Case Study – Student

Topology

Objectives
Stage 1
 Design an IPv4 Address Scheme.
 Clear the configuration of CISCO Devices.
 Basic configuration.
 Configure Device IPv4.
 Configure IPv6 Addressing
 Testing and Documentation.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 12
CCNA: Introduction to Networks SA Exam

Stage 2:
 Configure Switch Security, VLANs, and Inter-VLAN Routing.
 Configure LAN Redundancy and Link Aggregation.
 Configure OSPFv2 (Single Area) Dynamic Routing Protocol.
 Configure EIGRP Dynamic Routing Protocol.
 Implement DHCP and NAT.
 Configure and Verify Access Control Lists (ACLs).
Stage 3:
 Configure LAN Redundancy and Link Aggregation.
 Configure OSPFv2 (Multi-area) Dynamic Routing Protocol.
Stage 4:
 Configure PPP Connections.
 Configure a GRE VPN Tunnel.

Scenario
In this case study you will build up a small network in four stages. Each stage can be completed at
the end of each CCNA semester, which will help you to achieve most of the CCNA required skills.

Stage 1 covers the “Introduction to network” semester where you should be able to design IPv4
addressing and carry out a basic configuration of Cisco routers and switches. While sage 2 covers
“Routing and Switching Essentials” which will help you to practice routing and switching such as
single-area OSPF, VLANs, inter-routing, DHCP, NAT, etc. For stage 3 “Scaling Networks”, you will
have an opportunity to configure multi-area OSPF, etherchannels, and Spanning tree protocol.
Finally, stage 4 covers some required skills of “Connecting Networks” such as WAN protocols and
VPN.

Stage 1: Introduction to Networks

1. Develop the IPv4 Addressing Scheme

 You have been given the following IP address/subnet mask.
IP Address
Subnet Mask
 Design an IP addressing scheme for London network based on the following requirements.

Subnet # Hosts
Subnet A
Subnet B
Subnet A:

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 12
CCNA: Introduction to Networks SA Exam

Number of bits used for the subnet

IP subnet mask Binary
Decimal
Number of usable hosts
First usable IP address
Last usable IP address
Network ID
Broadcast IP

Subnet B:
Number of bits used for the subnet
IP subnet mask Binary
Decimal
Number of usable hosts
First usable IP address
Last usable IP address
Network ID
Broadcast IP

 The router (London) should uses the first usable IP address while the host computers should use
the second IP address in the subnet. The switch should use the last IP address.
Device IP address Subnet Mask Gateway
London – G0/0
London – G0/1
SW-Subnet A
SW-Subnet B
PC-01
PC-02

2. Clear the configuration

 Erase any previous configuration and reload the following devices:
- London router
- SW_SubnetA
- SW_SubnetB

3. Basic Configuration
PC-01 Network Configuration
Description
Physical Address
IPv4 Address
Subnet Mask
Default Gateway
IPv6 address 2001:ABCD:B::2/64
IPv6 DG 2001:ABCD:B::1/64

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 12
CCNA: Introduction to Networks SA Exam

PC-02 Network Configuration

Description
Physical Address
IPv4 Address
Subnet Mask
Default Gateway
IPv6 address 2001:ABCD:A::2/64
IPv6 DG 2001:ABCD:A::1/64

London (Router)
Task Specification
Disable DNS lookup
Router name London
Domain name casestudy.com
Encrypted privileged exec password
Console access password
Telnet access password
Set the minimum length for passwords 10 characters
Create an administrative user in the local Username:
database using an encrypted password Password:
Set login on VTY lines to use local
database
Set VTY lines to accept ssh and telnet
connections
Encrypt the clear text passwords
MOTD Banner
Description:
IPv4 address:
Interface G0/0
IPv6 address: Unicast = 2001:ABCD:A::1/64
Link-Local = FE80::1
Description:
IPv4 address:
Interface G0/1
IPv4 address: Unicast = 2001:ABCD:B::1/64
Link-Local = FE80::1
Turn ON IPv6 routing
Generate a RSA crypto key 1024 bits modulus

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 12
CCNA: Introduction to Networks SA Exam

SW_SubnetA (Switch)
Task Specification
Switch name SW_SubnetA
Configure Management Interface (SVI) IPv4 address:
Encrypted privileged exec password
Console access password
Telnet access password

SW_SubnetB (Switch)
Task Specification
Switch name SW_SubnetB
Configure Management Interface (SVI) IPv4 address:
Encrypted privileged exec password
Console access password
Telnet access password

4. Testing and Documentation

 Use the following table for testing and documentation
From To IP Address Success (/×)
PC-01 London – G0/0 IPv4:
IPv6:
PC-01 London - G0/1 IPv4:
IPv6:
PC-01 PC-02 IPv4:
IPv6:
PC-01 SW_SubnetB
PC-02 London – G0/0 IPv4:
IPv6:
PC-02 PC-01 IPv4:
IPv6:
PC-02 SW_SubnetA

Description Student Input

Router Model
IOS Image File
Total RAM
Total Flash Memory
Configuration Register
CLI Command Used
 Write the appropriate CLI command for the following information:

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 12
CCNA: Introduction to Networks SA Exam

Command Description Student Input (command)

Display a summary of important information about the
interfaces on London router.
Display the IPv4 routing table.
Display the Layer 2 to Layer 3 mapping of addresses on
London router.
Display detailed IPv4 information about interface G0/0
on London router.
Display the IPv6 routing table.
Display a summary of IPv6 interface addresses and
status.
Display information about the devices connected to
London router such as Device ID, Local Interface, Hold
time, Capability, Platform, and Port ID.
Save the current configuration so it will be used the next
time the router is started.
Save the London Configuration to a TFTP Server
(88.10.10.10)

Stage 2: Routing and Switching Essentials

1. Basic Configuration
 Configure the following
London (Router) (Note: this configuration is an additional to pervious part )
Configuration Item or Task Specification
Description:
Interface S0/0/0
IPv4 address. 200.20.20.2/30

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 12
CCNA: Introduction to Networks SA Exam

New_York_Main (Router)
Configuration Item or Task Specification
Disable DNS lookup
Router name New_York_Main
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Description:
Interface S0/0/0
IPv4 address: 10.1.1.1/30
Description:
Interface S0/0/1
IPv4 address: 10.1.2.1/30
Description:
Interface S0/1/0
IPv4 address: 200.10.10.2/30
Configure sub interfaces for VLANs 10, 20, 30 & 40,
Sub interfaces configure the encapsulation to dont1 and assign the 1st
useable IP address in each VLAN to the router
Default route Configure a default route out S0/1/0.

New_YorkA (Router)
Configuration Item or Task Specification
Disable DNS lookup
Router name New_YorkA
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Description:
Interface S0/0/1
IPv4 address: 10.1.2.2/30
Description:
Interface G0/1
IPv4 address: 10.50.0.1/16

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 12
CCNA: Introduction to Networks SA Exam

New_YorkB (Router)
Configuration Item or Task Specification
Disable DNS lookup
Router name New_YorkB
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!
Description:
Interface S0/0/0
IPv4 address: 10.1.1.2/30
Description:
Interface G0/1
IPv4 address: 10.60.0.1/16

SW_01
Configuration Item or Task Specification
Disable DNS lookup
Switch name SW_01
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!

SW_02
Configuration Item or Task Specification
Disable DNS lookup
Switch name SW_02
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!

SW_03
Configuration Item or Task Specification
Disable DNS lookup
Switch name SW_03
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 8 of 12
CCNA: Introduction to Networks SA Exam

SW_04
Configuration Item or Task Specification
Disable DNS lookup
Switch name SW_04
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!

SW_05
Configuration Item or Task Specification
Disable DNS lookup
Switch name SW_05
Encrypted privileged exec password
Console access password
Telnet access password
Encrypt the clear text passwords
MOTD banner Unauthorized Access is Prohibited!

2. Configure Switch Security, VLANS, and Inter VLAN Routing

SW_01, SW_02 & SW_03

Configuration Item or Task Specification
Create the VLAN database Refer to the topology
Use 4th, 5th, and 6th useable IP in MGT vlan for
Assign the management IP address.
SW_1, SW_2 & SW_3 respectively.
Assign the default-gateway
Configure truck interfaces Use VLAN 88 as the native VLAN.
Configure all other ports as access ports Use the interface range command.
Assign access ports to proper VLAN Refer to the topology
Shutdown all unused ports.

SW_04
Configuration Item or Task Specification
Create the VLAN database Refer to the topology
Assign the management IP address. Use 2nd useable IP in Subnet
Assign the default-gateway
Configure all ports as an access ports Use the interface range command.
Assign access ports to proper VLAN Refer to the topology
Shutdown all unused ports.

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 9 of 12
CCNA: Introduction to Networks SA Exam

SW_05
Configuration Item or Task Specification
Create the VLAN database Refer to the topology
Assign the management IP address. Use 2nd useable IP in Subnet
Assign the default-gateway
Configure all ports as an access ports Use the interface range command.
Assign access ports to proper VLAN Refer to the topology
Shutdown all unused ports.

3. Configure static and Dynamic Routing Protocol

 Static routing
- Configure a default route in London router.

 Dynamic routing
- Configure all router with single area OSPF or EIGRP routing protocol.

 Propagate the default route in New_York_Main to other routers

4. Configure DHCP and NAT

 Configure DHCP server

New_York_Main
Configuration Item or Task Specification
Reserve the first 10 IP addresses in all
VLANS for static configurations
Name: refer to the topology (MGT, ADMIN,
configure a DHCP pool for all VLANs in SALSE, ACCOUNTING, SiteA, SaiteB)
the Main branch DNS-Server:88.10.10.10
Set the default gateway.

Configure the following routers as a relay agent for the related network
 New_YorkA

 New_YorkB

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 10 of 12
CCNA: Introduction to Networks SA Exam

Step 1: Configure Static and Dynamic NAT .

 Configuration tasks for router London include the following:
Configuration Item or Task Specification
Configure and apply the Allow all hosts inside London network to access internet
dynamic NAT using the public IP of the London router

 Configuration tasks for router New_York_Main include the following:

Configuration Item or Task Specification
Redirect all HTTP request from outside to the internal web
Create and apply a static NAT server (inside local IP address = 10.10.5.2, inside Global IP
address = 88.77.77.10)
Configure and apply the Allow all hosts inside New_York network to access internet
dynamic NAT using the public IP of the New_York_Main router

5. Configure an Access Control Lists (ACLs)

 Restrict access to VTY lines.
Configuration Item or Task Specification
Configure a named access list to only allow
administrator (MGT VLAN) to telnet to all routers ACL Name: MGT
and switches.
Apply the named ACL to the VTY lines
 Secure the network from Internet traffic.
Configuration Item or Task Specification
Create and apply an ACL to:
 Allow internal users to access internet except
InetWeb3

Stage 3: Scaling Networks

1. Configure LAN Redundancy and Link Aggregation

 Configure Spanning Tree .
Configuration tasks for SW_01, SW_02 and SW_03 include the following:
Configuration Item or Task Specification
Configure Rapid PVST+.
Configure SW_02 as primary root
bridge for all VLANS
Configure PortFast and BPDU
Guard on the interfaces connected
to PCs/Servers in SW_01, SW_02
& SW_03

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 11 of 12
CCNA: Introduction to Networks SA Exam

2. Configure EtherChannel.
 Configure the links between SW_01, SW_02 and SW_03 as a LACP EtherChannel

 Configure a proper native VLAN in all EtherChannels

3. Configure static and Dynamic Routing Protocol

 Remove the previous Dynamic Routing protocol which is configured in stage 2
 Dynamic routing (Multi-Area)
- Change to routing protocol form EIGRP to Multi-area OSPF as shown in the topology

- Propagate the default route in New_York_Main to other routers

Stage 4: Connecting Networks

1. Configure PPP Connections

 Configure the link between New_York_Main and New_YorkA to use PPP with chap

2. Configure a GRE VPN Tunnel

 Configure a GRE VPN Tunnel between London and New York network.

 Modify the routing to route between all branches by adding interface tunnel 0 to area 0

© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 12 of 12