Cisco Network Assistant Experimental questions

650) this.width=650; "height=" 403 "title=" clip_image002 "style=" margin:0px;border:0px;padding-top:0px; Padding-right:0px;padding-left:0px;background-image:none, "alt=" clip_image002 "src=" http://s3.51cto.com/wyfs02/ M01/6d/e1/wkiol1vulivx2tinaadne63lddu204.jpg "border=" 0 "/>

GNS3 Simulation Diagram

Demand

1. A company a total of 200 access points (divided into two departments), the company headquarters has about 100 access points, Division 1 has more than 40 access points, Division 2 has 10 PCs. Company internal access, the designated network segment is 192.168.1.0/24. In order to fully use IP addresses, please plan your IP address appropriately.

Answer: Three network segments

192.168.1.0/25 255.255.255.128 (host:128 PCs)---> headquarters

192.168.1.0----192.168.1.127

192.168.1.128-----192.168.1.255- à Headquarters

192.168.1.0/27 255.255.255.192 (HOST:64PCS)---> Division 1

192.168.1.0------192.168.1.63

192.168.1.64-----192.168.1.127-- à Division 1

192.168.1.0/28 255.255.255.240 (HOST:16PCS)---> Division 2

192.168.1.0----192.168.1.15 - à Division 2

2. Between the headquarters and the division by dedicated line connection, using the PPP protocol PAP for two-way authentication,

R1#sh Run int S1/1

Interface SERIAL1/1

IP address 12.1.1.1 255.255.255.0

Encapsulation PPP

Serial Restart-delay 0

PPP Authentication PAP

PPP pap sent-username CCNP password 0 CCNP

End

R2#sh Run int s1/0

Interface serial1/0

IP address 12.1.1.2 255.255.255.0

Encapsulation PPP

Serial Restart-delay 0

PPP Authentication PAP

PPP pap sent-username CCNA password 0 CCNA

End

3. The RIP protocol runs between Division 1 and Division 2 (between R4 and R2), and OSPF is run between headquarters and division, requiring interoperability across the network.

RIP

t2|

Router RIP

Version 2

Redistribute OSPF metric 3

Network 24.0.0.0

Network 192.168.1.0

No auto-summary

R4 (config) #router rip

R4 (config-router) #no au

R4 (config-router) #v 2

R4 (Config-router) #net

R4 (config-router) #network 24.1.1.0

R4 (config-router) #net 192.168.1.64

OSPF:

R2:

router OSPF 110

Router-id 2.2.2.2

Log-adjacency-changes

Redistribute RIP subnets

Network 12.1.1.0 0.0.0.255 Area 0

Network 192.168.1.0 0.0.0.15 Area 0

R1:

router OSPF 110

Router-id 1.1.1.1

Log-adjacency-changes

Network 12.1.1.0 0.0.0.255 Area 0

Network 192.168.1.128 0.0.0.127 Area 0

4. Both headquarters and offices use R1 to access the extranet. However, only a public IP address is applied

13.1.1.1/30 headquarters access to the public network using PPPoE dial-up internet access.

R3:pppoe Provider Side

1. Username ccie password 0 ccie \ \ Define user name and password

2. IP local pool pppoe_pool 13.1.1.1 \ \ Define client-dial IP address pools

3. Interface Virtual-template1

IP address 13.1.1.2 255.255.255.252

Peer default IP address pool pppoe_pool \ \ Call Address pools

PPP authentication chap \ \ Opens PPP CHAP authentication on the interface

4.bba-group PPPoE Ccna-pppoe

Virtual-template 1 \ \ Invoke template

5. Interface FASTETHERNET0/1 \ Interface Association BBA Group

PPPoE Enable Group Ccna-pppoe

R1:pppoe Client

1.interface Dialer1

IP address negotiated \ \ addresses Negotiation

IP MTU 1492 \ \ Optimization mechanism: Prevent slicing because when the PPPoE data is encapsulated, 8 related bytes of PPPoE are inserted between the two-layer frame and the three-layer data header

Encapsulation PPP

IP tcp ADJUST-MSS 1452 \ \ Optimization mechanism

Dialer Pool 1 \ \ Configure dial-up user name and password

PPP chap hostname CCIE

PPP chap password 0 CCIE

2.interface fastethernet0/0

PPPoE Enable

Pppoe-client Dial-pool-number 1

5 analog public networks use R3 and R8 to run static routes, allowing their company A to access the Internet 8.8.8.8 (R8 loopback)

R1:

IP route 0.0.0.0 0.0.0.0 Dialer1 13.1.1.2

router OSPF 110

Router-id 1.1.1.1

Log-adjacency-changes

Network 12.1.1.0 0.0.0.255 Area 0

Network 192.168.1.128 0.0.0.127 Area 0

Default-information originate always//must pour a static route into company A

R3 (config) #ip Route 8.8.8.0 255.255.255.0 f0/0 38.1.1.8

R3 (config) #ip Route 0.0.0.0 0.0.0.0 13.1.1.1

R8 (config) #ip Route 0.0.0.0 0.0.0.0 F0/1 38.1.1.3

6. Allow Division A 1 to access the headquarters, but division a 2 can only access the headquarters HTTP server (IP address: 192.168.1.130)

R1#sh IP access-lists

Extended IP Access list 100

Permit TCP 192.168.1.0 255.255.255.240 host 192.168.1.130 eq www

Deny IP 192.168.1.0 255.255.255.240 192.168.1.128 255.255.255.128

Permit IP 192.168.1.64 255.255.255.192 192.168.1.128 255.255.255.128

Permit IP any any

R1 (config) #int S1/1

R1 (config-if) #ip Access-group

7. Without affecting other traffic, turn on the R2,R4 Telnet service and allow only HQ access. Division 1 and Division 2 cannot exchange visits, nor can they visit headquarters.

R2&r4

R4 (config) #access-list 1 Permit 192.168.1.128 255.255.255.128

R4 (config-line) #do sh Run | Se line vty

Line vty 0 4

Access-class 1 in

Exec-timeout 0 0

Logging synchronous

Login Local

GNS3 Test diagram:

650) this.width=650; "height=" 260 "title=" clip_image004 "style=" border:0px;padding-top:0px;padding-right:0px; Padding-left:0px;background-image:none, "alt=" clip_image004 "src=" http://s3.51cto.com/wyfs02/M02/6D/E1/ Wkiol1vulizyfzk8aadb9k6js18861.jpg "border=" 0 "/>

This article from the "Erick" blog, declined to reprint!

Cisco Network Assistant Experimental questions