Ccna-2v7.0 Case Study -rev B- Review

Mastering the CCNA-2v7.0 Case Study (Rev B): A Complete Walkthrough and Analysis

Step 5.1: Standard ACL for Guest Restriction

R1(config)# access-list 1 deny 192.168.20.0 0.0.0.255
R1(config)# access-list 1 permit any

But wait – that denies Guest from everything. The requirement is usually: Guest can access internet, but not internal VLANs. So you need an extended ACL.

Layer 3 Verification:

[ ] show ip route – Default route (0.0.0.0/0) exists. Connected routes for all subinterfaces.
[ ] show ip dhcp binding – Clients have received IPs.
[ ] Ping from PC-A to R1’s subinterface → Success.
[ ] Ping from PC-A to PC-B (different VLAN) → Success (via router).
[ ] Ping from PC-B to server (Employee VLAN) → Should fail if ACL is applied correctly.
[ ] Ping from PC-B to 8.8.8.8 (ISP loopback) → Success.

Verification and Troubleshooting

Successful completion of the case study requires thorough verification using: ccna-2v7.0 case study -rev b-

show vlan brief to check VLAN-to-port assignments.
show interfaces trunk to verify trunking status.
show ip interface brief on routers.
ping and traceroute from end devices.
show ip dhcp binding for DHCP verification.

Common troubleshooting issues include mismatched native VLANs, incorrect subinterface encapsulation, and missing default gateways on hosts. Mastering the CCNA-2v7

3. Inter-VLAN Routing with Router-on-a-Stick

Since devices in different VLANs need to communicate (e.g., Management accessing a server in Operations), routing between VLANs is necessary. The case study implements a “Router-on-a-Stick” topology where the router’s single physical interface is divided into logical subinterfaces. But wait – that denies Guest from everything

Configuration on the router involves:

Enabling the physical interface with no shutdown.
Creating subinterfaces (e.g., interface g0/0.10, g0/0.20, g0/0.30).
Assigning 802.1Q VLAN IDs and IP addresses using encapsulation dot1Q vlan-id and ip address.
The switch port connecting to the router is configured as a trunk, carrying all VLANs.

Each subinterface serves as the default gateway for its respective VLAN. Verification includes show ip route and pinging between hosts on different VLANs.