3.6.1.2 Packet Tracer – Skills Integration Challenge - Answers

Certification Answers

Packet Tracer – Skills Integration Challenge (Instructor Version)

Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Topology

Addressing Table

Background / Scenario

In this skills integration challenge, the XYZ Corporation uses a combination of eBGP, PPP, and GRE WAN connections. Other technologies include DHCP, default routing, OSPF for IPv4, and SSH configurations.

Requirements

Note: The user EXEC password is cisco and the privileged EXEC password is class.

Interface Addressing

Configure interface addressing as needed on appropriate devices.

Use the topology table to implement addressing on routers REMOTE, HQ, and BRANCH.

Configure PC1 and PC3 to use DHCP.

SSH

Configure HQ to use SSH for remote access.

Set the modulus to 2048. The domain name is CISCO.com.

The username is admin and the password is secureaccess.

Only SSH should be allowed on the VTY lines.

Modify the SSH defaults: version 2; 60-second timeout; two retries.

PPP

Configure the WAN link from BRANCH to the ISP-3 router using PPP encapsulation and CHAP authentication.

Create a user ISP-3 with the password of cisco.

Configure the WAN link from HQ to the ISP-2 router using PPP encapsulation and CHAP authentication.

Create a user ISP-2 with the password of cisco.

DHCP

On BRANCH, configure a DHCP pool for the BRANCH LAN using the following requirements:

Exclude the first 5 IP addresses in the range.

The case-sensitive pool name is LAN.

Include the DNS server attached to the HQ LAN as part of the DHCP configuration.

Configure PC1 to use DHCP.

On HQ, configure a DHCP pool for the HQ LAN using the following requirements:

Exclude the first 10 IP addresses in the range.

The case-sensitive pool name is LAN.

Include the DNS server attached to the HQ LAN as part of the DHCP configuration.

Configure PC3 to use DHCP.

Default Routing

Configure REMOTE with a default route to the ISP-1 router. Use the Next-Hop IP as an argument.

eBGP Routing

Configure BRANCH with eBGP routing.

Configure BRANCH to peer with ISP-3.

Add BRANCH’s internal network to BGP

Configure HQ with eBGP routing.

Configure HQ to peer with ISP-2.

Add HQ’s internal network to BGP.

GRE Tunneling

Configure REMOTE with a tunnel interface to send IP traffic over GRE to HQ.

Configure Tunnel 10 with appropriate addressing information.

Configure the tunnel source with the local exit interface.

Configure the tunnel destination with the appropriate endpoint IP address.

Configure HQ with a tunnel interface to send IP traffic over GRE to REMOTE.

Configure Tunnel 10 with appropriate addressing information.

Configure the tunnel source with the local exit interface.

Configure the tunnel destination with the appropriate endpoint IP address.

OSPF Routing

Because the REMOTE LAN should have connectivity to the HQ LAN, configure OSPF across the GRE tunnel.

Configure OSPF process 100 on the REMOTE router.

REMOTE should advertise the LAN network via OSPF.

REMOTE should be configured to form an adjacency with HQ over the GRE tunnel.

Disable OSPF updates on appropriate interfaces.

Because the HQ LAN should have connectivity to the REMOTE LAN, configure OSPF across the GRE tunnel.

Configure OSPF process 100 on the HQ router.

HQ should advertise the LAN network via OSPF.

HQ should be configured to form an adjacency with REMOTE over the GRE tunnel.

Disable OSPF updates on appropriate interfaces.

Connectivity

Verify full connectivity from PC2 to the DNS Server.

Verify full connectivity from PC1 to the DNS Server.

Script

enable
config t
username ISP-3 password cisco
interface g0/0
 ip add 192.168.10.1 255.255.255.0
 no shutdown
interface s0/0/0
 ip add 209.165.201.22 255.255.255.252
 encapsulation ppp
 ppp authentication chap
 no shutdown
ip dhcp excluded-address 192.168.10.1 192.168.10.5
ip dhcp pool LAN
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
 dns-server 192.168.30.250
router bgp 65010
 neighbor 209.165.201.21 remote-as 65535
 network 192.168.10.0 mas 255.255.255.0
end
enable
config t
interface Tunnel10
 ip address 10.1.1.2 255.255.255.252
 tunnel mode gre ip
 tunnel destination 209.165.201.2
 tunnel source s0/0/0
 no shutdown
interface GigabitEthernet0/0
 ip address 192.168.30.1 255.255.255.0
 no shutdown
interface Serial0/0/0
 ip address 209.165.201.18 255.255.255.252
 encapsulation ppp
 ppp authentication chap
no shutdown
ip domain-name CISCO.com
username admin password secureaccess
username ISP-2 password cisco
crypto key generate rsa
2048
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 60
line vty 0 4
 transport input ssh
ip dhcp excluded-address 192.168.30.1 192.168.30.10
ip dhcp pool LAN
 network 192.168.30.0 255.255.255.0
 default-router 192.168.30.1
 dns-server 192.168.30.250
router bgp 65020
 neighbor 209.165.201.17 remote-as 65535
 network 192.168.30.0 mask 255.255.255.0
router ospf 100
 network 192.168.30.0 0.0.0.255 area 0
 network 10.1.1.0 0.0.0.3 area 0
 passive-interface g0/0
end
enable
config t
interface s0/0/0
 ip add 209.165.201.2 255.255.255.0
 no shutdown
interface tunnel 10
 ip address 10.1.1.1 255.255.255.252
 tunnel mode gre ip
 tunnel destination 209.165.201.18
 tunnel source s0/0/0
 no shutdown
interface g0/0
 ip address 192.168.20.1 255.255.255.0
 no shutdown
ip route 0.0.0.0 0.0.0.0 209.165.201.1
router ospf 100
 network 192.168.20.0 0.0.0.255 area 0
 network 10.1.1.0 0.0.0.3 area 0
 passive-interface g0/0
end