Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.
com for updates
LAMMLE PRESS, LLC CCNA Simulation Exam Practice Guide Practice for the CCNA Exam Simulations
Todd Lammle
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
CCNA Simulations Practice Exams This appendix, found only on the CD of my CCNA Study Guide, 7th edition, will provide you with the foundation you need to tackle the CCNA exams tough simulations. Please understand that these are intended as practice simulations that were written in order to help you practice the foundation and skill you learned by reading my Sybex CCNA Study Guide, 7th Edition. Physical Lab layouts may differ for each and every simulation in this appendix. You can use real equipment if you have it, or you can use Ciscos Packet Tracer simulator and/or the GNS3 emulator as well.
NOTE: Packet Tracer and GNS programs are not included in my book, the CD, or on any of my web sites. However, the Packet Tracer files that I used to create these practice labs can be found on my web site at www.lammle.com
The following simulations practice exams covered in this appendix are listed below. It is imperative to understand that explanations or configurations will not be included for each of the exam simulation labs because after reading my study guide and configuring, as well as going through all the hands-on labs in each chapter (as well as the written and practice questions), this exam-prep document will test your knowledge on what you have learned in your class, or self study. You should not be using this document until you have completely read my book, finished your class (or self-study), and are ready to take the CCNA exam. If you are struggling with answers for the configuration, please refer to the CCNA chapters that pertain to each of the subjects, meaning that everything in these labs are 100% covered in my latest book. Lastly, you can use my forum to post questions and find answers to all the sims in this e-book.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
Here are the labs that you should be able to conquer before taking the CCNA exam:
1. Administration functions and setting IP address on routers 2. Advanced Administration Configuration 3. Configuring RIPv2 in a network 4. Troubleshooting and verifying RIPv2 in a network 5. Configuring EIGRP in a network 6. Troubleshooting and verifying EIGRP in a network 7. Configuring OSPF with wildcards in a network 8. Troubleshooting and verifying OSPF in a network 9. Configuring basic layer-2 switch management 10. Configuring VLANs and VTP 11. Troubleshooting and verifying VLANs, VTP & STP 12. Configuring Switch Port Security 13. Configuring Extended ACL in a network 14. Troubleshooting and verifying an Extended ACL in a network 15. Configuring NAT Overload in a Network
NOTE: Please check www.lammle.com to find dynamic updates to this e-book. Please check for updates often.
Formatted: Para
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
1: Administration functions and setting IP address on routers The following lab layout will be used for Practice Exam #1:
Configure your Cisco routers with the following information: You are the Network Administrator at GlobalNet Training & Consulting, inc. We have just installed two new routers called Corp & Branch. You will have to do the basic configuration on both routers: 1 Set the hostnames to be Corp and Branch 2. Set enable secret to be P@ssw0rd 3. Set console password to be n0w@yin 4. Set telnet password to be 0nLeeM!E 5. Set the IP address on router Corp of interface Serial 0/0/0 to be the first address of network 10.0.0.0/30 6. Set the IP address on interface Fastethernet 0/0 on router Corp to be the last available host address of 192.168.0.192/26 7. Both interfaces on the Corp router must be enabled. 8. Configure the Branch router with the same passwords. 9. Configure the PC with the correct IP address, mask, and default gateway based on the configuration of the Corp router Fa0/0 After these configurations, you should be able to:
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
1. Ping to the Branch router from the PC by using the correct destination IP address 2. Telnet from the PC to the Branch router by using the correct IP destination address and telnet password.
TIP: If you can get a study buddy and you can share configs, I highly recommend it. If you are in a classroom setting, thats even better. However, if you need assistance and are studying alone, you can post to my forum, or search my forum for the answers. It is extremely likely that by the time you are reading this there are hundreds of posts with tips, directions, and even the exact answer you were looking for.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
2: Advanced Administration Configuration
Configure the network with the following parameters: 1. Set your administrative functions on each device -hostnames -banners -interface descriptions -passwords/encryption 2. Create a VLSM Scheme using 192.168.10.0 and implement it 3. Configure EIGRP Routing on each router 4. Configure PC1 with the correct IP and Default Gateway 5. Ping from the PC1 host to the TFTP server (10.10.10.254) 6. Copy your configuration from your P1R2 router to the TFTP server
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
7. Copy your IOS from your P1R2 router to the TFTP server 8. Verify that you can HTTP from PC1 to the TFTP server 9. Create an ACL on the Core router that stops PC1 from using HTTP on the TFTP server 10. Verify you can ping to the TFTP server, but not use HTTP 11. Verify that you can telnet from the PC1 to the Core router 12. Create an ACL on P1R1 that stops PC1 from telnetting into the Core router - using the VTY lines. 13. Create a DHCP pool on router P1R1. Configure f0/0 as the default router address 14. Verify you received a DHCP address on your DHCP clients 15. Enable CDP and verify your CDP tables on each device 16. Configure a hosts table on the Core router to resolve host names
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
3. Configuring RIPv2 in a network
In this simulation, you will simply configure each router with RIPv2, and I highly recommend that you configure each router with administrative functions for foundational practice. Although this is a simple lab, I want to give you one piece of advice: There appears to be discontiguous network addressing scheme, so configure RIPv2 in order to work throughout the network. You are successful when you can do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router - look close to verify you dont see any summary routes 3. Telnet from any host to each router to test your administrative functions.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
4. Troubleshooting and verifying RIPv2 in a network
In this simulation, you will troubleshoot the network shown above. In order to do this lab you must have the packet tracer lab I used to create this lab (found at www.lammle.com) in order to troubleshoot the problem(s) that I created. Or you can have a study partner create a problem that you have to solve. Once you think you have solved the problem(s), you should be able to do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router - look closely to verify you dont see any summary routes. 3. Telnet from any host to each router.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
5. Configuring EIGRP in a network
In this simulation, you will simply configure each router with EIGRP, and I highly recommend that you configure each router with administrative functions (yes, again!), for foundational practice. Although this is a simple lab, I want to give you one piece of advice: there does appear to be a discontiguous network addressing configuration, so configure EIGRP in order to work with this type of network. You are successful when you can do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router - look close to verify you dont see any summary routes 3. Telnet from any host to each router to test your administrative functions.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
6. Troubleshooting and verifying EIGRP in a network
In this simulation, you will troubleshoot the network shown above. In order to do this lab you must have the packet tracer lab I used to create this lab (found at www.lammle.com) in order to troubleshoot the problem(s) that I created. Or you can have a study partner create a problem that you have to solve. Once you think you have solved the problem(s), you should be able to do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router - look closely to verify you dont see any summary routes. 3. Telnet from any host to each router.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
7. Configuring OSPF with wildcards in a network
In this simulation, you will simply configure each router with OSPF using inverse masking (wildcards), and I highly recommend that you configure each router with administrative functions (yes, yet once again!), for foundational practice. This may not be a simple lab for you, so please see Chapter 9 of my CCNA Study Guide, 7th edition to figure out the possible answer. Although this network has discontiguous networking, why dont you have to worry about it when you configure OSFP? Please research this question. You are successful when you can do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router 3. Telnet from any host to each router to test your administrative functions
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
8. Troubleshooting and verifying OSPF in a network
In this simulation, you will troubleshoot the network shown above. In order to do this lab you must have the packet tracer lab I used to create this lab (found at www.lammle.com) in order to troubleshoot the problem(s) that I created. Or you can have a study partner create a problem that you have to solve. Once you think you have solved the problem(s), you should be able to do the following: 1. Ping from PC0 (starting on the left moving right) to PC1 through PC5 2. Verify each routing table on every router - look closely to verify you dont see any summary routes. 3. Telnet from any host to each router.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
9. Configuring basic layer-2 switch management
Configure your Cisco devices with the following information: You are the Network Administrator at GlobalNet Training & Consulting, inc. We have just installed two new switches. You will have to do the basic configuration on the Cisco devices: 1. Set the hostnames to be the Swi t chA and Swi t chB 2. Set enable secret to be cisco 3. Set console password to be console 4. Set telnet password to be telnet 5. Set the IP address on the management interfaces and router to be: - 192.168.1.1/24 (R1 f0/0) - 192.168.1.2/24 (Switch A) - 192.168.1.3/24 (Switch B) 6. Configure a banner describing this as your switches and router 7. Set the interface descriptions 8. Encrypt your passwords After these configurations, you should be able to 1. Ping from the router CLI to both switch management interfaces.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
10. Configuring VLANs and VTP
Configure your Cisco devices with the following information: 1. Configure trunking on needed ports - verify 2. Configure a VTP server and a VTP clients 3. Create VLANs ten and twenty (10 & 20) on your VTP server - make sure they propagate 4. Assign your host into either VLAN 10 or 20. Use their port numbers to determine their VLAN (i.e. F0/10 would be VLAN 10, F0/20 would be VLAN 20). 5. Configure your hosts with the correct IP addresses and default gateways 6. Test that you can ping between hosts in the same VLAN, if not troubleshoot 7. Here is your IP scheme: - VLAN 1: 192.168.1.0/24 (if you did the lab prior, this maybe set already) - VLAN 10: 192.168.10.0/24 - VLAN 20: 192.168.20.0/24 8. Configure subinterfaces on the router and perform router on a stick - one subinterface for each VLAN 10 and 20. Use the first address in each VLAN as the routers interface (and hosts default gateway address). 9. If you performed this lab correctly, you should now be able to ping between VLANs with your hosts.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
11. Troubleshooting and verifying VLANs, VTP, and STP
In this simulation, you will troubleshoot the network shown above. In order to do this lab you must have the packet tracer lab I used to create this lab (found at www.lammle.com) in order to troubleshoot the problem(s) that I created. Or you can have a study partner create a problem that you have to solve. Once you think you have solved the problem(s), you should be able to do the following: 1. Verify all the VLANs on each switch 2. Verify that routing is working between VLANs by pinging from PC0 (starting on the left moving right) to PC1 through PC5 3. Understand which switch is the root bridge is for each VLAN .
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
12. Configuring Switch Port Security
Configure your Cisco devices with the following information: 1. From the switch, ping 192.168.10.2 and 192.168.10.3 (the PCs) to get packets working through the network. You may have to try and ping a few times before it works. 2. From the switch, type show mac- addr ess- t abl e to see the MAC address table on the switch. 3. Type show por t - secur i t y i nt f 0/ 1 and type show r un and notice the default configuration for int f0/1. 4. Now configure port security on Fa0/1 by configuring the following: A. Configure the switch port fa0/1 to be an access ports. B. Allow only one MAC address to be associated to fa0/1. C. Set the violation mode to restrict. What does this do? Look it up in the book if you dont know. D. Configure the port to save the associated single MAC address to running-config. 5. Type show r un to verify your configuration under fa0/1. 6. pi ng 192. 168. 10. 2 and 192. 168. 10. 3. This won't start to work until you ping the second address.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
7. Notice how you can't ping the second address. 8. Type show r un and notice the static mac address entry. 9. Type show por t - secur i t y i nt f a0/ 1 and notice secure-up. 13. Configuring an Extended ACL in a network
Configure your Cisco devices with the following information: 1. Allow ONLY HostC to perform HTTP on the WEB server. All other traffic is permitted. 2. You only have three statements to complete this lab, plus the interface configuration. 3. Test your ACL
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
14. Troubleshooting and verifying an Extended ACL in a network
In this simulation you will troubleshoot the network shown above. In order to do this lab you must have the packet tracer lab I used to create this lab (found at www.lammle.com) in order to troubleshoot the problem(s) that I created. Or you can have a study partner create a problem that you have to solve. Once you think you have solved the problem(s), you should be able to do the following: 1. Ping from PC1 to the TFTP server, but HTTP access from PC1 to the HTTP server should fail 2. You can ping from PC1 to the Core router, but telnet from PC1 to the Core should fail.
Copyright Todd Lammle. All rights reserved. Do not distribute. Check www.lammle.com for updates
15. Configuring NAT Overload in a Network
Configure your Cisco devices with the following information: 1. Configure the P1R1 with the following IP addresses: - F0/0: 192.168.76.65/27 - S0/0: 63.1.1.1/30 - ISP S0/0: 63.1.1.2/30 2. Either enable a routing protocol on the P1R1 and ISP router, or just put a default route on the ISP router back towards the P1R1 router. 3. Configure PAT on the P1R1 router to allow 30 hosts access to the internet using the following information: - INSIDE Globals: 198.18.41.129-198.18.41.134 - INSIDE Locals: 192.168.76.65-192.168.76.94 4. Verify with the show i p nat t r ansl at i on command on the P1R1 router