SlideShare a Scribd company logo

Lab 27: S2S VPN Routing Protocols

Netwax Lab
Netwax Lab

This document provides instructions for configuring routing protocols and a site-to-site VPN between HQ and BR1 networks. The tasks include: 1) configuring EIGRP and RIP routing with redistribution to ensure HQ_R2 learns all routes, 2) enabling MD5 authentication on EIGRP 200, 3) establishing an IPsec VPN between HQ and BR1 to permit access only to BR1 loopback addresses from HQ_R2, and 4) summarizing the BR1 loopback routes into OSPF area 0 on BR1.

Technology
1 of 8
Download to read offline
Lab 27: S2S VPN with Routing Protocols Task 1. Configure IP Address as per given in topology. 2. Configure Routing Protocols as per given in topology. 3. Make HQ_R2 receives all the routes from EIGRP and Rip Domain. 4. Make Sure EIGRP 200 use Md5 authentication with key "3incopN@tw@X". 5. Configure Site-2-Site VPN between HQ and BR1 and permit only HQ_R2 to BR_1 Loopbacks. 6. BR_1 Send all loopback address to Area 0 using manual Summarization. Figure 1 Topology
Lab 27: S2S VPN with Routing Protocols Solution  Task 2: Configure Routing Protocols as per given in topology. HQ router eigrp 110 network 112.36.55.0 0.0.0.255 no auto-summary exit router eigrp 200 network 10.0.0.0 0.0.0.255 no auto-summary exit HQ_1 router eigrp 110 network 44.21.221.0 0.0.0.255 network 101.26.27.0 0.0.0.255 network 112.36.55.0 0.0.0.255 no auto-summary exit HQ_2 router eigrp 200 network 10.0.0.0 0.0.0.255 network 20.0.0.0 0.0.0.255 no auto-summary exit HQ_R1 router eigrp 110 network 44.21.221.0 0.0.0.255 no auto-summary exit router rip version 2 network 2.0.0.0
Lab 27: S2S VPN with Routing Protocols network 84.0.0.0 no auto-summary exit HQ_R2 router eigrp 110 network 101.26.27.0 0.0.0.255 no auto-summary exit HQ_R3 router eigrp 200 network 20.0.0.0 0.0.0.255 auto-summary exit router rip version 2 redistribute static redistribute eigrp 200 metric 1 network 3.0.0.0 network 84.0.0.0 no auto-summary exit BR1 router ospf 1 router-id 1.1.1.1 log-adjacency-changes no auto-cost network 46.22.100.0 0.0.0.255 area 0 default-information originate exit BR_1 router ospf 1 router-id 4.4.4.4 log-adjacency-changes area 1 range 5.5.0.0 255.255.248.0
Lab 27: S2S VPN with Routing Protocols network 74.112.54.0 0.0.0.255 area 0 network 112.54.20.0 0.0.0.255 area 0 exit BR_2 router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 42.0.224.0 0.0.0.255 area 0 network 46.22.100.0 0.0.0.255 area 0 network 112.54.20.0 0.0.0.255 area 0 exit BR_3 router ospf 1 router-id 3.3.3.3 log-adjacency-changes network 42.0.224.0 0.0.0.255 area 0 network 74.112.54.0 0.0.0.255 area 0 exit  Task 3: Make HQ_R2 receives all the routes from EIGRP and Rip Domain. HQ router eigrp 110 redistribute static redistribute eigrp 200 metric 100 100 100 100 100 exit router eigrp 200 redistribute static redistribute eigrp 110 metric 100 100 100 100 100 exit HQ_R1 router eigrp 110 redistribute static redistribute rip metric 100 100 100 100 100 exit
Lab 27: S2S VPN with Routing Protocols router rip redistribute static redistribute eigrp 110 metric 1 exit HQ_R3 router eigrp 200 redistribute static redistribute rip metric 100 100 100 100 100 exit router rip redistribute static redistribute eigrp 200 metric 1 exit  Task 4: Make Sure EIGRP 200 use Md5 authentication with key "3incopN@tw@X". HQ key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/1 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit HQ_2 key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/0 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp
Lab 27: S2S VPN with Routing Protocols exit int se0/1 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit HQ_R3 key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/0 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit  Task 5: Configure Site-2-Site VPN between HQ and BR1 and permit only HQ_R2 to BR_1 Loopbacks. HQ ip access-list extended VPN permit ip host 101.26.27.2 5.5.1.0 0.0.0.255 permit ip host 101.26.27.2 5.5.2.0 0.0.0.255 permit ip host 101.26.27.2 5.5.3.0 0.0.0.255 permit ip host 101.26.27.2 5.5.4.0 0.0.0.255 exit crypto isakmp policy 10 encr 3des authentication pre-share group 2 lifetime 1800 exit crypto isakmp key Netwaxlab address 15.65.88.100 crypto ipsec transform-set tset esp-3des esp-sha-hmac
Lab 27: S2S VPN with Routing Protocols exit crypto map CMAP 10 ipsec-isakmp set peer 15.65.88.100 set transform-set tset match address VPN int f0/0 crypto map CMAP exit BR1 ip access-list extended VPN permit ip 5.5.1.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.2.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.3.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.4.0 0.0.0.255 host 101.26.27.2 exit crypto isakmp policy 10 encr 3des authentication pre-share group 2 lifetime 1800 exit crypto isakmp key Netwaxlab address 200.65.114.100 crypto ipsec transform-set tset esp-3des esp-sha-hmac exit crypto map CMAP 10 ipsec-isakmp set peer 200.65.114.100 set transform-set tset match address VPN int f0/0 crypto map CMAP exit
Lab 27: S2S VPN with Routing Protocols  Task 6: BR_1 Send all loopback address to Area 0 using manual Summarization. BR_1 router ospf 1 area 1 range 5.5.0.0 255.255.248.0 exit

Recommended

Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunkingNetwax Lab
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiNetwax Lab
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp iiNetwax Lab
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionNetwax Lab
 
Eincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiEincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiNetwax Lab
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgpNetwax Lab
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6Netwax Lab
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access listNetwax Lab
 

Recommended

Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunkingNetwax Lab
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiNetwax Lab
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp iiNetwax Lab
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionNetwax Lab
 
Eincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiEincop Netwax Lab: Access List ii
Eincop Netwax Lab: Access List iiNetwax Lab
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgpNetwax Lab
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6Netwax Lab
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access listNetwax Lab
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNetwax Lab
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Netwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Netwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiNetwax Lab
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting Netwax Lab
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failoverNetwax Lab
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cliNetwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Netwax Lab
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeNetwax Lab
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNetwax Lab
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iiiNetwax Lab
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewallNetwax Lab
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Netwax Lab
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiNetwax Lab
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6Netwax Lab
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNetwax Lab
 
Route Redistribution
Route RedistributionRoute Redistribution
Route RedistributionNetwax Lab
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPNNetProtocol Xpert
 
DMVPN
DMVPNDMVPN
DMVPNNetProtocol Xpert
 
Nat64 server
Nat64 serverNat64 server
Nat64 serverJanith Rukman
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPNNetwax Lab
 
IP Address
IP AddressIP Address
IP AddressNetwax Lab
 

More Related Content

What's hot

Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNetwax Lab
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Netwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Netwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiNetwax Lab
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting Netwax Lab
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failoverNetwax Lab
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cliNetwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Netwax Lab
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeNetwax Lab
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNetwax Lab
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iiiNetwax Lab
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewallNetwax Lab
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Netwax Lab
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiNetwax Lab
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNetwax Lab
 
Route Redistribution
Route RedistributionRoute Redistribution
Route RedistributionNetwax Lab
 

What's hot (20)

Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asa
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking ii
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failover
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cli
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
 
Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static route
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarization
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iii
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewall
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2
 
Eincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP iiEincop Netwax Lab: EIGRP ii
Eincop Netwax Lab: EIGRP ii
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asa
 
Route Redistribution
Route RedistributionRoute Redistribution
Route Redistribution
 
IPSec VPN
IPSec VPNIPSec VPN
IPSec VPN
 
DMVPN
DMVPNDMVPN
DMVPN
 
Nat64 server
Nat64 serverNat64 server
Nat64 server
 

Viewers also liked

Introduction of Networking
Introduction of NetworkingIntroduction of Networking
Introduction of NetworkingNetwax Lab
 
Wireless Technology
Wireless TechnologyWireless Technology
Wireless TechnologyNetwax Lab
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access Netwax Lab
 
Computer Ports
Computer PortsComputer Ports
Computer PortsNetwax Lab
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionNetwax Lab
 
Deploy MPLS Traffic Engineering
Deploy MPLS Traffic EngineeringDeploy MPLS Traffic Engineering
Deploy MPLS Traffic EngineeringAPNIC
 
MPLS-based Metro Ethernet Networks Tutorial by Khatri
MPLS-based Metro Ethernet Networks Tutorial by KhatriMPLS-based Metro Ethernet Networks Tutorial by Khatri
MPLS-based Metro Ethernet Networks Tutorial by KhatriFebrian ‎
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingPeter R. Egli
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)Vipin Sahu
 

Viewers also liked (13)

SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
 
IP Address
IP AddressIP Address
IP Address
 
Introduction of Networking
Introduction of NetworkingIntroduction of Networking
Introduction of Networking
 
Wireless Technology
Wireless TechnologyWireless Technology
Wireless Technology
 
Securing Switch Access
Securing Switch Access Securing Switch Access
Securing Switch Access
 
Switching
SwitchingSwitching
Switching
 
Remote VPN
Remote VPNRemote VPN
Remote VPN
 
Computer Ports
Computer PortsComputer Ports
Computer Ports
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route Redistribution
 
Deploy MPLS Traffic Engineering
Deploy MPLS Traffic EngineeringDeploy MPLS Traffic Engineering
Deploy MPLS Traffic Engineering
 
MPLS-based Metro Ethernet Networks Tutorial by Khatri
MPLS-based Metro Ethernet Networks Tutorial by KhatriMPLS-based Metro Ethernet Networks Tutorial by Khatri
MPLS-based Metro Ethernet Networks Tutorial by Khatri
 
MPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label SwitchingMPLS - Multiprotocol Label Switching
MPLS - Multiprotocol Label Switching
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)
 

Similar to Lab 27: S2S VPN Routing Protocols

Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Abhilash Kuniyil
 
Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Arz Sy
 
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdfssuserf7cd2b
 
4.1.1.10 packet tracer configuring extended ac ls scenario 1
4.1.1.10 packet tracer configuring extended ac ls scenario 14.1.1.10 packet tracer configuring extended ac ls scenario 1
4.1.1.10 packet tracer configuring extended ac ls scenario 1mps125
 
Lab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfLab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfNesibusami
 
Dynamic Routing IGRP
Dynamic Routing IGRPDynamic Routing IGRP
Dynamic Routing IGRPKishore Kumar
 
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxCCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxketurahhazelhurst
 
Cisco labs practical5
Cisco labs practical5Cisco labs practical5
Cisco labs practical5Tai Lam
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfAsgarAlam6
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Kelson Silva
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2Kris Mofu
 
[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network TroubleshootingOpen Source Consulting
 
Mikrotik link redundancy solution
Mikrotik link redundancy solution Mikrotik link redundancy solution
Mikrotik link redundancy solution S M Tipu
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxgalerussel59292
 
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...rediani
 

Similar to Lab 27: S2S VPN Routing Protocols (20)

Eigrp authentication
Eigrp authenticationEigrp authentication
Eigrp authentication
 
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
Labpractice1 configuringbasicroutingandswitchingwithanswer-121214084802-phpapp02
 
Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer) Lab practice 1 configuring basic routing and switching (with answer)
Lab practice 1 configuring basic routing and switching (with answer)
 
Day 11 eigrp
Day 11 eigrpDay 11 eigrp
Day 11 eigrp
 
Day 11.2 enablingeigrp
Day 11.2 enablingeigrpDay 11.2 enablingeigrp
Day 11.2 enablingeigrp
 
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf
4.1.1.10 Packet Tracer - Configuring Extended ACLs Scenario 1.pdf
 
4.1.1.10 packet tracer configuring extended ac ls scenario 1
4.1.1.10 packet tracer configuring extended ac ls scenario 14.1.1.10 packet tracer configuring extended ac ls scenario 1
4.1.1.10 packet tracer configuring extended ac ls scenario 1
 
MPLS LAB Practice Vol.1.pdf
MPLS LAB Practice Vol.1.pdfMPLS LAB Practice Vol.1.pdf
MPLS LAB Practice Vol.1.pdf
 
Lab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdfLab- Full IPsec Implementation.pdf
Lab- Full IPsec Implementation.pdf
 
Dynamic Routing IGRP
Dynamic Routing IGRPDynamic Routing IGRP
Dynamic Routing IGRP
 
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxCCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
 
Cisco labs practical5
Cisco labs practical5Cisco labs practical5
Cisco labs practical5
 
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdfcisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
cisco-ewan-nat-acl-pt-practice-sba-with-solution-110516171316-phpapp02.pdf
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
 
Practice exam #2
Practice exam #2Practice exam #2
Practice exam #2
 
[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting[오픈소스컨설팅] Linux Network Troubleshooting
[오픈소스컨설팅] Linux Network Troubleshooting
 
Sc manual
Sc manualSc manual
Sc manual
 
Mikrotik link redundancy solution
Mikrotik link redundancy solution Mikrotik link redundancy solution
Mikrotik link redundancy solution
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
 
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
26.2.1 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 1 - ITExamAnsw...
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Lab 27: S2S VPN Routing Protocols

  • 1. Lab 27: S2S VPN with Routing Protocols Task 1. Configure IP Address as per given in topology. 2. Configure Routing Protocols as per given in topology. 3. Make HQ_R2 receives all the routes from EIGRP and Rip Domain. 4. Make Sure EIGRP 200 use Md5 authentication with key "3incopN@tw@X". 5. Configure Site-2-Site VPN between HQ and BR1 and permit only HQ_R2 to BR_1 Loopbacks. 6. BR_1 Send all loopback address to Area 0 using manual Summarization. Figure 1 Topology
  • 2. Lab 27: S2S VPN with Routing Protocols Solution  Task 2: Configure Routing Protocols as per given in topology. HQ router eigrp 110 network 112.36.55.0 0.0.0.255 no auto-summary exit router eigrp 200 network 10.0.0.0 0.0.0.255 no auto-summary exit HQ_1 router eigrp 110 network 44.21.221.0 0.0.0.255 network 101.26.27.0 0.0.0.255 network 112.36.55.0 0.0.0.255 no auto-summary exit HQ_2 router eigrp 200 network 10.0.0.0 0.0.0.255 network 20.0.0.0 0.0.0.255 no auto-summary exit HQ_R1 router eigrp 110 network 44.21.221.0 0.0.0.255 no auto-summary exit router rip version 2 network 2.0.0.0
  • 3. Lab 27: S2S VPN with Routing Protocols network 84.0.0.0 no auto-summary exit HQ_R2 router eigrp 110 network 101.26.27.0 0.0.0.255 no auto-summary exit HQ_R3 router eigrp 200 network 20.0.0.0 0.0.0.255 auto-summary exit router rip version 2 redistribute static redistribute eigrp 200 metric 1 network 3.0.0.0 network 84.0.0.0 no auto-summary exit BR1 router ospf 1 router-id 1.1.1.1 log-adjacency-changes no auto-cost network 46.22.100.0 0.0.0.255 area 0 default-information originate exit BR_1 router ospf 1 router-id 4.4.4.4 log-adjacency-changes area 1 range 5.5.0.0 255.255.248.0
  • 4. Lab 27: S2S VPN with Routing Protocols network 74.112.54.0 0.0.0.255 area 0 network 112.54.20.0 0.0.0.255 area 0 exit BR_2 router ospf 1 router-id 2.2.2.2 log-adjacency-changes network 42.0.224.0 0.0.0.255 area 0 network 46.22.100.0 0.0.0.255 area 0 network 112.54.20.0 0.0.0.255 area 0 exit BR_3 router ospf 1 router-id 3.3.3.3 log-adjacency-changes network 42.0.224.0 0.0.0.255 area 0 network 74.112.54.0 0.0.0.255 area 0 exit  Task 3: Make HQ_R2 receives all the routes from EIGRP and Rip Domain. HQ router eigrp 110 redistribute static redistribute eigrp 200 metric 100 100 100 100 100 exit router eigrp 200 redistribute static redistribute eigrp 110 metric 100 100 100 100 100 exit HQ_R1 router eigrp 110 redistribute static redistribute rip metric 100 100 100 100 100 exit
  • 5. Lab 27: S2S VPN with Routing Protocols router rip redistribute static redistribute eigrp 110 metric 1 exit HQ_R3 router eigrp 200 redistribute static redistribute rip metric 100 100 100 100 100 exit router rip redistribute static redistribute eigrp 200 metric 1 exit  Task 4: Make Sure EIGRP 200 use Md5 authentication with key "3incopN@tw@X". HQ key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/1 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit HQ_2 key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/0 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp
  • 6. Lab 27: S2S VPN with Routing Protocols exit int se0/1 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit HQ_R3 key chain Eigrp key 1 key-string 3incopN@tw@X exit exit int se0/0 ip authentication mode eigrp 200 md5 ip authentication key-chain eigrp 200 Eigrp exit  Task 5: Configure Site-2-Site VPN between HQ and BR1 and permit only HQ_R2 to BR_1 Loopbacks. HQ ip access-list extended VPN permit ip host 101.26.27.2 5.5.1.0 0.0.0.255 permit ip host 101.26.27.2 5.5.2.0 0.0.0.255 permit ip host 101.26.27.2 5.5.3.0 0.0.0.255 permit ip host 101.26.27.2 5.5.4.0 0.0.0.255 exit crypto isakmp policy 10 encr 3des authentication pre-share group 2 lifetime 1800 exit crypto isakmp key Netwaxlab address 15.65.88.100 crypto ipsec transform-set tset esp-3des esp-sha-hmac
  • 7. Lab 27: S2S VPN with Routing Protocols exit crypto map CMAP 10 ipsec-isakmp set peer 15.65.88.100 set transform-set tset match address VPN int f0/0 crypto map CMAP exit BR1 ip access-list extended VPN permit ip 5.5.1.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.2.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.3.0 0.0.0.255 host 101.26.27.2 permit ip 5.5.4.0 0.0.0.255 host 101.26.27.2 exit crypto isakmp policy 10 encr 3des authentication pre-share group 2 lifetime 1800 exit crypto isakmp key Netwaxlab address 200.65.114.100 crypto ipsec transform-set tset esp-3des esp-sha-hmac exit crypto map CMAP 10 ipsec-isakmp set peer 200.65.114.100 set transform-set tset match address VPN int f0/0 crypto map CMAP exit
  • 8. Lab 27: S2S VPN with Routing Protocols  Task 6: BR_1 Send all loopback address to Area 0 using manual Summarization. BR_1 router ospf 1 area 1 range 5.5.0.0 255.255.248.0 exit