Hi,
Ive been geeting request on modifying the practice labs for Proctorlabs rack
Find attached the modified initial configs for LAB1.
When you see R1(R7). This implies R1 on the lab and R7 on proctorlabs rack.
SW1(CAT3) this implies SW1 on the lab and CAT3 on the rack etc.
Where they are the same you dont see the brackets.
NOTE: there shouldnt be any initial config for ASA1.
All the best.
!********************************
!* *
!* ASA2 Initial Configuration *
!* *
!********************************
hostname ASA2
enable password cisco
passwd cisco
names
!
interface Ethernet0/0
no nameif
no security-level
no ip address
no shutdown
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.10.10 255.255.255.0
no shutdown
!
interface Ethernet0/2
no nameif
no security-level
no ip address
no shutdown
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Management0/0
shutdown
no nameif
no security-level
no ip address
management-only
!
interface Redundant1
member-interface Ethernet0/0
member-interface Ethernet0/2
nameif outside
security-level 0
ip address 192.168.9.10 255.255.255.0
no shutdown
!
access-list 100 extended permit icmp any any
icmp unreachable rate-limit 1 burst-size 1
access-group 100 in interface outside
!
router eigrp 10
no auto-summary
network 192.168.10.0 255.255.255.0
redistribute ospf 1 metric 1 1 1 1 1
!
router ospf 1
network 192.168.9.0 255.255.255.0 area 0
log-adj-changes
redistribute eigrp 10 metric 1 subnets
!
route outside 0.0.0.0 0.0.0.0 192.168.9.4 1 track 1
route outside 0.0.0.0 0.0.0.0 192.168.9.3 2
dynamic-access-policy-record DfltAccessPolicy
sla monitor 444
type echo protocol ipIcmpEcho 10.4.4.4 interface outside
num-packets 3
frequency 5
sla monitor schedule 444 life forever start-time now
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
!
track 1 rtr 444 reachability
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
!
service-policy global_policy global
prompt hostname context
: end
[OK]
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
ip tcp synwait-time 5
!
crypto isakmp policy 10
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
mode transport
!
crypto ipsec profile dmvpn
set transform-set cisco
!
interface Loopback1
ip address 11.11.11.11 255.255.255.255
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface f0/1
no shut
interface f0/1.1
encap dot1 3
ip address 192.168.3.11 255.255.255.0
!
!
interface f0/1.2
encap dot1 2
ip address 192.168.2.11 255.255.255.0
!
!
!
interface Tunnel1
bandwidth 1000
ip address 172.1.0.1 255.255.255.0
no ip redirects
ip mtu 1360
ip nhrp authentication cisco
ip nhrp map multicast dynamic
ip nhrp network-id 11
ip nhrp holdtime 300
no ip split-horizon eigrp 100
delay 1100
tunnel source f0/1.1
tunnel mode gre multipoint
tunnel key 11
tunnel protection ipsec profile dmvpn
!
router eigrp 100
network 11.11.11.0 0.0.0.255
network 172.1.0.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.2.1
ip route 10.0.0.0 255.0.0.0 192.168.3.10
ip route 172.17.0.0 255.255.0.0 192.168.3.10
ip route 192.168.0.0 255.255.0.0 192.168.3.10
ip http server
no ip http secure-server
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
end
!********************************
!* *
!* R2 Initial Configuration *
!* *
!********************************
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
ip tcp synwait-time 5
!
crypto isakmp policy 10
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
mode transport
!
crypto ipsec profile dmvpn
set transform-set cisco
!
interface Loopback1
ip address 22.22.22.22 255.255.255.0
!
interface Loopback0
ip address 10.2.2.2 255.255.255.0
!
interface f0/1
no shut
!
interface f0/1.1
encap dot1 4
ip address 192.168.4.11 255.255.255.0
!
interface f0/1.2
encap dot1 5
ip address 192.168.5.11 255.255.255.0
!
!
interface Tunnel1
bandwidth 1000
ip address 172.1.0.2 255.255.255.0
no ip redirects
ip mtu 1360
ip nhrp authentication cisco
ip nhrp map multicast 192.168.3.11
ip nhrp map 172.1.0.1 192.168.3.11
ip nhrp network-id 11
ip nhrp holdtime 300
ip nhrp nhs 172.1.0.1
delay 1100
tunnel source f0/1.1
tunnel mode gre multipoint
tunnel key 1
tunnel protection ipsec profile dmvpn
!
router eigrp 100
network 22.22.22.0 0.0.0.255
network 172.1.0.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.4.10
ip http server
no ip http secure-server
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
end
!********************************
!* *
!* R3 Initial Configuration *
!* *
!********************************
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
ip tcp synwait-time 5
!
interface Loopback0
ip address 10.3.3.3 255.255.255.0
!
interface Loopback10
ip address 172.17.3.3 255.255.255.0
!
!
interface f1/1
no switchport
ip address 192.168.9.3 255.255.255.0
!
interface Serial0/2/0
ip address 192.168.35.3 255.255.255.0
encapsulation ppp
ip ospf network point-to-point
no fair-queue
no shutdown
!
router ospf 1
log-adjacency-changes
network 10.3.3.0 0.0.0.255 area 0
network 172.17.3.0 0.0.0.255 area 0
network 192.168.9.0 0.0.0.255 area 0
network 192.168.35.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
end
!********************************
!* *
!* R4 Initial Configuration *
!* *
!********************************
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
!
frame-relay switching
ip tcp synwait-time 5
!
crypto isakmp policy 10
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set cisco esp-3des esp-md5-hmac
mode transport
!
crypto ipsec profile dmvpn
set transform-set cisco
!
interface Loopback1
ip address 44.44.44.44 255.255.255.0
!
interface Loopback0
ip address 10.4.4.4 255.255.255.0
!
!
interface f0/1
ip address 192.168.9.4 255.255.255.0
no shutdown
!
interface Serial0/0/0
no shut
encap frame
!
!
interface Serial0/0/0.1 point-to-point
ip address 192.168.64.4 255.255.255.0
ip ospf network point-to-point
frame-relay interface-dlci 406
no shutdown
!
!
interface Tunnel1
bandwidth 1000
ip address 172.1.0.4 255.255.255.0
no ip redirects
ip mtu 1360
ip nhrp authentication cisco
ip nhrp map 192.168.3.11 172.1.0.1
ip nhrp map multicast 192.168.3.11
ip nhrp nhs 172.1.0.1
delay 1100
tunnel source Serial0/0/0.1
tunnel mode gre multipoint
tunnel key 11
tunnel protection ipsec profile dmvpn
!
router eigrp 100
network 44.44.44.0 0.0.0.255
network 172.1.0.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
network 10.4.4.0 0.0.0.255 area 0
network 192.168.9.0 0.0.0.255 area 0
network 192.168.64.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
scheduler allocate 20000 1000
end
!********************************
!* *
!* R5 Initial Configuration *
!* *
!********************************
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R5
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
frame-relay switching
ip tcp synwait-time 5
!
interface Loopback0
ip address 10.5.5.5 255.255.255.0
!
interface Loopback5
ip address 10.55.55.55 255.255.255.255
ip nat inside
!
!
interface f0/1
ip address 192.168.11.10 255.255.255.0
no shutdown
!
interface Serial0/2/0
ip address 192.168.35.5 255.255.255.0
encapsulation ppp
ip ospf network point-to-point
no fair-queue
clock rate 2000000
ip nat outside
no shutdown
!
interface Serial0/1/0
no shut
encap frame
!
interface Serial0/1/0.1 point-to-point
ip address 192.168.65.5 255.255.255.0
ip ospf network point-to-point
frame-relay interface-dlc 506
no shutdown
!
router ospf 1
log-adjacency-changes
network 10.5.5.0 0.0.0.255 area 0
network 10.55.55.0 0.0.0.255 area 0
network 192.168.35.0 0.0.0.255 area 0
network 192.168.65.0 0.0.0.255 area 0
!
ip http server
no ip http secure-server
!
access-list 102 permit ip any host 10.55.55.55
!
route-map s1 permit 10
match ip address 102
match interface Serial0/1/0.1
!
route-map s0 permit 10
match ip address 102
match interface Serial0/2/0
!
!
ip nat inside source route-map s0 interface Serial0/2/0 overload
ip nat inside source route-map s1 interface Serial0/1/0.1 overload
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
end
!********************************
!* *
!* R6 Initial Configuration *
!* *
!********************************
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
no logging console
enable password cisco
no aaa new-model
ip source-route
ip cef
no ip domain lookup
ip domain name cisco.com
no ipv6 cef
ip tcp synwait-time 5
!
interface Loopback0
ip address 10.6.6.6 255.255.255.0
!
interface Loopback10
ip address 172.17.6.6 255.255.255.0
!
interface f0/1
no shut
!
interface f0/1.1
encap dot1 102
ip address 192.168.7.11 255.255.255.0
!
interface f0/1.2
encap dot1 202
ip address 192.168.6.11 255.255.255.0
!
interface Serial0/1/0
no shut
encap frame
!
interface Serial0/1/0.1 point-to-point
ip address 192.168.64.6 255.255.255.0
ip ospf network point-to-point
frame-relay interface-dlci 604
no shutdown
!
!
interface Serial0/1/0.2 point-to-point
ip address 192.168.65.6 255.255.255.0
ip access-group 101 in
ip ospf network point-to-point
frame-relay interface-dlci 605
no shutdown
!
router ospf 1
log-adjacency-changes
redistribute connected metric 1 subnets
redistribute static metric 1 subnets
network 10.6.6.0 0.0.0.255 area 0
network 172.17.6.0 0.0.0.255 area 0
network 192.168.64.0 0.0.0.255 area 0
network 192.168.65.0 0.0.0.255 area 0
!
ip forward-protocol nd
ip route 10.1.1.0 255.255.255.0 192.168.6.10
ip route 10.2.2.0 255.255.255.0 192.168.6.10
ip route 10.7.7.0 255.255.255.0 192.168.7.10
ip route 172.16.1.0 255.255.255.0 192.168.7.10
ip route 192.168.2.0 255.255.255.0 192.168.6.10
ip route 192.168.3.0 255.255.255.0 192.168.6.10
ip route 192.168.4.0 255.255.255.0 192.168.6.10
ip route 192.168.5.0 255.255.255.0 192.168.6.10
ip route 192.168.8.0 255.255.255.0 192.168.7.10
no ip http server
no ip http secure-server
!
access-list 101 deny icmp host 10.55.55.55 any
access-list 101 deny icmp host 192.168.65.5 any
access-list 101 deny icmp host 192.168.35.5 any
access-list 101 permit ip any any
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
!
end
!********************************
!* *
!* Sw1 Initial Configuration *
!* *
!********************************
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Sw1
!
vtp mode server
vtp domain ccie
vtp password cisco
!
vlan 2
vlan 3
vlan 4
vlan 5
vlan 9
vlan 50
vlan 101
vlan 102
vlan 201
vlan 202
!
no logging console
enable password cisco
ip subnet-zero
ip tcp synwait-time 5
no ip domain lookup
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
ip domain-name cisco.com
ip tcp synwait-time 5
!
vlan access-map abc 10
action drop
match ip address 101
vlan access-map abc 20
action forward
!
vlan filter abc vlan-list 4
!
interface Loopback0
ip address 10.7.7.7 255.255.255.0
!
interface Loopback1
ip address 172.16.1.1 255.255.255.0
!
!
interface FastEthernet0/2
switchport access vlan 9
switchport mode access
!
!
interface FastEthernet0/4
switchport access vlan 9
switchport mode access
!
interface FastEthernet0/5
no switchport
ip address 192.168.11.11 255.255.255.0
!
!
interface FastEthernet0/10
switchport access vlan 101
switchport mode access
!
interface FastEthernet0/11
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/12
switchport access vlan 201
switchport mode access
!
interface FastEthernet0/13
no switchport
ip address 192.168.8.11 255.255.255.0
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 5
switchport mode access
!
interface FastEthernet0/23
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.8.10
ip http server
ip http secure-server
!
!
access-list 101 permit ip host 192.168.4.11 host 192.168.3.11
access-list 101 permit ip host 192.168.4.11 host 192.168.64.4
!!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 5 15
login
!
end
!********************************
!* *
!* Sw2 Initial Configuration *
!* *
!********************************
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Sw2
vtp mode Client
vtp domain ccie
vtp password cisco
!
no logging console
enable password cisco
ip subnet-zero
ip tcp synwait-time 5
no ip domain lookup
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
ip domain-name cisco.com
ip tcp synwait-time 5
!
interface Loopback0
ip address 10.8.8.8 255.255.255.0
!
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 102,202
switchport mode trunk
!
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,3
switchport mode trunk
!
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 4,5
switchport mode trunk
!
!
!
interface FastEthernet0/10
switchport access vlan 9
switchport mode access
!
interface FastEthernet0/11
no switchport
ip address 192.168.10.11 255.255.255.0
!
interface FastEthernet0/12
switchport access vlan 9
switchport mode access
!
interface FastEthernet0/13
!
interface FastEthernet0/14
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/15
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 101,102
switchport mode trunk
!
interface FastEthernet0/16
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 201,202
switchport mode trunk
!
interface FastEthernet0/23
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
!
interface FastEthernet0/24
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
!
router eigrp 10
no auto-summary
network 10.8.8.0 0.0.0.255
network 192.168.10.0
!
ip classless
ip http server
ip http secure-server
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
transport input telnet
line vty 5 15
login
!
end
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
