| Chapter 1-12
and Appendix A- B Labs
Labs:
| Chapter
1: Selecting, Assembling, and Cabling WAN Components |
|
There are no
labs for Chapter 1. |
| Chapter
2: Configuring Asynchronous Connections with Modems |
| 2.3.2 |
You are
working for the Atlanta Bread Company and would like to setup out-of-band management on your router. You will properly configure an
asynchronous connection on your router and dialin from a remote
location. |
| 2.3.3 |
Your
colleagues also working for the Atlanta Bread Company would like to
dialin to your router. You will properly configure an asynchronous
connection on your router using the AUX port and dialin from a
remote location. |
| 2.3.4 |
The Atlanta
Bread Company now has a remote office in Macon. You will configure
the remote router to establish an asynchronous connection to your
router. |
| Chapter
3: Configuring Point-to-Point Protocol and Controlling Network
Access |
| 3.1.4 |
The
CTO of the Atlanta Bread Company has just called you. She is asking
why can't she start an EXEC session on the core router through a
dialup connection. She would also like to dialin for free internet
access. You will configure the core router to permit PPP and EXEC
sessions. |
| 3.1.6 |
The
Atlanta Bread Company has a customer that would like to utilize the
dialin core router to receive E-mail. The host will specify its own
address. You will configure the core router to permit the UNIX host
to specify the IP address. |
| 3.2.3 |
The Atlanta
Bread Company is reviewing security policies and it has been noted
that there is no authentication on the core router. You will
configure PAP authentication between the Atlanta core router and the
Macon remote office. |
| 3.3.3 |
The
Atlanta Bread Company is reviewing the costs incurred by the Macon
office for dialin access to the core router. A lower telephone rate
has been established for your Atlanta office to call to the Macon
office. You will configure callback services between the Atlanta
core router and the Macon remote office. |
| 3.4.2 |
The
Atlanta Bread Company is again reviewing the costs incurred by the
Macon office for dialin access to the core router. The CTO has
recommended that Stacker compression be added to the asynchronous
link between Atlanta and Macon to maintain compatibility with the
Cisco 700 series. You will configure compression between the Atlanta
core router and the Macon remote office. |
| Chapter
4: Accessing the Central Site with Windows 9X |
| 4.2.1 |
The CTO of
the Atlanta Bread Company would like for you to setup her laptop for
PPP dialin access to the core router. She must have a dedicated line
for her private dialin! You will configure a PPP dialup link between
the Atlanta core router and this telecommuter. |
| Chapter
5: Using ISDN and DDR Technologies to Enhance Remote Connectivity |
| 5.5.4 |
You
have just installed a new branch office that will use DDR to dial
into your central site.
The next step is to configure routing so the branch office
can successfully communicate with the central site using TCP/IP.
You will need to install a default route at the branch office
pointing back at the central site.
At the central site you will need to add a static route for
the branch office Ethernet network pointing back at the branch
office router.
To ensure that the branch office can communicate with the
rest of the central site, redistribute the static route to the core
network running IGRP. |
| 5.5.5 |
Given a
Central site Cisco-IOS router with ISDN BRI capability and a branch
office site Cisco-IOS router with ISDN BRI capability, configure
both routers so that you can place an ISDN call between your two
company sites. |
| 5.5.6 |
The
Denver office needs to control what interesting traffic will bring
up the ISDN connection to the Phoenix office.
You will setup an extended ACL and apply it to the dialer
group. |
| 5.5.10 |
The Phoenix
and Denver offices want to exchange routing updates without
incurring large telecommunication bills. Your solution is to
configure snapshot routing between the two routers. |
| 5.6.1 |
Configure
the branch office router and central site router to dial two B
channels for a total link speed of 128kbps.
Use two dialer maps to dial the two phone numbers and enable
PPP multilink. |
| 5.6.5 |
You have other
ISDN devices connected to the same ISDN line that your central
router is connected to (this is possible with an S/T Interface).
To ensure that they don’t step on each other, we want to
configure the central router to only answer calls that are placed to
the 5554000 number.
|
| 5.8.1 |
Given
a Central site Cisco-IOS router with ISDN PRI capability and branch
office site Cisco-IOS routers with ISDN BRI capability, configure
all routers so that you can place an ISDN call between your three
company sites. |
| Chapter
6: Optimizing the Use of DDR Interface-Dialer Profiles and Rotary
Groups |
| 6.2.6 |
To simplify
the configuration of ISDN DDR implementations, Cisco has created a
way for us to separate the configuration of connection specific
information from the BRI interface itself.
In this lab you will assign the BRI interface to a rotary
group and then create dialer profiles for your connections that will
use the BRI interfaces in these rotary groups.
|
| 6.3.3 |
The Denver office
needs to control what interesting traffic will bring up the ISDN
connection during only open hours.
Last month they received a bill for $729.00 for ISDN service.
You will setup a time-range extended ACL and apply it to the dialer
group and the BRI interface so that the link will only be
operational during business hours.
|
| Chapter
7: Using X.25 for Remote Access |
| 7.2.3 |
You are
working for the Atlanta Bread Company and would like to setup out-
of-band management on your router. You will properly configure an
asynchronous connection on your router and dialin from a remote
location. |
| 7.2.4 |
Your
colleagues also working for the Atlanta Bread Company would like to
dialin to your router. You will properly configure an asynchronous
connection on your router using the AUX port and dialin from a
remote location. |
| Chapter
8: Frame Relay Connection and Traffic Flow Control |
| 8.2.1 |
You
have been contracted by a small bank to install a Frame Relay network to connect their offices in Atlanta, Orlando, and Houston.
Atlanta needs connectivity to both Orlando and Houston. Orlando and
Houston do not need connectivity between each other. You have
ordered Frame Relay service from a national Frame Relay service
provider and have received the DLCIs in the above diagram. Routing
should be handled using IGRP. |
| 8.3.4 |
You
have been contracted by a small bank to install a Frame Relay
network to connect their offices in Atlanta, Orlando, and Houston.
Each office needs to connect to the other two. You have ordered
Frame Relay service from a national Frame Relay service provider and
have received the DLCIs in the above diagram. Routing should be
handled using IGRP. |
| 8.4.7 |
Your
main office in Atlanta has a high-speed T1 Frame Relay connection.
It is over-running your remote sites that only have 56K Frame Relay connections. Install rate enforcement on your router in Atlanta to
control how much traffic is sent to these sites. Routing should be
handled using IGRP. |
| 8.4.8 |
Your
main office in Atlanta has a high-speed T1 Frame Relay connection.
There is a bottleneck that exists at the other end of the PVC that
connects to Orlando. This is due to the fact that Orlando only has a
56K Frame Relay connection. |
| 8.4.9 |
Configure
rate enforcement on your Frame Relay network that will use a custom
queue list to prioritize traffic before it gets throttled based on
protocol and port. |
| 8.5.2 |
You
have been contracted by a small bank to install a Frame Relay network to connect their offices in Atlanta and Houston. The frame
relay cloud may grow at a later date and to avoid the headache of
numerous static routes on the Atlanta hub router, you decide to
configure ODR. You have ordered Frame Relay service from a national Frame Relay
service provider and have received the DLCIs in the
above diagram. Routing should be handled using IGRP. Lastly, the ODR
information needs to be redistributed into IGRP. |
| Chapter
9: Enabling Backup to a Permanent Connection |
| 9.1.1 |
You have just
installed an ISDN line to be used as a dial backup line to your Frame Relay
connection between the Atlanta (hub) and Orlando (stub)
office. Configure DDR on the BRI interface of the Orlando router.
Configure Frame Relay on the serial interfaces connecting to
the Frame Relay network. Use
floating static routes to control which link is used.
|
| 9.1.4.1 |
You have just
installed an ISDN line to be used as standby reserve bandwidth your Frame Relay
connection between the Atlanta and Orlando office.
Configure DDR on the BRI interface of the Orlando router.
Configure Frame Relay on the serial interfaces connecting to
the Frame Relay network. Configure parallel static routes so that when both links are
up traffic will load balance between the two links.
|
| 9.1.4.2 |
You have just
installed an ISDN line to be used as standby reserve bandwidth for
your Frame Relay connection between the Atlanta and Orlando office. Configure DDR using a dialer interface on the Orlando router.
Configure Frame Relay on the serial interfaces connecting to
the Frame Relay network. Configure this to work successfully with IGRP.
EIGRP could also be used.
|
| 9.2.3 |
You have been
asked to implement a DDR dial backup link to backup the Frame Relay network between Orlando and Atlanta.
You have installed an ISDN line in Orlando to make this
possible. Now that
Orlando has ISDN, you have come up with the idea to take advantage
of that line so that you can connect to the Minneapolis office which
also has an ISDN line. Configure
a DDR connection between Orlando and Minneapolis.
Because Orlando will be using the same line to connect to two
different locations, you must use dialer profiles to make this
possible.
|
| Chapter
10: Managing Network Performance with Queuing and Compression |
| 10.2.3 |
Our company
has given us the task of connecting our east coast office with the
west coast office via ISDN. There will be some large file transfers
over this link but we do not want them to dominate the link. Since
we want low bandwidth applications such as telnet to be able to get
through at any time, we have decide to use weighted fair queuing to
solve this problem. It is our responsibility to connect these two
routers together and configure weighted fair queuing correctly. |
| 10.2.5 |
Our company
has given us the task of connecting our east coast office with the
west coast office via ISDN. It has been determined that we need to
have a strict queuing policy for traffic going across this link.
Certain traffic should have a higher priority than other traffic. We
have decided that all TCP traffic should have high priority, ICMP
traffic should have medium priority, all UDP traffic should have low
priority, and all other traffic should have normal priority. It is
our responsibility to connect these two routers together and
configure priority queuing correctly. |
| 10.2.8 |
Our company
has given us the task of connecting our Houston office with the
Orlando office via Frame Relay. |
| 10.3.7.1 |
Our company
has analyzed the bandwidth usage on our EastCoast to WestCoast ISDN
connection. It has been found that we are using the ISDN line to the
maximum. There is not enough money in the budget to upgrade the line
to a PRI link, or to allow the ISDN line to be on all the time. It
is our responsibility to find a way to move more information across
the link in less time. Our solution: Compression. |
| 10.3.7.2 |
Our company
has analyzed the bandwidth usage on our Houston to Orlando Frame
Relay connection. It has been found that we are using the Frame
Relay line to the maximum. There is not enough money in the budget
to upgrade the line. It is our responsibility to find a way to move
more information across the link. Our solution: Compression. |
| Chapter
11: Scaling IP Addresses with Network Address Translation |
| 11.3.1 |
Our
small company has recently been assigned the network number
206.222.222.0 by ARIN. Previously the company was using a private IP
address on the internal network. Now that the company is going to be
connected to the Internet, we need to either go to each and every
workstation and configure it with a new IP address, or to use some
kind of IP address translation at the router. For security reasons
our company does not want the computers to be directly on the
Internet, using real IP addresses. Since our company only has a
limited number of computers, we have decided to use static network
address translation. It is our job to configure the ISDN connection
and implement the address translation. |
| 11.3.2 |
Our
small company has recently been assigned the network number
206.222.222.0 by ARIN. Previously the company was using a private IP
address on the internal network. Now that the company is going to be
connected to the Internet, we need to either go to each and every
workstation and configure it with a new IP address, or to use some
kind of IP address translation at the router. For security reasons
our company does not want the computers to be directly on the
Internet, using real IP addresses. Since our company has a large
number of computers it would be too time consuming to enter all of
the static address translations into the router. Our alternative is
dynamic network address translation. It is our job to configure the
ISDN connection and implement the address translation. |
| 11.3.3 |
Our
quickly growing company has the network number 206.222.222.0, which
was assigned by ARIN. Previously the company was using dynamic
address translation over an ISDN line however the company has just
upgraded the line to Frame Relay. The company has been growing and
has outgrown the number of valid IP addresses. The company is not
able to get another class C network from ARIN, so we need to find
another solution which will allow all of our employees Internet
access without over running the available valid IP addresses. We
have researched NAT and found that if set up properly we can
translate many internal IP addresses into one valid IP address. This
is called Overloading Network Address Translation. It is our job to
configure the Frame Relay connection and implement the proper
address translation. |
| 11.3.4 |
Configure a Frame Relay connection between our WebHeads router in
Orlando and the ISP's router in Houston, and configure TCP Load
Distribution on the WebHeads router. |
| 11.3.5 |
Configure an ISDN connection between Bread company router and the
Butter company router, and configure it so that the two networks
which have the same IP addresses can communicate together. To
accomplish the communication we will configure dynamic overlapping
network address translation. |
| Chapter
12: Using AAA to Scale Access Control in an Expanding Network |
| 12.2.2 |
The
Denver office needs to control who logs in to their router and
dials in for remote access. In this lab, you will setup AAA
Authentication on this router and test each user account. |
| 12.2.3 |
The
Denver office needs to authorize a backup user to issue a few
privilege level commands. In this lab, you will setup AAA
Authorization on this router and test each user account. |
| 12.2.4 |
The
Denver office needs a record of what commands are being issued on
the router and what users are using the PPP modem dial-in. In this
lab, you will setup AAA Accouting on this router and test each user
account. |
| 12.2.5 |
The
Denver office has setup and configured a Cisco Secure TACACS+ server
and needs to place the routers under the control of the TACACS+
server. In this lab, you may need to modify the hostname and IP
address of your router. |
| Appendix
A: Emerging Remote Access Technologies |
|
There
are no labs for Appendix A. |
| Appendix
B: Configuring a Cisco 700 Series Router |
| B.3.1.1 |
Configure
a Cisco 700 series router to dial an IOS router using PPP
encapsulation and authenticate with CHAP. |
| B.3.1.2 |
Configure
a Cisco 700 series router to dial an IOS router using PPP
encapsulation and authenticate with CHAP. Then enable multilink PPP. |
| B.3.2 |
Configure
a Cisco 700 series router to dial an IOS router using PPP
encapsulation and authenticate with PAP. |
| B.3.8 |
Configure
the Cisco 700 series router to dial an IOS router using PPP
encapsulation and authenticate with CHAP. Then configure the DHCP
server with a pool of 50 addresses. |
|