7/25/2019 Route Map CISCO LAB

1/7

1- 7 CCNP 1: Advanced Routing v 3.0 - Lab 8.5.2a Copyig!t2003" Ci#co $y#te%#" &nc.

Lab 8.5.2a Configuring Route Maps

Objective

&n t!i# 'ab" app'y a outing po'icy by con(iguing a oute %ap.

Scenario

&ntenationa' )ave' Agency %aintain# t*o +AN 'in,# (o% t!e +e#t )a#%an #ite to it# coe net*o,10.0.0.02. +e#t )a#%an i# a'#o e(eed to a# +e#ta#%an. /ne 'in, i# (u'' )1 o 1.5 bp#. )!eot!e 'in, i# a (actiona' )1 *it! a capacity o( 78 bp#. nde /$P4" +e#t )a#%an pe(e# t!e4u'' )1 'in, by vitue o( it# !ig!e band*idt! and 'o*e co#t. A'' ta((ic t!at oiginate# (o% t!e12.18.72.02 net*o, t!at i# de#tined (o t!e 10.0.0.02 net*o, need# to be outed t!oug! t!e(actiona' )1 'in,. )!i# )1 'in, !a# a Cypto 6o a''o*ing encyption and i%poved #ecuity. App'yt!i# po'icy by con(iguing a oute %ap on t!e +e#t )a#%an oute.

Step 16ui'd and con(igue t!e net*o, accoding to t!e diaga%. &n#ue t!at t!e band*idt! (o eac!#eia' inte(ace 'i#ted above i# #et to 15,bp#. o not con(igue t!e 'in, bet*een +e#ta#%an and$an9o#e2 a# a (actiona' )1 yet. +&C 2) and #tandad #eia' inte(ace# *i'' de(au't to 15,.

7/25/2019 Route Map CISCO LAB

2/7

2- 7 CCNP 1: Advanced Routing v 3.0 - Lab 8.5.2a Copyig!t2003" Ci#co $y#te%#" &nc.

$eia'inte(ace#t!atae$yncA#ync

*i'' de(au't to 128,. &( u#ing a +&C 2A$ in one o( t!e 'ab oute#" be #ue to adu#t t!e band*idt!initia''y to 15. Con(igue a'' inte(ace# (o /$P4 Aea 0. Con(igue ;o#t A and ;o#t 6 *it! &Padde##e# and de(au't gate*ay# a# indicated in t!e diaga%. &nitia''y con(igue t!e #eia' 'in,# (oe

7/25/2019 Route Map CISCO LAB

3/7

+e#ta#%an #!ou'd !ave one oute to t!e coe 4a#t>t!enet net*o, u#ing $00. /$P4 u#e#band*idt! to deive co#t (o eac! oute. +it! unet!enet 00" ente t!e (o''o*ingco%%and#:

Westasman-confi#interface fastethernet 0/0Westasman-confiif#no ip route-cacheWestasman-confiif#ip polic' route-map !"#$%&

Route %ap CR?P)/ i# no* app'ied to 4a#t>t!enet 00. )o vei(y t!i#" i##ue t!e

show ip interface fastethernet 0/0co%%and a# (o''o*#:

Westasman#show ip interface fastethernet 0/0ast!t"ernet0/0 is $, line rotocol is $nternet address is 192.168.72.1/24

3roadcast address is 2)).2)).2)).2))ddress determined %y set$ command5 is 1)00 %yteseler address is not setirected %roadcast forwardin is disa%led5$lticast reser+ed ro$s :oined 224.0.0.) 224.0.0.6'$toin access list is not setn%o$nd access list is not set;ro

7/25/2019 Route Map CISCO LAB

4/7

7/25/2019 Route Map CISCO LAB

5/7

)!e eit inte(ace #!ou'd !ave been $01.

4o% ;o#t C" u#e a tace oute poga% to tace t!e oute to 10.0.0.2 and ea%ine t!e output(o% t!e tace oute.

3. id t!i# tace !op t!oug! 12.18..1=

. 4o% *!ic! o( t!e inte(ace# o( +e#ta#%an did t!i# pac,et eit=

)!e &CP pac,et# o( ;o#t C too, a di((eent oute to net*o, 10.0.0.02. )!e ;o#t C &P adde##*a# denied by t!e acce## 'i#t a##ociated *it! t!e oute %ap. &t *a# not pe%itted to be po'icyouted.

4ina''y" i##ue t!e show route-mapco%%and on +e#ta#%an a# (o''o*#:

Westasman#show route-map !"#$%&ro$tema C=@;', ermit, se$ence 105atc" cla$sesi address -accesslists 101

&et cla$sesinterface &erial0/1

;olicy ro$tin matc"es ac?ets, 4149 %ytes

5. ;o* %any pac,et# !ave been %atc!ed (o po'icy outing=

Step 51. t!e net*o, con(iguation (ini#!ed=

$ecuity can be ea#i'y co%po%i#ed i( etun ta((ic to t!e 12.18.72.02 net*o, i# notetuned t!oug! t!e 'in, *it! t!e Cypto 6o. )!e (o''o*ing co%%and# *i'' co%p'ete t!e#cenaio.

/n oute $an9o#e1 ceate a oute-%ap na%ed R>)RN)RA44&C t!at *i'' oute a'' ta((icco%ing (o% t!e 10.0.0.02 net*o, to t!e $an9o#e2 net !op &P adde## 10.0.0.2.

&anDose1-confi#route-map "(%)"*+%",.! permit 10

7/25/2019 Route Map CISCO LAB

6/7

&anDose1-confiro$tema#match ip address 101&anDose1-confiro$tema#set interface fastethernet 0/0&anDose1-confiro$tema#set ip net-hop 10002

Ceate t!e acce## 'i#t t!at i# e(eenced in t!e above oute %ap.

&anDose1-confi#access-list 101 permit ip 10000 000255 192168720000255

Activate t!i# oute %ap by i##uing t!e (o''o*ing co%%and#:

&anDose1-confi#interface fastethernet 0/0&anDose1-confiif#no ip route-cache&anDose1-confiif#ip polic' route-map "(%)"*+%",.!

@ei(y t!at t!e oute %ap i# active *it! t!e show ip polic'o show ipinterface fastethernet 0/0co%%and a# (o''o*#:

&anDose1#show ip polic'nterface =o$te maa0/0 =!=AE=C

&anDose1#show ip interface fastethernet 0/0ast!t"ernet0/0 is $, line rotocol is $nternet address is 10.0.0.1/243roadcast address is 2)).2)).2)).2))ddress determined %y set$ command5 is 1)00 %yteseler address is not setirected %roadcast forwardin is disa%led5$lticast reser+ed ro$s :oined 224.0.0.) 224.0.0.6'$toin access list is not setn%o$nd access list is not set;ro

7/25/2019 Route Map CISCO LAB

7/7

&anDose2-confiro$tema#set interface serial 0/0

Ceate t!e acce## 'i#t t!at i# e(eenced in t!e above oute %ap.

&anDose2-confi#access-list 101 permit ip 10000 000255 192168720000255

Activate t!i# oute %ap by i##uing t!e (o''o*ing co%%and#:

&anDose2-confi#interface fastethernet 0/0&anDose2-confiif#no ip route-cache&anDose2-confiif#ip polic' route-map "(%)"*+%",.!

@ei(y t!at t!e oute %ap i# active *it! t!e show ip polic'o show ipinterface fastethernet 0/0co%%and a# (o''o*#:

&anDose2#show ip polic'nterface =o$te maa0/0 =!=AE=C

&anDose2#s"ow i interface fastet"ernet 0/0ast!t"ernet0/0 is $, line rotocol is $nternet address is 10.0.0.2/243roadcast address is 2)).2)).2)).2))ddress determined %y set$ command5 is 1)00 %yteseler address is not setirected %roadcast forwardin is disa%led5$lticast reser+ed ro$s :oined 224.0.0.) 224.0.0.6'$toin access list is not setn%o$nd access list is not set;ro