Activity 1&2: Routers and Configuring Inter-VLAN Routing

Topology

Addressing Table
Device Interface IP Address / Prefix Default Gateway

R1 G0/0/0 192.168.0.1 /24 N/A

R1 G0/0/0
2001:db8:acad::1 /64 N/A

R1 G0/0/0
fe80::1 N/A

R1
G0/0/1 192.168.1.1 /24 N/A

R1 G0/0/1
2001:db8:acad:1::1 /64 N/A

R1 G0/0/1
fe80::1 N/A

R1
Loopback0 10.0.0.1 /24 N/A

R1 Loopback0
2001:db8:acad:2::1 /64 N/A

R1 Loopback0
fe80::1 N/A

PC-A NIC 192.168.1.10 /24 192.168.1.1

PC-A NIC
2001:db8:acad:1::10 /64 fe80::1
Server NIC 192.168.0.10 /24 192.168.0.1

Server NIC
2001:db8:acad::10 /64 fe80::1
Blank Line - no additional information

Objectives
Part 1: Set Up the Topology and Initialize Devices
Part 2: Configure Devices and Verify Connectivity
Part 3: Display Router Information

Background / Scenario
This is a comprehensive Packet Tracer Physical Mode (PTPM) activity to review previously covered IOS
router commands. In Parts 1 and 2, you will cable the equipment and complete basic configurations and
interface settings on the router.
In Part 3, you will use SSH to connect to the router remotely and use the IOS commands to retrieve
information from the device to answer questions about the router.

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

For review purposes, this activity provides the commands necessary for specific router configurations.

Instructions

Part 1: Set Up the Topology and Initialize Devices

Step 1: Cable the network as shown in the topology.

a. Click and drag the Cisco 4321 ISR, the Cisco 2960 Switch, and the Server from the Shelf to the Rack.
b. Click and drag the PC from the Shelf to the Table.
c. Cable the devices as specified in the topology diagram. Use Copper Straight-through cables for
network connections.
d. From the PC, connect a Console Cable to the Cisco 4321 ISR.
e. Power on the Cisco 4321 ISR, PC-A, and Server. The power button for Server is on the bottom right.
The 2960 switch should power on automatically.

Part 2: Configure Devices and Verify Connectivity

Step 1: Configure the PC interfaces.

a. Configure the IP address, subnet mask, and default gateway settings on PC-A.
b. Configure the IP address, subnet mask, and default gateway settings on Server.

Step 2: Configure the router.

Open configuration window

a. Console into the router and enable privileged EXEC mode.

Router> enable
b. Enter configuration mode.
Router# config terminal
c. Assign a device name to the router.
Router(config)# hostname R1
d. Set the router’s domain name as ccna-lab.com.
R1(config)# ip domain name ccna-lab.com
e. Encrypt the plaintext passwords.
R1(config)# service password-encryption
f. Configure the system to require a minimum 12-character password.
R1(config)# security passwords min-length 12
g. Configure the username SSHadmin with an encrypted password of 55Hadm!n2020.
R1(config)# username SSHadmin secret 55Hadm!n2020
h. Generate a set of crypto keys with a 1024 bit modulus.
R1(config)# crypto key generate rsa general-keys modulus 1024
i. Assign $cisco!PRIV* as the privileged EXEC password.
R1(config)# enable secret $cisco!PRIV*

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

j. Assign $cisco!!CON* as the console password. Configure sessions to disconnect after four minutes of
inactivity, and enable login.
R1(config)# line console 0
R1(config-line)# password $cisco!!CON*
R1(config-line)# exec-timeout 4 0
R1(config-line)# login
k. Assign $cisco!!VTY* as the vty password. Configure the vty lines to accept SSH connections only.
Configure sessions to disconnect after four minutes of inactivity, and enable login using the local
database.
R1(config)# line vty 0 4
R1(config-line)# password $cisco!!VTY*
R1(config-line)# exec-timeout 4 0
R1(config-line)# transport input ssh
R1(config-line)# login local
l. Create a banner that warns anyone accessing the device that unauthorized access is prohibited.
R1(config)# banner motd $ Authorized Users Only! $
m. Enable IPv6 routing.
R1(config)# ipv6 unicast-routing
n. Configure all three interfaces on the router with the IPv4 and IPv6 addressing information from the
addressing table above. Configure all three interfaces with descriptions. Activate all three interfaces.
R1(config)# interface g0/0/0
R1(config-if)# ip address 192.168.0.1 255.255.255.0
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad::1/64
R1(config-if)# description Connection to Server
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)# interface g0/0/1
R1(config-if)# ip address 192.168.1.1 255.255.255.0
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:1::1/64
R1(config-if)# description Connection to S1
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)# interface loopback0
R1(config-if)# ip address 10.0.0.1 255.255.255.0
R1(config-if)# ipv6 address fe80::1 link-local
R1(config-if)# ipv6 address 2001:db8:acad:2::1/64
R1(config-if)# description loopback adapter
R1(config-if)# no shutdown
R1(config-if)# exit
The router should not allow vty logins for two minutes if three failed login attempts occur within 60
seconds.
R1(config)# login block-for 120 attempts 3 within 60

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

R1(config)# exit
o. Set the clock on the router.
R1# clock set 15:20:00 12 Nov 2020
p. Save the running configuration to the startup configuration file.
R1# copy running-config startup-config
Question:

What would be the result of reloading the router prior to completing the copy running-config startup-
config command?
All the recent configurations which have been done on the router will be lost.
Close configuration window

Step 3: Verify network connectivity.

a. Using the command line at PC-A, ping the IPv4 and IPv6 addresses for Server.
Question:

Were the pings successful?

Yes
b. From PC-A, remotely access R1 using the Telnet / SSH client.
Using the Telnet / SSH client on PC-A, open an SSH session to the R1 Loopback interface IPv4 address.
Ensure that the Connection Type is set to SSH and use SSHadmin as the username. When prompted,
enter the password 55Hadm!n2020.
Question:

Was remote access successful?

Yes
c. Using the Telnet / SSH client on PC-A, open an SSH session to the R1 Loopback interface IPv6 address.
Ensure that the Connection Type is set to SSH and use SSHadmin as the username. When prompted,
enter the password 55Hadm!n2020.
Questions:

Was remote access successful?

Type your answers here.
Why is the Telnet protocol considered to be a security risk?
Telnet uses plaintext password which is a security risk however SSH uses encrypted passwords.

Part 3: Display Router Information

In Part 3, you will use show commands from an SSH session to retrieve information from the router.

Step 1: Establish an SSH session to R1.

Using Telnet / SSH client on PC-A, open an SSH session to the R1 Loopback interface IPv6 address and log
in as SSHadmin with the password 55Hadm!n2020.

Step 2: Retrieve important hardware and software information.

a. Use the show version command to answer questions about the router.
Questions:

What is the name of the IOS image that the router is running?
(X86_64_LINUX_IOSD-UNIVERSALK9-M)
How much non-volatile random-access memory (NVRAM) does the router have?
32768K bytes of non-volatile configuration memory.

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

How much Flash memory does the router have?

3207167K bytes of flash memory at bootflash:.
Type your answers here.
b. The show commands often provide multiple screens of outputs. Filtering the output lets you display
certain sections of the output. To enable the filtering command, enter a pipe (|) character after a show
command, followed by a filtering parameter and a filtering expression. You can match the output to the
filtering statement by using the include keyword to display all lines from the output that contain the
filtering expression. Filter the show version command, using show version | include register to answer
the following question.
Question:

What would be the boot process for the router on the next reload if the configuration register was 0x2142?
Configuration register is 0x2102

Step 3: Display the startup configuration.

a. Use the show startup-config command on the router to answer the following question.
Question:

How are passwords presented in the output?

All the passwords are encrypted.
b. Use the show running-config | section vty command.
Question:

What is the result of using this command?

line vty 0 4
exec-timeout 4 0
password 7 08654F471A1A0A56533D383D60
login local
transport input ssh

Step 4: Display the routing table on the router.

Use the show ip route command on the router to answer the following questions.
Questions:

What code is used in the routing table to indicate a directly connected network?
C- Connected
How many route entries are coded with a C code in the routing table?
3

Step 5: Display a summary list of the interfaces on the router.

a. Use the show ip interface brief command on the router to answer the following question.
Question:

What command changed the status of the Gigabit Ethernet ports from administratively down to up?
The command was no shutdown.
b. Use the show ipv6 int brief command to verify IPv6 settings on R1.
Question:

What is the meaning of the [up/up] part of the output?

The first up indicates router status is up and second indicates that protocol is up.
c. On Server, change its configuration so that it no longer has a static IPv6 address. Then, issue the
ipconfig command on Server to examine the IPv6 configuration.

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

Questions:

What is the IPv6 address assigned to Server?

None as it was not assigned at the start
What is the default gateway assigned to Server?
FE80::1
From PC-B, issue a ping to the R1 default gateway link local address. Was it successful?
Yes
From Server, issue a ping to the R1 IPv6 unicast address 2001:db8:acad::1. Was it successful?
No as Ipv6 was not assigned as told by sir.

Reflection Questions
1. In researching a network connectivity issue, a technician suspects that an interface was not enabled. What
show command could the technician use to troubleshoot this issue?
Show ip interface brief

2. Type your a In researching a network connectivity issue, a technician suspects that an interface was assigned
an incorrect subnet mask. What show command could the technician use to troubleshoot this issue?
Show startup-config

Activity 1&2: Routers and Configuring Inter-VLAN Routing

Addressing Table  Using Last VLAN Lab

Device Interface IPv4 Address Subnet Mask Default Gateway

R1 G0/0.10 172.17.10.1 255.255.255.0 N/A

R1
G0/0.30 172.17.30.1 255.255.255.0 N/A
PC1 NIC 172.17.10.10 255.255.255.0 172.17.10.1
PC3 NIC 172.17.30.10 255.255.255.0 172.17.30.1

Objectives
Part 1: Add VLANs to a Switch
Part 2: Configure Subinterfaces
Part 3: Test Connectivity with Inter-VLAN Routing

Scenario
In this activity, you will configure VLANs and inter-VLAN routing. You will then enable trunk interfaces and
verify connectivity between VLANs.

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

Instructions

Part 1: Add VLANs to a Switch

Step 1: Create VLANs on S1.

Create VLAN 10 and VLAN 30 on S1.
Open configuration window

Step 2: Assign VLANs to ports.

a. Configure interfaces F0/6 and F0/11 as access ports and assign VLANs.
 Assign the port connected to PC1 to VLAN 10.
 Assign the port connected to PC3 to VLAN 30.
b. Issue the show vlan brief command to verify VLAN configuration.
Close configuration window

Step 3: Test connectivity between PC1 and PC3.

From PC1, ping PC3.
Question:

Were the pings successful? Why did you get this result?
No they were not as they are connected to different vlans.

Part 2: Configure Subinterfaces

Step 1: Configure subinterfaces on R1 using the 802.1Q encapsulation.

Open configuration window

a. Create the subinterface G0/0.10.

 Set the encapsulation type to 802.1Q and assign VLAN 10 to the subinterface.
 Refer to the Address Table and assign the correct IP address to the subinterface.
R1(config)# int g0/0.10
R1(config-subif)# encapsulation dot1Q 10
R1(config-subif)# ip address 172.17.10.1 255.255.255.0
b. Repeat for the G0/0.30 subinterface.

Step 2: Verify Configuration.

a. Use the show ip interface brief command to verify subinterface configuration. Both subinterfaces are
down. Subinterfaces are virtual interfaces that are associated with a physical interface. Therefore, in order
to enable subinterfaces, you must enable the physical interface that they are associated with.
b. Enable the G0/0 interface. Verify that the subinterfaces are now active.
Close configuration window

Part 3: Test Connectivity with Inter-VLAN Routing

Step 1: Ping between PC1 and PC3.

Question:

From PC1, ping PC3. The pings should still fail. Explain.
The switch is not yet configured with a trunk port that is connected to the router.
Type your answers here.

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 7 of 8 www.netacad.com
Activity 1&2: Routers and Configuring Inter-VLAN Routing

Step 2: Enable trunking.

Open configuration window

a. On S1, issue the show vlan command.

Question:

What VLAN is G0/1 assigned to?

VLan1
Type your answers here.
b. Because the router was configured with multiple subinterfaces assigned to different VLANs, the switch
port connecting to the router must be configured as a trunk. Enable trunking on interface G0/1.
Question:

How can you determine that the interface is a trunk port using the show vlan command?
The port gig0/1 is no longer in show vlan
c. Issue the show interface trunk command to verify that the interface is configured as a trunk.
Close configuration window

Step 3: Test Connectivity

If the configurations are correct, PC1 and PC3 should be able to ping their default gateways and each other.
Question:

What addresses do PC1 and PC3 use as their default gateway addresses?
PC1:172.17.10.1
PC3:172.17.30.1

 2013 - 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 8 of 8 www.netacad.com