Scenario Configuring Cisco Routers for Passwords and Access Lists

Figure 3-10 displays a simple one-router network with two Ethernet LAN interfaces connecting users on subnet 131.108.1.0/24 to the server IP network, 131.108.2.0/24.

Figure 3-10 Scenario Physical Topology

131.108.1.100/24

131.108.1.1/24

131.108.2.1/24

Ethernet0/0

Ethernet0/1

131.108.2.100/24

131.108.1.101/24

Example 3-46 displays the working configuration file on Router R1, numbered from line 1 to 25.

Example 3-46 R1's Full Configuration

1. version 12.2

2. no service password-encryption

3. hostname R1

4. no logging console debugging

5. enable secret 5 $1$TBUV$od27CrEfa4UVICBtwvqol/

6. enable password ciscO

7. interface Ethernet0/0

8. ip address 131.108.1.1 255.255.255.0

9. interface Ethernet0/1

10. ip address 131.108.2.1 255.255.255.0

11. no ip http server

12. access-list 1 permit 131.108.0.0 0.0.255.255

13. access-list 100 permit tcp any host 131.108.1.1 eq telnet

14. access-list 100 permit ip host 131.108.2.100 host 131.108.1.1

15. alias EXEC test show ip route ospf

16. alias EXEC eth0 show interface ethernet0/0

17. alias EXEC eth1 show interface ethernet0/1

Example 3-46 R1's Full Configuration (Continued)

18. line con 0

19. exec-timeout 0 0

20. login

21. line aux 0

23. exec-timeout 0 0

24. no login

25. end

1. The network administrator enables the debug ip packet command on Router R1, but no output is seen when connected to the console. IP traffic is following correctly from Ethernet0/0 to Ethernet0/1. What is the likely problem? What IOS configuration change is required to rectify the fault?

2. There are a number of configured aliases. What alias will display the Ethernet interface statistics for the Ethernet interface labeled Ethernet0/1?

3. When the following command is entered at the privileged EXEC prompt, what will the output be?

Rl#eth0

4. What is the password of Router 1 that enables a network administrator to make configuration changes?

5. What Cisco IOS debug command can be used to debug the IP packets' source IP address from the address 131.108.2.100 to the PC with the IP address 131.108.1.1?

6. A user telnets to Router R1 and runs the command debug ip packet.

IP data travels from the PC to the server but no output is displayed on the router. What is the likely problem? R2#R1

Trying 131.108.255.1 ... Open Rl>debug ip packet

% Invalid input detected at marker. R1>

7. What is the configuration register of the router in Figure 3-10?

8. What is the vty password required for Telnet clients logging into R1?

9. What does access list 1 accomplish in line 12?

10. What global IOS command would encrypt all passwords configured on R1 in Figure 3-10?

0 0

Post a comment