Lab 2.5.2 - Challenge PPP Configuration (Answers)

Lab 2.5.2 – Challenge PPP Configuration (Answers)

Topology Diagram

Lab 2.5.2 - Challenge PPP Configuration (Answers) 2

Addressing Table

Device	Interface	IP Address	Subnet Mask	Default Gateway
R1	Fa0/1	10.0.0.1	255.255.255.128	N/A
	S0/0/0	172.16.0.1	255.255.255.252	N/A
	S0/0/1	172.16.0.9	255.255.255.252	N/A
R2	Lo0	209.165.200.161	255.255.255.224	N/A
	S0/0/0	172.16.0.2	255.255.255.252	N/A
	S0/0/1	172.16.0.5	255.255.255.252	N/A
R3	Fa0/1	10.0.0.129	255.255.255.128	N/A
	S0/0/0	172.16.0.10	255.255.255.252	N/A
	S0/0/1	172.16.0.6	255.255.255.252	N/A
PC1	NIC	10.0.0.10	255.255.255.128	10.0.0.1
PC3	NIC	10.0.0.139	255.255.255.128	10.0.0.129

Learning Objectives

To complete this lab:

Cable a network according to the topology diagram
Erase the startup configuration and reload a router to the default state
Perform basic configuration tasks on a router
Configure and activate interfaces
Configure OSPF routing on all routers
Configure PPP encapsulation on all serial interfaces
Change the encapsulation on the serial interfaces from PPP to HDLC
Intentionally break and restore PPP encapsulation
Configure PPP CHAP authentication
Intentionally break and restore PPP CHAP authentication

Scenario

In this lab, you will learn how to configure PPP encapsulation on serial links using the network shown in the topology diagram. You will also configure PPP CHAP authentication. If you need assistance, refer back to the Basic PPP Configuration lab, but try to do as much on your own as possible.

Task 1: Prepare the Network

Step 1: Cable a network that is similar to the one in the topology diagram.

Step 2: Clear any existing configurations on the routers.

Task 2: Perform Basic Router Configuration

Configure the R1, R2, and R3 routers according to the following guidelines:

Configure the router hostname.
Disable DNS lookup.
Configure an EXEC mode password.
Configure a message-of-the-day banner.
Configure a password for console connections.
Configure synchronous logging.
Configure a password for vty connections.

enable
configure terminal
no ip domain-lookup
enable secret class
banner motd ^CUnauthorized access strictly prohibited and prosecuted
to the full extent of the law^C
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
 password cisco
 login
!
line vty 0 4
password cisco
login
end
copy running-config starting-config

Task 3: Configure and Activate Serial and Ethernet Addresses

Step 1: Configure interfaces on R1, R2, and R3.

!
interface FastEthernet0/1
 ip address 10.0.0.1 255.255.255.128
 no shutdown
!

interface Serial0/0/0
 ip address 172.16.0.1 255.255.255.252
 no shutdown
 clock rate 64000
!
interface Serial0/0/1
 ip address 172.16.0.9 255.255.255.252
 no shutdown

!
interface Loopback0
 ip address 209.165.200.161 255.255.255.224
!
!
interface Serial0/0/0
 ip address 172.16.0.2 255.255.255.252
 no shutdown
!
interface Serial0/0/1
 ip address 172.16.0.5 255.255.255.252
 clock rate 64000
 no shutdown

!
interface FastEthernet0/1
 ip address 10.0.0.129 255.255.255.128
no shutdown
!
interface Serial0/0/0
 ip address 172.16.0.10 255.255.255.252
 no shutdown
!
interface Serial0/0/1
 ip address 172.16.0.6 255.255.255.252
 clock rate 64000
 no shutdown

Step 2: Verify IP addressing and interfaces.

R1#show ip interface brief
Interface       IP-Address   OK? Method Status                Protocol
FastEthernet0/0 unassigned   YES manual administratively down down
FastEthernet0/1 10.0.0.1     YES manual up                    up
Serial0/0/0     172.16.0.1   YES manual up                    up
Serial0/0/1     172.16.0.9   YES manual up                    up

R2#show ip interface brief
Interface       IP-Address      OK? Method Status                Protocol
FastEthernet0/0 unassigned      YES unset  administratively down down
FastEthernet0/1 unassigned      YES unset  administratively down down
Serial0/0/0     172.16.0.2      YES manual up                    up
Serial0/0/1     172.16.0.5      YES manual up                    up
Loopback0       209.165.200.161 YES manual up                    up

R3#show ip interface brief
Interface       IP-Address      OK? Method Status                Protocol
FastEthernet0/0 unassigned      YES unset  administratively down down
FastEthernet0/1 10.0.0.129      YES manual up                    up
Serial0/0/0     172.16.0.10     YES manual up                    up
Serial0/0/1     172.16.0.6      YES manual up                    up

Step 3: Configure the Ethernet interfaces of PC1 and PC3.

Step 4: Test connectivity between the PCs.

Task 4: Configure OSPF on Routers

Step 1: Enable OSPF routing on the routers.

!
router ospf 1
 network 10.0.0.0 0.0.0.127 area 0
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.0.8 0.0.0.3 area 0
!

! 
router ospf 1
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.0.4 0.0.0.3 area 0
 network 209.165.200.160 0.0.0.31 area 0
!

!
router ospf 1
 network 10.0.0.128 0.0.0.127 area 0
 network 172.16.0.4 0.0.0.3 area 0
 network 172.16.0.8 0.0.0.3 area 0
!

Step 2: Verify that you have full network connectivity.

R1#show ip route

<output omitted>

     172.16.0.0/30 is subnetted, 3 subnets
C       172.16.0.8 is directly connected, Serial0/0/1
O       172.16.0.4 [110/1562] via 172.16.0.10, 00:09:11, Serial0/0/1
                   [110/1562] via 172.16.0.2, 00:09:11, Serial0/0/0
C       172.16.0.0 is directly connected, Serial0/0/0
     209.165.200.0/32 is subnetted, 1 subnets
O       209.165.200.161 [110/782] via 172.16.0.2, 00:09:11, Serial0/0/0
     10.0.0.0/25 is subnetted, 2 subnets
C       10.0.0.0 is directly connected, FastEthernet0/1
O       10.0.0.128 [110/782] via 172.16.0.10, 00:09:11, Serial0/0/1

R1#ping 209.165.200.161

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.165.200.161, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R1#ping 10.0.0.129

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R2#show ip route

<output omitted>

     172.16.0.0/30 is subnetted, 3 subnets
O       172.16.0.8 [110/1562] via 172.16.0.6, 00:12:42, Serial0/0/1
                   [110/1562] via 172.16.0.1, 00:12:42, Serial0/0/0
C       172.16.0.4 is directly connected, Serial0/0/1
C       172.16.0.0 is directly connected, Serial0/0/0
     209.165.200.0/27 is subnetted, 1 subnets
C       209.165.200.160 is directly connected, Loopback0
     10.0.0.0/25 is subnetted, 2 subnets
O       10.0.0.0 [110/782] via 172.16.0.1, 00:12:42, Serial0/0/0
O       10.0.0.128 [110/782] via 172.16.0.6, 00:12:42, Serial0/0/1

R2#ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R2#ping 10.0.0.129

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.129, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms

R3#show ip route

<output omitted>

     172.16.0.0/30 is subnetted, 3 subnets
C       172.16.0.8 is directly connected, Serial0/0/0
C       172.16.0.4 is directly connected, Serial0/0/1
O       172.16.0.0 [110/1562] via 172.16.0.9, 00:14:14, Serial0/0/0
                   [110/1562] via 172.16.0.5, 00:14:14, Serial0/0/1
     209.165.200.0/32 is subnetted, 1 subnets
O       209.165.200.161 [110/782] via 172.16.0.5, 00:14:14, Serial0/0/1
     10.0.0.0/25 is subnetted, 2 subnets
O       10.0.0.0 [110/782] via 172.16.0.9, 00:14:14, Serial0/0/0
C       10.0.0.128 is directly connected, FastEthernet0/1

R3#ping 209.165.200.161

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.165.200.161, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
R3#ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms

Task 5: Configure PPP Encapsulation on Serial Interfaces

Step 1: Configure PPP on the serial interfaces of all three routers.

interface Serial0/0/0
 encapsulation ppp
!
interface Serial0/0/1
 encapsulation ppp

interface Serial0/0/0
 encapsulation ppp
!
interface Serial0/0/1
 encapsulation ppp

interface Serial0/0/0
 encapsulation ppp
!
interface Serial0/0/1
encapsulation ppp

Step 2: Verify that all serial interfaces are using PPP encapsulation.

R1#show interface serial0/0/0
Serial0/0/0 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.1/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

R1#show interface serial0/0/1
Serial0/0/1 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.9/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

R2#show interface serial0/0/0
Serial0/0/0 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.2/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

R2#show interface serial0/0/1
Serial0/0/1 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.5/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

R3#show interface serial0/0/0
Serial0/0/0 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.10/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

R3#show interface serial0/0/1
Serial0/0/1 is up, line protocol is up
  Hardware is GT96K Serial
  Internet address is 172.16.0.6/30
  MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open
  Open: CDPCP, IPCP, loopback not set

Task 6: Intentionally Break and Restore PPP Encapsulation

Step 1: Choose a way to break PPP encapsulation on the network.

interface Serial0/0/0
 encapsulation hdlc

interface Serial0/0/1
 encapsulation hdlc

interface Serial0/0/0
 encapsulation hdlc

Step 2: Restore full connectivity to your network.

interface Serial0/0/0
 encapsulation ppp

interface Serial0/0/1
 encapsulation ppp

interface Serial0/0/0
 encapsulation ppp

Step 3: Verify full connectivity to your network.

R1#show ip route
R2#show ip route
R3#show ip route
username R2 password cisco
username R3 password cisco
interface serial0/0/0
ppp authentication chap
interface serial0/0/1
ppp authentication chap

Task 7: Configure PPP CHAP Authentication

Step 1: Configure PPP CHAP authentication on all serial links.

username R2 password cisco
username R3 password cisco
interface serial0/0/0
ppp authentication chap
interface serial0/0/1
ppp authentication chap

username R1 password cisco
username R3 password cisco
interface serial0/0/0
ppp authentication chap
interface serial0/0/1
ppp authentication chap

username R1 password cisco
username R2 password cisco
interface serial0/0/0
ppp authentication chap
interface serial0/0/1
ppp authentication chap

Step 2: Verify PPP CHAP authentication on all serial links.

R1#show ip interface brief
Interface       IP-Address    OK? Method Status                Protocol
FastEthernet0/0 unassigned    YES manual administratively down down
FastEthernet0/1 10.0.0.1      YES manual up                    up
Serial0/0/0     172.16.0.1    YES manual up                    up
Serial0/0/1     172.16.0.9    YES manual up                    up

R2#show ip interface brief
Interface       IP-Address      OK? Method Status                Protocol
FastEthernet0/0 unassigned      YES unset  administratively down down
FastEthernet0/1 unassigned      YES unset  administratively down down
Serial0/0/0     172.16.0.2      YES manual up                    up
Serial0/0/1     172.16.0.5      YES manual up                    up
Loopback0       209.165.200.161 YES manual up                    up

R3#show ip interface brief
Interface       IP-Address      OK? Method Status                Protocol
FastEthernet0/0 unassigned      YES unset  administratively down down
FastEthernet0/1 10.0.0.129      YES manual up                    up
Serial0/0/0     172.16.0.10     YES manual up                    up
Serial0/0/1     172.16.0.6      YES manual up                    up

Task 8: Intentionally Break and Restore PPP CHAP Authentication

Step 1: Choose a way to break PPP CHAP authentication on one or more serial links.

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface serial 0/0/0
R1(config-if)#no ppp authentication chap
R1(config-if)#ppp authentication pap
R1(config-if)#interface serial0/0/1
R1(config-if)#no ppp authentication chap
R1(config-if)#ppp authentication pap
R1(config-if)#^Z
R1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R1#reload

Step 2: Verify that PPP CHAP authentication is broken.

R1#show ip interface brief
Interface       IP-Address    OK? Method Status                Protocol
FastEthernet0/0 unassigned    YES NVRAM  administratively down down
FastEthernet0/1 10.0.0.1      YES NVRAM  up                    up
Serial0/0/0     172.16.0.1    YES NVRAM  up                    down
Serial0/0/1     172.16.0.9    YES NVRAM  up                    down

Step 3: Restore PPP CHAP authentication on all serial links.

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface serial0/0/0
R1(config-if)#ppp authentication chap
R1(config-if)#interface serial0/0/1
R1(config-if)#ppp authentication chap
R1(config-if)#^Z
R1#

Step 4: Verify PPP CHAP authentication on all serial links.

R1#show ip interface brief
Interface       IP-Address    OK? Method Status                Protocol
FastEthernet0/0 unassigned    YES NVRAM  administratively down down
FastEthernet0/1 10.0.0.1      YES NVRAM  up                    up
Serial0/0/0     172.16.0.1    YES NVRAM  up                    up
Serial0/0/1     172.16.0.9    YES NVRAM  up                    up

Task 9: Document the Router Configurations

R1#show run
!<output omitted>
!
hostname R1
!
!
enable secret class
!
!
no ip domain lookup
!
username R3 password 0 cisco
username R2 password 0 cisco
!
!
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.128
no shutdown
!
interface Serial0/0/0
ip address 172.16.0.1 255.255.255.252
encapsulation ppp
clockrate 64000
ppp authentication chap
no shutdown
!
interface Serial0/0/1
ip address 172.16.0.9 255.255.255.252
encapsulation ppp
ppp authentication chap
no shutdown
!
!
router ospf 1
network 10.0.0.0 0.0.0.127 area 0
network 172.16.0.0 0.0.0.3 area 0
network 172.16.0.8 0.0.0.3 area 0
!
!
banner motd ^CCUnauthorized access strictly prohibited and prosecuted
to the full extent of the law^C
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
 login
line aux 0
line vty 0 4
password cisco
login
!
end

R2#show run
!<output omitted>
!
hostname R2
!
!
enable secret class
!
!
no ip domain lookup
!
username R1 password 0 cisco
username R3 password 0 cisco
!
!
!
interface Loopback0
ip address 209.165.200.161 255.255.255.224
!
!
interface Serial0/0/0
ip address 172.16.0.2 255.255.255.252
encapsulation ppp
ppp authentication chap
no shutdown
!
interface Serial0/0/1
ip address 172.16.0.5 255.255.255.252
encapsulation ppp
clockrate 64000
ppp authentication chap
no shutdown
!
!
router ospf 1
network 172.16.0.0 0.0.0.3 area 0
network 172.16.0.4 0.0.0.3 area 0
network 209.165.200.160 0.0.0.31 area 0
!
!
banner motd ^CCUnauthorized access strictly prohibited and prosecuted
to the full extent of the law^C
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
end

R3#show run
!<output omitted>
!
hostname R3
!
!
enable secret class
!
!
no ip domain lookup
!
username R1 password 0 cisco
username R2 password 0 cisco
!
!
interface FastEthernet0/1
ip address 10.0.0.129 255.255.255.128
no shutdown
!
interface Serial0/0/0
ip address 172.16.0.10 255.255.255.252
encapsulation ppp
clockrate 64000
ppp authentication chap
no shutdown
!
interface Serial0/0/1
ip address 172.16.0.6 255.255.255.252
encapsulation ppp
ppp authentication chap
no shutdown
!
router ospf 1
network 10.0.0.128 0.0.0.127 area 0
network 172.16.0.4 0.0.0.3 area 0
network 172.16.0.8 0.0.0.3 area 0
!
!
banner motd ^CCUnauthorized access strictly prohibited and prosecuted
to the full extent of the law^C
!
line con 0
exec-timeout 0 0
password cisco
 logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
end

Task 10: Clean Up

Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that are normally connected to other networks, such as the school LAN or the Internet, reconnect the appropriate cabling and restore the TCP/IP settings.