Addressing Table

2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 6 www.netacad.com
CCNAv7 ENSA
Addressing Table

Device Interface IP Address Subnet Mask Default Gateway
R1 S/0/0/0 10.67.254.2 255.255.255.0 N/A
R1 G0/0 192.168.1.1 255.255.255.0 N/A
Tunnel 0 172.16.1.1 255.255.255.252 NA
R2 S0/0/1 10.67.253.2 255.255.255.252 N/A
R2 G0/0 10.10.1.1 255.255.255.0 N/A
Tunnel 0 172.16.1.2 255.255.255.252 NA
S1 VLAN 1 192.168.1.2 255.255.255.0 192.168.1.1
S2 VLAN 1 10.10.1.2 255.255.255.0 10.10.1.1

Assessment Objectives
Part 1: Initialize, Reload and Configure Basic Device Settings
Part 2: Configure GRE tunnel
Part 3: Configure and Single Area OSPFv2
Part 4: Optimize Single Area OSPFv2
Part 5: Configure Access Control, NAT, and perform configuration backup
Scenario
In this Case Study (CS) you will configure the devices in a small network. You must configure a router, switch
and PCs to support IPv4 connectivity for supported hosts. Your router and switch must also be managed
securely. You will configure Single-Area OSPFv2, NAT, GRE, and access control lists. Further, you will
backup up your working configurations to a TFTP server.
Required Resources
Packet Tracer 8.0 or later
CCNAv7 ENSA
2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 6 www.netacad.com
Instructions
Part 1: Initialize, Reload and Configure Basic Device Settings
Step 1: Initialize and reload routers and switches.
Erase the startup configurations and VLANs from the router, switch, and reload the devices.
Step 2: Configure the routers.
Configuration tasks for R1 and R2 include the following:

Task Specification
Disable DNS lookup
Router name (case sensitive) R1 or R2, as appropriate
Domain name (case sensitive) ccna-lab.com
Encrypted privileged EXEC password (case
sensitive)
ciscoenpass
Console access password (case sensitive) ciscoconpass
Create a user with an encrypted password in the
local database (case sensitive)
Username: admin
Encrypted Password: admin1pass
Set login on VTY lines 0 to 4 to use local
database
Set VTY lines 0 to 4 to accept SSH connections
only
Encrypt the clear text passwords
Configure an MOTD Banner (case sensitive) Warning! Copying during test is
Plagiarism.
Configure interface S0/0/0 – R1
Configure interface S0/0/1 – R2
Set the description
Set the Layer 3 IPv4 address
Activate Interface
Configure interface G0/0 Set the description
Set the Layer 3 IPv4 address
Activate Interface
Generate an RSA crypto key 1024 bits modulus
Configure default route to ISP Use the exit interface

Step 3: Configure S1 and S2.
Configuration tasks for the switches include the following:
CCNAv7 ENSA
2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 3 of 6 www.netacad.com

Task Specification
Disable DNS lookup
Switch name (case sensitive) S1 or S2, as appropriate
Domain name (case sensitive) ccna-lab.com
Encrypted privileged EXEC password (case
sensitive)
ciscoenpass
Console access password (case sensitive) ciscoconpass
Shutdown all unused interfaces
Create a user with an encrypted password in the
local database (case sensitive)
Username: admin
Encrypted Password: admin1pass
Set login on VTY lines 0 to 15 to use local database
Set all VTY lines to accept SSH connections only
Encrypt the clear text passwords
Configure an MOTD Banner (case sensitive) Warning! Copying during test is
Plagiarism.
Generate an RSA crypto key 1024 bits modulus
Configure Management Interface (SVI) for VLAN 1
(the Management VLAN)
Set the Layer 3 IPv4 address
Configure Default Gateway

Part 2: Configure GRE tunnel
Step 1: Configure R1 and R2.
Configuration Tasks for R1 and R2 include the following:

Task Specification
Configure the GRE tunnel
interface Tunnel 0
Set the Layer 3 IPv4 address
Set tunnel source and tunnel destination

Part 3: Configure Single Area OSPFv2
Configuration tasks for R1 and R2 include the following:

Task Specification
Configure the OSPF routing process Use process id 1
Manually configure the router id Use 0.0.0.1 for R1 and 0.0.0.2 for R2

CCNAv7 ENSA
2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 4 of 6 www.netacad.com

Task Specification
Configure network statements Use the network command to advertise local
area (LAN) networks and use the wild card
mask that matches each network’s subnet
mask.
Note: Ensure R1 and R2 is neighbored via the
tunnel.

Part 4: Optimize Single-Area OSPFv2
Step 1: Configure R1 and R2.
Configuration Tasks for R1 and R2 include the following:

Task Specification
Configure passive interfaces Configure all interfaces that are not connected to an
OSPF router.

Part 5: Configure Access Control, NAT, and perform configuration backup
Step 1: Configure NAT on R1.

Task Specification
Create an ACL to identify hosts
allowed to be translated
Create a numbered ACL 1 that matches the
192.168.1.0/24 network
Configure Port Address Translation
on the outside interface of R1
Configure the NAT association between the ACL and the
interface S0/0/0 so that it uses port address translation –
PAT
Identify the interfaces involved in
NAT
Specify the NAT inside or the NAT outside on the
appropriate interfaces.

Step 2: Configure NAT on R2.

Task Specification
Create an ACL to identify hosts
allowed to be translated
Create a numbered ACL 1 that matches the 10.10.1.0
network
Configure Port Address Translation
on the outside interface of R2
Configure the NAT association between the ACL and the
interface S0/0/1 so that it uses port address translation –
PAT

CCNAv7 ENSA
2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 5 of 6 www.netacad.com

Task Specification
Identify the interfaces involved in
NAT
Specify the NAT inside or the NAT outside on the
appropriate interfaces.

Step 3: Configure host computers.
Configure the host computers PC-A and PC-B with IPv4 addresses.

Description PC-A Backup PC-B
IP Address 192.168.1.50 192.168.1.51 10.10.1.50
Subnet Mask 255.255.255.0 255.255.255.0 255.255.255.0
Default Gateway 192.168.1.1 192.168.1.1 10.10.1.1
DNS Server 209.165.201.2 209.165.201.2

Step 4: Test connectivity

Source Target Protocol Expected Result
PC-A PC-B Ping Success
PC-A 8.8.8.8 Ping Success
PC-A www.cisco.com HTTP Success
PC-B 8.8.8.8 Ping Success

Step 5: Configure Access Control on R2.
Create and apply an access control list on R2 named R2-SECURITY to do the following:

Task Specification
Create an access control list R2-SECURITY(case sensitive)
Control HTTP and HTTPS specific
traffic
The hosts from the 10.10.1.0/24 network are not allowed to
reach the webserver at 209.165.201.2
Permit traffic Allow all other traffic, regardless of protocol.
Apply the ACL Filter traffic originating from R2(apply the best practice)

After configuring and applying the ACL, perform the following tests:

Source Target Protocol Expected Result
PC-A PC-B Ping Success
PC-B R1 SSH Success
PC-B www.cisco.com HTTP Failure

If you get different results, double-check your ACL configuration and application.
CCNAv7 ENSA
2019 – 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 6 of 6 www.netacad.com
Step 6: Backup all device configurations.

Task Specification
Using the Backup server on LAN A, backup the startup
configuration of all of your devices to Backup server using the
TFTP protocol
Use the following filename
(case sensitive) when saving
the configuration at the
server.
R1-confg
R2-confg
S1-confg
S2-confg

Part 6: Save your Packet Tracer and upload to NetAcad
a. Save the configuration of each device in your Packet Tracer
b. Save the Packet Tracer file itself.
c. Upload to NetAcad. (
Upload only the Packet Tracer file). DO NOT COMPRESS.