CCNA4v3BridgeSBA

8/13/2019 CCNA4v3BridgeSBA

1/4

CCNA4 Bridge Skills-based Assessment

Note

• If you are attempting the exam using NETLAB, you will not be able to test DHCP.

Objectives

• Configure Dynamic Host Configuration Protocol (DHCP) on R2

• Configure static Network Address Translation (NAT) and Port Address Translation (PAT) on R2

• Bring up a frame relay circuit between router R2 and R3 utilizing R1 as a frame relay switch

Preconfigs

The following items must be pre-configured on the routers:

• Hostnames

• Interface IP addresses, subnet masks, and no shutdown commands

• The console, vty and privilege passwords

• Clock rates on DCE interfaces

Following are the actual commands you should enter on each device before you begin your

assessment. (NOTE: The interface names may be different for the equipment you are using. You

should adjust the interface name to work with the hardware you are using.)

Router R2

hostname R2

enable secret classinterface fastethernet 0/0

ip address 172.30.0.1 255.255.0.0

no keepalive

no shutdown

interface serial 0/0

ip address 163.12.21.6 255.255.255.252

no shutdown

interface loopback 10

ip address 195.168.10.2 255.255.255.0

1 of 4 CCNA 4: WAN Technologies v 3.0 – Bridge Skills-based Assessment Copyright 2003, Cisco Systems, Inc.


2/4


line con 0

password cisco

login

logging synchronous

exec-timeout 0 0

line vty 0 4

password cisco

login

Router R1

hostname frame-relay

frame-relay switching

interface Serial0/0

encapsulation frame-relay

clock rate 56000

frame-relay intf-type dce

frame-relay route 203 interface Serial0/1 302

(NOTE: Adjust interface name as necessary.)

no shutdown

interface Serial0/1

encapsulation frame-relayframe-relay intf-type dce

frame-relay route 302 interface Serial0/0 203

(NOTE: Adjust interface name as necessary.)

no shutdown

line vty 0 4

password cisco

login

Router R3

hostname R3

enable secret class

interface serial 0/0ip address 163.12.21.5 255.255.255.252

clock rate 56000

no shutdown

line con 0

password cisco

login

logging synchronous

exec-timeout 0 0

line vty 0 4

password Cisco

login

Configuration Tasks

Complete each of the configuration tasks below. Remember to read each section and complete eachstep before continuing.

Configure Frame Relay

• Bring up the Frame Relay connection between R2 and R3. The frame relay switch has beenpreconfigured; however, R2 and R3 will not be able to communicate until their serialconnection has been configured for the correct encapsulation.


3/4


• Ping R3 Serial 0/0 from R2. You should have connectivity.

• Compare the DLCIs on both R2 and R3 with the frame relay switch configuration.

Configure DHCP on router R2

• Enable DHCP services on router R2, with the following specifications:

o Provide devices on the LAN with IP addresses from the 172.30.0.0/16 network.

o Exclude the range of IP addresses 172.30.0.1 through 172.30.0.10

o Include the default-gateway address of 172.30.0.1

o Include the DNS server address of 172.30.0.5

Configure NAT and PAT on router R2

• Create two loopbacks on R2:

o Loopback0 with network address 10.1.0.1/24

o Loopback1 with network address 133.24.10.1/24

• Create a PAT pool of IP addresses to include 195.168.10.11 through 195.168.10.20, with asubnet mask of 255.255.255.0.

• Create an access list that only allows the 10.1.0.0/24 network to have access to the PATaddress pool.

• Configure the ip nat source.

• Configure the inside and outside interfaces with respect to PAT.

• The public IP network address for the R2 FastEthernet 0/0 LAN is 195.168.10.1/24. Create astatic mapping of the router R2 FastEthernet 0/0 interface inside address of 172.30.0.1 to thepublic IP address 195.168.10.1. This will allow other routers to ping the router R2 FastEthernet0/0 interface with the command ping 195.168.10.1.

Configure EIGRP between R2 and R3 over the frame circuit

• Configure EIGRP as the routing protocol between R2 and R3.

• Do not advertise the inside network on R2. The only networks that should be advertised are thepublic networks.

o R2 will advertise 195.168.10.0 (from PAT) and 163.12.21.4.

o R3 will advertise 163.12.21.4.

• (Note: R2 must tell R3 about the public addresses that its hosts receive via PAT. The loopbackinterface uses one of the public addresses and can be used by EIGRP to advertise the publicnetwork. There are other ways to get that route out, such as a static route, but we have chosento apply one address to a loopback and advertise it. The routing protocol will not advertise thenetwork unless is it is on an active interface.)

• Examine the routing table for both routers. R3 should see a route to the public IP addresses onR2 that was learned via EIGRP.

Test you NAT configuration

• Turn on NAT debugging on R2 with the command #debug ip nat

• On R2 issue the show ip nat translations command to check that you have a translation

for the 172.30.0.1 address. You should see the static mapping you configured for R2 Fa0/0interface.


4/4


• From R3 ping the statically mapped public IP address for R2 Fa0/0 (195.168.10.1). This pingshould be successful.

• To test the dynamic NAT (PAT), use extended ping from R2. Ping the serial interface on R3 withLoopback 0 as the source address. Use the show ip nat translations command to

examine the nat table. You should see a new entry for the dynamic translation.

• Use the show ip nat statistics command to see information about the current translation

statistics. Note the number of active translations.

• Issue the command clear ip nat trans * to clear the dynamic nat translations. Ensure

that all dynamic translations are deleted using the show ip nat translations command.

• Using extended ping on R2 with Loopback 1 as the source address, ping R3 S0/0. The pingshould fail. Use the show ip nat translations command to examine the nat table. (NOTE:

Loopback 1 should not be translated therefore there should not be an entry in the table.)

Documents

CCNA4v3BridgeSBA