CCNA 4 LAB exam answer (100% pass)

Labels: , , , , , 163 comments
CCNA 4 LAB ANSWERS


R1
====================
delete flash:vlan.dat
erase startup-config
reload -> no

en
config t
hostname R1
no ip domain-lookup
banner motd "welcome R1"
enable secret class

line console 0
pass cisco
logging synchronous
login
line vty 0 4
pass cisco
logging synchronous
login 

int fa 0/1
ip add 10.0.0.1 255.255.255.128
no shut
int se0/0/0
ip add 172.16.0.1 255.255.255.252
clock rate 64000
no shut
int se0/0/1
ip add 172.16.0.9 255.255.255.252
no shut

Task4
---------------------------------
username R2 password cisco
int se 0/0/0
ip add 172.16.0.1 255.255.255.252
encapsulation ppp
ppp authentication chap
no shut

###########################################
int se 0/0/1
ip add 172.16.0.9 255.255.255.252
encapsulation frame-relay
frame-relay switching
no frame-relay inverse-arp
frame-relay map ip 172.16.0.10 103 broadcast cisco
frame-relay map ip 172.16.0.9 103 broadcast cisco
no shut
###########################################


Task5
---------------------------------
router rip
passive-interface default
no passive-interface s0/0/0
no passive-interface s0/0/1
router rip 
ver 2
net 172.16.0.0
net 10.0.0.0
no auto-summary

Task 7
---------------------------------
Task7.1
----------------------------
%% R1 = allow only R2 to telnet R1 %%
ip access-list standard TASK7.1
permit host 172.16.0.2 
permit host 172.16.0.5
deny any 
line vty 0 4
access-class TASK7.1 in


Task 7.3
-----------------------------------
access-list 10 deny 10.0.0.128 0.0.0.127 
access-list 10 permit ip any any
int fa0/1
ip access-group 10 out

=================================================================
R2
==================
delete flash:vlan.dat
erase startup-config
reload -> no

en
config t
hostname R2
no ip domain-lookup
banner motd "welcome R2"
enable secret class

line console 0
pass cisco
logging synchronous
login
line vty 0 4
pass cisco
logging synchronous
login 

int Lo0 
ip add 209.165.200.161 255.255.255.224
no shut
int se0/0/0
ip add 172.16.0.2 255.255.255.252
no shut
int se0/0/1
ip add 172.16.0.5 255.255.255.252
clock rate 64000
no shut

Task4
-------------------------
username R1 password cisco
int se 0/0/0
ip add 172.16.0.2 255.255.255.252
encapsulation ppp
ppp authentication chap
no shut

int se0/0/1
encapsulation hdlc
ip add 172.16.0.5 255.255.255.252
clock rate 64000
no shut

Task5
---------------------------------
router rip
passive-interface default
no passive-interface s0/0/0
no passive-interface s0/0/1
router rip 
ver 2
net 172.16.0.0

Task 6
---------------------------------------
enable secret class
username ccna password ciscoccna
aaa new-model
aaa authentication login LOCAL_AUTH local

line con 0
login authentication LOCAL_AUTH
exec-timeout 5 0

line vty 0 4
login authentication LOCAL_AUTH
exec-timeout 5 0
service password-encryption


login block-for 60 attempt 20 within 300
description block 60 seconds for 20 attempt in 5 minute
security authentication failure rate 2 log

Task 7
--------------------------------------

Task 7.2
-------------------------------
ip access-list extended TASK7.2
deny tcp 209.165.200.161 0.0.0.31 host 10.0.0.10 eq 23
deny udp 209.165.200.161 0.0.0.31 host 10.0.0.10 eq 69
permit ip any any

int se 0/0/0
ip access-group TASK7.2 out
int se0/0/1
ip access-group TASK7.2 out



===============================================================
R3
===================
delete flash:vlan.dat
erase startup-config
reload -> no

en
config t
hostname R3
no ip domain-lookup
banner motd "welcome R3"
enable secret class

line console 0
pass cisco
logging synchronous
login
line vty 0 4
pass cisco
logging synchronous
login 


int fa 0/1
ip add 10.0.0.129 255.255.255.128
no shut
int se0/0/0
ip add 172.16.0.10 255.255.255.252
clock rate 64000
no shut
int se0/0/1
ip add 172.16.0.6 255.255.255.252
no shut


Task4
-------------------------
int se0/0/1
encapsulation hdlc
ip add 172.16.0.6 255.255.255.252
no shut

#########################################
int se 0/0/0
ip add 172.16.0.10 255.255.255.252
encapsulation frame-relay
no frame-relay inverse-arp
frame-relay switching
frame-relay map ip 172.16.0.9 103 broadcast cisco 
frame-relay map ip 172.16.0.10 103 broadcast cisco 
frame-relay intf-type dce
no shut
########################################

Task5
---------------------------------
router rip
passive-interface default
no passive-interface s0/0/0
no passive-interface s0/0/1
router rip 
ver 2
net 172.16.0.0
net 10.0.0.128

Task 7
-----------------------------------

Task7.1
----------------------------
%% R3 = allow only R2 to telnet R3 %%
ip access-list standard TASK7.1
permit host 172.16.0.2 
permit host 172.16.0.5 
deny any 
line vty 0 4
access-class TASK7.1 in


Task 8
-------------------
TASK8-OVERLOAD
----------------
ip access-list standard TASK8
permit 10.0.0.128 0.0.0.127

ip nat inside source list TASK8 interface Serial 0/0/0 overload

int fa0/1
ip nat inside

int se0/0/0
ip nat outside
-------------------------------------






==================================================================
Subscribe to: Posts (Atom)