Skip to main content

Ultimate CCNA Challenge Lab

After reading on different CCNA concepts, I thought I wanted to assess myself by building a network where almost all the concepts I learned will come and work altogether, a simulation lab which will test my familiarity with different Cisco CLI commands. I began by thinking, What do I want my network to do? What technologies I want to use to enable those functions? Then I started building the topology and I came up with this:

These are the CCNA concepts used in this lab:
  • VLANS and VTP
  • Inter-VLAN
  • WAN
  • IP Routing
  • NAT/PAT
  • ACL

I did this lab in Packet Tracer and lucky I was able to finish it. My approach was focus on one portion and list out what I need to accomplish on that portion of the network, like, for the Local Area Network, hosts on the same subnets should be able to communicate with each other and so on. 

I thought others might want to try this so I made a documentation which comes along with a Packet Tracer file with the topology already set up, but with clear configurations (except for some devices). I also included my finished Packet Tracer file which can be used for testing the final output.
At the end of this activity you should accomplish the following functions in the network:

  • Two VTP domains with VLANS
  • Hosts from different VLANS can communicate
  • Hosts from different networks can communicate over the WAN
  • Hosts can access the internal server (except those that are blocked by ACL)
  • Hosts can access the Internet (except those that are blocked by ACL)
  • Internal web server can be accessed from the Internet

Piece of cake right? So go ahead and hit the download link. 

 Download

Feel free to ask questions and please give some feedback to this lab after you have tried it. Good luck and happy labbing!!



UPDATE: 12/04/11 
I just have a correction in Step #2 - LAN with Inter-VLAN

c) S1, S2, S3 can be accessed through its management interface by Host A, B, C, D. (on the PC’s command prompt, successful telnet to each switch: password “cisco”). Then enable the switches to be accessed remotely (test this after accomplishing Step #4)

The command to enable the switches to be accessed remotely must be applied so that Host A, B, C, D can telnet to the switches in the first place. Because the management interface is in VLAN 30 and Host A, B, C, D are on different VLANs.

But of course accomplishing Step #4 will allow other hosts from remote networks (over the WAN) to telnet to this switches.


UPDATE: 12/2/2016 - 5th Year Annivesary: Pay any amount to Download PDF Lab Guide + Packet Tracer Files (includes finished version)


Note: For every confirmed payment, a one-time download link will be sent to your e-mail address. Kindly check your email.
Labels:

Comments

  1. xallax - www.ciscovce.comDecember 3, 2011 at 9:41 PM

    very very good!

    ReplyDelete
  2. PaplewskaDecember 7, 2011 at 2:59 AM

    Hi,

    I'm having trouble with the Frame-relay configs, but I cannot see the configs on the finished lab file as it is all protected. Any help?

    ReplyDelete
  3. vneDecember 7, 2011 at 3:19 AM

    Hi Paplewska

    What exactly is trouble you're having with frame-relay? Did you use point-to-point config? Try connecting and disconnecting the links (delete and restore) after configuring the interfaces.

    ReplyDelete
  4. PaplewskaDecember 7, 2011 at 7:10 AM

    Hi vne,

    Thanks for your answer. The problem I'm having is that the interfaces are up/down. pvc's are active and there are frame-relay maps on active status. Yes, I configured sub-interfaces and I tried deleting the whole config and starting it over. I also shut down the interface and enabled them again... nothing. The interface is still up/down but all show frame-relay commands appear to be perfectly fine. I have subinterfaces in MANILA with the IP address specified on the pdf and dlci numbers as per Serial3 of the frame relay cloud (102 and 103). On NAGA I have tried with subinterfaces and with the main interface, with a map on the interface and with interface-dlci statements on subinterfaces. Again nothing. dlci 201 as per cloud. On DAET, the same thing, using dlci 301.

    I'm going crazy now...

    ReplyDelete
  5. PaplewskaDecember 7, 2011 at 7:31 AM

    vne,

    I just figured out what was going on... I didn't set the clocking on the DCE interface in MANILA! Silly me!

    Thanks for this lab, it's awesome!

    ReplyDelete
  6. vneDecember 7, 2011 at 7:45 AM

    Yes, the up/down state can be caused by either encapsulation mismatch, keepalive, and clock rate (issues with Layer2). Atleast the next time you encounter that problem you know where to look first...clock rate! :D

    You're welcome. Are u taking CCNA soon? Good luck.

    ReplyDelete
  7. PaplewskaDecember 8, 2011 at 12:39 AM

    Hi,

    Yeah, I've got the exam next week 13th Dec. I have finished your lab except for one thing. I cannot figure out how to make the internal web page show on the external server. Any pointers?

    Thanks!

    ReplyDelete
  8. vneDecember 8, 2011 at 3:28 AM

    That part is really tricky. I didn't even read that information on CCNA books, but on learningnetwork.cisco.com. The answer is static NAT. Congratulations on finishing the lab!

    ReplyDelete
  9. BodeyMDecember 9, 2011 at 3:54 PM

    Impressive... well done.

    ReplyDelete
  10. TechRecur.comJanuary 5, 2012 at 1:27 AM

    Hi,

    anyone can you please tell me that it is necessary to give clock on every routing protocol. or its for some routing protocols.

    ReplyDelete
  11. vneJanuary 17, 2012 at 7:56 AM

    @TechRecur Are you referring to the clock rate command? Then clock rate has nothing to do with routing protocols. You can read this post I found http://tekcert.com/blog/2011/12/23/clock-rate-versus-bandwidth

    ReplyDelete
  12. allday creamyApril 13, 2012 at 10:14 AM

    Has anybody completed this lab please I want to see if I did it correctly.

    ReplyDelete
  13. vneApril 15, 2012 at 11:46 PM

    There is a checklist if you open the finished packet tracer lab file I included.

    ReplyDelete
  14. ZuJuly 6, 2012 at 9:12 AM

    Can you do a youtube video, walking us through for newbies like me .. ty

    ReplyDelete
  15. Chad BurtDecember 14, 2012 at 10:44 AM

    Thanks for posting this. I just passed my ICND2 exam and this lab was a tremendous help. You are the best.

    ReplyDelete
  16. vneDecember 17, 2012 at 7:43 PM

    Congrats! I'm really happy for you and glad that this lab was able to help you. Cheers! :)

    ReplyDelete
  17. Ashwin RSeptember 24, 2013 at 2:15 PM

    PC has a default gateway of a network address......

    IP address 192.168.10.1
    Subnetmask 255.255.254.0
    Default Gateway : 192.168.10.0

    That's weird. How did you come up with that.... That is not correct.

    ReplyDelete
  18. VanessaOctober 2, 2013 at 2:28 PM

    Hi Ashwin. I purposely used that IP address and that is correct. It is not a network address since the subnet mask is 255.255.254.0 with 510 usable addresses.

    ReplyDelete
  19. cyrusJanuary 24, 2015 at 10:49 AM

    Hi, I have configured Frame relay and for some strange reason eigrp is not working.
    after typing the network statements no neighbor relation formed. I have checked the k values as well but nothing happens. Could this be because of Wine program i am using to emulate packet tracer?

    Please help

    ReplyDelete
  20. cyrusJanuary 24, 2015 at 10:50 AM

    MAY be u can add HSRP and GLBP to this lab ?

    ReplyDelete

Post a Comment