CCIE Dial/ISP Practice Lab PracticeExamination *Please note that the exam structures change over time. Please consult www.cisco.com CCIE Certifications for updated information. Network Diagram Lab I. Connect Terminal Server At the end of the exercise, verify connectivity to the console of all routers 1. Configure an IP host list for a reverse telnet session into the console of each router using network 130.10.x.x. 2. Login to each router and set the console password and the enable password to cisco (lower case). Lab II. ISDN Configuration Section 1A 1. Setup routers as shown in the diagram above. 2. Connect R2, R3 and the 800 over the ISDN cloud. 3. Connect the R1 and R5 back-to-back on the Serial Interface. Also, Connect R6 and R5 back-to-back on the Serial interface. 4. Connect R1, R2, R3 via ethernet. Lab III. IP Configure the network using network 130.10.x.x • Use an 8 bit subnet mask unless otherwise specified At the end of each exercise, verify connectivity between all ports: • All IP routes appearing in all routers • Ping from any interface to any other interface Section 3A ISDN and Analog Connectivity 1. Configure the 800 so that it dials R2 and R3 if interesting traffic Is seen. 2. Configure R2 and R3 so that it will terminate Analog modem calls. 3. Configure R1, R2 and R3 so that R1 will terminate all ISDN calls. 4. Configure the lab computer so that it will dial and connect up to either R2 or R3. It must receive a valid IP address from the Access Server. Section 3B Authentication 1. Configure R1, R2 and R3 so that it will use the CiscoSecure Server-NT Tacacs+ database to authenticate all PPP connections. 2. Create a Username on the ACS server called ccie_user with password cisco. 3. Make sure that you can dial into either the R2 or R3 using ccie_user as the username. 4. Create the appropriate Username and Password on the ACS server to authenticate the 800 router as it connects. Section 3C Routing Protocols 1. Configure OSPF on the ethernet segment between R1, R2 and R3. Make this segment AREA 0. 2. Configure OSPF on the link between R1 and R5 Make this Area 1. 3. Configure IGRP between R1 the 800. 4. Redistribute where necessary so that the 800 and the rest of the network See’s all routes. Lab IV. BGP Section 4A 1. Configure BGP Autonomous System 254 on R6. Create two loopback interfaces On R6 with and IP address of 199.99.99.254 and 199.99.100.254, respectively. Announce these networks via BGP. 2. Configure BGP Autonomous System 100 on R1. 3. Create a BGP Peering relationship between R1 and R6. 4. Create a BGP Peer between R2 and R1. 5. Filter on R1 such that the only network seen on R2 is from the 199.99.99.254 network. Lab V. DDR Section 5A 1. Configure the Aux port on R4 and R5 for modem access. Configure R4 such that if interesting traffic is seen it will dial R5. All routes should still be seen on all routers. Lab VI. VPDN and Security Section 6A 1. Configure R5 and R6 such that when a call is received from R4 it is Forwarded from R5 to R7. Use the name ccie-vpdn@cisco.com to create The tunnel. Section 6B 1. Configure the PIX such that it will allow all traffic to flow from the inside Interface to the Outside interface. 2. Configure the PIX so that it allows all traffic to pass from R6 to the Cisco Secure Server #2. NO OTHER routers should be able to access the Unix Server. Section 6C 1. Configure the Cisco Secure Server #2 so that it will authenticate the VPDN tunnel And User. 2. Configure R6 so that it will pass all authentication requests to the Cisco Secure Server. The User ccie-vpdn@cisco.com should NOT be present on R6. Lab VII. Final Routing Protocols Section 7A 1. Configure EIGRP between R5 and R6. 2. Configure RIP on R6. 3. Configure the PIX so that it will use RIP to find it’s default gateway on The outside interface. 4. Redistribute as necessary to allow ALL routes to be seen on all routers. . CCIE Dial/ISP Practice Lab Practice Examination *Please note that the exam structures change over time.