GNI102 Lab 1

From Datateknik
(Difference between revisions)
Jump to: navigation, search
(Laboration)
(Laboration)
Line 53: Line 53:
 
## In the same way as you just did on the routers; You need to protect both your switches. Use the passwords cisco and secret here as well.
 
## In the same way as you just did on the routers; You need to protect both your switches. Use the passwords cisco and secret here as well.
 
# '''set the correct time and date on the switches and router'''
 
# '''set the correct time and date on the switches and router'''
## Använd kommandot <tt> clock </tt> för detta, i privileged exec mode  (MainRouter#). Ta hjälp av IOS för att skriva in rätt syntax genom att lägga på ett frågetecken (efter mellanslag) allt eftersom, exempelvis <tt> clock ? </tt> . Du får då veta att nästa ord som krävs är set. Fortsätt med frågetecken: clock set ? för att få nästa ord som är hh:mm:ss. Detta är formatet routern vill ha för tiden tex 09:46:00. Titta efter vad klockan är så du anger rätt klockslag. Fortsätt med clock set 09:46:00 ? för nästa ord och nästa och nästa ända tills endast alternativet <cr> finns kvar. CR står för Carriage Return och betyder att enda alternativet nu är att trycka enter
+
## Use the command <tt> clock </tt> for this, in the privileged exec mode  (MainRouter#). Use the builtin aid in the IOS to write the correct syntax by adding a questionmark (after apply a space with spacebar) as you go, for example <tt> clock ? </tt> . The IOS system will then tell you what commands can be applied next in line after clock. Keep useing the questionmark feteature: clock set ? to get the next attributes the command need which is hh:mm:ss. This is the format the router wants for time, for example 09:46:00. Before applying, check what the time is so you give the router the correct time. Continue with the command clock set 09:46:00 ? for the next word in, and the next one and the next until the only option <cr> if left. CR stands for Carriage Return and means that the only option left is to press enter
##      Kontrollera att det blev rätt med kommandort <tt> show clock </tt>
+
##      Controll that you did give the system the correct time with the command <tt> show clock </tt>
# '''Säkrare konfigurationsfiler'''
+
# '''Secure configurationfiles'''
## Genom att skriva <tt> show running-config </tt> kan alla lösenord utläsas i klartext. För att kryptera dessa lösenord anges kommandot <tt> service password-encryption</tt>, i global config mode. (MainRouter(config)# )
+
## By writing <tt> show running-config </tt> all passwords can be read out in cleartext. To encrypt these passwords the command <tt> service password-encryption</tt>, should be applied in global config mode. (MainRouter(config)# )
## Upprepa detta på båda switcharna och på routern
+
## Repeat this on all your network devices to secure their passwords.
# '''Sätt banners'''
+
# '''Set a banner'''
## Banners kommer att skrivas ut på skärmen till exempel vid inloggning och är ett absolut krav för att legalt hålla routern eller switcharna skyddade i vissa länder/stater
+
## Banners is written out on the display while for example trying to login on a device and is a absolute must legaly to keep the routers/switches protected in some countries/states.
## Ange en MessageOfTheDay-banner genom att, i global config mode, skriva <tt> banner motd #Authorized Access Only!# </tt>  
+
## Apply a MessageOfTheDay-banner by, in global config mode, write <tt> banner motd #Authorized Access Only!# </tt>  
## Testa dina banners genom att helt logga ut från routern med kommandot <tt> exit </tt> (flera gånger) och logga sedan in igen
+
## Test your banner by completely logout of your router with <tt> exit </tt> (multiple times) and then log back in again
# '''Dokumentera alla interface'''
+
# '''Document all interfaces'''
## En description är en förklarande text som kan anges på ett interface
+
## A description is a descriptive text which can be applied on a interface
## Uppgiften är nu att på samtliga använda interface i denna uppgift lägga till en description, detta gäller de två använda interfacen på routern samt de tre på vardera switch
+
## The task is now to add descriptions on all the interfaces that you have used throughout this laboration, thusly this applies to the two used interfaces on the router and the three on each of the switches
## För att sätta en description på ett interface på routern gör på följande sätt:
+
## To apply a description to a interface on the rotuer you need to do the following steps:
## I global config mode, gå till rätt interface med kommandot <tt> interface FastEthernet 0/0 </tt>
+
## In global config mode, go to the correct interface with the command <tt> interface FastEthernet 0/0 </tt>
## Skriv <tt> description </tt> följt av En text som förklarar vart detta interface går (tex <tt> Sladd till PC-Right </tt> )
+
## Write <tt> description </tt> followed by A text that describes where this interface goes to (tex <tt> Cable to PC-Right </tt> )
## Gör detta på alla använda interface i denna uppgift (åtta stycken)
+
## Do this on all interfaces used in this laboration (Eight interfaces)
# '''Spara konfigurationen'''
+
# '''Save configuration'''
## På samtliga switchar och routrar skall nuvarande konfigurationsfil sparas så att den används vid nästa uppstart. Detta görs genom att skriva kommandot <tt> copy running-config startup-config</tt>, i privileged mode (MainRouter# ). Bekräfta filnamnet med enter
+
## On all switches and routers we will now save the current configurationfile so when the next time the devices restart they will use it again. You do this by writing the command <tt> copy running-config startup-config</tt>, in privileged mode (MainRouter# ). Confirm the filename by pressing enter
##      Kontrollera att det blev rätt med kommandot <tt> show startup-config</tt>
+
##      Controll that this was completed with the command <tt> show startup-config</tt>
# '''Småfrågor'''
+
# '''Questions'''
## Vad heter filen som är vårt IOS på routern? (Skriv kommandot <tt>show version </tt> i MainRouter CLI)<br><br>_________________________________________________________
+
## What is the filename for our routers IOS? (Write the command <tt>show version </tt> in MainRouter CLI)<br><br>_________________________________________________________
## Vilken MAC-address har routerns interface FastEthernet0/0 (show interfaces)<br><br>___________________________________________________________
+
## What MAC-address does the routers interface FastEthernet0/0 have (show interfaces)<br><br>___________________________________________________________
## Hur många byte stor är vår IOS-fil i routern? ( <tt>show flash:</tt> )<br><br>___________________________
+
## How many byte large is our IOS-file on the router? ( <tt>show flash:</tt> )<br><br>___________________________
#'''Läraren kommer att kolla'''
+
#'''The instructor will check the following'''
##att du har ett foto på canvas ( http://hv.instructure.com/ )
+
##That you have uploaded a picture to canvas ( http://hv.instructure.com/ )
##att det går att surfa till Server-Right från PC-Left och vice versa
+
##That it is possible to access the webserver Server-Right from PC-Left with a browser
##att det fungerar att logga in med de lösenord angivna i specifikationen
+
##That it is possible to login on the devices with the passwords you assigned
##att korrekt tid och datum satt
+
##That you have modifed the time and date to being correct
##att running-config ej har lösenord i klartext
+
##That running-config does not have any passwords in cleartext visible
##att interfacen har description
+
##That the interfaces does have descriptions

Revision as of 23:34, 30 August 2020

Networking Academy   LAB 1: Packet Tracer
University West

Denna laboration skall utföras individuellt, en dator per person. Laborationen skall utföras i sal med Packet Tracer 6.2 eller högre installerad.

Laboration

Du skall i denna laboration simulera nedanstående nätverk.

Topologi


  1. Login to the computer usein the username cisco and password cisco.
  2. Upload a picture of yourself to the University West site at http://mittkonto.hv.se if you have not done it already.(This will be controlled by a instructor at the end of the laboration)
  3. Start Cisco Packet Tracer and login with your new Netacad-account
  4. The first step in Packet Tracer is to place out the networkcomponents we will be useing throughout this laboration.
    • Press on Routers Router Icon down to the left in the software and pick a 2811 router Router Icon . Place it in the middle similar to what the picture displays above.
    • Choose Switches switch Icon and place out two 2960 2960 Icon as the topology-image displays.
    • Choose End Devices EndDevice Icon and place out two Generic-PC PC Icon and two Generic Server server Icon as in the picture above.
    • Choose Connections xyz Icon and pick Copper Straight Through Copper StraightThrough Icon . Now useing this cable we are going to pair up all the devices useing this cabletype.
      1. Connect a cable from each PC (FastEthernet) to the switch above in interface FastEthernet0/1
      2. Connect a cable from each Server (FastEthernet) to the switch above in interface FastEthernet0/2
      3. Connect a cable between the left switch interface FastEthernet0/24 to the router above in interface FastEthernet0/0
      4. Connect a cable between the right switch interface FastEthernet0/24 to the router above in interface FastEthernet0/1
  5. Router Configuration
    1. Press on the router and the press on the tab called Config. Assign the Display Name MainRouter and the Hostname MainRouter
    2. Press on the FastEthernet0/0 interface and give it the IP-address 192.168.1.1 and subnetmask 255.255.255.0 Activate the interface by clicking the On option.
    3. Press on the FastEthernet0/1 interface and give it the IP-address 192.168.2.1 and subnetmask 255.255.255.0 Activate the interface by clicking the On option.
  6. Switch Configuration
    1. Press on the left switch and click the Config tab. Assign the Display Name and hostname Switch-Left
    2. Press on the right switch and click the Config tab. Assign the Display Name and hostname Switch-Right
  7. PC-configuration
    1. Press on the left PC and click the Config tab. Assign the Display Name PC-Left and Gateway to the nearby routers closest interface, 192.168.1.1
    2. Press on FastEthernet0. Assign the IP-address to 192.168.1.10 and the subnetmask 255.255.255.0
    3. Do the same configuration on the right PC, but assign the Gateway to its nearby routers closest interface, 192.168.2.1. Give the PC the name of PC-Right and IP-address 192.168.2.10
  8. Server-configuration
    1. Press on the left servern and click the Config tab.
    2. Assign the Display Name Server-Left and Gateway to the nearby routers closest interface, 192.168.1.1
    3. Press on FastEthernet0. Assign the IP-address to 192.168.1.100 and the subnetmask 255.255.255.0
    4. Do the same configuration on the right server, but assign the Gateway to its nearby routers closest interface, 192.168.2.1. Give the PC the name of Server-Right and IP-address 192.168.2.100
  9. Test your connection
    1. Press on PC-Left, choose the tab Desktop and press on Command Prompt
    2. In the command prompt that shows itself; test to send a ping to Server-Right (do it with the following command: ping 192.168.2.100 and press enter)
    3. Close the command prompt and instead press on Web Browser
    4. In the web browser that shows itself; Write the URL:en to Server-Right ( http://192.168.2.100/)
  10. Secure login to the router
    1. When a router is delivered with factory settings they have no protection against accessing the system, therefore this is something we need to change.
    2. Press on MainRouter and choose the tab CLI. If the router has entered sleep mode you can pres <Enter> to wake it.
    3. Jump out of Global Configuration Mode by pressing CTRL+Z. In the bottom left of the CLI screen you should now see MainRouter#. If it says MainRouter> you are in the wrong "mode". If this is the case, write enable to access the privileged mode: MainRouter#
    4. Enter configuration mode by writing the command configure terminal or conf t (In the bottom left you should see (config)# after writing the command )
    5. Write line console 0 to configure the console-port that gives access to the router. (In the bottom left you should see MainRouter(config-line)# )
    6. Apply the password cisco by writeing password cisco
    7. Enable password checking by writeing login
    8. You can test to login to the router by writing exit multiple times until the IOS responds with MainRouter con0 is now available. When this is the case, press enter and now you can login with your new password.
    9. We are not in the USER EXEC-mode after you have logged in and need to write enable to being able to access the configuration mode. This is also a mode we want to restrict by applying a password, and we can do this by first writing configure terminal and
      afterwards enable password secure, where secure is our new enable-lösenord
    10. We can now test our new passwords yet again by writing exit multiple times and then login first with the password cisco and then secure (writeenable to jump into the privileged exec mode)
  11. Secure login to the switches
    1. In the same way as you just did on the routers; You need to protect both your switches. Use the passwords cisco and secret here as well.
  12. set the correct time and date on the switches and router
    1. Use the command clock for this, in the privileged exec mode (MainRouter#). Use the builtin aid in the IOS to write the correct syntax by adding a questionmark (after apply a space with spacebar) as you go, for example clock ? . The IOS system will then tell you what commands can be applied next in line after clock. Keep useing the questionmark feteature: clock set ? to get the next attributes the command need which is hh:mm:ss. This is the format the router wants for time, for example 09:46:00. Before applying, check what the time is so you give the router the correct time. Continue with the command clock set 09:46:00 ? for the next word in, and the next one and the next until the only option <cr> if left. CR stands for Carriage Return and means that the only option left is to press enter
    2. Controll that you did give the system the correct time with the command show clock
  13. Secure configurationfiles
    1. By writing show running-config all passwords can be read out in cleartext. To encrypt these passwords the command service password-encryption, should be applied in global config mode. (MainRouter(config)# )
    2. Repeat this on all your network devices to secure their passwords.
  14. Set a banner
    1. Banners is written out on the display while for example trying to login on a device and is a absolute must legaly to keep the routers/switches protected in some countries/states.
    2. Apply a MessageOfTheDay-banner by, in global config mode, write banner motd #Authorized Access Only!#
    3. Test your banner by completely logout of your router with exit (multiple times) and then log back in again
  15. Document all interfaces
    1. A description is a descriptive text which can be applied on a interface
    2. The task is now to add descriptions on all the interfaces that you have used throughout this laboration, thusly this applies to the two used interfaces on the router and the three on each of the switches
    3. To apply a description to a interface on the rotuer you need to do the following steps:
    4. In global config mode, go to the correct interface with the command interface FastEthernet 0/0
    5. Write description followed by A text that describes where this interface goes to (tex Cable to PC-Right )
    6. Do this on all interfaces used in this laboration (Eight interfaces)
  16. Save configuration
    1. On all switches and routers we will now save the current configurationfile so when the next time the devices restart they will use it again. You do this by writing the command copy running-config startup-config, in privileged mode (MainRouter# ). Confirm the filename by pressing enter
    2. Controll that this was completed with the command show startup-config
  17. Questions
    1. What is the filename for our routers IOS? (Write the command show version in MainRouter CLI)

      _________________________________________________________
    2. What MAC-address does the routers interface FastEthernet0/0 have (show interfaces)

      ___________________________________________________________
    3. How many byte large is our IOS-file on the router? ( show flash: )

      ___________________________
  18. The instructor will check the following
    1. That you have uploaded a picture to canvas ( http://hv.instructure.com/ )
    2. That it is possible to access the webserver Server-Right from PC-Left with a browser
    3. That it is possible to login on the devices with the passwords you assigned
    4. That you have modifed the time and date to being correct
    5. That running-config does not have any passwords in cleartext visible
    6. That the interfaces does have descriptions
Retrieved from "http://catch-up.cnap.hv.se/wiki/index.php?title=GNI102_Lab_1&oldid=8118"
Personal tools
Namespaces

Variants
Actions
Navigation
Tools