Lab 1:

Static Routes and ACLs

Lab Objective:
The objective of this lab exercise is for you to learn and understand how to configure static routes and
ACLs on Cisco routers.

Lab Purpose:
These are classic exam subjects you should be very familiar with. Rather than watch a video solution I
have provided show runs on a separate sheet and test commands where appropriate.

Certification Level:
This lab is suitable for both CCENT and CCNA certification exam preparation

Lab Difficulty:
This lab has a difficulty rating of 5/10

Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 15
minutes

Lab Topology:
Please use the following topology to complete this lab exercise:

10.0.0.x/24 L0
L0
S0/0 S0/0 172.16.1.1/20
192.168.1.1/28
.1 .2
L1
L1 B
A 172.20.1.1/22
192.168.2.1/27

Task 1:

Configure the topology above. You should be able to ping across the serial interface only because
there are no routes from the loopback networks.

Task 2:

Configure static routes with exit interface on RouterA so it can reach the networks on the loopbacks
for RouterB. On RouterB configure a default route so all traffic for any networks are sent out of the
serial interface.

Ping all networks to check connectivity.

Task 3:

Add an extended ACL on RouterB to permit telnet traffic to host 172.16.1.1 from any host only. All
other telnet traffic should be denied but all other IP traffic permitted. Ensure you enable telnet on the
router for the vty lines.
Test your ACL on RouterB by telnetting to RouterB from RouterA. Telnet to 172.16.1.1 should work
but telnet to the other loopback or serial IP address should fail.

Task 4:

Add a named ACL on Router A so that only hosts on network 192.168.2.0/27 can be pinged from hosts
on network 172.16.1.0/20. All other ICMP traffic should be denied but all other IP traffic should be
permitted.

Test your ACL on RouterA by pinging 192.168.2.1 from both loopbacks on RouterB.