New Updated Cisco ICND2 200-101 Real Exam Download 291-300

Ensurepass

QUESTION 291

A network associate is configuring a router for the weaver company to provide internet access. The ISP has provided the company six public IP addresses of 198.18.184.105 198.18.184.110. The company has 14 hosts that need to access the internet simultaneously. The hosts in the company LAN have been assigned private space addresses in the range of 192.168.100.17 – 192.168.100.30.

 

The following have already been configured on the router:

 

Ÿ   The basic router configuration

Ÿ   The appropriate interfaces have been configured for NAT inside and NAT outside

Ÿ   The appropriate static routes have also been configured (since the company will be a stub network, no routing protocol will be required.)

Ÿ   All passwords have been temporarily set to “cisco”

 

clip_image001

 

Correct Answer:

The company has 14 hosts that need to access the internet simultaneously but we just have 6 public IP addresses from 198.18.184.105 to 198.18.184.110/29. Therefore we have to use NAT overload (or PAT)

 

Double click on the Weaver router to open it

 

Router>enable

Router#configure terminal

 

First you should change the router’s name to Weaver

 

Router(config)#hostname Weaver

 

Create a NAT pool of global addresses to be allocated with their netmask.

 

Weaver(config)#ip nat pool mypool 198.18.184.105 198.18.184.110 netmask

255.255.255.248

 

Create a standard access control list that permits the addresses that are to be translated

 

Weaver(config)#access-list 1 permit 192.168.100.16 0.0.0.15

 

Establish dynamic source translation, specifying the access list that was defined in the prior step

 

Weaver(config)#ip nat inside source list 1 pool mypool overload

 

This command translates all source addresses that pass access list 1, which means a source address from 192.168.100.17 to 192.168.100.30, into an address from the pool named mypool (the pool contains addresses from 198.18.184.105 to 198.18.184.110) Overload keyword allows to map multiple IP addresses to a single registered IP address (many-to- one) by using different ports.

 

The question said that appropriate interfaces have been configured for NAT inside and NAT outside statements.

 

This is how to configure the NAT inside and NAT outside, just for your understanding:

 

Weaver(config)#interface fa0/0

Weaver(config-if)#ip nat inside

Weaver(config-if)#exit

Weaver(config)#interface s0/0

Weaver(config-if)#ip nat outside

Weaver(config-if)#end

Finally, we should save all your work with the following command:

 

Weaver#copy running-config startup-config

 

Check your configuration by going to “Host for testing” and type:

 

C : >ping 192.0.2.114

 

The ping should work well and you will be replied from 192.0.2.114

 

 

QUESTION 292

clip_image003

 

Correct Answer:

Router>enable

Router#config terminal

Router(config)#hostname weaver

weaver(config)#ip nat pool test 198.18.191.145 198.18.191.150 255.255.255.248 weaver(config)#ip nat inside source list 1 pool test overload

weaver(config)#access-list 1 permit 192.168.108.32 0.0.0.31

weaver(config)#interface fa0/0

weaver(config-if)#ip address 192.168.108.62 255.255.255.224

weaver(config-if)#ip nat inside

weaver(config-if)#interface s0/0

weaver(config-if)#ip nat outside

 

 

 

QUESTION 293

clip_image005

 

Correct Answer:

Login Lab_A router.

Lab_A>enable password: cisco

Lab_A#config terminal

Lab_A(config)#router ospf 2

Lab_A(config-route)#no network 192.168.121.0 0.0.0.4 area 0

Lab_A(config-route)#network 192.168.121.0 0.0.0.3 area 0

Lab_RA(config-route)#end

Lab_A#copy run start

 

 

QUESTION 294

clip_image007

 

Correct Answer:

Select the console on Corp1 router

Configuring ACL

Corp1>enable

Corp1#configure terminal

comment: To permit only Host C (192.168.33.3){source addr} to access finance server address (172.22.242.23) {destination addr} on port number 80 (web) Corp1(config)#access-list 100 permit tcp host 192.168.33.3 host 172.22.242.23 eq 80

comment: To deny any source to access finance server address (172.22.242.23) {destination addr} on port number 80 (web)

 

Corp1(config)#access-list 100 deny tcp any host 172.22.242.23 eq 80

comment: To permit ip protocol from any source to access any destination because of the implicit deny any any statement at the end of ACL.

Corp1(config)#access-list 100 permit ip any any

Applying the ACL on the Interface

comment: Check show ip interface brief command to identify the interface type and number by checking the IP address configured.

 

Corp1(config)#interface fa 0/1

If the ip address configured already is incorrect as well as the subnet mask. This should be corrected in order ACL to work

type this commands at interface mode:

no ip address 192.x.x.x 255.x.x.x (removes incorrect configured ipaddress and subnet mask) Configure Correct IP Address and subnet mask:

ip address 172.22.242.30 255.255.255.240 ( range of address specified going to server is given as 172.22.242.17 – 172.22.242.30 )

comment: Place the ACL to check for packets going outside the interface towards the finance web server.

 

Corp1(config-if)#ip access-group 100 out

Corp1(config-if)#end

 

Important: To save your running config to startup before exit.

Corp1#copy running-config startup-config

 

Verifying the Configuration:

Step1: show ip interface brief command identifies the interface on which to apply access list. Step2: Click on each host A,B,C & D. Host opens a web browser page. Select address box of the web browser and type the ip address of finance web server(172.22.242.23) to test whether it permits /deny access to the finance web Server.

Step 3: Only Host C (192.168.33.3) has access to the server. If the other host can also access then maybe something went wrong in your configuration. check whether you configured correctly and in order.

Step 4: If only Host C (192.168.33.3) can access the Finance Web Server you can click on NEXT button to successfully submit the ACL SIM.

 

 

QUESTION 295

Lab-CLI

Central Florida Widgets recently installed a new router in their office. Complete the network installation by performing the initial router configurations and configuring R1PV2 routing using the router command line interface (CLI) on the RC.

 

Configure the router per the following requirements:

 

Name of the router is R2

Enable secret password is cisco

The password to access user EXEC mode using the console is cisco2

The password to allow telnet access to the router is cisco3

IPV4 addresses mast be configured as follows:

Ethernet network 209.165.201.0/27 – router has fourth assignable host address in subnet

Serial network is 192.0.2.176/28 – router has last assignable host address in the subnet.

Interfaces should be enabled.

Router protocol is RIPV2

 

Attention:

In practical examinations, please note the following, the actual information will prevail.

1. Name of the router is xxx

2. Enable. secret password is xxx

3. Password In access user EXEC mode using the console is xxx

4. The password to allow telnet access to the router is xxx

5. IP information

 

clip_image008

 

Correct Answer:

Router>enable

Router#config terminal

Router(config)#hostname R2

R2(config)#enable secret cisco

R2(config)#line console 0

R2(config-line)#password cisco2

R2(config-line)#exit

R2(config)#line vty 0 4

R2(config-line)#password cisco3

R2(config-line)#login

R2(config-line)#exit

R2(config)#interface fa0/0

R2(config-if)#no shutdown

R2(config-if)#ip address 209.165.201.4 255.255.255.224

R2(config)#interface s0/0/0

R2(config-if)#ip address 192.0.2.190 255.255.255.240

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#router rip

R2(config-router)#version 2

R2(config-router)#network 209.165.201.0

R2(config-router)#network 192.0.2.176

R2(config-router)#end

R2#copy run start

 

 

QUESTION 296

Lab-EIGRP

After adding RTR_2 router, no routing updates are being exchanged between RTR_1 and the new location. All other inter connectivity and internet accesses for the existing locations of the company are working properly.

 

clip_image009

clip_image009[1]clip_image009[2]clip_image009[3]clip_image009[4]clip_image009[5]

The task is to identify the fault(s) and correct the router configuration to provide full connectivity between the routers.

Access to the router CLI can be gained by clicking on the appropriate host.

All passwords on all routers are Cisco.

IP addresses are listed in the chart below.

 

Correct Answer:

RTR_A#show run

!

!

interface FastEthernet0/0

ip address 192.168.60.97 255.255.255.240

!

interface FastEthernet0/1

ip address 192.168.60.113 255.255.255.240

!

interface Serial0/0

ip address 192.168.36.14 255.255.255.252

!

router eigrp 212

network 192.168.36.0

network 192.168.60.0

no auto-summary

!

RTR_A#show ip route

192.168.36.0/30 is subnetted, 1 subnets

C 192.168.36.12 is directly connected, Serial 0/0

192.168.60.0/24 is variably subnetted, 5 subnets, 2 masks

C 192.168.60.96/28 is directly connected, FastEthernet0/0

C 192.168.60.112/28 is directly connected, FastEthernet0/1

D 192.168.60.128/28 [ 90/21026560 ] via 192.168.36.13, 00:00:57, Serial 0/0

D 192.168.60.144/28 [ 90/21026560 ] via 192.168.36.13, 00:00:57, Serial 0/0

D 192.168.60.24/30 [ 90/21026560 ] via 192.168.36.13, 00:00:57, Serial 0/0

D* 198.0.18.0 [ 90/21026560 ] via 192.168.36.13, 00:00:57, Serial 0/0

 

***************************************************************************

 

RTR_2#show run

!

!

interface FastEthernet0/0

ip address 192.168.77.34 255.255.255.252

!

interface FastEthernet0/1

ip address 192.168.60.65 255.255.255.240

!

interface FastEthernet1/0

ip address 192.168.60.81 255.255.255.240

!

!

 

router eigrp 22

network 192.168.77.0

network 192.168.60.0

no auto-summary

!

RTR_2#show ip route

192.168.60.0/28 is variably subnetted, 2 subnets

C 192.168.60.80 is directly connected, FastEthernet1/0

C 192.168.60.64 is directly connected, FastEthernet0/1

192.168.77.0/30 is subnetted, 1 subnets

C 192.168.77.32 is directly connected, FastEthernet0/0

 

**********************************************************

 

RTR_B#show run

!

interface FastEthernet0/0

ip address 192.168.60.129 255.255.255.240

!

interface FastEthernet0/1

ip address 192.168.60.145 255.255.255.240

!

interface Serial0/1

ip address 192.168.60.26 255.255.255.252

!

router eigrp 212

network 192.168.60.0

!

RTR_B#show ip route

192.168.60.0/24 is variably subnetted, 5 subnets, 2 masks

C 192.168.60.24/30 is directly connected, Serial0/1

C 192.168.60.128/28 is directly connected, FastEthernet0/0

C 192.168.60.144/28 is directly connected, FastEthernet0/1

D 192.168.60.96/28 [ 90/21026560 ] via 192.168.60.25, 00:00:57, Serial 0/1

D 192.168.60.112/28 [ 90/21026560 ] via 192.168.60.25, 00:00:57, Serial 0/1

192.168.36.0/30 is subnetted, 1 subnets

D 192.168.36.12 [ 90/21026560 ] via 192.168.60.25, 00:00:57, Serial 0/1

D* 198.0.18.0 [ 90/21026560 ] via 192.168.60.25, 00:00:57, Serial 0/1

 

**************************************************************************

 

RTR_1#show run

!

!

interface FastEthernet0/0

ip address 192.168.77.33 255.255.255.252

!

interface Serial1/0

ip address 198.0.18.6 255.255.255.0

clockrate 64000

!

!

interface Serial0/0

ip address 192.168.36.13 255.255.255.252

clockrate 64000

!

interface Serial0/1

ip address 192.168.60.25 255.255.255.252

clockrate 64000

!

!

router eigrp 212

network 192.168.36.0

network 192.168.60.0

network 192.168.85.0

network 198.0.18.0

no auto-summary

!

ip classless

ip default-network 198.0.18.0

ip route 0.0.0.0 0.0.0.0 198.0.18.5

ip http server

RTR_1#show ip route

192.168.36.0/30 is subnetted, 1 subnets

C 192.168.36.12 is directly connected, Serial 0/0

192.168.60.0/24 is variably subnetted, 5 subnets, 2 masks

C 192.168.60.24/30 is directly connected, Serial0/1

D 192.168.60.128/28 [ 90/21026560 ] via 192.168.60.26, 00:00:57, Serial 0/1

D 192.168.60.144/28 [ 90/21026560 ] via 192.168.60.26, 00:00:57, Serial 0/1

D 192.168.60.96/28 [ 90/21026560 ] via 192.168.36.14, 00:00:57, Serial 0/0

192.168.77.0/30 is subnetted, 1 subnets

C 192.168.77.32 is directly connected, FastEthernet0/0

C 192.0.18.0/24 is directly connected, Serial 1/0

*S 0.0.0.0 via 198.0.18.5

QUESTION 297

clip_image011

 

Correct Answer:

Router>enable

Router# config terminal

Router(config)# hostname munford

munford(config)#ip nat pool test 198.18.154.57 198.18.154.62 netmask 255.255.255.192 munford (config)#ip nat inside source list 1 pool test overload

munford (config)#access-list 1 permit 192.168.42.64. 0.0.0.31

munford (config)#interface fa0/0

munford (config-if)# ip address 192.168.42.94 255.255.255.224

munford (config-if)#ip nat inside

munford (config-if)#interface serial 0/0

munford (config-if)#ip nat outside

 

 

QUESTION 298

clip_image013

 

Correct Answer:

clip_image015

 

 

QUESTION 299

clip_image017

 

Correct Answer:

clip_image019

 

 

QUESTION 300

clip_image021

 

Correct Answer:

clip_image023

 

Download Latest Complete Collection of ICND2 200-101 Real Exam ,help you to pass exam 100%.

Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCNA Exams Questions and Answers

Leave a Reply