Cisco Certified Network Associate 0 (ccna)



Yüklə 5,2 Mb.
səhifə128/142
tarix27.09.2023
ölçüsü5,2 Mb.
#149497
1   ...   124   125   126   127   128   129   130   131   ...   142
CCNA 200-301 June 2023-v1.2

Task 1:
R2(config)# ip access-list standard NAT //Note: The name of the ACL may be different so please check carefully! R2(config-std-nacl)#permit 10.2.3.3
R2(config-std-nacl)#permit 192.168.3.1
R2(config-std-nacl)#permit 10.1.3.11 R2(config-std-nacl)#exit
R2(config)# interface e0/1 R2(config-if)#ip nat inside R2(config-if)#exit R2(config)#interface e0/0 R2(config-if)#ip nat outside R2(config-if)#exit
R2(config)#ip nat inside source list NAT interface e0/0 overload


Verification
R3#ping 192.168.1.1
.!!!! (ping should work)


Task 2:
R1#clock set 00:00:00 January 1 2019 //Midnight means 00:00:00. Note: The date may be different so please check carefully! R1#config t
R1(config)#ntp master 1 //Configure R1 as an NTP server

A strange thing of this sim is that E0/2 of R1 has not been configured an IP address so we must assign the IP address of 10.1.3.1 as shown in the topology for it. Maybe it is the reason the requirement says “using the IP address of the R1 Ethernet0/2 interface”.


R1(config)#interface e0/2


R1(config)#ip address 10.1.3.1 255.255.255.0 Configure R2 as the NTP client (not NTP peer):
R2#config t
R2(config)#ntp server 10.1.3.1


Verification__Check_the_clock_on_R2_to_see_if_it_is_the_same_as_R1:__R2show_clock_0:0:01.60_UTC_Tue_Jan_1_2019___Task_3'>Verification

Check the clock on R2 to see if it is the same as R1:


R2#show clock


0:0:01.60 UTC Tue Jan 1 2019


Task 3:
R1(config)#ip dhcp pool NETPOOL
R1(dhcp-config)#network 10.1.3.0 255.255.255.0 R1(dhcp-config)#exit
R1(config)#ip dhcp excluded-address 10.1.3.1 10.1.3.10

Configure interface E0/2 of R3 to receive IP address issued from R1 (DHCP Server):


R3(config)#interface e0/2 R3(config-if)#ip address dhcp




Verification R3(config-if)#exit R3(config)#exit
R3#show ip interface brief (E0/2 interface is assigned the IP address of 10.1.3.11)

Interface IP-Address OK? Method Status Protocol



Ethernet0/2 10.1.3.11 YES DHCP up up


Task 4:
R3(config)#line vty 0 4 //we should use the “show run” command to confirm if the “line vty 0 4” or “line vty 0 15” R3(config-line)#transport input ssh
R3(config-line)#login local R3(config-line)#exit
R3(config)#username netadmin password N3t4ccess //Note: Please check the username and password given carefully. It may not be “netadmin” and “N3t4ccess” as shown here
R3(config)#crypto key generate rsa modulus 1024


Note: The command “ip domain-name xyz.com” has been configured so we don’t need to type this command again. This command must be used before the “crypto key generate rsa” command or an error will be shown.


Verification
R1# ssh -l netadmin 10.1.3.11 Password: {please type N3t4ccess here}

Save the configuration


As the guidelines clearly stated that we have to save the configuration to NVRAM so please save all your configurations on R1, R2 and R3: R1#, R2#, R3#copy running-config startup-config


Note: Just for your information, this lab requires “Do not use NVI NAT configuration” so what is NVI NAT?

Cisco IOS Release 12.3(14)T introduced a feature called NAT Virtual Interface (NVI), which allows you to do a NAT configuration without the need to specify an interface as being an inside or an outside interface. Specifically, instead of issuing the “ip nat inside” or “ip nat outside” command in interface configuration mode, you can issue the “ip nat enable” command. Not only does this feature make configuration easier , but it also allows traffic to flow between two interfaces that would both be considered inside interfaces, from a classic NAT perspective.





Yüklə 5,2 Mb.

Dostları ilə paylaş:
1   ...   124   125   126   127   128   129   130   131   ...   142




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin