CCNA 2 Version 3 Hands-on Final (Instructor’s Guide)
Student name _______________________________ Date __________________ Start time ____________
This is the basic setup. The hosts require an operating system with TCP/IP installed and a web browser.
The hands-on final is designed for students to wire and program one side of the internetwork. The
student will be assigned either Anniston or Boaz and its associated components. The GAD router is to be programmed by the instructor with the provided configuration. This configuration is very lengthy and should be pasted in sections to prevent overrun.
The student can be assigned one of 10 different versions from either Branch location. The version will determine the WAN network assigned, as well as the IGRP Autonomous System number. This allows for 20 different combinations plus unlimited variations in the LAN assignments. These are further explained in the appropriate sections.
Circle one:
Location: Anniston or Boaz
Circle one:
Version 1 2 3 4 5 6 7 8 9 10
Instructor provided information:
The WAN IP network address is _________________ with a subnet mask of _______________.
The local LAN has been assigned an IP network address of ______________________________. Each subnet of the above network needs to accommodate ___________ host addresses. Use the ______ useable subnet for the LAN. Do NOT use subnet zero as the first subnet. The IGRP AS number is ________.
S0/0 (S0)S0/1 (S1)
DCEDCEGAD
S0/0 (S0)S0/0 (S0)
AnnistonBoaz
IBM CompatibleIBM CompatibleIBM CompatibleIBM CompatibleManagementManagementProductionProduction
There are 4 elements of this exam that can be weighted or can be a pass or fail exam.
This exam will occur in stages. Each element is a set of instructions that needs to be accomplished. The instructor will initial each task as they are completed. Proceed to the next task only after the instructor has approved the current task.
The 5 elements of this exam are:
1- planning
2- security
3- cabling
4- basic configuration
5- troubleshooting
The basic theme here is that Gadsden (GAD) is regional headquarters of the company. Anniston and Boaz are branch offices. Each network associate (student) will be responsible for single branch office. The internetwork team leader (instructor) is responsible for the regional router (GAD).
A network address and specific number of hosts per subnet has been assigned for the local LAN. From the instructor provided information, the subnet address, the subnet mask, the first and last useable addresses, and
the broadcast address for each site’s LAN need to be determined.
This part of the exam is to test the student’s ability to subnet. This hands-on final allows for many
combinations. The instructor needs to assign the student a network address to be applied to the LAN,
as well as how many hosts per network are needed. The instructor can assign the student virtually ANY
network (except as below) and any number of hosts per network of 3 or more.
Addresses NOT to assign to the student: for the LAN:
192.168.1.0 – 192.168.10.0
192.168.101.0 – 192.168.110.0
172.16.0.0
209.0.0.0
62.0.0.0
198.0.0.0
the network assigned to the other branch (Anniston or Boaz)
The only issue to take care in is that there must be at least 10 subnets. That means that if assigning a
Class C address, no more than 14 hosts per network and when assigning a Class B address no more
than 4094 hosts per network should be assigned.
CCNA 2 Hands-on Version Assignment
Router Final WAN network GAD Router Interface IGRP AS
segment version address address
number
Anniston 1 192.168.1.0 /24 192.168.1.1 1
Anniston 2 192.168.2.0 /24 192.168.2.1 2
Anniston 3 192.168.3.0 /24 192.168.3.1 3
Anniston 4 192.168.4.0 /24 192.168.4.1 4
Anniston 5 192.168.5.0 /24 192.168.5.1 5
Anniston 6 192.168.6.0 /24 192.168.6.1 6
Anniston 7 192.168.7.0 /24 192.168.7.1 7
Anniston 8 192.168.8.0 /24 192.168.8.1 8
Anniston 9 192.168.9.0 /24 192.168.9.1 9
Anniston 10 192.168.10.0 /24 192.168.10.1 10
Boaz 1 192.168.101.0 /24 192.168.101.1 101
Boaz 2 192.168.102.0 /24 192.168.102.1 102
Boaz 3 192.168.103.0 /24 192.168.103.1 103
Boaz 4 192.168.104.0 /24 192.168.104.1 104
Boaz 5 192.168.105.0 /24 192.168.105.1 105
Boaz 6 192.168.106.0 /24 192.168.106.1 106
Boaz 7 192.168.107.0 /24 192.168.107.1 107
Boaz 8 192.168.108.0 /24 192.168.108.1 108
Boaz 9 192.168.109.0 /24 192.168.109.1 109
Boaz 10 192.168.110.0 /24 192.168.110.1 110
Step 1 – Planning Points __________________
The student is asked to plan the network subnets for the first 10 useable networks. The instructor should plan this ahead of time so they are known.
Using the chart below, plan the first 10 usable subnets of the LAN network address assigned to you.
Subnet Subnet Subnet First host Last host Broadcast
(useable) mask
Address
(/x)
1
2
3
4
5
6
7
8
9
10
The configuration provided for the GAD router accommodates a variety of address for the WAN to the
branch. The WAN assignment will be based on the version number and the serial port on the GAD router. The WAN connected to serial 0/0 (from GAD to Anniston) is assigned to use networks 192.168.1.0 –192.168.10.0. If the student on the Anniston site is assigned version 1 of the final, the
192.168.1.0 network should be assigned and an IGRP AS of 1 will be used.
The WAN assignments for the serial 0/1 (from GAD to Boaz), offsets the version number by 100. If the
student on the Boaz site is assigned version 1 of the final, the 192.168.101.0 network should be assigned and an IGRP AS of 101 will be used.
The WAN interface of GAD is assigned the lowest useable address in the network.
Identify and use the second lowest useable WAN address for your S0 interface of the router assigned to you
_________________________.
The subnet number should be equal to the version number assigned to the student.
The student should properly select the address ranges for the Production and Management hosts. The
most significant bit of the host range should divide the address ranges. For example, if the subnet is 172.16.1.128 /26 the address range of the subnet would be 172.16.1.129 – 172.16.1.191. The lower
address range (production) is 172.16.1.129 – 172.16.1.159. The upper address range (management) is
172.16.1.160- 172.16.1.190. This chart below shows the binary representation of the last octet this example.
Number Network Bits Host
Decision Remaining Host Bits
Bit
Lower 129 1 0 0 0 0 0 0 1
Range 191 1 0 0 0 1 1 1 0
Upper 160 1 0 1 0 0 0 0 0
Range 190 1 0 1 1 1 1 1 0
For "Security" purposes, all of the production floor workstations will be assigned the lower half of the IP
address numbers of the subnet assigned by the instructor. All of network devices and management stations
will be assigned the upper half of the IP address numbers of the subnet assigned by the instructor. From this upper half range of addresses, the Ethernet router interface is to be assigned the highest useable address.
Identify the required IP address of the Ethernet interface on your assigned router. ___________________
The host configurations must also be planned. Using the chart below, complete the host information.
Branch:
Anniston or Boaz IP address range
Production Host Range
(Lower half)
Management Host Range
(Upper half)
Production Host
IP address ___________________________
Subnet Mask __________________
Default Gateway ___________________________
Management Host
IP address ___________________________
Subnet Mask __________________
Default Gateway ___________________________
Before proceeding to the next step have instructor approve this step.
Instructor _______________________________
Step2 – Security Points __________________
There are several security concerns in the internetwork. Access Control List(s) should be developed to address these issues. The following are the concerns:
1. The company has an intranet web server host that all systems can reach at IP address 172.16.0.1 with
only HTTP access. No other protocols will be permitted to this site.
2. The company also has a server pool in the 209.0.0.0 /24 network. The server pool addresses are
divided into halves. The servers in the upper half of the address range should only be reachable by
management hosts (all IP protocols). The servers in the lower half of the address range should be
reachable by all LAN hosts (all IP protocols). The servers should not be accessible any other hosts.
3. The company has discovered an Internet Web server at 198.0.0.1 that is known to contain viruses.
All hosts are to be banned from reaching this site.
Before proceeding to the next step have instructor approve this step.
Instructor ______________________________
Step 3 –Cabling Points __________________
Now that the planning process is complete, it is time to construct the Physical layer. Using the diagram,
connect all the associated hardware for the local branch.
This should be a straightforward process. As long as the student uses the proper cables and does not
omit any of the connections. A hub can be substituted for a switch. When using a switch, make sure
that all custom configurations are erased. In particular, make sure the switch is using a single VLAN. If
using a hub, make sure that the student does not use an uplink port.
Below is a checklist to assure the proper connection.
Device connection to Switch/Hub S0/0 or S0/1
connection
Anniston Cat 5 straight Serial (DTE) [ ]
Boaz Cat 5 straight Serial (DTE) [ ]
GAD n/a Serial (DCE) [ ]
Production Cat 5 straight n/a [ ]
Management Cat 5 straight n/a [ ]
Before proceeding to the next step have instructor approve this step.
Instructor _______________________________
Step 4 – Basic Configuration Points __________________
The student is tested on the same basic configuration elements as have been used in lab throughout
the course. A checklist is provided below for some of the critical configuration items.
Criteria Checked
Make sure that the student configures the console, secret, and VTY passwords
passwords. (The VTY password can
The student should configure the host name of Anniston or Boaz. Host Name
The FastEthernet should be configured with the highest address in the IP Address subnet. The Serial interface can be configured with any address in the appropriate Class C EXCEPT the lowest.(GAD’s interface is .1)
Make sure the router has host table entries for GAD Host Table
Make sure there is a properly functioning MOTD and that it reflects a Message of proper security message. (Do not attempt to …) the Day
The serial interface should have a description for identifying that it Serial 0/0
description connects to GAD’s appropriate interface.
This description should identify that it connect to the LAN Fa 0/0 description
The routing protocol should be configured as IGRP with an Routing
Autonomous System Number equal to the version number. There should Protocol
be 2 network statements. One for the WAN (192.168.y.0) and one for
the network assigned to the LAN.
Make sure the hosts are configured with the appropriate IP address, Hosts subnetmask, and gateway. The routers address (highest address in subnet) should be the gateway on both hosts.
From the hosts command prompt, make sure that the host can ping Connectivity
GAD’s Serial interface as well as the loopback interfaces.
172.16.0.1, 209.0.0.1, 209.0.0.254, 62.0.0.1, and 198.0.0.1.
Also make sure that the web browser on the host can bring up the login Browsing
popup for the loopback interfaces.
172.16.0.1, 209.0.0.1, 209.0.0.254, 62.0.0.1, and 198.0.0.1.
Apply a basic configuration to the router. This configuration should include contain all the normal
configuration items. These include (but not limited to): router name, passwords, interface descriptions,
routing, host table, and a banner to be displayed before login.
The routing and connectivity should be verified before notifying the instructor.
Before proceeding to the next step have instructor approve this step.
Instructor _______________________________