CCNAv7 Enterprise Networking, Security, and Automation v7.0 (ENSA)
ENSA Practice PT Skills Assessment (PTSA)
A few things to keep in mind while completing this activity:
- Do not use the browser Back button or close or reload any exam windows during the exam.
- Do not close Packet Tracer when you are done. It will close automatically.
- Click the Submit Assessment button in the browser window to submit your work.
Topology
Addressing Table
Device Name | G0/0/0 | 10.10.1.17/29 |
---|---|---|
BD-1 | G0/0/0 | 10.10.1.17/29 |
S0/1/0 | 10.10.0.237/30 | |
S0/1/1 | 192.0.2.113/29 | |
BD-2 | G0/0/0 | 192.168.11.1/24 |
G0/0/1 | 10.10.1.18/29 | |
BD-3 | G0/0/0 | 192.168.22.1/24 |
G0/0/1 | 10.10.1.19/29 | |
PP-1 | S0/1/0 | 10.10.0.249/30 |
S0/1/1 | 10.10.0.241/30 | |
S0/2/0 | 10.10.0.238/30 | |
PP-2 | G0/0/0 | 192.168.33.1/28 |
S0/1/0 | 10.10.0.245/30 | |
S0/1/1 | 10.10.0.242/30 | |
PP-3 | G0/0/0 | 192.168.44.1/24 |
G0/0/1 | 192.168.55.1/24 | |
S0/1/0 | 10.10.0.250/30 | |
S0/1/1 | 10.10.0.246/30 | |
PC-1 | NIC | 192.168.11.11/24 |
PC-2 | NIC | 192.168.22.22/24 |
PC-3 | NIC | 192.168.44.44/24 |
Admin Server | NIC | 192.168.33.14/28 |
Internal Server | NIC | 192.168.11.100 |
Laptop | NIC | 192.168.55.55/24 |
Internet Server | NIC | 203.0.113.100 |
Introduction
You are completing the configuration of the Ocisc LLC network.
You are not required to configure host addressing.
You will practice and be assessed on the following skills:
- Configuration of OSPFv2 routing
- Customization of OSPF.
- Configuration of static NAT.
- Configuration of dynamic NAT with PAT.
- Configuration of various types of ACLs.
- Configuration of a router with NTP as a system time source.
- Backing up an IOS image to a TFTP server.
Instructions
Part 1: Configure OSPF
Step 1: Activate OSPF.
Use process ID 10 for OSPF activation on all routers.
a. Activate OSPF by configuring the interfaces of the network devices in the Eastern network, where required.
--R1-- BD-1(config)#router ospf 10 BD-1(config-router)#exit BD-1(config)# BD-1(config)#interface g0/0/0 BD-1(config-if)#ip ospf 10 area 0 BD-1(config-if)#interface s0/1/0 BD-1(config-if)#ip ospf 10 area 0 BD-1(config-if)#exit --R2-- BD-2(config)#router ospf 10 BD-2(config-router)#exit BD-2(config)# BD-2(config)#interface g0/0/0 BD-2(config-if)#ip ospf 10 area 0 BD-2(config-if)#interface g0/0/1 BD-2(config-if)#ip ospf 10 area 0 BD-2(config-if)#exit --R3-- BD-3(config)#router ospf 10 BD-3(config-router)#exit BD-3(config)# BD-3(config)#interface g0/0/0 BD-3(config-if)#ip ospf 10 area 0 BD-3(config-if)#interface g0/0/1 BD-3(config-if)#ip ospf 10 area 0 BD-3(config-if)#exit
b. Activate OSPF using network statements and inverse masks on the routers in the Central Network network.
Note: For the purposes of this assessment, please enter the network statements in the following order:
1) On Router 4 (PP-1)
- the Serial0/1/1 network
- the Serial0/2/0 network
- the Serial0/1/0 network
2) On Router 5 (PP-2)
- the Serial0/1/1 network
- the Serial0/1/0 network
- the GigabitEthernet0/0/0 network
3) On Router 6 (PP-3)
- the Serial0/1/0 network
- the Serial0/1/1 network
- the GigabitEthernet0/0/0 network
- the GigabitEthernet0/0/1 network
--R4-- PP-1(config)#router ospf 10 PP-1(config-router)#network 10.10.0.240 0.0.0.3 area 0 PP-1(config-router)#network 10.10.0.236 0.0.0.3 area 0 PP-1(config-router)#network 10.10.0.248 0.0.0.3 area 0 PP-1(config-router)#exit --R5-- PP-2(config)#router ospf 10 PP-2(config-router)#network 10.10.0.240 0.0.0.3 area 0 PP-2(config-router)#network 10.10.0.244 0.0.0.3 area 0 PP-2(config-router)#network 192.168.33.0 0.0.0.15 area 0 PP-2(config-router)#exit --R6-- PP-3(config)#router ospf 10 PP-3(config-router)#network 10.10.0.248 0.0.0.3 area 0 PP-3(config-router)#network 10.10.0.244 0.0.0.3 area 0 PP-3(config-router)#network 192.168.44.0 0.0.0.255 area 0 PP-3(config-router)#network 192.168.55.0 0.0.0.255 area 0 PP-3(config-router)#exit
Step 2: Configure router IDs.
Configure router IDs on the multiaccess network routers as follows:
- BD-1: 9.9.9.9
- BD-2: 8.8.8.8
- BD-3: 7.7.7.7
--R1-- BD-1(config)#router ospf 10 BD-1(config-router)#router-id 9.9.9.9 BD-1(config-router)#exit --R2-- BD-2(config)#router ospf 10 BD-2(config-router)#router-id 8.8.8.8 BD-2(config-router)#exit --R3-- BD-3(config)#router ospf 10 BD-3(config-router)#router-id 7.7.7.7 BD-3(config-router)#exit
Step 3: Customize OSPF operation.
- a. Configure router BD-1 with the highest OSPF interface priority so that it will always be the designated router of the multiaccess network.
--R1-- BD-1(config)#int g0/0/0 BD-1(config-if)#ip ospf priority 255 BD-1(config-if)#exit
- b. On router BD-1, configure a default route to the ISP cloud using the exit interface command argument.
--R1-- BD-1(config)#ip route 0.0.0.0 0.0.0.0 s0/1/1
- c. Automatically distribute the default route to all routers in the network.
--R1-- BD-1(config)#router ospf 10 BD-1(config-router)#default-information originate BD-1(config-router)#exit
- d. Configure the hello and dead timer values on the interfaces that connect BD-1 and PP-1 to be twice the default values.
--R1-- BD-1(config)#int s0/1/0 BD-1(config-if)#ip ospf hello-interval 20 BD-1(config-if)#ip ospf dead-interval 80 BD-1(config-if)#exit --R4-- PP-1(config)#int s0/2/0 PP-1(config-if)#ip ospf hello-interval 20 PP-1(config-if)#ip ospf dead-interval 80 PP-1(config-if)#exit
- e. Configure the OSPF routers so that the default cost value for all Gigabit Ethernet interfaces will be 10 and the cost value for Fast Ethernet will be 100.
--All routers (Router1-2-3-4-5-6)-- Routers1-6(config)#router ospf 10 Routers1-6(config-router)#auto-cost reference-bandwidth 10000 Routers1-6(config-router)#exit
- f. Configure the OSPF cost value of PP-1 interface Serial0/1/1 to 50.
--R4-- PP-1(config)#int s0/1/1 PP-1(config-if)#ip ospf cost 50 PP-1(config-if)#exit
- g. Configure OSPF so that routing updates are not sent into networks where OSPF updates are not required.
--R1-- BD-1(config)#router ospf 10 BD-1(config-router)#passive-interface s0/1/1 BD-1(config-router)#exit --R2-- BD-2(config)#router ospf 10 BD-2(config-router)#passive-interface g0/0/0 BD-2(config-router)#exit --R3-- BD-3(config)#router ospf 10 BD-3(config-router)#passive-interface g0/0/0 BD-3(config-router)#exit R4 PP-1(config)#router ospf 10 PP-1(config-router)#passive-interface g0/0/0 PP-1(config-router)#exit --R5-- PP-2(config)#router ospf 10 PP-2(config-router)#passive-interface g0/0/0 PP-2(config-router)#exit --R6-- PP-3(config)#router ospf 10 PP-3(config-router)#passive-interface g0/0/0 PP-3(config-router)#passive-interface g0/0/1 PP-3(config-router)#exit
Part 2: Configure NAT
In this part of the practice skills assessment, you will configure static and dynamic NAT at the network edge.
Step 1: Configure static NAT
Configure static NAT to translate the address of the Internal Server on LAN-1 to the public address of 192.0.2.115. Verify that the translations are occurring.
--R1-- BD-1(config)#ip nat inside source static 192.168.11.100 192.0.2.115 BD-1(config)#int s0/1/1 BD-1(config-if)#ip nat outside BD-1(config-if)#int g0/0/0 BD-1(config-if)#ip nat inside BD-1(config-if)#exit
Step 2: Configure dynamic PAT.
a. Create access list 1 to allow all addresses in the 192.168.0.0/16 network to be translated.
b. Create a NAT pool named POOL-1. It should use address in the range 192.0.2.116 -192.0.2.118.
c. Configure NAT to dynamically use the addresses in the pool for all traffic entering and exiting the company network. Remember that it is likely that more than three hosts will be accessing traffic on the Internet.
--R1-- BD-1(config)#access-list 1 permit 192.168.0.0 0.0.255.255 BD-1(config)#ip nat pool POOL-1 192.0.2.116 192.0.2.118 netmask 255.255.255.248 BD-1(config)#ip nat inside source list 1 pool POOL-1 overload BD-1(config)#int s0/1/0 BD-1(config-if)#ip nat inside BD-1(config-if)#exit
Part 3: Configure ACLs
Configure access control lists to meet the following requirements.
Note: Use host and any keywords whenever possible. Always explicitly configure the default deny condition when it is to be used as part of the ACL functionality so that it can be logged when the condition is met. You do not need to specify the default deny condition if it is counteracted with permit ip any any for this assessment. All ACLs should be placed in the most efficient location possible according to the guidelines specified in the curriculum.
a. Create a named standard access list to explicitly prevent all external traffic accessing the telnet lines on RTR-1. Name the list VTY-BLOCK. All addresses on the 192.168.0.0/16 network only should be allowed to access the VTY lines. Verify that the list works as specified.
--R1-- BD-1(config)#ip access-list standard VTY-BLOCK BD-1(config-std-nacl)#permit 192.168.0.0 0.0.255.255 BD-1(config-std-nacl)#deny any BD-1(config-std-nacl)#exit BD-1(config)#line vty 0 4 BD-1(config-line)#access-class VTY-BLOCK in BD-1(config-line)#exit
b. Create a numbered standard ACL to prevent all hosts on LAN 1 from accessing LAN 2. Use 10 as the number for the list.
--R3-- BD-3(config)#access-list 10 deny 192.168.11.0 0.0.0.255 BD-3(config)#access-list 10 permit any BD-3(config)#int g0/0/1 BD-3(config-if)#ip access-group 10 in BD-3(config-if)#exit
c. Create an extended numbered ACL that will prevent traffic from the LAN 4 network from accessing the HTTP service that is running on Admin Server. All other traffic from LAN 4 hosts should be able to access the network. Number the list 101.
--R6-- PP-3(config)#access-list 101 deny tcp any host 192.168.33.14 eq www PP-3(config)#access-list 101 permit ip any any PP-3(config)#int g0/0/0 PP-3(config-if)#ip access-group 101 in
Part 4: Manage Network Devices
Step 1: Configure NTP
Configure router PP-2 to use Admin Server as its time source.
--R5-- PP-2(config)#ntp server 192.168.33.14 PP-2(config)#exit
Step 2: Backup IOS to Server
Backup the IOS image file on router PP-2 to Admin Server.
--R5-- PP-2#show flash: System flash directory: File Length Name/status 3 486899872isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [487155691 bytes used, 2761893909 available, 3249049600 total] 3.17338e+06K bytes of processor board System flash (Read/Write) PP-2#copy flash tftp Source filename []? isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin Address or name of remote host []? 192.168.33.14 Destination filename [isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin]? [Press Enter]
Answers Script:
Router 1 possible names: BD-1; RTR-1; RTR-A
enable configure ter router ospf 10 exit interface g0/0/0 ip ospf 10 area 0 interface s0/1/0 ip ospf 10 area 0 exit router ospf 10 router-id 9.9.9.9 exit int g0/0/0 ip ospf priority 255 exit ip route 0.0.0.0 0.0.0.0 s0/1/1 router ospf 10 default-information originate exit int s0/1/0 ip ospf hello-interval 20 ip ospf dead-interval 80 exit router ospf 10 auto-cost reference-bandwidth 10000 exit router ospf 10 passive-interface s0/1/1 exit ip nat inside source static 192.168.11.100 192.0.2.115 int s0/1/1 ip nat outside int g0/0/0 ip nat inside exit access-list 1 permit 192.168.0.0 0.0.255.255 ip nat pool POOL-1 192.0.2.116 192.0.2.118 netmask 255.255.255.248 ip nat inside source list 1 pool POOL-1 overload int s0/1/0 ip nat inside exit ip access-list standard VTY-BLOCK permit 192.168.0.0 0.0.255.255 deny any exit line vty 0 4 access-class VTY-BLOCK in exit end copy running-config startup-config
Router 2 possible names: BD-2; RTR-2; RTR-B
enable configure terminal router ospf 10 exit interface g0/0/0 ip ospf 10 area 0 interface g0/0/1 ip ospf 10 area 0 exit router ospf 10 router-id 8.8.8.8 exit router ospf 10 auto-cost reference-bandwidth 10000 exit router ospf 10 passive-interface g0/0/0 exit end copy running-config startup-config
Router 3 possible names: BD-3; RTR-3; RTR-C
enable configure terminal router ospf 10 exit interface g0/0/0 ip ospf 10 area 0 interface g0/0/1 ip ospf 10 area 0 exit router ospf 10 router-id 7.7.7.7 exit router ospf 10 auto-cost reference-bandwidth 10000 exit router ospf 10 passive-interface g0/0/0 exit access-list 10 deny 192.168.11.0 0.0.0.255 access-list 10 permit any int g0/0/1 ip access-group 10 in exit end copy running-config startup-config
Router 4 possible names: PP-1; RTR-4; RTR-D
enable configure terminal router ospf 10 network 10.10.0.240 0.0.0.3 area 0 network 10.10.0.236 0.0.0.3 area 0 network 10.10.0.248 0.0.0.3 area 0 exit int s0/2/0 ip ospf hello-interval 20 ip ospf dead-interval 80 exit router ospf 10 auto-cost reference-bandwidth 10000 exit int s0/1/1 ip ospf cost 50 exit router ospf 10 passive-interface g0/0/0 exit end copy running-config startup-config
Router 5 possible names: PP-2; RTR-5; RTR-E
enable configure terminal router ospf 10 network 10.10.0.240 0.0.0.3 area 0 network 10.10.0.244 0.0.0.3 area 0 network 192.168.33.0 0.0.0.15 area 0 exit router ospf 10 auto-cost reference-bandwidth 10000 exit router ospf 10 passive-interface g0/0/0 exit ntp server 192.168.33.14 exit copy running-config startup-config
Router 6 possible names: PP-3; RTR-6; RTR-F
enable configure terminal router ospf 10 network 10.10.0.248 0.0.0.3 area 0 network 10.10.0.244 0.0.0.3 area 0 network 192.168.44.0 0.0.0.255 area 0 network 192.168.55.0 0.0.0.255 area 0 exit router ospf 10 auto-cost reference-bandwidth 10000 exit router ospf 10 passive-interface g0/0/0 passive-interface g0/0/1 exit access-list 101 deny tcp any host 192.168.33.14 eq www access-list 101 permit ip any any int g0/0/0 ip access-group 101 in end copy running-config startup-config
Part 4, step 2 (Router 5 possible names: PP-2; RTR-5; RTR-E)
Note: IOS image file (.bin file) name may be different
PP-2>enable PP-2#show flash: System flash directory: File Length Name/status 3 486899872isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [487155691 bytes used, 2761893909 available, 3249049600 total] 3.17338e+06K bytes of processor board System flash (Read/Write) PP-2#copy flash tftp Source filename []? isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin Address or name of remote host []? 192.168.33.14 Destination filename [isr4300-universalk9.03.16.05.S.155-3.S5-ext.SPA.bin]? [Press Enter]
Excelente y Gracia
¡¡¡¡¡¡¡ Me dió el 100% !!!!!!!
Thanks I lov u
Still valid! 100%
still works 100%
still works 100%. Thanks a ton!
I am preparing for my CCNA can you tell me where i can get some great practice question
Completely valid 10/12/2023 12:00
100%
thank sir
this work, thanks bro
So this is the same as CCNA3-Part-1
I have exam soon ccna3 part1
why there is no answer for test :
– ITN Practice PT Skills Assessment (PTSA) V7-CCNA3- SRWE Practice PT Skills Assessment (PTSA) – Part 1 V7-CCNA3- SRWE Practice PT Skills Assessment (PTSA) – Part 2 V7-CCNA3
Thanks, got 100%
exactly followed the script.
100%
Thank you very much… Sir
Just submitted my assessment and seems like my browser just freeze after clicking submit. How do i handle this?
is the SRWE Practice PT Skills Assessment (PTSA) – Part 1 & 2 for ccna3v7 available? or is it the same as ccna2v7? please answer me thanks
Yes, Part 1 & 2 in CCNA3 same skill CCNA2
Hello,first i want to thank you for the wonderful work and help you provide for all of us.I have a question, if you could help me,
I have an exam for CCNA3
Enterprise Networking, Security, and Automation v7.02 (ENSA)
SRWE Practice PT Skills Assessment (PTSA) – Part 1
Switching, Routing, and Wireless Essentials (Version 7.00) – SRWE Practice PT Skills Assessment (PTSA) – Part 1
Where is located or is this one, if u can share the link?
It here:
https://itexamanswers.net/ccna-2-srwe-practice-pt-skills-assessment-ptsa-part-1-answers.html
This skill exam in CCNA 2, but repeat it again in CCNA 3
it 100%. In the last part you need write command , but dont copy.
And it’s all to need for 100%
Which router?
en el RTR-5 pendejo
I lost marks in the auto cost section, i set them all to the thousand listed here and did not get the marks for it. No idea why. Still passed tho. Just wondering why i didnt get it, the image shows only router one, but it was configured on all
87.3% on mine. Thanks!
For you folks getting between 87 and 94, it appears the tests want you to configure the network routes in order as instructed. So, don’t just go in the order you see on here.
R1 possible names: BD-1; RTR-1; RTR-A
R2 possible names: BD-2; RTR-2; RTR-B
R3 possible names: BD-3; RTR-3; RTR-C
R4 possible names: PP-1; RTR-A; RTR-1
R5 possible names: PP-2; RTR-B; RTR-2
R6 possible names: PP-3; RTR-C; RTR-3
Whats the problem I made all by these instructions and I failed?
RTR-A -> RTR-1
RTR-B -> RTR-1
RTR-C -> RTR-3
RTR-1 -> RTR-A
RTR-2 -> RTR-B
RTR-3 -> RTR-C
R6 possible names: PP-3; RTR-C; RTR-3
R1 possible names: BD-1; RTR-1; RTR-A
R2 possible names: BD-2; RTR-2; RTR-B
R3 possible names: BD-3; RTR-3; RTR-C
R4 possible names: PP-1; RTR-A; RTR-1
R5 possible names: PP-2; RTR-B; RTR-2
R6 possible names: PP-3; RTR-C; RTR-3
Are you sure?
i got 89% by following all scripts above
More likely you got 89.8% (which is 106 points out of 118). That’s because they’ve removed the network on G0/0/0 of Router 4, but not fixed the key (it still looks for four network statements), so you get NO credit for network statements even if all else is correct. The other thing you would have lost credit for is the ntp server assignment. Something must be wrong in the key for that too, because it will not give you credit (that costs another 5 points)
Mistake on Router 4.
First network statement says “network 192.168.66.0 0.0.0.3 area 0”
Shouldn’t it be “network 192.168.66.0 0.0.0.255 area 0″? That LAN is a /24, which means a subnet mask of 255.255.255.0, which means a wildcard mask of 0.0.0.255.
How many points do you score after fixing that?
Hi, Metroid Prime name.
I’m in this class, too.
Pretty sure both should work. While the wildcard mask should be 0.0.0.255, Cisco IOS knows to correct subnet masks in this case. If you look at the running config after inputting a subnet mask where there should be a wildcard mask, it should display the proper wildcard mask instead of the subnet mask you put in.
Correction, I misread your initial comment lol
I thought you said 255.255.255.0 needed to be typed in as 0.0.0.255 and I was saying in that case it’d be corrected to the wildcard mask by IOS.
Lavate los ojos ctm en la topologia esta que la red 192.168.66.0 es /30, lo que pasa cuando solo plancheas pavo ctm no eres nada mierda. Primero termina tu inicial, primaria, secundaria y superior ahi te quiero ver mis respetos serenazgo.
Thanks so much
I used this command and I verified the cost on the interfaces using # show ip ospf interface gXXX. I got the cost as required by the exam task.
However I wasn’t given those points. On the exam’s item feedback it shows that I used a wrong command. It’s frustrating that the PT exams are still flawed….
the same thing happened to me. It was obvious that the exam task required us to give GigabitEthernet cost of 10 and FastEthernet cost of 100. So, I used those command. However, on item feedback, I got no points. I assumed that it was supposed to the PT exam error
Thank you I get 83
same. It is because the exam’s task in the actual CCNA exam are flawed. OSPF auto-cost reference and NTP server IP configs won’t give poitns even though you get the right.
OSPF network statements on the 3 routers on the right side are also flagged as wrong even though they ARE right.
Well, I also encountered this problem, it seems this is a bug of the exam
wow I get a frustation
In the latest exam, the cost value for Gigabit Ethernet interfaces is 10 and the cost value for Fast Ethernet is 100. Please adjust the auto-cost reference-bandwidth accordingly
Thanks!
nice i get 12.7%
Watch this video maybe it will help: https://www.youtube.com/watch?v=AcWyCIa36Jg
your own fault for not thinking before doing something
ITN Practice PT Skills Assessment (PTSA)
Practice Final – ENSA
CCNA Certification Practice Exam
SRWE Practice PT Skills Assessment (PTSA) – Part 1
ENSA Practice PT Skills Assessment (PTSA)
ENSA Hands On Skills Exam
SRWE Practice PT Skills Assessment (PTSA) – Part 2
for these there are answers or they are not obligatory?
thanks
Any answers to this question?
Is this configuration complete? 100%?
The NTP Configuration is false, and the Routes on R4, R5, R6.
sir, ptsa part 1 and part 2 are not added….will they wont come in exam
I send my words of thanks for making the ‘CCNA 3 – ENSA Practice PT Skills Assessment (PTSA)’ available. I think others are happy too with your goodness. You will receive many blessings in this life.
Kind regards.
The tutorial video is live. Please transcribe it. https://www.youtube.com/watch?v=AcWyCIa36Jg
My problem is, that de file ‘ENS Pratice PT Skills Assessment (PRSA)’ of CCNA 3 – v7 cannot be downloaded. An empty page is being shown when you try to downoad it. More persons has also this problem.
Kind regards,
Boris
CCNA3 – ENSA Practice PT Skills Assessment (PTSA) Answers can not be downloaded.
It indicates that it is updating.
Please help.
PT skills assessment not loading, CCNA 3 – ENSA Practice PT Skills Assessment (PTSA)
Really hope this gets added soon
PT skills assessment not loading