Exam requirements:
1. According to the experimental topology diagram, change the name of the device and configure the corresponding IP address for the interface. (The interface number and device name must be consistent with those on the topology diagram); (10 points)
2. Configure v1an10 and v1an20 on the switch, and assign the port connecting E0/0/2 of the switch to AR2 to v1an10. The port connecting /0/3 and AR3 is assigned to vlan20. (10 points)
3 Configure a sub-interface on the router AR1, and configure E0/0/1 as a trunk port on the switch (the switch is a Layer 2 switch, and IP address configuration is not allowed). (10 points)
4. Configure the OSPF routing protocol on routers AR1, AR2, and AR3 respectively to announce all private network segments, so that all private network routers can learn the routes of all private network segments (public network routes cannot be announced in OSPF). (15 points)
5. AR1 is a NAT device. Configure NAPT address translation on AR1. It is required that only the network segment where PC1 is located and the network segment where 1oopback0 on AR3 is located can be translated. The converted public network
192 address pool is 200111- 200.11.5. (20 points)
6. Configure reasonable static routes on the private network router and the public network router respectively, so that the 1oopback0 interface on PC1 and AR3 in the private network can access the L1oopback0 interface address on the AR4 router on the external network. (10 points)
7. Configure a reasonable advanced ACL packet filtering firewall on the AR3 router, so that the PC1 host in the private network cannot access the loopback1 interface address in the AR3. (15 points)
8. Configure an interface-based DHCP address pool on AR2, with the gateway L192.168.10.254/24 assigning an IP address to PC1. (10 points)
Verification part:
ospf neighbor
dhcp get
Advanced acl flow control verification
nat verification
Summary: The only point of confusion in this experimental test is the interface between the switch and the router. Many friends know how to connect the switch to the PC, but they don’t know how to switch to the router, and panic.
The topic says that AR1 needs to be a sub-interface, so the following two routers can be regarded as PCs. Naturally, the interface under the switch pair is acc. After this is done, a hub&spoke scene is formed between the three routers. If Switching to the second-tier network, it is the scene of the third-tier vlan. There are no difficulties in other configurations. They all test their own knowledge points, vlan division, ip configuration, ospf configuration, acl configuration, nat address pool configuration, advanced acl flow control configuration, default route configuration, ospf default route delivery configuration