Sei sulla pagina 1di 9
Basic Switching/Wireless PT Practice SBA ESwitching Basic Switching/Wireless PT Practice SBA A few things to

Basic Switching/Wireless PT Practice SBA

Basic Switching/Wireless PT Practice SBA ESwitching Basic Switching/Wireless PT Practice SBA A few things to keep

ESwitching Basic Switching/Wireless PT Practice SBA

A few things to keep in mind while completing this activity:

1. Do not use the browser Back button or close or reload any exam windows during the exam.

2. Do not close Packet Tracer when you are done. It will close automatically.

3. Click the Submit Assessment button to submit your work.

Introduction

In this practice Packet Tracer Practice Skills Based Assement, you will:

configure VLANs using VTP

configure inter-VLAN routing

modify STP

configure port security

add a wireless LAN

Addressing Table Device Interface Address Subnet Mask Default Gateway   Fa0/0.40 10.10.40.1

Addressing Table

Device

Interface

Address

Subnet Mask

Default Gateway

 

Fa0/0.40

10.10.40.1

255.255.255.0

n/a

Fa0/0.50

10.10.50.1

255.255.255.0

n/a

Branch

Fa0/0.55

10.10.55.1

255.255.255.0

n/a

Fa0/0.80

10.10.80.1

255.255.255.0

n/a

 

Internet

10.10.80.10

255.255.255.0

10.10.80.1

WLAN

Wireless

10.10.100.1

255.255.255.0

n/a

S1

VLAN 55

10.10.55.11

255.255.255.0

10.10.55.1

S2

VLAN 55

10.10.55.12

255.255.255.0

10.10.55.1

S3

VLAN 55

10.10.55.13

255.255.255.0

10.10.55.1

Staff 1

NIC

10.10.40.10

255.255.255.0

10.10.40.1

Staff 2

NIC

10.10.40.11

255.255.255.0

10.10.40.1

Admin

NIC

10.10.50.10

255.255.255.0

10.10.50.1

WRS PC

NIC

DHCP assigned

255.255.255.0

10.10.100.1

Note: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.

Step 1: Configure the Switches for Remote Access.

Create, enable, and address VLAN 55 as the management interface on all three switches. Use the values found in the addressing table.

Step 2: Configure Trunking.

Note: Packet Tracer now supports the use of the range argument for the interface command.

For interfaces FastEthernet 0/19 through FastEthernet 0/24 on all three switches:

Configure static trunking.

Assign VLAN 55 as the native VLAN.

Step 3: Configure VTP and VLANs.

a. Configure S1 as VTP server and the following VTP parameters:

S1 is the VTP server.

VTP domain name: BRANCH

VTP password: vtpbranch

b. Create and name the following VLANs on S1.

VLAN 40: Staff

VLAN 50: Admin

VLAN 55: Management

VLAN 80: Wireless

c. Configure S2 and S3 as VTP clients to participate in the BRANCH VTP domain.

c. Configure S2 and S3 as VTP clients to participate in the BRANCH VTP domain.

d. Verify that VTP is operational.

Step 4: Configure Interfaces for VLAN Access

VLAN port assignments on each switch are as follows:

Device

Ports

Assignment

S2, S3

Fa0/1 0/10

40

S2, S3

Fa0/11 0/17

50

S3

Fa0/18

80

a. Configure access ports on access layer switches.

Configure the appropriate interfaces on S2 and S3 for access mode.

Assign VLANs according to the port assignments table.

b. Verify trunking and VLAN assignments.

Step 5: Configure Spanning Tree.

a. Modify STP root bridge elections.

Using a priority of 12288, set S1 as the root bridge for all VLANs.

Using a priority of 16384, set S2 so that it will become the root for all VLANs if S1 fails.

b. Verify the spanning tree election.

Step 6: Configure Inter-VLAN Routing.

Use the information in the Addressing Table to configure Branch for inter-VLAN routing. Be sure to designate the native VLAN.

Verify inter-VLAN routing.

Step 7: Configure Port Security.

Note: Best practice requires port security on all access ports. However, for this practice exercise you will only configure one port with security.

a. Configure S3 with port security on FastEthernet 0/2.

Enable port security.

No more than two MAC addresses are allowed on the FastEthernet 0/2 port for

S3.

Once learned, MAC addresses should be automatically added to the running configuration.

If this policy is violated, the port should be automatically disabled.

b. Verify that port security is implemented.

Step 8: Configure the Wireless LAN.

Refer to the Addressing Table to configure the wireless LAN.

a. Configure WLAN.

Use static addressing on the Internet interface.

Set the router IP and subnet mask.

 Use the DHCP Server Settings to configure the router to provide wireless hosts with

Use the DHCP Server Settings to configure the router to provide wireless hosts with an IP address.

The starting IP address in the wireless LAN subnet is 10.10.100.15.

The maximum number of users is 75.

b. Configure wireless security.

Set the SSID to Branch_WLAN.

Enable WEP security and use 0123456789 as key1.

c. Use branch123 as the remote management password.

d. Configure WRS PC to access the wireless network that is provided by WLAN. WRS PC uses DHCP to obtain addressing information.

Note: It will not be possible for devices to ping WRS PC since WRS PC is behind the WLAN NAT firewall.

Step 9: Verify Connectivity.

Although these are not scored, the following connectivity tests should be successful.

S1 can ping Branch.

S2 can ping Branch.

S3 can ping Branch.

Staff 1 can ping Admin.

Admin can ping Staff 2.

WRS PC can ping Staff 1.

Version 1.0 Created in Packet Tracer 5.3.2.0027 and Marvel 1.0.1 All contents are Copyright © 1992 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

Solution:

Step 1: Configure the Switches for Remote Acce

S1(config)#interface vlan 55 S1(config-if)#ip address 10.10.55.11 255.255.255.0 S1(config-if)#no shutdown S1(config)#ip default-gateway 10.10.55.1

S1(config)#ex

S2(config)#interface vlan 55 S2(config-if)#ip address 10.10.55.12 255.255.255.0 S2(config-if)#no shutdown S2(config)#ip default-gateway 10.10.55.1

S2(config)#ex

S3(config)#interface vlan 55 S3(config-if)#ip address 10.10.55.13 255.255.255.0

S3(config-if)#no shutdown S3(config)#ip default-gateway 10.10.55.1 S3(config)#ex Step 2: Configure Trunking.

S3(config-if)#no shutdown S3(config)#ip default-gateway 10.10.55.1

S3(config)#ex

Step 2: Configure Trunking.

S1(config)#interface range fastEthernet 0/19-24 S1(config-if-range)#switchport mode trunk S1(config-if-range)#switchport trunk native vlan 55

S1(config-if-range)#ex

S2(config)#interface range fastEthernet 0/19-24 S2(config-if-range)#switchport mode trunk S2(config-if-range)#switchport trunk native vlan 55

S2(config-if-range)#ex

S3(config)#interface range fastEthernet 0/19-24 S3(config-if-range)#switchport mode trunk S3(config-if-range)#switchport trunk native vlan 55

S3(config-if-range)#ex

Step 3: Configure VTP and VLANs.

a)

S1(config)#vtp mode server S1(config)#vtp domain BRANCH Setting device VLAN database password to vtpbranch

b)

S1(config)#vlan 40 S1(config-vlan)#name Staff

S1(config-vlan)#ex

S1(config)#vlan 50 S1(config-vlan)#name Admin

S1(config-vlan)#ex

S1(config)#vlan 55 S1(config-vlan)#name Management

S1(config-vlan)#ex

S1(config)#vlan 80 S1(config-vlan)#name Wireless

S1(config-vlan)#ex

S2(config)#vtp mode client S2(config)#vtp domain BRANCH S2(config)#vtp password vtpbranch S3(config)#vtp mode client

S2(config)#vtp mode client S2(config)#vtp domain BRANCH S2(config)#vtp password vtpbranch

S3(config)#vtp mode client S3(config)#vtp domain BRANCH S3(config)#vtp password vtpbranch

d)

S3#show vtp status

VTP Version : 2 Configuration Revision : 8 Maximum VLANs supported locally : 255 Number of existing VLANs : 9 VTP Operating Mode : Client VTP Domain Name : BRANCH VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0xE9 0x2F 0xA0 0xA7 0×68 0×04 0×73 0x6B Configuration last modified by 10.10.55.11 at 3-2-93 00:16:56

Step 4: Configure Interfaces for VLAN Access

S2(config)#interface range fastEthernet 0/1-10 S2(config-if-range)#switchport mode access S2(config-if-range)#switchport access vlan 40

S2(config-if-range)#ex

S2(config)#interface range fastEthernet 0/11-17 S2(config-if-range)#switchport mode access S2(config-if-range)#switchport access vlan 50

S2(config-if-range)#ex

S2(config)#interface fastEthernet 0/18 S2(config-if)#switchport mode access S2(config-if)#switchport access vlan 80

S2(config-if)#ex

S3(config)#interface range fastEthernet 0/1-10 S3(config-if-range)#switchport mode access S3(config-if-range)#switchport access vlan 40

S3(config)#interface range fastEthernet 0/11-17 S3(config-if-range)#switchport mode access S3(config-if-range)#switchport

S3(config)#interface range fastEthernet 0/11-17 S3(config-if-range)#switchport mode access S3(config-if-range)#switchport access vlan 50

S3(config-if-range)#ex

S3(config)#interface fastEthernet 0/18 S3(config-if)#switchport mode access S3(config-if)#switchport access vlan 80

S3(config-if)#ex

S3#show vlan brief

VLAN Name Status Ports - ——————————– ——— ——————————- 1 default active Fa0/23, Fa0/24, Gig1/1, Gig1/2

40 Staff active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10

50 Admin active Fa0/11, Fa0/12, Fa0/13, Fa0/14

Fa0/15, Fa0/16, Fa0/17

55

Management active

80

Wireless active Fa0/18

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

Step 5: Configure Spanning Tree

S1(config)#spanning-tree vlan 40 priority 12288 S1(config)#spanning-tree vlan 50 priority 12288 S1(config)#spanning-tree vlan 55 priority 12288 S1(config)#spanning-tree vlan 80 priority 12288

S2(config)#spanning-tree vlan 40 priority 16384 S2(config)#spanning-tree vlan 50 priority 16384 S2(config)#spanning-tree vlan 55 priority 16384 S2(config)#spanning-tree vlan 80 priority 16384

Branch(config)#interface fastEthernet 0/0 Branch(config-if)#no shutdown

Branch(config)#interface fastEthernet 0/0.40 Branch(config-subif)#encapsulation dot1Q 40 Branch(config-subif)#ip address 10.10.40.1 255.255.255.0

Branch(config-subif)#no shutdown Branch(config-subif)#ex Branch(config)#interface fastEthernet 0/0.50

Branch(config-subif)#no shutdown Branch(config-subif)#ex

Branch(config)#interface fastEthernet 0/0.50 Branch(config-subif)#encapsulation dot1Q 50 Branch(config-subif)#ip address 10.10.50.1 255.255.255.0 Branch(config-subif)#no shutdown Branch(config-subif)#ex

Branch(config)#interface fastEthernet 0/0.55 Branch(config-subif)#encapsulation dot1Q 55 Branch(config-subif)#ip address 10.10.55.1 255.255.255.0 Branch(config-subif)#no shutdown Branch(config-subif)#ex

Branch(config)#interface fastEthernet 0/0.80 Branch(config-subif)#encapsulation dot1Q 80 Branch(config-subif)#ip address 10.10.80.1 255.255.255.0 Branch(config-subif)#no shutdown

Branch#show vlan-switch

VLAN Name Status Ports

- ——————————– ——— ——————————-

1 default active

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 - —– ———- —– —— —— ——– —- ——– —— ——

1 enet 100001 1500 - - 0 0

1002 fddi 101002 1500 - - 0 0

1003 tr 101003 1500 - - 0 0

1004 fdnet 101004 1500 - ieee 0 0

1005 trnet 101005 1500 - ibm 0 0

Remote SPAN VLANs ——————————————————————————

Primary Secondary Type Ports ——- ——— —————– ——————————————

Step 7: Configure Port Security

S3(config)#interface fastEthernet 0/2 S3(config-if)#switchport mode access S3(config-if)#switchport port-security maximum

S3(config)#interface fastEthernet 0/2 S3(config-if)#switchport mode access S3(config-if)#switchport port-security maximum 2 S3(config-if)#switchport port-security mac-address sticky S3(config-if)#switchport port-security violation shutdown

S3(config-if)#ex

S3#show port-security address Secure Mac Address Table

——————————————————————————-

Vlan Mac Address Type Ports Remaining Age (mins) - ———– —- —– ————- —————————————————————————— Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024