A few things to keep in mind while completing this activity:
- Do not use the browser Back button or close or reload any exam windows during the exam.
- Do not close Packet Tracer when you are done. It will close automatically.
- Click the Submit Assessment button to submit your work.
In this practice Packet Tracer Skills Exam, you will do as follows:
· finish the configuration of a partially configured network
· establish connectivity within the enterprise and to the Internet
· implement access control lists based on a set of security policies
XYZ Uni Server
NOTE: The password for user EXEC mode is cisco. The password for privileged EXEC mode is class.
Step 1: Configure the Device Basics.
Use the IP addresses in the Addressing Table and your subnetting skills to determine the missing IP addresses according to the following guidelines:
a. Configure Fa0/1 interface on BldgA with the highest (last) host IP address in the subnet.
b. Configure Staff with the highest (last) host IP address in the subnet
c. Verify connectivity.
Step 2: Configure OSPF.
a. Use the following requirements to configure OSPF on Main, Admin, and BldgA.
· Use the process ID 5.
· Advertise each subnet individually in area 0 with its corresponding wildcard mask. (Main should not advertise the link to the Internet.)
· Verify OSPF convergence.b. Configure OSPF authentication on the links between BldgA and Admin, Admin and Main, and Main and BldgA.
· Encrypt the updates using MD5 authentication. Authentication should be enabled for the entire area 0.
· On the appropriate interfaces, use a key ID of 10 and the password xyzunipass.
· Verify OSPF convergence.c. Modify the OSPF configuration.
· Modify both sides of the link between Main and BldgA to reflect the actual bandwidth of 768 Kb/s.
· Change the priority on Admin so that it is the preferred DR for the LAN it shares with BldgA.d. Propagate a default route in the OSPF updates.
· Configure a default route on Main and point it to the Internet. Use the outbound interface argument.
· Configure OSPF to advertise the default route to neighbors.e. Verify connectivity.
Step 3: Configure Access Control Lists.
a. Filter inbound traffic from the Internet. Configure and apply a single ACL numbered 150 on the correct router that will implement the following policy in order:
· Allow only HTTP access to the XYZ Uni Server at its public address 188.8.131.52.
· Allow all established TCP connections.
· Allow all ICMP replies and unreachable messages.b. Verify that the policy is successfully implemented.
c. Filter traffic from the BldgA LAN. Configure and apply on the router a single ACL numbered 175 that will limit network traffic and will implement the following policy:
· Hosts from the LAN connected to the Fa0/0 interface of BldgA are blocked from accessing hosts on the Admin Staff LAN.
· All other traffic is allowed anywhere.d. Verify that the policy is successfully implemented.
Step 4: Verify Connectivity.
Using tools such as ping and show commands, verify connectivity in the network.
Created in Packet Tracer 5.3.2.0027 and Marvel 1.0.1
All contents are Copyright © 1992 - 2011 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.