So This is about me Yeah .
Here are the task that we're going to execute it :
A company has a central office or the headquarters (HQ) in Mataram and Branch Office (Branch) in Sumbawa connected via a Wide Area Network (WAN) protocol encapsulation Point-to-Point Protocol (PPP) and connect to the Internet through an ISP router. At the Headquarters (HQ) there are 4 Virtual Local Area Network (VLAN) that VLAN MANAGEMENT, HR, MARKETING and FINANCE. Communication between VLANs (InterVLAN Routing) conducted through HQ router configuration with router-on-stick that implement IEEE 802.1Q encapsulation protocol on the subinterface GigabitEthernet0 / 0. Routing protocols Open Shortest Path First (OSPF) is used in the router's HQ and BRANCH routers can route data packets between networks headquarters (HQ) and branches (Branch). The allocation of IP addressing is distributed dynamically using Dynamic Host Configuration Protocol (DHCP) for each VLAN at the head office and Wireless Local Area Network (WLAN) in branch offices whose setting is centered on the HQ router as a DHCP Server. BRANCH Router enabled as a DHCP Relay Agent to client at a branch office obtain IP addressing allocation dynamically from a DHCP server router HQ.
Task 1
CLI of Switch SW_HQ can be accessed via the Terminal PC HQ MANAGEMENT2. Conditions configuration is as follows: Set the IP addresses in VLAN interface 1 with a second IP address of the subnet address 192.168.169.8/29 and activate the interface. Set the default gateway using the IP address subnet address 192.168.169.8/29 first of which is one of the HQ router's IP address in order to communicate with different networks.
Creating a new VLAN, among others: VLAN 10 with the name of HRD. VLAN 20 with the name MARKETING. VLAN 30 with name FINANCE. Set the port or interface membership of each VLAN, among others: FastEthernet0 / 1 to VLAN 10
FastEthernet0 / 6 to VLAN 20
FastEthernet0 / 11 to VLAN 30
Enabling mode into a trunk port for interface GigabitEthernet0 / 1 is connected to the router HQ. Verify the configuration has been done to ensure compliance with the provisions.
Task 2 :
Set the IP addresses in the interface Serial0 / 0/1 connected to the ISP router using the IP address of the subnet address WAN ISP-HQ 8.0.0.0/30 and activate the interface.
Set the WAN encapsulation protocol on the interface Serial0 / 0/0 are connected to the BRANCH router with PPP and implementing PPP authentication using CHAP password "Suranadi".
Set the IP addresses in the interface Serial0 / 0/0 to use the first IP address of the subnet address WAN-Branch HQ 192.168.169.0/30.
Set the bandwidth of 1 Mbps and a clock rate adjusts to the bandwidth on the interface Serial0 / 0/0 acting as DCE for WAN connections-Branch HQ and activate the interface.
Enabling interface GigabitEthernet0 / 0.
Set the router-on-stick for inter-VLAN communication by making subinterface on interface GigabitEthernet0 / 0 and apply IEEE 802.1Q encapsulation protocol as well as the allocation of IP addresses in each subinterface as follows:
Subinterface GigabitEthernet0 / 0.1 for VLAN 1 with the first IP address of the subnet address 192.168.169.8/29.
Subinterface GigabitEthernet0 / 0.10 for VLAN 10 with the first IP address of the subnet address 192.168.169.16/29.
Subinterface GigabitEthernet / 0.20 for VLAN 20 with the first IP address of the subnet address 192.168.169.64/27.
Subinterface GigabitEthernet0 / 0.30 for VLAN 30 with the first IP address of the subnet address 192.168.169.96/28.
Creating a DHCP Server
make Pool
Name Pool "MANAGEMENT" for VLAN 1 with the subnet address 192.168.169.8/29
Name Pool "HR" for VLAN 10 with the subnet address 192.168.169.16/29
Name Pool "MARKETING" for VLAN 20 with the subnet address 192.168.169.64/27
Name Pool "FINANCE" for VLAN 30 with the subnet address 192.168.169.96/28
Name Pool "WLAN_BRANCH" for subnet 192.168.169.192/26 in the Branch Office.
TCP / IP parameters are set on each pool are:
Default gateway acquired DHCP Client uses the first IP address of each subnet of each VLAN and WLAN.
The IP address of the DNS server for the entire pool using the IP address of the DNS Root Server is 8.0.0.10.
Set the IP address leased to DHCP Client for each pool.
The first IP address of each VLAN and subnet address WLAN_BRANCH.
The second IP address of the subnet address 192.168.169.8/29 specifically for pool "MANAGEMENT" allocated to VLAN1.
Enable OSPF routing protocol with process-id 46 and set the network address wildcard mask 192.168.169.0/24 the network as part of a network router OSPF area 0 on HQ.
Verify the configuration has been done to ensure compliance with the provisions.
Task 3 :
Set up each PC at headquarters unless the PC HQ MANAGEMENT2 as DHCP Client. Make sure each PC on every VLAN has successfully obtained an IP addressing dynamically from a DHCP server.
Verify connection from PC to PC HQ management1 HRD, PC MARKETING and FINANCE PC using the Simple PDU. Make sure the connection is successful.
Task 4 :
CLI from Branch Router can be accessed via the Terminal PC MANAGEMENT BRANCH. Conditions configuration is as follows:
Set the WAN encapsulation protocol on the interface Serial0 / 0/0 are connected to the HQ router with PPP and implementing PPP authentication using CHAP password "Suranadi".
Set the IP addresses in the interface Serial0 / 0/0 using the second IP address of the subnet address WAN-Branch HQ 192.168.169.0/30 and activate the interface.
Set the IP addresses in the interface GigabitEthernet0 / 0 using the first IP address of the subnet address WLAN_BRANCH 192.168.169.192/26 and activate the interface.
Set the DHCP Relay Agent to forward requests from the DHCP Client on WLAN_BRANCH subnet to the DHCP server configured in the router HQ.
Enable OSPF routing protocol with process-id 46 and set the network address using a wildcard mask 192.168.169.0/24 network as part of the network in the OSPF area 0 router BRANCH.
Verify the configuration has been done to ensure compliance with the provisions.
Task 5 :
Set the Access Point AP_BRANCH with SSID "LKS-NTB" and enable WPA2-PSK authentication with a passphrase "SENGGIGI" as well as the type of encryption "AES" on Port 1.
Make sure the Port Status for Port 0 and Port 1 have been active on the Access Point AP_BRANCH.
Task 6 :
Laptops connect to Wireless Access Point with SSID "LKS-NTB" and WPA2-PSK password "SENGGIGI".
Laptop BRANCH verification of connections to other PCs located at HQ as PC HQ management1, HRD PC, PC MARKETING and FINANCE PC using the Simple PDU. Make sure the connection is successful.
Task 7 :
Set the default route to an ISP using a gateway in the form of the first IP address of the subnet address WAN ISP-HQ 8.0.0.0/30 used by interface Serial0 / 0/0 of the ISP router.
Entering (inject) a default route to OSPF that BRANCH router to obtain information about this route.
Creating Named Standard ACL named "INTERNET" to allow Internet access for the hosts contained in 192.168.169.8/29 subnet (VLAN1 MANAGEMENT), subnet 192.168.169.64/27 (VLAN20 MARKETING) and subnet 192.168.169.192/26 (WLAN_BRANCH ).
Set the NAT Overload or Port Address Translation (PAT) for Named Standard ACL "INTERNET".
Verify that the configuration has been made to ensure compliance with the provisions.
Task 8 :
Verify the Internet connection of a PC HQ management1, PC and Laptop MARKETING BRANCH by accessing Server ntbprov.go.id and ditpsmk.net use Simple PDU and browser. Make sure the connection is successful.
Now we're going to execute it :
SW_HQ :
Building configuration...
Current configuration : 1126 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname BRANCH
!
!
!
enable secret 5 $1$mERr$YsXqIF8306MddLsesE9MP/
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
username HQ password 0 SURANADI
!
!
license udi pid CISCO2911/K9 sn FTX15246JL0
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.169.193 255.255.255.192
ip helper-address 192.168.169.1
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 192.168.169.2 255.255.255.252
encapsulation ppp
ppp authentication chap
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 46
log-adjacency-changes
network 192.168.169.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
password sanjose
login
!
!
!
end
Router HQ :
HQ#sh ru
Building configuration...
Current configuration : 2629 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname HQ
!
!
!
enable secret 5 $1$mERr$YsXqIF8306MddLsesE9MP/
!
!
ip dhcp excluded-address 192.168.169.9
ip dhcp excluded-address 192.168.169.10
ip dhcp excluded-address 192.168.169.17
ip dhcp excluded-address 192.168.169.65
ip dhcp excluded-address 192.168.169.97
ip dhcp excluded-address 192.168.169.193
!
ip dhcp pool MANAGEMENT
network 192.168.169.8 255.255.255.248
default-router 192.168.169.9
dns-server 8.0.0.10
ip dhcp pool HRD
network 192.168.169.16 255.255.255.248
default-router 192.168.169.17
dns-server 8.0.0.10
ip dhcp pool MARKETING
network 192.168.169.64 255.255.255.224
default-router 192.168.169.65
dns-server 8.0.0.10
ip dhcp pool FINANCE
network 192.168.169.96 255.255.255.240
default-router 192.168.169.97
dns-server 8.0.0.10
ip dhcp pool WLAN_BRANCH
network 192.168.169.192 255.255.255.192
default-router 192.168.169.193
dns-server 8.0.0.10
!
!
!
no ip cef
no ipv6 cef
!
!
!
username BRANCH password 0 SURANADI
!
!
license udi pid CISCO2911/K9 sn FTX152474B2
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 192.168.169.9 255.255.255.248
ip nat inside
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.169.17 255.255.255.248
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.169.65 255.255.255.224
ip nat inside
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.169.97 255.255.255.240
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
bandwidth 1000
ip address 192.168.169.1 255.255.255.252
encapsulation ppp
ppp authentication chap
ip nat inside
clock rate 1000000
!
interface Serial0/0/1
ip address 8.0.0.2 255.255.255.252
ip nat outside
!
interface Vlan1
no ip address
shutdown
!
router ospf 46
log-adjacency-changes
network 192.168.169.0 0.0.0.255 area 0
default-information originate
!
ip nat inside source list INTERNET interface Serial0/0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 8.0.0.1
!
ip flow-export version 9
!
!
ip access-list standard INTERNET
permit 192.168.169.8 0.0.0.7
permit 192.168.169.64 0.0.0.31
permit 192.168.169.192 0.0.0.63
!
!
!
!
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
password sanjose
login
!
!
!
end
Router_BRANCH :
BRANCH#sh ru
Building configuration...
Current configuration : 1126 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname BRANCH
!
!
!
enable secret 5 $1$mERr$YsXqIF8306MddLsesE9MP/
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
username HQ password 0 SURANADI
!
!
license udi pid CISCO2911/K9 sn FTX15246JL0
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 192.168.169.193 255.255.255.192
ip helper-address 192.168.169.1
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0/0
ip address 192.168.169.2 255.255.255.252
encapsulation ppp
ppp authentication chap
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 46
log-adjacency-changes
network 192.168.169.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
password cisco
login
!
line aux 0
!
line vty 0 4
password sanjose
login
!
!
!
end
Access point :
and finally configure the DHCP Client for PC :D and the you got 100 :
Here are the Link to play this superlab :
EmoticonEmoticon