CCNA 6.9

page 201

show ip route 

 

Correction(05-4)

 

Basic configuration of R1:

 

enable

configure terminal

hostname R1

no ip domain-lookup (Disable DNS lookup)

enable secret class (Configure a priviledged EXEC mode password)

banner motd #shenme shenme shenme# (Configure a message-of-the-day banner)

line con 0

password cisco (Configure a password for the console connections)

login

exit

line vty 0 15

password cisco (Configure a password for all sty connections)

login

exit

int fa0/0 (Configure IP addresses on all routers)

ip address 10.1.1.254 255.255.255.0

no sh

exit

int se0/0/0 (Configure IP addresses on all routers)

ip address 10.1.0.1 255.255.255.252

clock rate 64000 ( Clock rate is 64000 )

no sh

exit

router ospf 1 (Enable OSPF with process ID 1 )

network 10.1.1.0 0.0.0.255 area 0

network 10.1.0.0 0.0.0.3 area 0

exit

 

Basic configuration of R2:

 

enable

configure terminal

hostname R2

no ip domain-name

no ip domain-lookup

enable secret class

banner motd #shenme shenme shenme#

line con 0

password cisco

login

exit

line vty 0 15

password cisco

login

exit

int se0/0/0

ip address 10.1.0.2 255.255.255.252

no sh

exit

int se0/0/1

ip address 10.3.0.1 255.255.255.252

clock rate 64000

no sh

exit

router ospf 1

network 10.1.0.0 0.0.0.3 area 0

network 10.3.0.0 0.0.0.3 area 0

exit

 

Basic configuration of R3:

 

enable

configure terminal

hostname R3

no ip domain-lookup

enable secret class

banner motd #shenme shenme shenme#

line con 0

password cisco

login

exit

line vty 0 15

password cisco

login

exit

int fa0/0

ip address 10.3.1.254 255.255.255.0

no sh

exit

int se0/0/1

ip address 10.3.0.2 255.255.255.252

no sh

exit

router ospf 1

network 10.3.1.0 0.0.0.255 area 0

network 10.3.0.0 0.0.0.3 area 0

exit

 

 

Configure standard named ACLs on the R1 and R3 vty lines, permitting hosts connected directly to their Fast Ethernet subnets to gain Telnet access. Explicitly deny all other connection attempts.

 

on R1 (in configuration mode):

ip access-list standard VTY-Local

permit 10.1.1.0 0.0.0.255

deny any

exit

line vty 0 15

ip access-class VTY-Local in

exit

 

on R3 (in configuration mode):

ip access-list standard VTY-Local

permit 10.3.1.0 0.0.0.255

deny any

exit

line vty 0 15

ip access-class VTY-Local in

exit

 

 

Configure extended ACL on R2.

 

in configuration mode:

ip access-list extended block

deny ip 10.1.1.0 0.0.0.255 10.3.1.0 0.0.0.255

deny ip 10.3.1.0 0.0.0.255 10.1.1.0 0.0.0.255

permit ip any any

exit

int se0/0/0

ip access-group block in

exit

int se0/0/1

ip access-group block in

exit

 

 

 

 

 

Correction (07-3)

 

passive-interface serial 0/0/1 ( Do not advertise the 209.165.200.224/27 network )