CCNP Lab 006 Solution: HSRP And Switch Security

2y ago
127 Views
35 Downloads
276.58 KB
37 Pages
Last View : 2m ago
Last Download : 2m ago
Upload by : Hayden Brunner
Transcription

8/10/2016CCNP Lab 006 Solution: HSRP and Switch GNYou are here: Home / 101 CCNP Labs Solutions / CCNP Lab 006 Solution: HSRP andSwitch SecurityCCNP Lab 006 Solution: HSRP andSwitch SecurityLab Objective:The focus of this lab is to understand basic HSRP and common security technologyimplementation and configuration in Cisco IOS Catalyst switches.Lab Topology:The lab network topology is illustrated below:http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/1/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityIMPORTANT NOTEIf you are using the www.howtonetwork.net racks, please begin each and every lab byshutting down all interfaces on all switches and then manually re enabling only theinterfaces that are illustrated in this topology.Task 1Disable VTP on all switches and create the following VLANs:1. DLS1: VLAN 100 and VLAN 2002. DLS2: VLAN 100 and VLAN 2003. ALS1: VLAN 1004. ALS2: VLAN 200Task 2http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/2/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDisable DTP and 802.1Q configure trunking on all switches as follows:1. The trunk links on switch DLS1 should only allow VLANs 1, 100 and 2002. The trunk links on switch DLS2 should only allow VLANs 1, 100 and 2003. The trunk links on switch ALS1 should only allow VLANs 1 and 1004. The trunk links on switch ALS2 should only allow VLANs 1 and 200Task 3Configure the following SVIs and interfaces on the switches in the topology:1. DLS1: Interface VLAN 100: IP address 100.1.1.1/242. DLS1: Interface VLAN 200: IP address 200.1.1.1/241. DLS2: Interface VLAN 100: IP address 100.1.1.2/242. DLS2: Interface VLAN 200: IP address 200.1.1.2/241. ALS1: Interface VLAN 100: IP address 100.1.1.3/242. ALS2: Interface VLAN 100: IP address 200.1.1.3/24Task 4Configure Cisco HSRP version 1 with preemption on switches DLS1 and DLS2 as follows:1. DLS1: VLAN 100: HSRP IP address 100.1.1.254, group 1, priority 105, passwordHSRP12. DLS1: VLAN 200: HSRP IP address 200.1.1.254, group 2, priority 100, passwordHSRP21. DLS2: VLAN 100: HSRP IP address 100.1.1.254, group 1, priority 100, passwordHSRP1http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/3/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Security2. DLS2: VLAN 200: HSRP IP address 200.1.1.254, group 2, priority 105, passwordHSRP2Task 5To allow for faster convergence, enable RPVST . In addition to this, ensure that yourLayer 2 and Layer 3 topologies are consistent, i.e. the primary gateway should be the rootfor the corresponding VLAN. Finally, ensure that switches ALS1 and ALS2 can also pingeach other.Task 6Configure port security on all trunk links on switches DLS1 and DLS2. The switch portsecurity configuration should allow a maximum of 10 addresses. When this limit has beenreached, the switch should drop packets with unknown MAC addresses, until the numberis of MAC addresses is below the limit. Additionally, the switch should send out an SNMPtrap and a Syslog message, and the violation counter should be incremented.Lab ValidationTask 1DLS1(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.DLS1(config)#vlan 100DLS1(config vlan)#exitDLS1(config)#vlan 200DLS1(config vlan)#exitDLS2(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.DLS2(config)#vlan 100DLS2(config vlan)#exithttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/4/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS2(config)#vlan 200DLS2(config vlan)#exitALS1(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.ALS1(config)#vlan 100ALS1(config vlan)#exitALS2(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.ALS2(config)#vlan 200ALS2(config vlan)#exitTask 2DLS1(config)#interface range fasteth 0/7 , fasteth 0/9 , fasteth 0/11DLS1(config if range)#switchportDLS1(config if range)#switchport trunk encapsulation dot1qDLS1(config if range)#switchport mode trunkDLS1(config if range)#switchport trunk allowed vlan 1,100,200DLS1(config if range)#switchport nonegotiateDLS1(config if range)#exitDLS2(config)# interface range fasteth 0/7 , fasteth 0/9 , fasteth 0/11DLS2(config if range)#switchportDLS2(config if range)#switchport trunk encapsulation dot1qDLS2(config if range)#switchport mode trunkDLS2(config if range)#switchport trunk allowed vlan 1,100,200DLS2(config if range)#switchport nonegotiateDLS2(config if range)#exithttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/5/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityALS1(config)#interface range fastethernet 0/7 , fastethernet 0/9ALS1(config if range)#switchport mode trunkALS1(config if range)#switchport trunk allowed vlan 1,100ALS1(config if range)#exitALS2(config)#interface range fastethernet 0/7 , fastethernet 0/9ALS2(config if range)#switchport mode trunkALS2(config if range)#switchport trunk allowed vlan 1,200ALS2(config if range)#exitVerify your configuration using the show interfaces trunk command:DLS1#show interfaces trunkPort Mode Encapsulation Status Native vlanFa0/7 on 802.1q trunking 1Fa0/11 on 802.1q trunking 1Port Vlans allowed on trunkFa0/7 1,100,200Fa0/11 1,100,200Port Vlans allowed and active in management domainFa0/7 1,100,200Fa0/11 1,100,200Port Vlans in spanning tree forwarding state and not prunedFa0/7 1,100,200Fa0/11 200Task 3http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/6/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS1(config)#interface vlan 100DLS1(config if)#ip add 100.1.1.1 255.255.255.0DLS1(config if)#exitDLS1(config)#interface vlan 200DLS1(config if)#ip add 200.1.1.1 255.255.255.0DLS1(config if)#exitDLS2(config)#interface vlan 100DLS2(config if)#ip address 100.1.1.2 255.255.255.0DLS2(config if)#exitDLS2(config)#interface vlan 200DLS2(config if)#ip address 200.1.1.2 255.255.255.0DLS2(config if)#exitALS1(config)#interface vlan 100ALS1(config if)#ip add 100.1.1.3 255.255.255.0ALS1(config if)#exitALS2(config)#interface vlan 200ALS2(config if)#ip address 200.1.1.3 255.255.255.0ALS2(config if)#exitTask 4When completing this task, keep in mind that the default priority value for HSRP is 100and so no explicit configuration is required to specify this value. However, unlike VRRP,preemption for HSRP is disabled by default and must be explicitly configured. Additionally,by default, when HSRP is enabled, version 1 is enabled. This task is completed asfollows:DLS1(config)#interface vlan 100http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/7/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS1(config if)#standby 1 ip 100.1.1.254DLS1(config if)#standby 1 priority 105DLS1(config if)#standby 1 preemptDLS1(config if)#standby 1 authentication text HSRP1DLS1(config if)#exitDLS1(config)#interface vlan 200DLS1(config if)#standby 2 ip 200.1.1.254DLS1(config if)#standby 2 preemptDLS1(config if)#standby 2 authentication text HSRP2DLS1(config if)#exitDLS2(config)#interface vlan 100DLS2(config if)#standby 1 ip 100.1.1.254DLS2(config if)#standby 1 preemptDLS2(config if)#standby 1 authentication text HSRP1DLS2(config if)#exitDLS2(config)#interface vlan 200DLS2(config if)#standby 2 ip 200.1.1.254DLS2(config if)#standby 2 priority 105DLS2(config if)#standby 2 preemptDLS2(config if)#standby 2 authentication text HSRP2DLS2(config if)#exitNext, although not explicitly stated, configure the default gateway for switches ALS1 andALS2 as the HSRP virtual IP (VIP) address so that they can reach other.ALS1(config)#ip default gateway 100.1.1.254ALS2(config)#ip default gateway 200.1.1.254Verify your configuration using the show standby commands on switches DLS1 andDLS2:http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/8/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS1#show stand briefP indicates configured to preempt. Interface Grp Prio P State Active Standby Virtual IPVl100 1 105 P Active local 100.1.1.2 100.1.1.254Vl200 2 100 P Standby 200.1.1.2 local 200.1.1.254DLS2#show standbyVlan100 – Group 1State is Standby9 state changes, last state change 00:01:42Virtual IP address is 100.1.1.254Active virtual MAC address is 0000.0c07.ac01Local virtual MAC address is 0000.0c07.ac01 (v1 default)Hello time 3 sec, hold time 10 secNext hello sent in 2.620 secsAuthentication text “HSRP1”Preemption enabledActive router is 100.1.1.1, priority 105 (expires in 8.612 sec)Standby router is localPriority 100 (default 100)IP redundancy name is “hsrp Vl100 1” (default)Vlan200 – Group 2State is Active5 state changes, last state change 00:14:18Virtual IP address is 200.1.1.254Active virtual MAC address is 0000.0c07.ac02Local virtual MAC address is 0000.0c07.ac02 (v1 default)Hello time 3 sec, hold time 10 secNext hello sent in 0.244 secsAuthentication text “HSRP2”Preemption enabledhttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/9/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityActive router is localStandby router is 200.1.1.1, priority 100 (expires in 9.836 sec)Priority 105 (configured 105)IP redundancy name is “hsrp Vl200 2” (default)Task 5The first part of this task is simple. RPVST is enabled on all switches as follows:DLS1(config)#spanning tree mode rapid pvstDLS2(config)#spanning tree mode rapid pvstALS1(config)#spanning tree mode rapid pvstALS2(config)#spanning tree mode rapid pvstThe second part of this task entails adjusting the default root bridges for the respectiveVLANs. Given that switch DLS1 is primary gateway for VLAN 100, it should be root forthat VLAN. Given that switch DLS2 is primary gateway for VLAN 200, it should be root forthat VLAN. These two switches should be configured as the secondary or backup rootbridge for the other VLAN. This task is completed as follows:DLS1(config)#spanning tree vlan 100 priority 4096DLS1(config)#spanning tree vlan 200 priority 8192DLS2(config)#spanning tree vlan 100 priority 8192DLS2(config)#spanning tree vlan 200 priority 4096Following this, verify your configuration using the show spanning tree commands:http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/10/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS1#show spanning tree summarySwitch is in rapid pvst modeRoot bridge for: VLAN0100Extended system ID is enabledPortfast Default is disabledPortFast BPDU Guard Default is disabledPortfast BPDU Filter Default is disabledLoopguard Default is disabledEtherChannel misconfig guard is enabledUplinkFast is disabledBackboneFast is disabledConfigured Pathcost method used is shortName Blocking Listening Learning Forwarding STP Active——————— ——– ——— ——– ——— ——— VLAN0001 1 0 0 1 2VLAN0100 0 0 0 2 2VLAN0200 0 0 0 2 2——————— ——– ——— ——– ——— ——— 3 vlans 1 0 0 5 6DLS2#show spanning tree summarySwitch is in rapid pvst modeRoot bridge for: VLAN0200Extended system ID is enabledPortfast Default is disabledPortFast BPDU Guard Default is disabledPortfast BPDU Filter Default is disabledLoopguard Default is disabledEtherChannel misconfig guard is enabledUplinkFast is disabledhttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/11/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityBackboneFast is disabledConfigured Pathcost method used is shortName Blocking Listening Learning Forwarding STP Active——————— ——– ——— ——– ——— ——— VLAN0001 0 0 0 2 2VLAN0100 0 0 0 2 2VLAN0200 0 0 0 2 2——————— ——– ——— ——– ——— ——— 3 vlans 0 0 0 6 6The final task calls for verifying that switches ALS1 and ALS2 can ping each other:ALS1#ping 200.1.1.2Type escape sequence to abort.Sending 5, 100 byte ICMP Echos to 200.1.1.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round trip min/avg/max 1/1/4 msALS2#ping 100.1.1.2Type escape sequence to abort.Sending 5, 100 byte ICMP Echos to 100.1.1.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round trip min/avg/max 4/4/4 msTask 6http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/12/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityDLS1(config)#interface range fasteth 0/7 , fasteth 0/9 , fasteth 0/11DLS1(config if range)#switchport port securityDLS1(config if range)#switchport port security maximum 10DLS1(config if range)#switchport port security violation restrictDLS1(config if range)#switchport port security mac address stickyDLS1(config if range)#exitDLS2(config)#interface range fasteth 0/7 , fasteth 0/9 , fasteth 0/11DLS2(config if range)#switchport port securityDLS2(config if range)#switchport port security maximum 10DLS2(config if range)#switchport port security violation restrictDLS2(config if range)#switchport port security mac address stickyDLS2(config if range)#exitFollowing this configuration, use the show port security commands for verification:DLS1#show port securitySecure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action(Count) (Count) ��——————————Fa0/7 10 0 1 RestrictFa0/9 10 0 1 RestrictFa0/11 10 0 1 ———————————Total Addresses in System (excluding one mac per port) : 0Max Addresses limit in System (excluding one mac per port) : 5120DLS2#show port securitySecure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action(Count) (Count) ��——————————Fa0/7 10 1 0 Restricthttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/13/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch SecurityFa0/9 10 1 0 RestrictFa0/11 10 0 0 ———————————Total Addresses in System (excluding one mac per port) : 0Max Addresses limit in System (excluding one mac per port) : 5120Final Switch ConfigurationsDLS1DLS1#term len 0DLS1#show ruBuilding configuration Current configuration : 5074 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecno service password encryption!hostname DLS1!no logging console!no aaa new modelip subnet zeroip routinghttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/14/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityno ip domain lookup!vtp domain hardvtp mode transparent!!!!!!spanning tree mode rapid pvstspanning tree extend system idspanning tree vlan 100 priority 4096spanning tree vlan 200 priority 8192!vlan internal allocation policy ascending!vlan 100,200!!!!!!interface FastEthernet0/1switchport mode dynamic desirableshutdown!interface FastEthernet0/2switchport mode dynamic desirableshutdown!http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/15/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityinterface FastEthernet0/3switchport mode dynamic desirableshutdown!interface FastEthernet0/4switchport mode dynamic desirableshutdown!interface FastEthernet0/5switchport mode dynamic desirableshutdown!interface FastEthernet0/6switchport mode dynamic desirableshutdown!interface FastEthernet0/7switchport trunk encapsulation dot1qswitchport trunk allowed vlan 1,100,200switchport mode trunkswitchport nonegotiateswitchport port security maximum 10switchport port securityswitchport port security violation restrictswitchport port security mac address sticky!interface FastEthernet0/8switchport mode dynamic desirableshutdown!interface FastEthernet0/9switchport trunk encapsulation dot1qhttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/16/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityswitchport trunk allowed vlan 1,100,200switchport mode trunkswitchport nonegotiateswitchport port security maximum 10switchport port securityswitchport port security violation restrictswitchport port security mac address sticky!interface FastEthernet0/10switchport mode dynamic desirableshutdown!interface FastEthernet0/11switchport trunk encapsulation dot1qswitchport trunk allowed vlan 1,100,200switchport mode trunkswitchport nonegotiateswitchport port security maximum 10switchport port securityswitchport port security violation restrictswitchport port security mac address sticky!interface FastEthernet0/12switchport mode dynamic desirableshutdown!interface FastEthernet0/13switchport mode dynamic desirableshutdown!interface FastEthernet0/14switchport mode dynamic desirablehttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/17/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityshutdown!interface FastEthernet0/15switchport mode dynamic desirableshutdown!interface FastEthernet0/16switchport mode dynamic desirableshutdown!interface FastEthernet0/17switchport mode dynamic desirableshutdown!interface FastEthernet0/18switchport mode dynamic desirableshutdown!interface FastEthernet0/19switchport mode dynamic desirableshutdown!interface FastEthernet0/20switchport mode dynamic desirableshutdown!interface FastEthernet0/21switchport mode dynamic desirableshutdown!interface FastEthernet0/22switchport mode dynamic desirablehttp://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/18/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityshutdown!interface FastEthernet0/23switchport mode dynamic desirableshutdown!interface FastEthernet0/24switchport mode dynamic desirableshutdown!interface FastEthernet0/25switchport mode dynamic desirable!interface FastEthernet0/26switchport mode dynamic desirable!interface FastEthernet0/27switchport mode dynamic desirable!interface FastEthernet0/28switchport mode dynamic desirable!interface FastEthernet0/29switchport mode dynamic desirable!interface FastEthernet0/30switchport mode dynamic desirable!interface FastEthernet0/31switchport mode dynamic desirable!interface FastEthernet0/32http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/19/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityswitchport mode dynamic desirable!interface FastEthernet0/33switchport mode dynamic desirable!interface FastEthernet0/34switchport mode dynamic desirable!interface FastEthernet0/35switchport mode dynamic desirable!interface FastEthernet0/36switchport mode dynamic desirable!interface FastEthernet0/37switchport mode dynamic desirable!interface FastEthernet0/38switchport mode dynamic desirable!interface FastEthernet0/39switchport mode dynamic desirable!interface FastEthernet0/40switchport mode dynamic desirable!interface FastEthernet0/41switchport mode dynamic desirable!interface FastEthernet0/42switchport mode dynamic desirable!http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/20/37

8/10/2016CCNP Lab 006 Solution: HSRP and Switch Securityinterface FastEthernet0/43switchport mode dynamic desirable!interface FastEthernet0/44switchport mode dynamic desirable!interface FastEthernet0/45switchport mode dynamic desirable!interface FastEthernet0/46switchport mode dynamic desirable!interface FastEthernet0/47switchport mode dynamic desirable!interface FastEthernet0/48switchport mode dynamic desirable!interface GigabitEthernet0/1switchport mode dynamic desirable!interface GigabitEthernet0/2switchport mode dynamic desirable!interface Vlan1no ip addressshutdown!interface Vlan100ip address 100.1.1.1 255.255.255.0standby 1 ip 100.1.1.254standby 1 priority 105http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch security/21/37

8/10/2016CCNP Lab 0

8/10/2016 CCNP Lab 006 Solution: HSRP and Switch Security http://www.howtonetwork.org/101 ccnp labs solutions 2/ccnp lab 006 solution hsrp and switch .

Related Documents:

Routing & Switching [CCNA, CCNP] CCIE Security [CCNA, CCNP] CCIE Data Center [CCNA, CCNP] CCIE Service Provider [CCNA, CCNP] CCIE Wireless [CCNA, CCNP] CCIE Collaboration [CCNA, CCNP] CCIE Network Design [CCNA, CCNP] CCIE Cyber Ops CCNA

CCIE Collaboration CCIE Data Center CCDE CCIE Routing & Switching CCIE Security CCIE SP CCIE Wireless Network Programmability Service Provider Internet of Things CCNP Wireless CCNP SP CCNP Security CCNP Routing & Switching CCDP CCNP Data Center CCNP Collaboration CCNP Cloud Customer Success Security Data Center CCNA Wireless

Cisco Notecards CCNP / CCIE CCNP flash cards CCIE flash cards Hands on cisco training Study guides CCIE study plan Cisco TSHOOT 642-813 preparation Cisco SWITCH 642-832 preparation Cisco ROUTE 642-902 preparation Cisco CCIE study summary CCIE mobile app CCNP mobile app ANKI CCIE APP ANKI CCNP APP CCNP Ankidroid CCIE Ankidroid TCP / IP training .

Handy 200 0700 006 003 ESAB 200 0333 249 001 Handy 300 0700 006 016 Caddy Arc 251i Werkstückkabel 300A, 35 mm2, OKC 50, 3m 0700 006 902 Netzkabel mit Stecker300A, 35 mm2, OKC 50,3m 0700 006 903 Werkstückkabel 300A, 35 mm2, OKC 50, 5m 0700 006 888 Netzkabel mit Stecker300A, 35 mm2, OKC 50, 5m 0700 006

#300-115 SWITCH, 120 min. exam CCNP TSHOOT: Troubleshooting and Maintaining IP Networks Troubleshooting and Maintaining Cisco IP Networks (TSHOOT v2.0) #300-135, 120 min. exam Networking Academy CCNP courses align with the three Cisco CCNP certification exams.

trabajo a nivel profesional de hoy en día en tecnologías de centros de datos. CCNP Data Center ahora incluye temas relacionados a la automatización y capacidad de programación con la finalidad de ayudarlo a escalar la infraestructura de su centro de datos. Para obtener el CCNP Data Center, el participante debe aprobar dos exámenes: un .

CCNP SWITCH 642-813 Official Certification Guideis an excellent self-study resource for the CCNP SWITCH exam. Passing this exam is a crucial step to attaining the valued CCNP Routing and Switching certification. Gaining certification in Cisco technology is key to the continuing educational develop-ment of today's networking professional.

BEC HIGHER PART TWO Questions 13 – 22 You will hear five different business people talking about trips they have recently been on. For each extract there are two tasks. For Task One, choose the purpose of each trip from the list A – H.F or Task Two, choose the problem described from the list A – H . Y ou will hear the recording twice. T ASK ONE – PURPOSE For questions 13 .