 5-2: Troubleshooting EIGRP
12:00–1:00 (1200–1300)
Lunch
1:00–1:50 (1300–1350)
Introducing ACL Operation
Configuring and Troubleshooting ACLs
2:00–2:50 (1400–1450)
Lab 6-1: Implementing and Troubleshooting ACLs
3:00–5:00 (1500–1700)
Scaling the Network with NAT and PAT
Lab 7-1: Configuring NAT and PAT
5:00 (1700) Day ends
Day 5: Address Space Management and LAN Extension into a WAN
8:00–8:30 (0800–0830)
Review of Day 4
8:30–9:20 (0830–0920)
Transitioning to IPv6
9:30–10:20 (0930–1020)
Lab 7-2: Implementing IPv6
10:30–12:00 (1030–1200)
Introducing VPN Solutions
12:00–1:00 (1200–1300)
Lunch
© 2007 Cisco Systems, Inc. Course Administration Guide 11
1:00–1:50 (1300–1350)
Establishing a Point-to-Point WAN Connection with PPP
Establishing a WAN connection with Frame Relay
2:00–2:50 (1400–1450)
Lab 8-1: Establishing a Frame Relay WAN
3:00–4:30 (1500–1630)
Troubleshooting Frame Relay WANs
Lab 8-2: Troubleshooting Frame Relay WANs
4:30–5:00 (1630–1700)
Wrap-up
High-Level Course Outline This subtopic provides an overview of how the course is organized. The course contains these components:
Course Introduction
Small Network Implementation
Medium-Sized Switched Network Construction
Medium-Sized Routed Network Construction
Single-Area OSPF Implementation
EIGRP Implementation
Access Control Lists
Address Space Management
LAN Extension into a WAN
Detailed Course Outline This in-depth outline of the course structure lists each module, lesson, and topic.
Course Introduction The Course Introduction provides learners with the course objectives and prerequisite learner skills and knowledge. The Course Introduction presents the course flow diagram and the icons that are used in the course illustrations and figures. This course component also describes the curriculum for this course, providing learners with the information that they need to make decisions regarding their specific learning path.
Overview
— Learner Skills and Knowledge
Course Goal and Objectives
Course Flow
Additional References
— Cisco Glossary of Terms
Your Training Curriculum
12 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 1: Small Network Implementation Upon completing this module, the learner will have reviewed how to configure and troubleshoot a small network.
Lesson 1: Introducing the Review Lab This lesson reviews how to configure a small network. Upon completing this lesson, the learner will be able to meet this objective:
Describe the functions of the CLI
Describe the configuration modes of the Cisco IOS Software
Describe the help facilities available in the Cisco IOS Software
Implement a basic switch and router configuration and ensure that they operate properly
The lesson includes these topics:
Cisco IOS CLI Functions
Configuration Modes of Cisco IOS Software
Help Facilities of the Cisco IOS CLI
Commands Review
The lesson includes this activity:
Lab 1-1: Implementing a Small Network (Review Lab)
© 2007 Cisco Systems, Inc. Course Administration Guide 13
Module 2: Medium-Sized Switched Network Construction Upon completing this module, the learner will be able to expand a small-sized, switched LAN to a medium-sized LAN with multiple switches, supporting VLANs, trunking, and spanning tree.
Lesson 1: Implementing VLANs and Trunks This lesson defines how and when to implement and verify VLANs and trunking, and implement them on the network. Upon completing this lesson, the learner will be able to meet these objectives:
Define the purpose and function of VLANs on Cisco Catalyst switches
Define the purpose and function of IEEE 802.1Q trunking on Cisco Catalyst switches
Define the purpose and function of VTP on Cisco Catalyst switches
List the steps required to configured a normal-range VLAN that uses VTP and 802.1Q trunking
The lesson includes these topics:
Understanding VLANs
Understanding Trunking with 802.1Q
Understanding VLAN Trunking Protocol
Configuring VLANs and Trunks
Lesson 2: Improving Performance with Spanning Tree This lesson describes situations in which spanning tree is used and how to implement it on the network. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the methods that are used to create fast physical connections between switches in a redundant topology
Identify the potential issues of a redundant switched topology
Describe how spanning tree resolves issues of redundant switched networks
Configure RSTP, including the root switch and a backup root switch
The lesson includes these topics:
Building a Redundant Switched Topology
Recognizing Issues of a Redundant Switched Topology
Resolving Issues with STP
Configuring RSTP
Lesson 3: Routing Between VLANs This lesson defines how to describe the application and configuration of inter-VLAN routing for a medium-sized routed network. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the purpose of subinterfaces for inter-VLAN routing
14 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Configure inter-VLAN routing using 802.1Q and an external router
The lesson includes these topics:
Understanding Inter-VLAN Routing
Configuring Inter-VLAN Routing
Lesson 4: Securing the Expanded Network This lesson describes situations in which security is required at Layer 2, and implements it on the network. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the security needs of the expanded network and the characteristics of an organizational security policy
Describe how to secure switch devices, including securing access to the switch and switch protocols, and mitigating compromises that are launched through a switch
The lesson includes these topics:
Overview of Switch Security Concerns
Secure switch devices
The lesson includes this activity:
Lab 2-1: Configuring Expanded Switched Networks
Lesson 5: Troubleshooting Switched Networks This lesson defines how to identify an approach for troubleshooting and isolating common switched network problems and offer solutions. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the basic steps that are used to troubleshoot a switched network
Identify and resolve port connectivity issues
Identify and resolve VLAN and trunking issues
Identify and resolve VTP issues
Identify and resolve STP issues
The lesson includes these topics:
Troubleshooting Switches
Troubleshooting Port Connectivity
Troubleshooting VLANs and Trunking
Troubleshooting VTP
Troubleshooting Spanning Tree
The lesson includes this activity:
Lab 2-2: Troubleshooting Switched Networks
© 2007 Cisco Systems, Inc. Course Administration Guide 15
Module 3: Medium-Sized Routed Network Construction Upon completing this module, the learner will be able to describe routing concepts as they apply to a medium-sized network and discuss considerations when implementing routing on the network.
Lesson 1: Reviewing Routing Operations This lesson describes the application and limitations of dynamic routing for a medium-sized routed network. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the purpose and types of dynamic routing protocols
Describe the operation and implementation of distance vector routing protocols
Describe the operation and implementation of link-state routing protocols
The lesson includes these topics:
Reviewing Dynamic Routing
Understanding Distance Vector Routing Protocols
Understanding Link-State Routing Protocols
Lesson 2: Implementing VLSM This lesson describes the operation of VLSM and classless interdomain routing (CIDR) on Cisco routers and explains how Cisco routers implement route summarization. Upon completing this lesson, the learner will be able to meet these objectives:
Review subnet mask calculation
Describe the purpose of a VLSM and calculate VLSM
Describe the route summarization process and how routers manage route summarization
The lesson includes these topics:
Reviewing Subnets
Introducing VLSM
Summarizing Routes
16 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 4: Single-Area OSPF Implementation Upon completing this module, the learner will be able to configure, verify, and troubleshoot OSPF.
Lesson 1: Implementing OSPF This lesson defines the operation and configuration of a single-area OSPF network, including load balancing and authentication. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the features of OSPF
Describe how OSPF neighbor adjacencies are established
Describe the SPF algorithm that OSPF uses
Configure a single-area OSPF network
Configure a loopback interface to be used as the router ID
Verify a single-area OSPF network configuration
Use the OSPF debug commands to troubleshoot OSPF
Configure load balancing with OSPF
Configure authentication for OSPF
The lesson includes these topics:
Introducing OSPF
Establishing OSPF Neighbor Adjacencies
SPF Algorithm
Configuring and Verifying OSPF
Loopback Interfaces
OSPF Configuration Verification
Using OSPF debug Commands
Load Balancing with OSPF
Authentication with OSPF
The lesson includes this activity:
Lab 4-1: Implementing OSPF
© 2007 Cisco Systems, Inc. Course Administration Guide 17
Lesson 2: Troubleshooting OSPF This lesson defines how to identify an approach for troubleshooting common OSPF problems and offer solutions. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the basic components of OSPF troubleshooting
Identify and resolve errors with OSPF neighbor adjacencies
Identify and resolve errors with OSPF routing tables
Identify and resolve authentication problems
The lesson includes these topics:
Components of Troubleshooting OSPF
Troubleshooting OSPF Neighbor Adjacencies
Troubleshooting OSPF Routing Tables
Troubleshooting Plaintext Password Authentication
The lesson includes this activity:
Lab 4-2: Troubleshooting OSPF
18 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 5: EIGRP Implementation Upon completing this module, the learner will be able to configure, verify, and troubleshoot EIGRP.
Lesson 1: Implementing EIGRP This lesson defines the operation and configuration of EIGRP, including load balancing and authentication. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the features of EIGRP
Configure and verify EIGRP
Configure load balancing with EIGRP
Configure MD5 authentication with EIGRP
The lesson includes these topics:
Introducing EIGRP
Configuring and Verifying EIGRP
Load Balancing with EIGRP
EIGRP Authentication
The lesson includes this activity:
Lab 5-1: Implementing EIGRP
Lesson 2: Troubleshooting EIGRP This lesson defines how to identify an approach for troubleshooting common EIGRP problems and offer solutions. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the basic components of troubleshooting a network that is running EIGRP
Identify and resolve EIGRP neighbor relationship issues
Identify and resolve EIGRP routing table issues
Identify and resolve EIGRP authentication
The lesson includes these topics:
Components of Troubleshooting EIGRP
Troubleshooting EIGRP Neighbor Issues
Troubleshooting EIGRP Routing Tables
Troubleshooting EIGRP Authentication
The lesson includes this activity:
Lab 5-2: Troubleshooting EIGRP
© 2007 Cisco Systems, Inc. Course Administration Guide 19
Module 6: Access Control Lists Upon completing this module, the learner will be able to determine how to apply ACLs based on network requirements and configure, verify, and troubleshoot ACLs on a medium-sized network.
Lesson 1: Introducing ACL Operation This lesson defines the different types of IPv4 ACLs. Upon completing this lesson, the learner will be able to meet these objectives:
Explain the purpose of ACLs and give examples of when to use them
Explain how inbound and outbound ACLs operate
Describe numbered and named, standard and extended IPv4 ACLs
Describe time-based, reflexive, and dynamic extended ACLs
Use wildcard masking to create IPv4 ACLs
The lesson includes these topics:
Understanding ACLs
ACL Operation
Types of ACLs
Additional Types of ACLs
ACL Wildcard Masking
Lesson 2: Configuring and Troubleshooting ACLs This lesson defines how to configure and troubleshoot standard and extended, numbered and named IPv4 ACLs. Upon completing this lesson, the learner will be able to meet these objectives:
Configure and verify numbered standard IPv4 ACLs
Configure and verify numbered extended IPv4 ACLs
Configure and verify both standard and extended named IPv4 ACLs
Identify and resolve common ACL configuration errors
The lesson includes these topics:
Configuring Numbered Standard IPv4 ACLs
Configuring Numbered Extended IPv4 ACLs
Configuring Named ACLs
Troubleshooting ACLs
The lesson includes this activity:
Lab 6-1: Implementing and Troubleshooting ACLs
20 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 7: Address Space Management Upon completing this module, the learner will be able to describe when to use NAT or PAT on a medium-sized network and configure NAT or PAT on routers.
Lesson 1: Scaling the Network with NAT and PAT This lesson defines how to configure and verify static, dynamic, and overloading NAT and identify key show and debug command parameters that are required for troubleshooting. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the features and benefits of NAT and PAT
Describe how to translate inside source addresses by using static and dynamic translation and configure NAT
Configure PAT by overloading an inside global address
Identify and resolve issues with the NAT translation table
Identify and resolve issues with using the correct translation entry
The lesson includes these topics:
Introducing NAT and PAT
Translating Inside Source Addresses
Overloading an Inside Global Address
Resolving Translation Table Issues
Resolving Issues with Using the Correct Translation Entry
The lesson includes this activity:
Lab 7-1: Configuring NAT and PAT
© 2007 Cisco Systems, Inc. Course Administration Guide 21
Lesson 2: Transitioning to IPv6 This lesson defines how to explain the format of IPv6 addresses and components that are required to run IPv6, explain the impact of IPv6 on network routing, and configure basic IPv6 parameters. Upon completing this lesson, the learner will be able to meet these objectives:
Explain the need for IPv6
Describe the format of the IPv6 address
Explain the methods that are used to assign an IPv6 address
Explain how IPv6 affects common routing protocols and the necessary modifications you need to make to these protocols
Explain transition strategies for implementing IPv6
Configure IPv6 with RIPng through an IPv4 network
The lesson includes these topics:
Reasons for Using IPv6
Understanding the IPv6 Address
Assigning IPv6 Addresses
Routing Considerations with IPv6
Strategies for Implementing IPv6
Configuring IPv6
The lesson includes this activity:
Lab 7-2: Implementing IPv6
22 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module 8: LAN Extension into a WAN Upon completing this module, the learner will be able to identify and implement the appropriate WAN technology based on network requirements.
Lesson 1: Introducing VPN Solutions This lesson defines how to describe the uses of VPNs for site-to-site and remote-user access. You will learn about the benefits of VPN implementations and the underlying hardware, software, and protocols required to configure a VPN solution. Upon completing this lesson, the learner will be able to meet these objectives:
Define a VPN
Define the different types of and uses for VPNs
Describe the components of VPN
Describe IPsec and its components
Describe how encryption, integrity, and authentication are applied to the IPsec protocol suite
The lesson includes these topics:
VPNs and Their Benefits
Types of VPNs
Components of VPNs
Introducing IPsec
IPsec Protocol Framework
Lesson 2: Establishing a Point-to-Point WAN Connection with PPP This lesson defines how to connect to a service provider over a network and describe the operation and configuration of PPP. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the types of encapsulation that are available on Cisco routers
Describe the features and functionality of PPP
Configure and verify PPP
The lesson includes these topics:
Understanding WAN Encapsulations
Overview of PPP
Configuring and Verifying PPP
© 2007 Cisco Systems, Inc. Course Administration Guide 23
Lesson 3: Establishing a WAN Connection with Frame Relay This lesson defines how to connect to a service provider over a network and describe the operation and configuration of Frame Relay. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the features and functions of Frame Relay
Configure Frame Relay
Verify that Frame Relay is functioning as configured
The lesson includes these topics:
Understanding Frame Relay
Configuring Frame Relay
Verifying Frame Relay
The lesson includes this activity:
Lab 8-1: Establishing a Frame Relay WAN
Lesson 4: Troubleshooting Frame Relay WANs This lesson defines how to identify an approach for troubleshooting common Frame Relay problems and offer solutions. Upon completing this lesson, the learner will be able to meet these objectives:
Describe the basic steps that are used to troubleshoot a Frame Relay WAN
Identify and resolve the most common Frame Relay connectivity issues
The lesson includes these topics:
Components of Troubleshooting Frame Relay
Troubleshooting Frame Relay Connectivity Issues
The lesson includes this activity:
Lab 8-2: Troubleshooting Frame Relay WANs
24 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Course Evaluations Cisco uses a post-course evaluation system, Metrics That Matter (MTM), for its instructor-led courses. The instructor must ensure that each learner is aware of the confidential evaluation process and that all learners submit an evaluation for each course. There are two options for learners to complete the evaluation.
For Classes with Internet Access A URL will be made available, specific to each Cisco Learning Partner. Obtain the URL from your MTM system administrator before the last day of class.
1. Upon completion of the course, instruct the learners to enter the URL into their browser.
2. Make sure that the learners input their e-mail address (used only for a follow-up evaluation).
Note Sixty days following a learning event, learners will receive a brief follow-up evaluation, and, again, responses will be kept confidential. E-mail addresses will not be used for marketing purposes. (If learners do not have e-mail addresses, they may type in a “dummy” address.)
3. Instruct the learners to select the appropriate course from the drop-down list.
4. Instruct the learners to complete the course evaluation and click Submit one time only.
5. Advise the learners to wait for “Thank you” to appear on the screen before leaving.
For Classes Without Internet Access A paper-based version of the post-course evaluation is available. Your MTM system administrator can provide you with copies.
1. Distribute paper-based evaluations at the beginning of the last day of class.
2. Instruct the learners to complete the survey only after completing the course.
3. Collect the evaluations and submit them to your MTM system administrator.
To View Evaluation Results To view your post-course evaluation results:
1. Go to www.metricsthatmatter.com/client. (Reminder: All data is confidential; you will see only your own data.)
2. Log in using your ID and the password sent to you from MTM or provided by your company MTM system administrator to ensure confidentiality.
3. Choose Menu Option – Learner Evaluation Reports:
— Evaluation Retrieval Tool
— Class Evaluation Summary Report
4. Search for and select the appropriate class.
© 2007 Cisco Systems, Inc. Course Administration Guide 25
Lab Setup
Overview The purpose of the “Lab Setup” section is to assist in the setup and configuration of the training equipment for Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 course. This section includes these topics:
Lab Topology
Hardware and Software Requirements
Workstation Configuration
Lab Equipment Configuration
General Lab Setup
Lab 1-1: Implementing a Small Network (Review Lab)
Lab 2-1: Configuring Expanded Switched Networks
Lab 2-2: Troubleshooting Switched Networks
Lab 4-1: Implementing OSPF
Lab 4-2: Troubleshooting OSPF
Lab 5-1: Implementing EIGRP
Lab 5-2: Troubleshooting EIGRP
Lab 6-1: Implementing and Troubleshooting ACLs
Lab 7-1: Configuring NAT and PAT
Lab 7-2: Implementing IPv6
Lab 8-1: Establishing a Frame Relay WAN
Lab 8-2: Troubleshooting Frame Relay WANs
Configuration Files Summary
Lab Activity Solutions
Teardown and Restoration
26 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Topology This topic describes the lab topology for Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—3
CCNA Lab Topology
Note The ICND2 course shares a common lab topology with the ICND1 course. However, the ICND1 course lab uses a third core switch (core switch C), which is not used in ICND2.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—2
ICND2 Lab Configuration: CoreSwitchC Not Shown Example: Two out of Eight Total Workgroups
© 2007 Cisco Systems, Inc. Course Administration Guide 27
The ICND2 lab consists of eight workgroups, A through H, supporting 16 learners. A workgroup consists of a workgroup router (for example, RouterA), and a workgroup switch (for example, SwitchA). Each workgroup has connectivity to the core equipment (for example, CoreRouter, CoreSwitchA, and CoreSwitchB), which are managed by the instructor.
Due to lab design, lab activities will eventually require an even number of workgroups; workgroup A will collaborate with workgroup B, C with D, E with F, and G with H.
The IP addressing changes during the course. Check the addressing tables that accompany the corresponding lab activities.
28 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Hardware and Software Requirements Hardware List
The hardware listed in the following table is suggested for supporting both the ICND1 and ICND2 course labs.
Description Mfr. Part Number Qty.
Learner Pod Equipment: 2 Learners Per Pod, 8 Pods Total Per Class
Cisco Catalyst 2960 Series Switch Cisco WS-2960-24TT-L 8
Cisco 2811 Integrated Services Router Cisco CISCO2811 8
2-Port Serial WIC Cisco WIC-2T 8
Cables DTE Cisco CAB-SS-X21MT 12
Cables DCE Cisco CAB-SS-X21FC 4
Microsoft Windows PC Varies N/A 8
Common Equipment: Supports 8 Pods, 1 Set Per Class (ICND 1 and 2)
Cisco Catalyst 2960 Series Switch (CoreSwitchA, CoreSwitchB, and CoreSwitchC)
Cisco WS-2960-24TT-L 3
Cisco 2811 Integrated Services Router (Core Router)
Cisco CISCO 2811 1
8-Port Asynchronous Serial Network Module Cisco NM-8A/S 1
Cables DCE Cisco CAB-X21FC 8
2-Port Serial WIC Cisco WIC-2T 1
Cables DTE Cisco CAB-SS-X21MT 1
Cables DCE Cisco CAB-SS-X21FC 1
Cisco 2811 Integrated Services Router (VPN or console server)
Cisco CISCO2811 1
16-Port Asynchronous Module Cisco NM-16A 1
Cables for NM-16A Cisco CAB-OCTAL-ASYNC 2
8-Port Asynchronous HWIC Cisco HWIC8A 1
High-density 8-port EIA-232 Async Cable Cisco CAB-HD-ASYNC 1
Other Required Equipment
A TFTP server is required to support local services.
Generic N/A 1
© 2007 Cisco Systems, Inc. Course Administration Guide 29
Software List The software listed in the following table is suggested for supporting both the ICND1 and ICND2 course labs.
Description Mfr. Part Number Qty.
Cisco IOS Release 12.2 on Cisco Catalyst switches
(C2960-LANBASEK9-M), Version 12.2(25)SEE2
Cisco TBD 1 per device
Cisco IOS Release 12.4 on Cisco Integrated Services Routers
(C2800NM-ADVIPSERVICESK9-M), Version 12.4(12)
Cisco TBD 1 per device
PCs: Windows 2000 or XP Microsoft N/A 1 per PC
PCs: Cisco VPN Client software Cisco N/A 8 (download from Cisco.com)
Wireshark Packet Sniffer Wireshark N/A 8 (on course CD)
PuTTY term emulator PuTTY N/A 8 (on course CD)
TFTP32
Go to http://tftpd32.jounin.net/ for more information
Jounin N/A
30 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Equipment Configuration This equipment configuration information is necessary for initial setup of the lab configuration.
Lab Cabling Workgroup Routers and Switches
Device Interface Device Interface Remarks
RouterA Fa0/0 SwitchA Fa0/2 ST
S0/0/0 CoreRouter S 1/0 DTE
S0/0/1 RouterB S 0/0/1 DTE
SwitchA Fa0/2 RouterA Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/1 XO
Fa0/12 CoreSwitchB Fa0/1 XO
Router B Fa0/0 SwitchB Fa0/2 ST
S0/0/0 CoreRouter S1/1 DTE
S0/0/1 RouterA S0/0/1 DCE
SwitchB Fa0/2 RouterB Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/2 XO
Fa0/12 CoreSwitchB Fa0/2 XO
RouterC Fa0/0 SwitchC Fa0/2 ST
S0/0/0 CoreRouter S1/2 DTE
S0/0/1 RouterD S0/0/1 DTE
SwitchC Fa0/2 RouterC Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/3 XO
Fa0/12 CoreSwitchB Fa0/3 XO
RouterD Fa0/0 SwitchD Fa0/2 ST
S0/0/0 CoreRouter S1/3 DTE
S0/0/1 RouterC S0/0/1 DCE
SwitchD Fa0/2 RouterD Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/4 XO
Fa0/12 CoreSwitchB Fa0/4 XO
© 2007 Cisco Systems, Inc. Course Administration Guide 31
Device Interface Device Interface Remarks
RouterE Fa0/0 SwitchE Fa0/2 ST
S0/0/0 CoreRouter S1/4 DTE
S0/0/1 RouterF S0/0/1 DTE
SwitchE Fa0/2 RouterE Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/5 XO
Fa0/12 CoreSwitchB Fa0/5 XO
RouterF Fa0/0 SwitchF Fa0/2 ST
S0/0/0 CoreRouter S1/5 DTE
S0/0/1 RouterE S0/0/1 DCE
SwitchF Fa0/2 RouterF Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/6 XO
Fa0/12 CoreSwitchB Fa0/6 XO
RouterG Fa0/0 SwitchG Fa0/2 ST
S0/0/0 CoreRouter S1/6 DTE
S0/0/1 RouterH S0/0/1 DTE
SwitchG Fa0/2 RouterG Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/7 XO
Fa0/12 CoreSwitchB Fa0/7 XO
RouterH Fa0/0 SwitchH Fa0/2 ST
S0/0/0 CoreRouter S1/7 DTE
S0/0/1 RouterG S0/0/1 DCE
SwitchH Fa0/2 RouterH Fa0/0 ST
Fa0/11 CoreSwitchA Fa0/8 XO
Fa0/12 CoreSwitchB Fa0/8 XO
ST = straight RJ-45; XO = cross-over RJ-45
32 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Core SwitchAfc
Device Interface Device Interface Remarks
Core switch A Fa0/1 SwitchA Fa0/11 XO
Fa0/2 SwitchB Fa0/11 XO
Fa0/3 SwitchC Fa0/11 XO
Fa0/4 SwitchD Fa0/11 XO
Fa0/5 SwitchE Fa0/11 XO
Fa0/6 SwitchF Fa0/11 XO
Fa0/7 SwitchG Fa0/11 XO
Fa0/8 SwitchH Fa0/11 XO
Fa0/9–fa0/12 Unused
Fa0/13 CoreSwitchB Fa0/13 XO
Fa0/14 CoreSwitchB Fa0/14 XO
Fa0/15–fa0/22 Unused
Fa0/23 CoreRouter Fa0/0 ST
Fa0/24 TFTP ST
Gi0/1 Unused
Gi0/2 Unused
Core SwitchB
Device Interface Device Interface Remarks
Core SwitchB Fa0/1 SwitchA Fa0/12 XO
Fa0/2 SwitchB Fa0/12 XO
Fa0/3 SwitchC Fa0/12 XO
Fa0/4 SwitchD Fa0/12 XO
Fa0/5 SwitchE Fa0/12 XO
Fa0/6 SwitchF Fa0/12 XO
Fa0/7 SwitchG Fa0/12 XO
Fa0/8 SwitchH Fa0/12 XO
Fa0/9–fa0/12 Unused
Fa0/13 CoreSwitchA Fa0/13 XO
Fa0/14 CoreSwitchA Fa0/14 XO
Fa0/15–fa0/24 Unused
Gi0/1 Unused
Gi0/2 Unused
© 2007 Cisco Systems, Inc. Course Administration Guide 33
Core Router/Frame Relay Switch
Device Interface Device Interface Remarks
Core Router
Fa0/0 CoreSwitchA FA0/23 ST
S1/0 RouterA S0/0/0 DCE
S1/1 RouterB S0/0/0 DCE
S1/2 RouterC S0/0/0 DCE
S1/3 RouterD S0/0/0 DCE
S1/4 RouterE S0/0/0 DCE
S1/5 RouterF S0/0/0 DCE
S1/6 RouterG S0/0/0 DCE
S1/7 RouterH S0/0/0 DCE
S0/0/0 CoreRouter S0/0/1 Loopback DCE
S0/0/1 CoreRouter S0/0/0 Loopback DTE
TFTP Server Preparation Several labs require the use of a TFTP server. Configure the server with the address of 10.1.1.1/24 and default gateway of 10.1.1.3. Also, copy the following files into the TFTP root directory so they are available for download.
i2-corero1-dot1Q.txt i2-corero2-routing.txt
i2-corero3-frame.txt i2-coreswa1-no-trunk-to-wg.txt
i2-coreswa2-trunk-to-wg.txt i2-coreswa3-ports-to-wg-shut.txt
i2-coreswb1-ports-to-wg-shut.txt i2-coreswb2-trunk-to-wg.txt
i2-wg_ro-config-lab2-2.txt i2-wg_ro-config-lab4-2.txt
i2-wg_ro-config-lab6-1.txt i2-wg_ro-config-lab8-2.txt
i2-wg_sw-config-lab2-2.txt i2-wg_sw-config-lab6-1.txt
Terminal Server Preparation Several lab activities require learners to open multiple console connections simultaneously, for example, one session with the workgroup router and one session with the workgroup switch. Lab developers should ensure the remote lab equipment terminal server has an adequate number of vty lines available, the suggested minimum number of which is 18 to 20.
34 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
General Lab Setup This information details the procedure to set up and configure the lab equipment at the beginning of each class.
Step 1 Download the initial core configuration from the TFTP server into each of the startup-configuration of the core devices. The initial core configuration files are as follows:
Device Configuration File to Install
CoreRouter i2-corero1-dot1Q.txt
CoreSwitchA i2-coreswa1-no-trunk-to-wg.txt
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt
Workgroup routers or switches None
Note Learners will create their own initial workgroup configurations.
Step 2 Reload each core device.
Caution If your ICND2 course is sharing the lab topology that supports the ICND1 course, it is suggested that all ports on core SwitchC remain disabled for all ICND2 labs. CoreSwitchC is not used for any ICND2 labs.
© 2007 Cisco Systems, Inc. Course Administration Guide 35
Lab 1-1: Implementing a Small Network (Review Lab)
This topic details the lab activity for Lab 1-1.
Objectives You will complete these tasks in this lab:
Return your workgroup switch and router to their default configurations
Configure your workgroup switch and router with their proper identities and IP addressing
Provide basic security with passwords and port security
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—3
Visual Objective 1-1: Implementing a Small Network (Review Lab)
WG Switch Routerfa0/0
A 10.1.1.10 10.1.1.11B 10.1.1.20 10.1.1.21 C 10.1.1.30 10.1.1.31D 10.1.1.40 10.1.1.41E 10.1.1.50 10.1.1.51F 10.1.1.60 10.1.1.61G 10.1.1.70 10.1.1.71H 10.1.1.80 10.1.1.81
36 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero1-dot1Q.txt See “General Lab Setup”
CoreSwitchA i2-coreswa1-no-trunk-to-wg.txt See “General Lab Setup”
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt See “General Lab Setup”
Workgroup routers and switches
None See “General Lab Setup”
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch Name
Workgroup Router Name
SwitchX Port
CoreSwitchA Port
Workgroup Switch Interface
VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
A SwitchA RouterA Fa0/11 Fa0/1 10.1.1.10/24 10.1.1.11/24
B SwitchB RouterB Fa0/11 Fa0/2 10.1.1.20/24 10.1.1.21/24
C SwitchC RouterC Fa0/11 Fa0/3 10.1.1.30/24 10.1.1.31/24
D SwitchD RouterD Fa0/11 Fa0/4 10.1.1.40/24 10.1.1.41/24
E SwitchE RouterE Fa0/11 Fa0/5 10.1.1.50/24 10.1.1.51/24
F SwitchF RouterF Fa0/11 Fa0/6 10.1.1.60/24 10.1.1.61/24
G SwitchG RouterG Fa0/11 Fa0/7 10.1.1.70/24 10.1.1.71/24
H SwitchH RouterH Fa0/11 Fa0/8 10.1.1.80/24 10.1.1.81/24
Instructor Notes In this lab, the learner removes any previous configuration from the workgroup router and switches and creates a basic workgroup router and switch configuration, which becomes the basis for all future labs.
The purpose of this lab is not to introduce new concepts to the learners but to review prerequisite concepts and commands the learners should understand prior to attending this course. The instructor should use this lab to gain the following information:
Gauge the prerequisite learner knowledge
Identify the topical strengths and weaknesses of the learners
Help determine learner workgroup partner pairings for future labs
The instructor will also provide the setup information to access the remote lab equipment.
© 2007 Cisco Systems, Inc. Course Administration Guide 37
Lab 2-1: Configuring Expanded Switched Networks
This topic details the lab activity for Lab 2-1.
Objectives You will complete these tasks in this lab:
Configure the switch to participate in a VTP domain and configure the switch for transparent mode
Configure trunking on a trunk port to provide access to a router on the network
Configure separate VLANs for separate logical networks
Enable RSTP and configure the root switch and backup root switch
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—4
Visual Objective 2-1: Configuring Expanded Switched Networks
Subnet VLAN Devices10.1.1.0 1 Core Switches, CoreRouter, SwitchX10.2.2.0 2 CoreRouter, RouterA 10.3.3.0 3 CoreRouter, RouterB10.4.4.0 4 CoreRouter, RouterC10.5.5.0 5 CoreRouter, RouterD10.6.6.0 6 CoreRouter, RouterE10.7.7.0 7 CoreRouter, RouterF10.8.8.0 8 CoreRouter, RouterG10.9.9.0 9 CoreRouter, RouterH
38 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero1-dot1Q.txt This setup is the same as the previous lab.
CoreSwitchA i2-coreswa2-trunk-to-wg.txt Copy this configuration to the running configuration.
CoreSwitchBB i2-coreswb2-trunk-to-wg.txt Copy this configuration to the running configuration.
Instructor Notes If time permits, in optional Task 5, the learner configures a Per VLAN Rapid Spanning Tree (PVRST) primary and secondary root bridge with a partner workgroup. The instructor may assign this task to groups that finish the previous tasks and are waiting for the remainder of the class to complete the lab.
© 2007 Cisco Systems, Inc. Course Administration Guide 39
Lab 2-2: Troubleshooting Switched Networks This topic details the lab activity for Lab 2-2.
Objectives You will complete this task in this lab:
Discover switched network connectivity issues, follow troubleshooting guidelines to ascertain switched connectivity problems, and re-establish switched network connectivity
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—5
Visual Objective 2-2: Troubleshooting Switched Networks
WG Switch Routerfa0/0
A 10.1.1.10 10.2.2.12B 10.1.1.20 10.3.3.12 C 10.1.1.30 10.4.4.12D 10.1.1.40 10.5.5.12E 10.1.1.50 10.6.6.12F 10.1.1.60 10.7.7.12G 10.1.1.70 10.8.8.12H 10.1.1.80 10.9.9.12
40 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero1-dot1Q.txt This setup is the same as the previous lab.
CoreSwitchA i2-coreswa2-trunk-to-wg.txt This setup is the same as the previous lab.
CoreSwitchB i2-coreswb2-trunk-to-wg.txt This setup is the same as the previous lab.
Workgroup routers i2-wg_ro-config-lab2-2.txt Learners download this configuration from the TFTP server as part of the lab.
It is used at end of lab activity to test whether the learners have troubleshot and fixed the problems correctly. It is simply a “congratulations” banner.
Workgroup switches i2-wg_sw-config-lab2-2.txt Learners download this configuration from the TFTP server as part of the lab.
Instructor Notes Learners will download a faulty configuration into their workgroup switches from the TFTP server and troubleshoot to correct the problems. The problems introduced are as follows:
A VLAN is missing from the VLAN database.
Trunking to the core is turned off and an incorrect trunking mode (dynamic desirable) is introduced.
A duplex mismatch with the core is configured.
Instructors should remind learners to refrain from simply issuing a show run command and comparing the problem configuration with the working baseline configuration. One of the objectives of the lab activity is for the learners to work on their troubleshooting skills by practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing that reviews the possible steps learners took to gather symptoms and isolate and correct problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the debriefing process.
© 2007 Cisco Systems, Inc. Course Administration Guide 41
Lab 4-1: Implementing OSPF This topic details the lab activity for Lab 4-1.
Objectives You will complete these tasks in this lab:
Disable the LAN connections to the core
Enable the serial connections on a workgroup router
Configure OSPF on a workgroup router
Configure plaintext authentication for OSPF
Verify the correct operation and configuration of OSPF routing and OSPF plaintext authentication
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—6
Visual Objective 4-1: Implementing OSPF
42 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt Copy this configuration to the running configuration.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt Copy this configuration to the running configuration.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt Copy this configuration to the running configuration.
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch
Interface VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Workgroup Router S0/0/1
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.23.23.1/24 10.140.1.1/24
B 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.23.23.2/24 10.140.2.1/24
C 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.45.45.1/24 10.140.3.1/24
D 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.45.45.2/24 10.140.4.1/24
E 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.67.67.1/24 10.140.5.1/24
F 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.67.67.2/24 10.140.6.1/24
G 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.89.89.1/24 10.140.7.1/24
H 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.89.89.2/24 10.140.8.1/24
Instructor Notes With the implementation of OSPF plaintext authentication, instructors may find that learners have a partial OSPF neighbor table during the lab activity. To have a complete OSPF neighbor table, the local and peer routers must have successfully configured OSPF with authentication.
© 2007 Cisco Systems, Inc. Course Administration Guide 43
Lab 4-2: Troubleshooting OSPF This topic details the lab activity for Lab 4-2.
Objectives You will complete this task in this lab:
Discover OSPF network connectivity issues and follow troubleshooting guidelines to isolate and fix OSPF connectivity problems
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—7
Visual Objective 4-2: Troubleshooting OSPF
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt This setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt This setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt This setup is the same as the previous lab.
Workgroup routers i2-wg_ro-config-lab4-2.txt Learners download this file as part of the lab.
44 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch
Interface VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Workgroup Router S0/0/1
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.23.23.1/24 10.140.1.1/24
B 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.23.23.2/24 10.140.2.1/24
C 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.45.45.1/24 10.140.3.1/24
D 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.45.45.2/24 10.140.4.1/24
E 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.67.67.1/24 10.140.5.1/24
F 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.67.67.2/24 10.140.6.1/24
G 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.89.89.1/24 10.140.7.1/24
H 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.89.89.2/24 10.140.8.1/24
Instructor Notes Learners will download a faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problems. The problems introduced are as follows:
An incorrect wildcard bit mask in the OSPF network statement
An incorrect OSPF authentication key configured with the CoreRouter
Instructors should remind learners to refrain from simply issuing a show run command and comparing the problem configuration with the working baseline configuration. One of the objectives of the lab activity is for the learners to work on their troubleshooting skills by practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing that reviews the possible steps learners took to gather symptoms and isolate and correct problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the debriefing process.
© 2007 Cisco Systems, Inc. Course Administration Guide 45
Lab 5-1: Implementing EIGRP This topic details the lab activity for Lab 5-1.
Objectives You will complete these tasks in this lab:
Configure EIGRP on the router
Configure MD5 authentication for EIGRP
Verify the correct operation and configuration of EIGRP routing using show commands, and verify the correct operation and configuration of EIGRP MD5 authentication
Debug the EIGRP neighbor processes
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—8
Visual Objective 5-1: Implementing EIGRP
46 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch
Interface VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Workgroup Router S0/0/1
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.23.23.1/24 10.140.1.1/24
B 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.23.23.2/24 10.140.2.1/24
C 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.45.45.1/24 10.140.3.1/24
D 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.45.45.2/24 10.140.4.1/24
E 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.67.67.1/24 10.140.5.1/24
F 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.67.67.2/24 10.140.6.1/24
G 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.89.89.1/24 10.140.7.1/24
H 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.89.89.2/24 10.140.8.1/24
Instructor Notes With the implementation of EIGRP Message Digest 5 (MD5) authentication, instructors may find learners have a partial EIGRP neighbor table during the lab activity. A complete EIGRP neighbor table requires the local and peer routers to have successfully configured EIGRP with authentication.
© 2007 Cisco Systems, Inc. Course Administration Guide 47
Lab 5-2: Troubleshooting EIGRP This topic details the lab activity for Lab 5-2.
Objectives You will complete these tasks in this lab:
Discover EIGRP network connectivity issues and follow troubleshooting guidelines to isolate and fix EIGRP connectivity problems
Test EIGRP network connectivity
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—9
Visual Objective 5-2: Troubleshooting EIGRP
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
48 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Additional Setup Notes IP Addresses
Workgroup Workgroup Router Fa0/0
Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router
Loopback 1 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Workgroup Router S0/0/1
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.3/24 192.168.1.65/28 172.16.2.1/24 10.140.1.2/24 10.23.23.1/24 10.140.1.1/24
B 10.3.3.3/24 192.168.1.81/28 172.16.3.1/24 10.140.2.2/24 10.23.23.2/24 10.140.2.1/24
C 10.4.4.3/24 192.168.2.65/28 172.16.4.1/24 10.140.3.2/24 10.45.45.1/24 10.140.3.1/24
D 10.5.5.3/24 192.168.2.81/28 172.16.5.1/24 10.140.4.2/24 10.45.45.2/24 10.140.4.1/24
E 10.6.6.3/24 192.168.3.65/28 172.16.6.1/24 10.140.5.2/24 10.67.67.1/24 10.140.5.1/24
F 10.7.7.3/24 192.168.3.81/28 172.16.7.1/24 10.140.6.2/24 10.67.67.2/24 10.140.6.1/24
G 10.8.8.3/24 192.168.4.65/28 172.16.8.1/24 10.140.7.2/24 10.89.89.1/24 10.140.7.1/24
H 10.9.9.3/24 192.168.4.81/28 172.16.9.1/24 10.140.8.2/24 10.89.89.2/24 10.140.8.1/24
Instructor Notes Learners will create a loopback interface in the 172.16.0.0 network causing a discontiguous network addressing scheme with the core loopback. To provide connectivity from their loopback network to the core loopback network, learners must configure EIGRP with the no auto-summary statement.
Instructors should remind learners to refrain from simply issuing a show run command and comparing the problem configuration with the working baseline configuration. One of the objectives of the lab activity is for learners to work on their troubleshooting skills by practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing that reviews the possible steps learners took to gather symptoms and isolate and correct problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the debriefing process.
© 2007 Cisco Systems, Inc. Course Administration Guide 49
Lab 6-1: Implementing and Troubleshooting ACLs
This topic details the lab activity for Lab 6-1.
Objectives You will complete these tasks in this lab:
Create an IP extended access list to block Telnet traffic, apply it to an interface, and verify its operation
Create an IP extended ACL to block TFTP requests from a workgroup
Troubleshoot to isolate and resolve an ACL problem
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—10
Visual Objective 6-1: Implementing and Troubleshooting ACLs
WG Router s0/0/0 Router fa0/0 Switch
A 10.140.1.2 10.2.2.3 10.2.2.11B 10.140.2.2 10.3.3.3 10.3.3.11C 10.140.3.2 10.4.4.3 10.4.4.11D 10.140.4.2 10.5.5.3 10.5.5.11E 10.140.5.2 10.6.6.3 10.6.6.11F 10.140.6.2 10.7.7.3 10.7.7.11G 10.140.7.2 10.8.8.3 10.8.8.11H 10.140.8.2 10.9.9.3 10.9.9.11
50 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Workgroup routers i2-wg_ro-config-lab6-1.txt Learners will download this configuration as part of the lab.
Additional Setup Notes IP Addresses
Workgroup Workgroup Subnets
10.x.x.0/24
Workgroup Switch
Interface VLAN 1
(SwitchX)
Workgroup RouterFa0/0 Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.0/24 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.140.1.1/24
B 10.3.3.0/24 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.140.2.1/24
C 10.4.4.0/24 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.140.3.1/24
D 10.5.5.0/24 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.140.4.1/24
E 10.6.6.0/24 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.140.5.1/24
F 10.7.7.0/24 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.140.6.1/24
G 10.8.8.0/24 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.140.7.1/24
H 10.9.9.0/24 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.140.8.1/24
Instructor Notes Learners will download a faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problem. The objective of the ACL is to deny TFTP traffic from the workgroup but allow all other traffic. The problem introduced is that the ACL allows all other UDP traffic rather than all other IP traffic.
When testing the effectiveness of the ACL, a learner will attempt to use TFTP to upload a configuration file from the TFTP server into the workgroup switch. If the TFTP is successful, meaning that the ACL failed, the workgroup switch will have a new banner displaying the message, “Your Access List Failed, Please Try Again!”
© 2007 Cisco Systems, Inc. Course Administration Guide 51
Lab 7-1: Configuring NAT and PAT This topic details the lab activity for Lab 7-1.
Objectives You will complete these tasks in this lab:
Configure inside and outside NAT interfaces and an IP ACL to permit hosts to use PAT
Use show commands to verify the NAT configuration
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—11
Visual Objective 7-1: Configuring NAT and PAT
WG Router s0/0/0 Router fa0/0 Switch
A 10.140.1.2 10.2.2.3 10.2.2.11B 10.140.2.2 10.3.3.3 10.3.3.11C 10.140.3.2 10.4.4.3 10.4.4.11D 10.140.4.2 10.5.5.3 10.5.5.11E 10.140.5.2 10.6.6.3 10.6.6.11F 10.140.6.2 10.7.7.3 10.7.7.11G 10.140.7.2 10.8.8.3 10.8.8.11H 10.140.8.2 10.9.9.3 10.9.9.11
52 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Additional Setup Notes IP Addresses
Workgroup Workgroup Subnets
10.x.x.0/24
Workgroup Switch Interface
VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
Workgroup Router
Loopback 0 Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.0/24 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.140.1.1/24
B 10.3.3.0/24 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.140.2.1/24
C 10.4.4.0/24 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.140.3.1/24
D 10.5.5.0/24 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.140.4.1/24
E 10.6.6.0/24 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.140.5.1/24
F 10.7.7.0/24 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.140.6.1/24
G 10.8.8.0/24 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.140.7.1/24
H 10.9.9.0/24 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.140.8.1/24
Instructor Notes In order to test the NAT effectiveness of the workgroup router, ensure that the learner tests the configuration by executing a ping from the workgroup switch. If the ping is initiated from the workgroup router, the source address of the ping will not trigger the translation.
© 2007 Cisco Systems, Inc. Course Administration Guide 53
Lab 7-2: Implementing IPv6 This topic details the lab activity for Lab 7-2.
Objectives You will complete these tasks in this lab:
Determine how to allocate IPv6 addresses for the assigned routers, given an IPv6 numbering scheme and a prefix
Configure router interfaces for IPv6 and assign addresses
Configure RIP to support IPv6 and IPv6 addresses
Configure and verify a dual-stack router configuration
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—12
Visual Objective 7-2: Implementing IPv6
54 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero2-routing.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Instructor Notes Task 1 is an information-gathering exercise. The learner should not be configuring the router in this task but, instead, complete a worksheet identifying the IPv6 addresses that will be used to configure the router in subsequent tasks.
To better understand the different methods of assigning IPv6 addresses, the learner is asked to use both a fully defined 128-bit IPv6 address on one interface and an IPv6 address that uses the EUI-64 interface identifier method on a second interface.
© 2007 Cisco Systems, Inc. Course Administration Guide 55
Lab 8-1: Establishing a Frame Relay WAN This topic details the lab activity for Lab 8-1.
Objectives You will complete these tasks in this lab:
Configure a serial interface to use Frame Relay encapsulation
Verify the Frame Relay connection using show and ping commands
Configure the debug frame-relay lmi command and interpret the output
Configure a router subinterface and associate it with a specific DLCI
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—13
Visual Objective 8-1: Establishing a Frame Relay WAN
WG Router s0/0/0
A 10.140.1.2B 10.140.2.2C 10.140.3.2D 10.140.4.2E 10.140.5.2F 10.140.6.2G 10.140.7.2H 10.140.8.2
56 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero3-frame.txt Copy this configuration to the running-configuration.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch Interface
VLAN 1
(SwitchX)
Workgroup Router Fa0/0
Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Local DLCI Identifying
PVC to Core
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.11/24 10.2.2.3/24 10.140.1.2/24 100 10.140.1.1/24
B 10.3.3.11/24 10.3.3.3/24 10.140.2.2/24 110 10.140.2.1/24
C 10.4.4.11/24 10.4.4.3/24 10.140.3.2/24 120 10.140.3.1/24
D 10.5.5.11/24 10.5.5.3/24 10.140.4.2/24 130 10.140.4.1/24
E 10.6.6.11/24 10.6.6.3/24 10.140.5.2/24 140 10.140.5.1/24
F 10.7.7.11/24 10.7.7.3/24 10.140.6.2/24 150 10.140.6.1/24
G 10.8.8.11/24 10.8.8.3/24 10.140.7.2/24 160 10.140.7.1/24
H 10.9.9.11/24 10.9.9.3/24 10.140.8.2/24 170 10.140.8.1/24
Instructor Notes Learners will create a Frame Relay connection to the CoreRouter using the workgroup router physical serial interface, tear it down, and then re-create the Frame Relay connection to the core router using a point-to-point subinterface. Occasionally, the interface status remains down, and rebooting the workgroup router appears to be the only fix.
In order to relearn remote networks through the Frame Relay subinterface via EIGRP, the lab reminds the learner to reconfigure EIGRP authentication on the subinterface.
© 2007 Cisco Systems, Inc. Course Administration Guide 57
Lab 8-2: Troubleshooting Frame Relay WANs This topic details the lab activity for Lab 8-2.
Objectives You will complete this task in this lab:
Discover Frame Relay network connectivity issues and follow troubleshooting guidelines to determine and fix frame relay connectivity problems
Visual Objective The figure displays the lab topology that you will use to complete this lab.
© 2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.0—14
Visual Objective 8-2: Troubleshooting Frame Relay WANs
WG Router s0/0/0
A 10.140.1.2B 10.140.2.2C 10.140.3.2D 10.140.4.2E 10.140.5.2F 10.140.6.2G 10.140.7.2H 10.140.8.2
58 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Setup The table describes how to set up lab configurations with equipment for this lab.
Device Configuration File to Install Configuration Instructions
CoreRouter i2-corero3-frame.txt The setup is the same as the previous lab.
CoreSwitchA i2-coreswa3-ports-to-wg-shut.txt The setup is the same as the previous lab.
CoreSwitchB i2-coreswb1-ports-to-wg-shut.txt The setup is the same as the previous lab.
Workgroup routers i2-wg_ro-config-lab8-2.txt Learners download this file as part of the lab.
Additional Setup Notes IP Addresses
Workgroup Workgroup Switch Interface
VLAN 1
(SwitchX)
Workgroup RouterFa0/0
Interface
(RouterX)
Workgroup Router S0/0/0
Interface
(RouterX)
Local DLCI Identifying
PVC to Core
Core Router Serial
Interface
(CoreRouter)
A 10.2.2.11/24 10.2.2.3/24 10.140.1.2/24 100 10.140.1.1/24
B 10.3.3.11/24 10.3.3.3/24 10.140.2.2/24 110 10.140.2.1/24
C 10.4.4.11/24 10.4.4.3/24 10.140.3.2/24 120 10.140.3.1/24
D 10.5.5.11/24 10.5.5.3/24 10.140.4.2/24 130 10.140.4.1/24
E 10.6.6.11/24 10.6.6.3/24 10.140.5.2/24 140 10.140.5.1/24
F 10.7.7.11/24 10.7.7.3/24 10.140.6.2/24 150 10.140.6.1/24
G 10.8.8.11/24 10.8.8.3/24 10.140.7.2/24 160 10.140.7.1/24
H 10.9.9.11/24 10.9.9.3/24 10.140.8.2/24 170 10.140.8.1/24
Instructor Notes Learners will download a faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problems. The problem introduced is that an incorrect Frame Relay DLCI is configured.
Instructors should remind learners to refrain from simply issuing a show run command and comparing the problem configuration with the working baseline configuration. One of the objectives of the lab activity is for learners to work on their troubleshooting skills by practicing using a variety of applicable show and debug commands.
After all of the learners have completed the lab activity, instructors will facilitate a debriefing that reviews the possible steps learners took to gather symptoms and isolate and correct problems. Instructors should encourage learners to complete the “Troubleshooting Steps” table in the “Job Aids” section of the lab as they troubleshoot and to reference the table during the debriefing process.
© 2007 Cisco Systems, Inc. Course Administration Guide 59
Configuration Files Summary This topic details the course configuration files, which provide information about the starting condition of each lab.
Configuration Filename Comments
i2-corero1-dot1Q.txt The “switching labs” configuration for the core router. The core router is configured as a router-on-a-stick. The Fast Ethernet interface is configured with subinterfaces and 802.1Q trunking. All serial interfaces are shut down.
i2-corero2-routing.txt The “routing labs” configuration for the core router. All subinterfaces are removed from the Fast Ethernet interface. The serial interfaces are enabled for HDLC connectivity to the workgroups. OSPF and EIGRP are enabled and configured for authentication.
i2-corero3-frame.txt The “frame relay labs” configuration for the core router. The core router is configured to also be a Frame Relay switch. The serial interfaces are enabled for Frame Relay connectivity to the workgroups EIGRP remains configured for authentication.
i2-coreswa1-no-trunk-to-wg.txt The initial CoreSwitchA configuration. There is no trunking to the workgroups. PVRST is the enabled spanning-tree protocol.
i2-coreswa2-trunk-to-wg.txt The trunked configuration for CoreSwitchA. All ports to the workgroups are trunked. Fa0/13 and fa0/14 are an EtherChannel bundle trunked between the core switches. Fa0/23 is trunked to the CoreRouter for a router-on-a-stick configuration. PVRST is the enabled spanning-tree protocol and CoreSwitchA is configured to be the root bridge for all learner VLANs.
i2-coreswa3-ports-to-wg-shut.txt The “routing labs” configuration for CoreSwitchA. All ports to the workgroups are shut down. All workgroup connectivity to the core must come through the core router.
i2-coreswb1-ports-to-wg-shut.txt All ports to the workgroups are shut down. All workgroup connectivity to the core must come through core switch A for the switching labs or the core router for the routing labs.
i2-coreswb2-trunk-to-wg.txt The trunked configuration for CoreSwitchB. All ports to the workgroups are trunked. Fa0/13 and fa0/14 are an EtherChannel bundle trunked between the core switches. PVRST is the enabled spanning-tree protocol and CoreSwitchB is configured to be the secondary root bridge for all learner VLANs.
i2-wg_ro-config-lab2-2.txt Downloaded by the learners from the TFTP server as part of the lab: Used at end of the lab activity to test whether the learners have troubleshot and fixed the problems correctly. It is simply a “congratulations” banner.
60 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
i2-wg_ro-config-lab4-2.txt Learners will download this faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problems. The problems introduced are as follows:
An incorrect wildcard bit mask in the OSPF network statement
An incorrect OSPF authentication key configured with the CoreRouter
i2-wg_ro-config-lab6-1.txt Learners will download this faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problem. The objective of the ACL is to deny TFTP traffic from the workgroup but allow all other traffic. The problem introduced is that the ACL allows all other UDP traffic rather than all other IP traffic.
i2-wg_ro-config-lab8-2.txt Learners will download this faulty configuration into their workgroup routers from the TFTP server and troubleshoot to correct the problems. The problem introduced is that an incorrect Frame Relay DLCI number is configured.
i2-wg_sw-config-lab2-2.txt Learners will download this faulty configuration into their workgroup switches from the TFTP server and troubleshoot to correct the problems. The problems introduced are as follows:
A VLAN is missing from the VLAN database.
The trunking to the core is turned off and an incorrect trunking mode (dynamic desirable) is introduced.
A duplex mismatch with the core is configured.
i2-wg_sw-config-lab6-1.txt When testing the effectiveness of the ACL, a learner will attempt to use TFTP to download this configuration file from the TFTP server into the workgroup switch. If the TFTP is successful, meaning that the ACL failed, the workgroup switch will have a new banner displaying the message, “Your Access List Failed, Please Try Again!”
© 2007 Cisco Systems, Inc. Course Administration Guide 61
Lab Activity Solutions This section presents the solutions to the practice activities.
Lab Activity 1-1: Implementing the Small Network (Review Lab) Workgroup Switch Configuration
When you complete this lab activity, your workgroup switch configuration will be similar to the following, with differences that are specific to your workgroup: version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchX ! enable secret 5 $1$DbHt$Zq1t4P2kmfMGUeZSRRy0g0 ! no aaa new-model ip subnet-zero ! ! ! ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 ! interface FastEthernet0/2 description To RouterX Fa0/0 switchport mode access switchport port-security switchport port-security mac-address xxxx.xxxx.xxxx ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 description Connected to CoreSwitchA speed 100 duplex full !
62 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 ip address 10.1.1.X 255.255.255.0 no ip route-cache ! ip default-gateway 10.1.1.3 ip http server ip http secure-server ! control-plane ! banner motd ^C Authorized access only. Unauthorized users disconnect.^C ! line con 0 password cisco logging synchronous login line vty 0 4 password sanjose login line vty 5 15 no login ! end
Workgroup Router Configuration When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX !
© 2007 Cisco Systems, Inc. Course Administration Guide 63
boot-start-marker boot-end-marker ! enable secret 5 $1$HNdR$hOG1GhzoNoHMEgZQU21mo1 ! no aaa new-model ! ! ip cef ! ! ! ! voice-card 0 no dspfarm ! interface FastEthernet0/0 description To SwitchX Fa0/2 ip address 10.1.1.X 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 no ip address shutdown ! ! ! ip http server no ip http secure-server ! ! ! ! ! control-plane ! banner motd ^C Authorized access only. Unauthorized users disconnect.^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose login ! scheduler allocate 20000 1000 ! end
64 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Lab Activity 2-1: Configuring Expanded Switched Networks Workgroup SwitchConfiguration
When you complete this lab activity, your workgroup SwitchConfiguration will be similar to the following, with differences that are specific to your workgroup: version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchX ! enable secret 5 $1$.9i2$TbVkDQfzCgf/CeFNEKMm9/ ! no aaa new-model vtp domain ICND vtp mode transparent ip subnet-zero ! no file verify auto ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree vlan X0 priority 24576 spanning-tree vlan X0 priority 28672 ! vlan internal allocation policy ascending ! vlan X,X0,X0 ! interface FastEthernet0/1 ! interface FastEthernet0/2 description To RouterX Fa0/0 spanning-tree portfast switchport access vlan X switchport mode access switchport port-security switchport port-security mac-address xxxx.xxxx.xxxx ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 description port connected to CoreSwitchA switchport mode trunk speed 100 duplex full ! interface FastEthernet0/12 description port connected to CoreSwitchB
© 2007 Cisco Systems, Inc. Course Administration Guide 65
switchport mode trunk speed 100 duplex full ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 description Management VLAN interface ip address 10.1.1.X 255.255.255.0 no ip route-cache ! ip default-gateway 10.1.1.3 ip http server ip http secure-server ! control-plane ! banner motd ^C Authorized Access Only! ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password sanjose login line vty 5 15 no login ! end
Workgroup Router Configuration When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec
66 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$HNdR$hOG1GhzoNoHMEgZQU21mo1 ! no aaa new-model ! ! ip cef ! ! ! ! voice-card 0 no dspfarm ! interface FastEthernet0/0 description To SwitchX Fa0/2 ip address 10.X.X.12 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 no ip address shutdown ! ip route 0.0.0.0 0.0.0.0 10.X.X.3 ! ! ip http server no ip http secure-server ! ! ! ! ! control-plane ! banner motd ^C Authorized access only. Unauthorized users disconnect.^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose login ! scheduler allocate 20000 1000 ! end
© 2007 Cisco Systems, Inc. Course Administration Guide 67
Lab Activity 2-2: Troubleshooting Switched Networks Workgroup Switch Configuration
When you complete this lab activity, your workgroup switch configuration will be similar to the following, with differences that are specific to your workgroup: version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchX ! enable secret 5 $1$.9i2$TbVkDQfzCgf/CeFNEKMm9/ ! no aaa new-model vtp domain ICND vtp mode transparent ip subnet-zero ! no file verify auto ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree vlan X0 priority 24576 spanning-tree vlan X0 priority 28672 ! vlan internal allocation policy ascending ! vlan X,X0,X0 ! interface FastEthernet0/1 ! interface FastEthernet0/2 description To RouterX Fa0/0 spanning-tree portfast switchport access vlan X switchport mode access switchport port-security switchport port-security mac-address xxxx.xxxx.xxxx ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 description port connected to CoreSwitchA switchport mode trunk speed 100 duplex full ! interface FastEthernet0/12 description port connected to CoreSwitchB
68 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
switchport mode trunk shutdown speed 100 duplex full ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 description Management VLAN interface ip address 10.1.1.X 255.255.255.0 no ip route-cache ! ip default-gateway 10.1.1.3 ip http server ip http secure-server ! control-plane ! banner motd ^C *************************************************************** wg_sw-config-lab2-2 **************************************************************** ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password sanjose login line vty 5 15 no login
© 2007 Cisco Systems, Inc. Course Administration Guide 69
! end
Workgroup Router Configuration When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.12 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 no ip address shutdown ! interface Serial0/0/1 no ip address shutdown ! ip route 0.0.0.0 0.0.0.0 10.X.X.3 ! ! ip http server no ip http secure-server ! control-plane ! banner motd ^C ******************************************************************** wg_ro-config-lab2-2 *******************************************************************
70 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 4-1: Implementing OSPF Workgroup Switch Configuration
When you complete this lab activity, your workgroup switch configuration will be similar to the following, with differences that are specific to your workgroup: version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname SwitchX ! enable secret 5 $1$.9i2$TbVkDQfzCgf/CeFNEKMm9/ ! no aaa new-model vtp domain ICND vtp mode transparent ip subnet-zero ! no file verify auto ! spanning-tree mode rapid-pvst spanning-tree extend system-id spanning-tree vlan X0 priority 24576 spanning-tree vlan X0 priority 28672 ! vlan internal allocation policy ascending ! vlan X,X0,X0 ! interface FastEthernet0/1 ! interface FastEthernet0/2 description To RouterX Fa0/0 spanning-tree portfast switchport mode access switchport port-security switchport port-security mac-address xxxx.xxxx.xxxx ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5
© 2007 Cisco Systems, Inc. Course Administration Guide 71
! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 description port connected to CoreSwitchA switchport mode trunk shutdown speed 100 duplex full ! interface FastEthernet0/12 description port connected to CoreSwitchB switchport mode trunk shutdown speed 100 duplex full ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 description Management VLAN interface ip address 10.X.X.11 255.255.255.0 no ip route-cache ! ip default-gateway 10.X.X.3 ip http server ip http secure-server ! control-plane ! banner motd ^C
72 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
***************************************************************** wg_sw-config-lab2-2 ***************************************************************** ^C ! line con 0 password cisco logging synchronous login line vty 0 4 password sanjose login line vty 5 15 no login ! end
Workgroup Router Configuration When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0
© 2007 Cisco Systems, Inc. Course Administration Guide 73
ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip ospf authentication ip ospf authentication-key san-fran ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ! control-plane ! banner motd ^C ******************************************************************** wg_ro-config-lab2-2 ******************************************************************** ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 4-2: Troubleshooting OSPF Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker !
74 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip ospf authentication ip ospf authentication-key san-fran ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ! control-plane ! banner motd ^C *********************************************************************** wg_ro-config-lab4-2 *********************************************************************** ^C ! line con 0 password cisco logging synchronous login
© 2007 Cisco Systems, Inc. Course Administration Guide 75
line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 5-1: Implementing EIGRP Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran
76 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ! router eigrp 100 network 10.0.0.0 network 192.168.X.0 auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ! control-plane ! banner motd ^C ****************************************************************** wg_ro-config-lab4-2 ****************************************************************** ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 5-2: Troubleshooting EIGRP Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption
© 2007 Cisco Systems, Inc. Course Administration Guide 77
! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface Loopback1 ip address 172.16.X.1 255.255.255.0 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ! router eigrp 100 network 10.0.0.0 network 172.16.0.0 network 192.168.X.0 no auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0
78 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
! ip http server no ip http secure-server ! control-plane ! banner motd ^C *************************************************************** wg_ro-config-lab4-2 *************************************************************** ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 6-1: Implementing and Troubleshooting ACLs Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1
© 2007 Cisco Systems, Inc. Course Administration Guide 79
key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface Loopback1 ip address 172.16.X.1 255.255.255.0 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip access-group 101 in ip access-group 175 out ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran shutdown ! router eigrp 100 network 10.0.0.0 network 172.16.0.0 network 192.168.X.0 auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ! ! ip http server no ip http secure-server ! access-list 101 deny tcp any any eq telnet access-list 101 permit ip any any access-list 175 deny udp any any eq tftp access-list 175 permit ip any any ! control-plane ! banner motd ^C
80 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
*************************************************************** wg_ro-config-lab6-1 ************************************************************** ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end ================
OR
============== ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip access-group KILLTELNET in ip access-group 175 out ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ! ! ip access-list extended KILLTELNET deny tcp any any eq telnet permit ip any any !
Lab Activity 7-1: Configuring NAT and PAT Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model
© 2007 Cisco Systems, Inc. Course Administration Guide 81
! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface Loopback1 ip address 172.16.X.1 255.255.255.0 ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip nat outside ip virtual-reassembly ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran shutdown ! router eigrp 100 network 10.0.0.0 network 172.16.0.0 network 192.168.X.0 auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ip nat inside source list 1 interface Serial0/0/0 overload
82 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
! access-list 1 permit 10.X.X.0 0.0.0.255 ! control-plane ! banner motd ^C ****************************************************************** wg_ro-config-lab6-1 ******************************************************************* ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 7-2: Implementing IPv6 Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$HNdR$hOG1GhzoNoHMEgZQU21mo1 ! no aaa new-model ! ! ip cef ! ! ! ipv6 unicast-routing ! voice-card 0 no dspfarm ! !
© 2007 Cisco Systems, Inc. Course Administration Guide 83
key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.252 ! interface Loopback1 ip address 172.16.X.1 255.255.255.0 ! interface Loopback2 ip address 10.XXX.XXX.1 255.255.255.0 ipv6 address 2001:410:4:8::/64 eui-64 ipv6 rip cisco enable ! interface FastEthernet0/0 description To SwtichX Fa0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran shutdown ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran ipv6 address 2001:410:4:10::/65 eui-64 ipv6 rip cisco enable ! router eigrp 100 network 10.0.0.0 network 192.168.X.0 auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.XX 0.0.0.0 area 0 ! ! ! ip http server no ip http secure-server ! ipv6 router rip cisco ! control-plane ! banner motd ^C
84 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
****************************************************************** wg_ro-config-lab6-1 ******************************************************************* ^C ! banner motd ^C Authorized access only. Unauthorized users disconnect.^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose login ! scheduler allocate 20000 1000 ! end
Lab Activity 8-1: Establishing a Frame Relay WAN Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface Loopback1
© 2007 Cisco Systems, Inc. Course Administration Guide 85
ip address 172.16.X.1 255.255.255.0 ! interface Loopback2 ip address 10.XXX.XXX.1 255.255.255.0 ipv6 address 2001:410:4:8::/64 eui-64 ipv6 rip cisco enable ! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 no ip address encapsulation frame-relay ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/0.1 point-to-point ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain frame-relay interface-dlci 120 ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran shutdown ! router eigrp 100 network 10.0.0.0 network 172.16.0.0 network 192.168.X.0 no auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ! access-list 1 permit 10.X.X.0 0.0.0.255 ! control-plane ! banner motd ^C ****************************************************************
86 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
wg_ro-config-lab6-1 ********************************************************** ^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 ! end
Lab Activity 8-2: Troubleshooting Frame Relay WANs Workgroup Router Configuration
When you complete this lab activity, your workgroup router configuration will be similar to the following, with differences that are specific to your workgroup: version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname RouterX ! boot-start-marker boot-end-marker ! enable secret 5 $1$8qBT$p6X.Rp20jVs3qobVevWSj/ ! no aaa new-model ! resource policy ! ip cef ! voice-card 0 no dspfarm ! ! key chain icndchain key 1 key-string san-fran ! interface Loopback0 ip address 192.168.X.X 255.255.255.240 ! interface Loopback1 ip address 172.16.X.1 255.255.255.0 ! interface Loopback2 ip address 10.XXX.XXX.1 255.255.255.0 ipv6 address 2001:410:4:8::/64 eui-64 ipv6 rip cisco enable
© 2007 Cisco Systems, Inc. Course Administration Guide 87
! interface FastEthernet0/0 description To SwitchX F0/2 ip address 10.X.X.3 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 bandwidth 64 no ip address encapsulation frame-relay IETF ip ospf authentication ip ospf authentication-key san-fran ! interface Serial0/0/0.1 point-to-point ip address 10.140.X.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain frame-relay interface-dlci 120 ! interface Serial0/0/1 bandwidth 64 ip address 10.XX.XX.X 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 icndchain ip ospf authentication ip ospf authentication-key san-fran shutdown ! router eigrp 100 network 10.0.0.0 network 172.16.0.0 network 192.168.X.0 no auto-summary ! router ospf 100 log-adjacency-changes network 10.X.X.3 0.0.0.0 area 0 network 10.XX.XX.X 0.0.0.0 area 0 network 10.140.X.2 0.0.0.0 area 0 network 192.168.X.X 0.0.0.0 area 0 ! ip http server no ip http secure-server ! access-list 1 permit 20.4.4.0 0.0.0.255 ! control-plane ! banner motd ^C ********************************************************************** wg_ro-config-lab8-2 **********************************************************************
88 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
^C ! line con 0 password cisco logging synchronous login line aux 0 line vty 0 4 password sanjose logging synchronous login ! scheduler allocate 20000 1000 !
end
Teardown and Restoration This topic describes how to tear down and restore the equipment that is used in the course.
Step 1 Erase the startup configuration of each of the core devices.
Step 2 Reload each of the core devices.
Step 3 Verify that all of the core devices reload and that the initial prompt appears.
© 2007 Cisco Systems, Inc. Course Administration Guide 89
Course Delta Information This document provides a summary of the differences between Interconnecting Cisco Network Devices (ICND) v2.3 and Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0.
Executive Summary Overview
ICND2 content is a minor revision of the ICND v2.3 content, with these new developments:
The foundational, conceptual content of WAN, RIP2, and the PPP lab section are moved to ICND1.
The “verify” tasks are expanded in lecture and labs in topics such as EIGRP and OSPF to serve the following purposes:
— Explain more of the commands used to verify the configuration
— Interpret output
— Extend troubleshooting tasks from those performed during installation to those performed during regular operations
Course Objectives This table provides a comparison between the previous course objectives and the updated course objectives.
ICND v2.3 (previous) ICND2 v1.0 (updated)
Course Introduction Course Introduction
Module 1: Configure a Catalyst Switch for Basic Operations
Module 1: Review how to configure and troubleshoot a small network
Module 2: Improve the Scalability, Interoperability, and Throughput by Implementing VLANs
Module 2: Expand a small-sized, switched LAN to a medium-sized LAN with multiple switches, supporting VLANs, trunking, and spanning tree
Module 3: Configure and Troubleshoot RIP, IGRP, EIGRP, and OSPF
Module 3: Describe routing concepts as they apply to a medium-sized network and discuss considerations when implementing routing on the network
Module 4: Configure Different Types of IP ACLs in Order to Manage IP Traffic
Module 4: Configure, verify, and troubleshoot OSPF
Module 5: Establish a Serial Point-to-Point connection using PPP and HDLC
Module 5: Configure, verify, and troubleshoot EIGRP
Module 6: Configure Frame Relay Module 6: Determine how to apply ACLs based on network requirements and configure, verify, and troubleshoot ACLs on a medium-sized network
Module 7: Configure DDR between two routers with BRI or PRI
Module 7: Configure NAT or PAT on routers, explain IPv6 addressing, and configure IPv6 on a Cisco router
— Module 8: Identify and implement the appropriate WAN technology based on network requirements
90 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module Content Comparison This table provides a high-level summary of changes for each module.
ICND v2.3 (previous) ICND2 v1.0 (updated) Changes/Reason
— Module 1: Small Network Implementation
Module 1 is a review module in which learners use the concepts and commands taught in the ICND1 course to create a basic configuration, which becomes the basis for all future labs.
Module 1: Configuring Catalyst Switch Operations
Module 2: Extending Switched Networks with Virtual LANs
Module 2: Medium-Sized Switched Network Construction
Module 2 combines the content of ICND v2.3 modules 1 and 2.
Additions:
Voice VLANs (basics)
EtherChannel (basics)
PVRST with multiple root bridges
Switched network troubleshooting lesson and lab
Deletions:
ISL Trunking
Module 3: Medium-Sized Routed Network Construction
ICND v2.3 module 3 was broken into three modules in ICND2, modules 3, 4, and 5.
Deletions:
Static routing
RIP/IGRP discussion and labs
Module 4: Single-Area OSPF Implementation
Additions:
OSPF Load balancing
OSPF Authentication
OSPF Troubleshooting lesson and lab
Module 3: Determining IP Routes
Module 5: EIGRP Implementation
Additions:
EIGRP Load balancing
EIGRP Authentication
EIGRP Troubleshooting lesson and lab
Module 6: Access Control Lists
ICND v2.3 module 4 was broken into two modules in ICND2, modules 6 and 7.
Additions:
Dynamic, Reflexive, Time-Based ACLs
ACL Sequence numbers
ACL Comments
ACL Troubleshooting discussion and lab
Module 4: Managing IP Traffic with ACLs
Module 7: Address Space Management
Additions:
NAT troubleshooting discussion
Transitioning to IPv6 lesson and lab
© 2007 Cisco Systems, Inc. Course Administration Guide 91
ICND v2.3 (previous) ICND2 v1.0 (updated) Changes/Reason
Module 5: Establishing Serial Point-to-Point Connections
Module 6: Establishing Frame Relay Connections
Module 8: LAN Extension into a WAN
Module 8 combines the content of ICND v2.3 modules 5 and 6
Additions:
VPN solutions lesson
Frame Relay troubleshooting lesson and lab
Deletions:
PPP lab
ISDN discussion and lab
Module 7: Completing ISDN Calls
— —
Lesson and Lab Activity Objectives This table provides a comparison of the lesson and lab activity objectives for each module.
Module Lesson Topic Delta Source
0 0 Course Introduction
Overview MIN ICND v2.3
Course Goal and Objectives MIN ICND v2.3
Course Flow MIN ICND v2.3
Additional References MIN ICND v2.3
Your Training Curriculum MIN ICND v2.3
1 0 Small Network Implementation
1 1 Introducing the Review Lab
Overview MAJ INTRO v2.1
CLI Functions of Cisco IOS Software MAJ INTRO v2.1
Configuration Modes of Cisco IOS Software MAJ INTRO v2.1
Help Facilities in the Cisco IOS CLI MAJ INTRO v2.1
Commands Review MAJ INTRO v2.1
1 Lab 1-1 Implementing a Small Network (Review Lab) NEW New
2 0 Medium-Sized Switched Network Construction
2 1 Implementing VLANs and Trunks
Overview MIN ICND v2.3
Understanding VLANs MIN ICND v2.3
Understanding Trunking with 802.1Q MIN ICND v2.3
Understanding VLAN Trunking Protocol MIN ICND v2.3
Configuring VLANs and Trunks MIN ICND v2.3
92 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module Lesson Topic Delta Source
2 2 Improving Performance with Spanning Tree
Overview MIN ICND v2.3
Building a Redundant Switched Topology MIN ICND v2.3
Recognizing Issues of a Redundant Switched Topology MIN ICND v2.3
Resolving Issues with STP MIN ICND v2.3
Configuring RSTP MAJ BCMSN v3.0
2 3 Understanding Inter-VLAN Routing MIN ICND v2.3
Overview MIN ICND v2.3
Understanding Inter-VLAN Routing MIN ICND v2.3
Configuring Inter-VLAN Routing MIN ICND v2.3
2 4 Securing the Expanded Network MIN ICND v2.3
Overview MIN ICND v2.3
Overview of Switch Security Concerns MIN ICND v2.3
Securing SwitchDevices MIN ICND v2.3
2 5 Troubleshooting Switched Networks
Overview NEW New
Troubleshooting Switches NEW New
Troubleshooting Port Connectivity NEW New
Troubleshooting VLANs and Trunking NEW New
Troubleshooting VTP NEW New
Troubleshooting Spanning Tree NEW New
2 Lab 2-1 Configuring Expanded Switched Networks MIN ICND v2.3
2 Lab 2-2 Troubleshooting Switched Networks NEW New
3 0 Medium-Sized Routed Network Construction
3 1 Reviewing Routing Operations
Overview MIN ICND v2.3
Reviewing Dynamic Routing MIN ICND v2.3
Understanding Distance Vector Routing Protocols MIN ICND v2.3
Understanding Link-State Routing Protocols MIN ICND v2.3
3 2 Implementing VLSM
Overview MAJ INTRO v2.1
Reviewing Subnet MAJ INTRO v2.1
Introducing VLSMs MAJ ICND v2.3
Summarizing Routes MAJ ICND v2.3
© 2007 Cisco Systems, Inc. Course Administration Guide 93
Module Lesson Topic Delta Source
4 0 Single-Area OSPF Implementation
4 1 Implementing OSPF
Overview MIN ICND v2.3
Introducing OSPF MIN ICND v2.3
SPF Algorithm MIN ICND v2.3
Configuring and Verifying OSPF MIN ICND v2.3
Loopback Interfaces MIN ICND v2.3
Verifying OSPF Configuration MIN ICND v2.3
Using OSPF debug Commands MIN ICND v2.3
Load Balancing with OSPF MAJ BSCI v3.0
Authentication with OSPF MAJ BSCI v3.0
4 2 Troubleshooting OSPF
Overview NEW New
Components of Troubleshooting OSPF NEW New
Troubleshooting OSPF Neighbor Adjacencies NEW New
Troubleshooting OSPF Routing Tables NEW New
Troubleshooting OSPF Plaintext Password Authentication
NEW New
4 Lab 4-1 Implementing OSPF MIN ICND v2.3
4 Lab 4-2 Troubleshooting OSPF NEW New
5 0 EIGRP Implementation
5 1 Implementing EIGRP
Overview MIN ICND v2.3
Introducing EIGRP MIN ICND v2.3
Configuring and Verifying EIGRP MIN ICND v2.3
Load Balancing with EIGRP MAJ BSCI v3.0
Authentication with EIGRP MAJ BSCI v3.0
5 2 Troubleshooting EIGRP
Overview NEW New
Components of Troubleshooting EIGRP NEW New
Troubleshooting EIGRP Neighbor Issues NEW New
Troubleshooting EIGRP Routing Tables NEW New
Troubleshooting EIGRP Authentication NEW New
5 Lab 5-1 Implementing EIGRP MIN ICND v2.3
5 Lab 5-2 Troubleshooting EIGRP NEW New
94 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.
Module Lesson Topic Delta Source
6 0 Access Control Lists
6 1 Introducing ACL Operation
Overview MIN ICND v2.3
Understanding ACLs MIN ICND v2.3
ACL Operation MIN ICND v2.3
Types of ACLs MAJ ICND v2.3
Additional Types of ACLs NEW New
ACL Wildcard Masking MIN ICND v2.3
6 2 Configuring and Troubleshooting ACLs
Overview MIN ICND v2.3
Configuring Numbered Standard IPv4 ACLs MIN ICND v2.3
Configuring Numbered Extended IPv4 ACLs MIN ICND v2.3
Configuring Named ACLs MAJ ICND v2.3
Troubleshooting ACLs NEW New
6 Lab 6-1 Implementing and Troubleshooting ACLs ICND v2.3
7 0 Address Space Management
7 1 Scaling the Network with NAT and PAT
Overview MIN ICND v2.3
Introducing NAT and PAT MIN ICND v2.3
Translating Inside Source Addresses MIN ICND v2.3
Overloading an Inside Global Address MIN ICND v2.3
Resolving Translation Table Issues NEW New
Resolving Issues by Using the Correct Translation Entry NEW New
7 2 Transitioning to IPv6
Overview MAJ BSCI v3.0
Reasons for Using IPv6? MAJ BSCI v3.0
Understanding IPv6 Addresses MAJ BSCI v3.0
Assigning IPv6 Addresses MAJ BSCI v3.0
Routing Considerations with IPv6 MAJ BSCI v3.0
Strategies for Implementing IPv6 MAJ BSCI v3.0
Configuring IPv6 MAJ BSCI v3.0
7 Lab 7-1 Configuring NAT and PAT MIN ICND v2.3
7 Lab 7-2 Implementing IPv6 MAJ BSCI v3.0
© 2007 Cisco Systems, Inc. Course Administration Guide 95
Module Lesson Topic Delta Source
8 0 LAN Extension into a WAN
8 1 Introducing VPN Solutions
Overview MAJ CSVPN v4.0
VPNs and Their Benefits MAJ CSVPN v4.0
Types of VPNs MAJ CSVPN v4.0
Components of VPNs MAJ CSVPN v4.0
Introducing IPsec MAJ CSVPN v4.0
IPsec Protocol Framework MAJ CSVPN v4.0
8 2 Establishing a Point-to-Point WAN Connection with PPP
Overview MIN ICND v2.3
Understanding WAN Encapsulations MIN ICND v2.3
Overview of PPP MIN ICND v2.3
Configuring and Verifying PPP MIN ICND v2.3
8 3 Establishing a WAN with Frame Relay
Understanding Frame Relay MIN ICND v2.3
Configuring Frame Relay MIN ICND v2.3
Verifying Frame Relay MIN ICND v2.3
8 4 Troubleshooting Frame Relay WANs
Overview NEW New
Approaching Frame Relay Troubleshooting NEW New
Resolving Frame Relay Connectivity Issues NEW New
8 Lab 8-1 Establishing a Frame Relay WAN MIN ICND v2.3
8 Lab 8-2 Troubleshooting Frame Relay WANs NEW New
MIN = Existing content, only minor edits
MAJ = Existing content from other courses, major edits to existing ICND content
NEW = New content and not from any other course
96 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 © 2007 Cisco Systems, Inc.