You are on page 1of 72

CCNA

200-120 Prepared by  Eng Adel el homidi  Eng ahmed Nazmy  Summary of eng Yasser al Fahid Some other references Organized and arranged by Walid ayada

‫مقدمه "ارجو منكم قرآتها بعنايه"‬
‫بدايه انا لم اسمع او اتعلم حتي ا! مما ن‪#‬ر" &‪ $!%‬المهندسو‬ ‫الكرا' م( *روحا) و‪+,‬دو&ا) ‪,‬قد تكونوا ا‪-.‬ر ‪/‬لما مني بهم‪.‬‬ ‫‪ 02‬و! بال‪6‬وي‪0‬‬ ‫م ‪4‬‬ ‫ولك( ‪.‬ا &د‪,‬ي ‪/‬م‪ 0‬مل‪12‬ا ل‪ 3+‬بالق‪+1‬ر ال ‪5‬‬ ‫المم‪ 0‬ومتا‪ 7‬لل‪8‬م‪+‬ع التعدي‪/ 0‬ل‪+‬ه‪ .‬وجد) ا‪-.‬ر م( م‪.9‬ر" ل‪CCNA 0‬‬ ‫ن‪ =8‬مل‪12‬ا سريعا للمنه> ال‪8‬ديد ‪200-120‬‬ ‫استعن‪ :‬ب<ع;هم ‪.‬ي ا ‪5‬‬ ‫‪<,‬ع;هم ت?;‪ 0‬م‪#‬كروا ولم يكتم العلم ون‪#‬ر م‪.9‬را) ت‪A‬تا@‬ ‫جم‪+‬عها الي يد تعم‪/ 0‬لي ت‪8‬م‪+‬عها ‪,‬ي *ك‪ 0‬يرجع ال‪+‬ه ‪ 0.‬م( ن‪B‬ي‬ ‫او ارا‪ C‬مراجعه او ارا‪ C‬ترت‪<+‬ا لمعلوماته التي تعلمها او ارا‪ C‬ا‪D‬ا‪,‬ه *‪E‬‬ ‫له‪9‬ا العم‪, 0‬ه‪9‬ا العم‪ 0‬ب‪ (+‬ايديكم ‪.‬ي ت;‪?+‬وا ‪/‬ل‪+‬ه وت‪BA‬نو" ولو‬ ‫حتي بكلمه او حتي تن‪ F+B‬لع<ار" ‪,‬ل‪ 3+‬بالكام‪, 0‬الكما‪ G‬وحد" لله‬ ‫‪*...‬كر ‪I‬ا‪ H‬لك‪ 0‬م( ‪/‬لمني ولو حر‪ J‬و! ا‪ KI‬احدا بال‪.9‬ر ‪,‬كلكم‬ ‫اسات‪9‬تي ‪.‬‬ ‫ترس‪ 0‬التعدي‪ )L‬او ا!‪D‬ا‪,‬ا) الي جرو‪ All Cisco labs M‬او الي‬ ‫ا!يم‪ 0+‬ا‪C‬نا" ‪.‬‬

‫‪Walid ayada‬‬ ‫‪ayada@gtugs.org‬‬

‫‪2‬‬

Table of Contents
3..................................................................................................................................................Table of Contents 4...............................................................................................................................Introduction to Networking .1 4..................................... Network topologies 1.1 4............................................................. 4................................................................ Internetworking basics 1.2 4................................................................................................................................ OSI odel 1.3 #........................................................................................................................................................TC! "I! 1.4 1&.......................................................................................................................................I!%4 addressing 1.$ 11.........................................................................................................................................I!'4 Subnetting 1.# 1,.............................................................................................................(asic )outer * Switc+ Configuration.2 1,...............................................................................................................................2.1connecting b- Console 1......................................................................................................................................................... odes 2.2 1.............................................................................................................2.3(asic ad/inistrati'e configuration 2&.....................................................................................................................)outer and switc+ +ardware 2.4 21.............................................................................................................(oot process and break password 2.$ 22.............................................................................................................. Cisco disco'er protocol 0C1!2 3 2.# 22.............................................................. )outing basics 4 Static )oute 4 1efault )out4 1-na/ic routing 2., 32..............................................................................................................5irst 6op )edundanc- !rotocols 2.. 33...............................................................................................6ot7Standb- )outer !rotocol 06S)!2 2...1 3$...................................................................................%))! 0%irtual )outer )edundanc- !rotocol 2...2 3$........................................................................................89(! 08atewa- 9oad (alancing !rotocol 2...3 3#........................................................................................................................................ (ackup process 2.: 3.....................................................................................................Network Address Translation3 0NAT2 2.1& 3:............................................................................................................................................Securing 1e'ices .3 3:..........................................................................................................................................3.1Telnet and SS6 4&.............................................................................................Network securit-3 access control list 0AC92 3.2 44..............................................................................................................................................!ort Securit- 3.3 4#........................................................................................................................................................Switc+ing .4 4,...................................................................................................................Spanning tree protocol 0ST! 2 4.1 4..............................................................................................................................%irtual 9AN 0 %9AN 2 4.2 4:.........................................................................................................................................%9AN trunking 4.3 $1..................................................................................................... inter%lan 0sub interface on t+e router2 4.4 $2.............................................................................................................................................;t+erc+annel 4.$ $2....................................................................................................................................................port 5ast 4.# $3...........................................................................................................................<ide Area Network 0<AN2 .$ $3................................................................................................................................Introduction to <AN $.1 $4.........................................................................................................................................<AN protocols $.2 $4..............................................................................619C 06ig+ 9e'el 1ata 9ink Control protocol2 $.2.1 $4.....................................................................................................!!! 0 !oint = to = !oint !rotocol 2 $.2.2 $#...............................................................................................................................5ra/e rela- 05)23 $.2.3 #&........................................................................................................................ anage/ent Network 1e'ices.# #&..................................................................................... #.116C! 01-na/ic 6ost Configuration !rotocol2 #1.......................................................................................................................................................SN p #.2 #4.................................................................................................................NT! >Network Ti/e !rotocol? #.3 #4........................................................................................................................................................S-slog #.4 #$.....................................................................................................................................................Net5low #.$ ##..............................................................................................................................................8); Tunnel #.# #,..............................................................................................................................................Intro to %!N #.4 #...................................................................................................................................................................I!'#.,

3

la-ers.1.2 Internetworking basics Unicast: /eans send data for one of all recei'ers. Techniques of WAN (Wide Area Network): 17 5).' OSI Model 7 Contents of . Techniques of LAN (Local Area Network): 17 . 4 .t+ernet. 7 !ut eBtension for t+e data.T@ 6. 27 Taken )ing. 7 !rotocol3 6TT!4 I A!4 !O!4 SN !4 T. Broadcast: /eans send data for all recei'ers.Presentation layer: 7 1efine +ow infor/ation is represented to t+e user.1 Network topologies es+ 1.9N. Multicast: /eans send data for so/e recei'ers of all. 32 &ull du"le%: trans/ission in t+e two directions at t+e sa/e ti/e. Note ISO is an O)8ANIAATION 1. 22 $alf du"le%: trans/ission in t+e two directions but not at t+e sa/e ti/e. 7.Application layer: 7 It pro'ide user interface 0t+e person w+o is act wit+ t+e network2. Introduction to Networking 1. 05ra/e )ela-2 27 1S9 37 AT 47 IS1N @ Trans ission t!"es: 12 #ingle: trans/ission in one direction onl-.

TC!4 C1!. 0)outed2 )I!4 OS!54 (8! 0)outing2 7 )e/e/ber as 9ogical addressing. I!4 I!F4 Apple talk. 2. Cables4 signals4 edia.Physical layer: 7 )esponsible for /o'ing of bits between de'ices. D <indowing is a s-ste/4 w+ic+ /akes Acknowledg/ent after specific period.Session layer: akes establis+ aintaining and ter/inating t+e connection across t+e network. 7 )e/e/ber as AC4 NIC 7 !ut trailer 5CS 0freGuenc. )ata enca"sulation:* $ .5.c+eck s-ste/2 to find if t+ereEs an error occurs or not 1. (%. (%. 7 )e/e/ber as reliabilit-.Data link layer: 7 )esponsible for p+-sical Addressing. 7 anage flow control of data t+roug+ windowing4 Acknowledg/ent and error )eco'er-.Transport layer: 7 1i'ide t+e row of data strea/ into seg/ent. Note: 7 )outed protocol is a deli'er-4 but routing protocol defines t+e direction onl-. Note: D TC! /akes Acknowledg/ent to be sure t+at t+e data is trans/itted or not4 but C1! donEt /ake t+at. (%.of packet across t+e network. 4. 3.Network layer: 7 )esponsible for end7to7end deli'er.

N0 kci+T $ esa( &1 223 # .5N# :reh"o8 re-al noitacilppA noitacilppA re-al noitatneser! re-al noisseS ssecor! o67ot7tso6 .0T slocotor.7 A t-pe of fra/e placed into anot+er t-pe of fra/e. !utting +eaders *trailer around t+e data.341 :lacitcar. / 0onnector of 0oa%ial ca1le: . )ata deca"sulation:* 7 T+e re'erse process of encapsulation.h!sical la!er: (.9A9 krowteN aide re!al sseccA krowteN . 7 .T66.Include3 t-pes of cables * Connectors Types of cables Copper cable ria! 1 7 detsiwT 72 1.50I !1C " !CT .ncapsulation occurs at t+e trans/itter.TT$ .T5#: . .T& :#. otor" )6) ..6. . 1.A5I:.9A tropsnarT re-al tropsnarT tenretnI re-al krowteN !I ecafretni krowteN re-al knil ata1 9ACISI6! rO re-al lacis-+! tenretnI .Coaxial Cable 5iber cable aiBaoC ni+T 2 esa( &1 222 dee"# dna1 esa.58I .TT$ :.+ TCP /IP ledo5 I#6 H !1C 0!rotocol 1ata Cnit23 t+e na/e of data at eac+ la-er.TNN :.)-: .its) 7 1efine p+-sical properties of network co//unication. 7 Occurs at t+e recei'er. :tenlet :.I 7 .0$) :#&N:.:#N).

)-: &ra e) T!e "#nctions: (1) Addressing: 7 . . core3 $&// * cladding3 12$//.Bpensi'e.t+e digital data signal in t+e for/ of pulses of lig+t. S 5 27 1ifficult to cut. -T. 7 All users connected on t+e +ub are in t+e sa/e broadcast do/ain and in t+e sa/e collision do/ain. 37 . 7 Trans/it all traffic in bot+ directions 02 parts2. / 6ther la!er 1 de. Cladding Core core3 :// * cladding3 12$//.t+e signal for 1&&/ 0reco//ended 0standard22. Note: 7 )epeaters do 0)egeneration but not a/plification2. Types: 7 Single /ode fiber 0S 52. 2) Hub: 0+alf dupleB2 7 6ub is a /ulti port repeater.air 0a1les: #T. /)ata link la!er: (. categories.nsures t+at t+e correct destination recei'e t+e data. 7 Connector of twisted pair3 )J 114 )J 4$. 1& (ase T 7 can carr. * Fiber Cable: 5iber optic cable used to carr. H Collision domain: set of de'ices for w+ic+ t+eir traffic could collide. 7 AC address.ices: 1) Repeater: 0+alf dupleB2 7 )ecei'e signals and retrans/it like t+eir original strengt+. Types: ST! 0S+ielded Twisted !air24 CT! 0Cns+ielded Twisted !air2. 7 T+e connector is 0sGuare connector2.2* Twisted . Disadvantages: 17 (reak easil-. . 7 ulti /ode fiber 0 5 52. 7 +a'e .

(3) Error Detection: 7 1isco'ers w+et+er bit errors occurred during t+e trans/ission of t+e fra/e 05CS2.ac+ 0K2 is a nu/ber in +eBa w+ic+ fro/ 0&3:2 or 0A3524 so t+e / . KK KK KK KK KK KK OCI 6-I: 0OrganiLation CniGue Identif-24 Identif.. CSM$/CD work like t!at: 17 Ad'ice wit+ a fra/e to send4 listen until t+e bus isnEt bus-. .(2) Arbitration: 7 1eter/ines w+en itEs appropriate to use p+-sical /edia. bit.%endor 7 Carrier senses /ultiple Accesses wit+ collision detection 0CS A"C12. #7 <+en eac+ ti/er eBpires4 t+e process starts o'er wit+ step 1. 7 C+eck 1ST AC I!F 99C Apple talk AC .C+eck SeGuence. $7 . (4) Identify the encapsulated: T+e data link la-er +as been di'ided to 2 sub la-ers.ac+ sender rando/iLes a ti/er and waits t+at long 0back of algorit+/2. 27 <+en t+e bus is not bus-4 t+e sender begins sending t+e fra/e. 7 It used to send infor/ation o'er a s+ared /edia. . bits Specific per user assigned b. 47 Once t+e sender +ear t+e collision4 stop trans/ission of data sending * send a Ja/ signal to t+e all.I. b-te !rea/ble # b-te 1es AC # b-te Src ac 6eader 2 b-te 9engt+ 3 b-te 99C 1ata Trailer 4 b-te 5CS 7 T+e data is fro/ #4 to 1$&& b-te.roadcast 5A0: && && && && && && AC address contents of 12H4M4. (3) Error Detection: FRAME CHECK SEQUANCE &0#: 5reGuenc. AC address represented in +eBa.. 7 CS A " C1. 99C AC LL0: 09ogical 9ink Control2 7 .. 7 . 37 T+e sender listen to /ake sure t+at no collision occurred 09oop back circuit2.b.ac+ /ac+ine +as a uniGue 7 7 AC address 4. (4) Identify the user layer protocol (IP/IPX/Apple talk): I! 8i'e t+e packet to t+e network la-er protocol 7 C+eck 5CS. AC address4 w+ic+ is burnt on t+e /ac+ine.

7 All port of t+e switc+ in a single (roadcast do/ain. .\ 7 (ridge.roadcast do ain Single Single ulti Note: ulti M !ri'ate4 Single M S+ared.3 .%&itc': FU !U" #$ 7 ItEs a /ultiport (ridge.M dela.are full dupleB * +a'e a buffer. 9atenc.\ / I((( standard 422 "ro=ect: 1& /bps I. 7 Speed M Speed of one port H 2 H no. 0ollision do ain Hub %&itc' Router Single ulti ulti . 7 )epeater.. /<: 0hoose de.\ 7 )outer. 7 Switc+.acket) Devices: ( T'e Router: Its "#nctions: 17 27 37 47 Inter networking co//unication. 7 .'er. !at+ Selection.&2. !acket switc+ing. H )outer4 Switc+ and (ridge decrease congestion 0WXYZ[T2 because t+e. AC in t+e fra/e.Bridge: FU Learn &orward AC table AC AC in t+e fra/e.. of ports.ices: which seg ent the LAN: 7 6ub. La!er ': Network la!er: (. !U" #$ !ort ode: t+roug+ c+ecking t+e Src ode: t+roug+ c+ecking 1ST 2.T!e %ayer & devices: NIC N'T INT'()$C' C$(D 1.port of t+e switc+ in a single collision do/ain.t+ernet : . !acket filtering.)-: .0NOPQR24 T+roug+put M !erfor/ance 0STUV2.

.1.3C ..11 5ast .&2.1&& /bps 1&&& /bps I. ..3 IP*+ addressing > I. 7 T+e 1st octet 1:2 223 1& . I. 12.3ab * L .& 2* 0lass . I. &3 & & & & & & & & 12. 1:1 2 24 72 12@@@@@@ 12. (%: 1:2.&2.& '* 0lass 0 7 T+e 1st 3 octet represent t+e network part * t+e last octet represents t+e +ost part. 7 I! address is 327bit address written in doted deci/al. addressing) 7 If a de'ice wants to co//unicate using TC!"I!4 it needs an I! address.t+ernet Token )ing <ireless 0 <i = 5i 2 Network la!er: (I.&2.D12H2$#M 7 T+e nu/ber of +osts M 2$#H2$# = 2 M 7 1efault subnet /ask3 2$$.3 1 & & & & & & & 1:13 1 & 1 1 1 1 1 1 2 2 1# 14 72 7 T+e nu/ber of networks M 01:1712.&.&2.2$$.. 0lasses: 1* 0lass A: 7 T+e 1st one octet represents t+e network part * t+e last 3 octet represent t+e +ost part. I. 7 T+e last 2 octet represent t+e +ost part. 2@@@@@@@ 2 : )eser'ed for all networks. 7 1st 2 octet represent t+e network part.3 & 1 1 1 1 1 1 1 7 Nu/ber of networks in class A M 12# 7 Nu/ber of +osts M 2$# H 2$# H 2$# = 2 M 7 1efault subnet /ask3 2$$..&..$ .. & 12.&.. 12?: )eser'ed for loop back test..1#.1 Called Octet M b-te 0&32$$2 1.t+ernet 8iga bit .

7 OriginN I! #u1net ask: 6 Sub netting I! N SN 6 7 32 bits /ask t+at differentiate between +ost bits * network bits.2$$. 7 In t+e dotted deci/al for/.for/ of t+e 1st octet &KKKKKKK 1&KKKKKK 11&KKKKK 111&KKKK 1111KKKK 12 To get network I! put all +osts bits M & 22 To get broadcast I! put all +ost bits M 1 32 T+e ot+ers are 'alid +osts I!s. 7 1st octet 24& 2$$ 24&3 1 1 1 1 & & & & 2$$3 1 1 1 1 1 1 1 1 1111@@@@ 1st octet & 12. .2$$.112@@@@@ 1:23 1 1 & & & & & & 2233 1 1 & 1 1 1 1 1 2 21 . IPv+ S#bnetting 7 Take a part of +ost bits * assign it to network part. (inar. 2: represent +ost bits. 2 72 7 1st octet 1112@@@@ 3* 0lass (: 224 23: 2243 1 1 1 & & & & & 23:3 1 1 1 & 1 1 1 1 7 )epresents for eBperi/ental and testing.& +* 0lass ) (. 1: represent network bits. 11 . 7 Continuous of 1Es followed b.continuous of &Es. 7 Nu/ber of networks M 022371:2D12 H2$# H2$# M 7 Nu/ber of +osts M 2$# = 2 M 7 1efault subnet /ask3 2$$. 1:1 1:2 223 224 23: 24& 2$$ / 9ules: Class A ( C 1 .-.ri. 12.ate address) 7 )epresented t+e ulticast address.

1#..2$$. So we now t+at itEs called Super Sub netting. D If we found it not ".2$$.&. or "1#.1#.& 1:2...2. 22 1eter/ine t+e interesting octet.31..&. $2 8et neBt subnets b. 32 Subtract t+e interesting octet fro/ 2$# to get sub networks +ob 0 agic nu/ber2.2$$. 42 1eter/ine t+e /a]or network.& 1.2$$ 1:2.1#.2$$.& 1&..&.Note: D Iou can write it like t+at 2$$.&. #2 1eter/ine t+e 'alid +osts * broadcast address for eac+ subnet..+opping on t+e interesting octet. (ut "1& or "2&.& or ".&.&. * Private IP address: Class A Class ( Class C 1&.2$$ 12 . * Solving sub-netting Problems: 12 1eter/ine /ask.2$$ 1.2.

AC ( )A)! 1ata I need I! I! AC 8.&.2$$ data I need I! 55 55 55 55 55 55 2. A AC 1st.&.DHCP Req est !essage: Src.& 1st. Client )A)! ser'er (oot p A 1) RARP Broadcast: Src. I! &.< 5555@@ 2) RARP Replay: Src.&.3 1-na/ic 6ost Configuration !rotocol. ( AC A 1st. A AC 1st. I! I! is data 2$$. 16C! ser'er A ( 1.*Network layer utilities: 7 )A)!4 (oot ! and 16C!.2$$.: )e'erse Address )esolution !rotocol. ( AC 1st. ( AC Src.DHCP offer message: Src. A AC 1st.2$$.& 1st. AC 16C! I! Src.2$$ 3. 7 9A9. I! &.2$$.2$$. I! 2$$. I! 16C! I! O^ data 13 . I! 1st. AC Src.&.DHCP Discover: Src. A AC 1ata Iour I! is )$0.

0) 7 To trace t+e +ops 0network la-er de'ices2 between 2 points on a network.2 1st. A AC Src.wit+ an IC ! ec+o repla-.'er.2$$.1 Control Message Protocol): ( * ICMP (Internet A 1:2.2$$.1#. ( AC 1st.1. 7 .1.2$$ O^ AC. 7 Cses t+e IC ! sending called an IC ! ec+o reGuest to anot+er I! address. I! Src. * race!oute or trace (on 9outer)" racert (on . I! 1:2. AC AC 1st.)outer decre/ents t+e TT9 b.1 7 To pro'ide infor/ation /essage concerning routing of I! datagra/. AC AC Src. 7 T+e co/puter wit+ I! address s+ould repla. .1.. 7 TT9 is incre/ental b. data data data data data 1NS 01o/ain Na/e S-ste/23 )esol'e known na/e to unknown I!. A)! 0Address )esolution !rotocol23 )esol'e known I! to unknown Src. 7 If t+e )outer recei'es a packet TT9M14 /ust send a ti/e eBceeded error. 2) #rror -essage: )eGuest ti/e out / ..". 1st.2 1:2.1 in eac+ packet group..1. 7 T-pe of /essages3 1) )uery * Respo+se pair.1. I! 16C! I! 1st.ing co and: 7 To test basic I! connecti'it-..c+o reGuest TT9 1 Ti e e%ceed error Ti e e%ceed error Ti e e%ceed error (cho re"la! 1estination unreac+able TT9 2 TT9 4 14 .DHCP Ac#$o%ledgme$t: Src. I! 2$$. I! 55 55 55 55 55 55 1:2. A Src.1#. I! 1st.1#.1#.

7 Consu/e /ore bandwidt+. #N5. $TT. 7 Cse less bandwidt+. telnet )N# )$0.rotocol: (as -).0t+roug+ retrans/ission reGuest24 but /ore bandwidt+ consu/ing. #5T. / Trans"ort La!er: (. TC! C1! (rror 9eco. 7 )eliable.and flow control. " Ack.7-).er!: 7 TC! pro'ides error reco'er.o"ular T0. Acknowledge/ent 1ata transfer / 0onnectionless . 7 Non reliable.ort 42 ++' 21 23 2' 3' A? 1A1 AB A""lication $TT. T&T. a""lication: . 1$ . ain protocols3 TC! " C1! H Connection oriented !rotocol3 0as TC!2 7 )eGuire pre7establis+ed correlation between 2 ends before data transfer begins. 7 TC! uses a737wa.)-: seg ent) 7 7 ain functions of transport la-er are seg/enting application data4 error reco'er. S-nc+roniLation S-n.# &T. 27 )eGuest ti/e out pinging in I! +ot in t+e network. / .) 7 1oesnEt reGuire pre7establis+ed correlation between 2 end points.+and s+akes to setup a connection.TT9 3 Ti e e%ceed error TT9 4 (cho re"la! #rror message: 17 1estination unreac+able /essage pinging in unreac+able network.

to 1T. C1! doesnEt do error reco'er. port seGuence AC^ 0a1le and connecti. 5iel &111ds in t+e TC! +eader.Guip/ent 0!C4 )outer2. to 1C. TB1 TB2 )B3 )B1 )B2 TB3 )B# 2* 0ross o. 4 SeGuenceM4 SeGuenceM$ SeGuenceM# & Port $ m'er: Ack. )0(: 1ata Circuit 0or Co//unication2 . 7 Source !ort nu/ber _ 1&24 7 1estination port nu/ber 0&3 1&23 24 0well known port nu/ber2. & (CP )eader: Src.but less bandwidt+. T+e source can send F of seg/ents before +a'ing to wait for an Ack. or 1C. 5ro/ t+e recei'er2. $ SeGuenceM$ SeGuenceM# 7 !ort nu/ber enables t+e recei'er co/puter to know w+ic+ application to gi'e t+e data to. 1&&& b-te SeGuenceM1 SeGuenceM2 SeGuenceM3 Ack. SeGuenceM. to 1C.7 7 7 Csing t+e seGuence and Ack.Guip/ent 0Switc+4 6ub2. &low control: 7 7 7 <indowing 0/aBi/u/ of packets t+e sender can send wit+out recei'ing Ack.er ca1le: TB# TB1 TB2 7 Csed to connect 1T. TB1 TB2 )B3 )B1 )B2 TB3 )B1 )B2 TB3 1# )B3 )B# )B# TB# TB# . port <indowing 7 Csed to connect 1T.it!: 1* #traight ca1le 3 1st.. )T(: 1ata Ter/inal .

port. !C )outer AuBiliarode/ Internet Consol Traffic 1..t+ernet port 5or 9AN connection serial port for <AN connection 2. 27 T+roug+ t+e auBiliar. . 2) Co+figuratio+ file: 7 It`s a progra/ file t+at contains infor/ation for t+e router to tell it +ow to reac+ * respond.'* 9oll o.er ca1le: 7 Csed to Access C9I 0Co//and 9ine Interface2.port3 37 T+roug+ t+e telnet co//and S1 secure de'ice /anager !C 7 1ial up de'ice t+roug+ a /ode/ attac+ed to auBiliar. # $ 4 3 2 1 Serial cable3 9outer anaging port Consol port auBiliar.asic 9outer C #witch 0onfiguration &-. .connected to !C./% 0Internetwork Operating S-ste/23 7 T+at`s installed inside t+e router to /anage t+e +ardware its working on. . 1 2 3 4 $ # .connecting by Console 1) .port traffic port fast . . $ow to configure a routerD To access C9I4 use one of 3 /et+ods3 17 T+roug+ consol port3 7 1irectl.

NA5( )outer 0config2 b +ostna/e @@@ 0To set or change the name of the router2. ode Interface Sub config.default 1 using2 st I! 5or Guick si/ple configuration 0I"N24 Guestion dialogue. b )outer 0config7if2 ode )outer Sub config.default in t+e sa/e ti/e b. !assword 1. ode b )outer 0config7line2 b )outer 0config7)outer2 Note: 7 . .Bit co//and to back one step but press ctrl D L back to pri'ilege /ode.ileged 7 Include all co//ends in user /ode plus eBtra ad'anced /onitoring co//ends3 )outer a enable or 0en2 )outer b eBit )outer a +* 0onfiguration ode: ter/inal 0or press ctrl DL2 7 To define generic configuration on t+e router.ri. ode: 0t+e name of the router) ode: (enable /ode2 2* -ser )outer a 7 Si/ple /onitoring. )outer b configuration )outer 0config2 beBit )outer b 3* #u1 configuration ode 9ine Sub config. '* . To eBit it 0press ctrl D c2 or t-pe No.2 Modes 1* #etu" 7 7 ode: 0b.telnet.2. )outer b s+ow run 0to display running configuration file2 Note: aBi/u/ $ users can enter t+e router b.

Override the password command.2... !assword @@@@@@. password secret !assword @@@@@@. aux. To make the password encrypted. 0To encrypt the password of consol. aux. )outer 0config2 b line con & )outer 0config = line2 b password )outer 0config = line2 b login !assword @@@.. c6ow to assign I! address to an interface7 5ast .2 Subnet /ask I! )outer 0config7if2 b I! address @@@@ @@@@@@@ s+utdown.&-/0asic administrative con"ig#ration * A host na e for the router. * #et a "assword to consol "ort. 0Config2 b +ostna/e NA5( @@@ * #et "assword to "ri. )outer 0config2 b line & !assword )outer 0config7line2 b password @@@@@ )outer 0config7line2 b login -To encrypt the password of consol. I! address.t+ernet & or 0 s&4s14@.ilege )outer 0config2 b enable )outer 0config2 b enable ode. and vty.. 0after sh Users to know the number front of IP of the PC2 1: . and vty )outer 0config2 b ser'ice )outer 0config2 b interface )outer 0config7if2 b no )outer 0config7if2 b no )outer 0config2 b no I! password7encr-ption. 0to active the command2 Note: b 0No 2 * 0co//and2 auB 0to cancel the command2 * To login au%iliar!. 0To cancel the IP2 0to stop the domain search2 do/ain7look up Note: Configuration /ode M global /ode )outer b s+ users )outer 0config2 bclear essage Nu/ber line @@@.

0c2 3 +elp for all co//ands a'ailable of t+is /ode. +.T+e co//and3 I! subnet7Lero con & 0to use the first subnet the last subnet after sub netting 2 )outer 0config2 b line )outer 0config2 b banner )outer 0config7line2 b logging s-nc+ronous 0to write the command in one line after ctrl!" 2 essage /otd H@@@@. )ig+t arrow 0 9eft arrow 0 23 /o'e t+e cursor forward in t+e current displaco//and wit+out deleting M 0ctrl D 52. C3d 5las+ 13d N%)A Configuratio n register OF 1# 7 bit 6ow to boat up I N T .ios ) )O /on buffers tables . &thernet. file (9unning config.'()-. 0to reload the router 1 restart2. 0Ctrl Da23 to stop in t+e beginning of t+e line. 7 Tell us about the router $%ow many serial. 23 /o'e t+e cursor back in t+e current displa.. Cp arrow 0 23 recall t+e pre'ious co//and M 0ctrl D p2. ) 5 A C .< c+eck !ost ("ower of self test) &-+ (o#ter and switc! !ardware )A IOS co//and IOS i/age file (ack up config.H 0to make message of the day2 0H23 +elp features for IOS. 7 To display the name of IO# file name. Co//and>c 3 TeBt +elp describing all t+e 1st para/eter obtains of t+e co//and.co//and wit+out deleting M 0ctrl D b2. *lash. )outer b s+ )outer b s+ flas+ +istor0to show the content of the flash2. 0to show the last /0 commands wrote on the router2. file 0 start up 2 17 flas+ 27 T5T! eBecuti'e Acti'e config. 2& )outer b )eload )O 6. )outer b s+ 'ersion 7 To display the version of the IO#.) S-ste/ boot strap ( . '().

t+ernet & Serial & Serial 1 .run start2.tftp flas+ )outer b CopTo restore )outer b cop. 7 Steps of password reco'er-3 17 Set t+e configuration register to b-pass t+e N%)A 27 <e will tr. 37 )o//on a confreg )o//on a reset 47 Iou will enter setup /ode4 press 0ctrl D c2 0 ake cop.( 9o onitor ) 37 )o/ /on &F 21&2M1# bit S )outer b Cop)outer b write )outer b wr )outer b s+ )un /e/orstart start 0to save from '() to +. 0ack#p to ios )outer b CopTo restore flas+ T5T! )outer b cop.ncapsulation Clock rate Ad/inistrati'e down down Cp start T5T! int br 0to display the status of the interfaces2. &F 2142 &F 21&2 0to reput this value2. down down down 21 5ast . $7 0Config2 b config7register To reset t+e router 3 )outer b erase start 0 &F 2142 2.'()2 0to show the content of +.to enter )o/ /on 0press ctrl D break2.'()2 &-1 0oot process and break password 7 )econfigure t+e register fro/ &F 21&2 to &F 2142.tftp start b S+ I! .start to run * edit to t+e password * /ake cop.

.ncapsulation Clock rate 9outer E show controller * If we found it )0(..#& sec... rate A+222 9outer (config*if) E clock #2 or(s1) Cp (to know if it’s DTE or DCE) We look at the third line and we will found )T( or )0( written....... TI5( Note: T+is ti/e decreases e'er... )outer b s+ sessions Nu/ber of a session .Cp .? >t+e /odel of t+e de'ice?. nei 0to show the last information2 7 Sending C1! packet e'er. 7 6old ti/e between 1. 7 $old ti e: T+e ti/e if t+e de'ices co/plete it wit+out recei'ing response fro/ t+e neig+bor4 t+e de'ice will re/o'e t+e neig+bor.press ctrlDs+iftD# and t+en press F.... >I! address?.. (to configure the clock rate on the DCE) Note: Iou can access /ore t+an one router b.. >w+at t-pe4 router or switc+ 0) or S2 > >9ocal interface * re/ote interface.. )outer b resu/e eCisco proprietar-a &-. Cisco discover protocol 2CDP3 : 7 C1! disco'ers basic infor/ation about neig+borEs routers * switc+es.& sec * 12& sec... D Infor ation: 7 1e'ices Identifier 7 Capabilities list 7 !ort Identifier 7 !latfor/ 7 Address list )outer b s+ C1! >+ost na/e?..telnet and transfer or back b. * If there is a "ro1le in the clock rate...ti/e..... )outerb s+ow C1! nei detail 0to show the information with the IP2 22 ..

)outer 0config2 b no )outer 0config2 b C1! )outer 0config2 b C1!

C1!

run
TI5(

0to stop 23P2 0To change the timer2 0To change the hold time2. 04500 bps or multiple2. @@@.

TI5(@@.. ti/er

+old ti/e

)outer 0config = line2 speed ,ur"ose :

@@@.

&-4 (o#ting basics 5 Static (o#te 5 De"a#lt (o#t5 Dynamic ro#ting To direct datagra/ fro/ end7to7end on a network. )2 )1 )3

)4

)outing table

)outing table

)outing table

)outing table

• 9outing "rotocol F G# 9outed "rotocol
9outing "rotocol: 7 )esponsible for getting infor/ation about eBisting networks. 7 5inding t+e best pat+. ;B.3 )I!4 I8)!4 OS!54 ;I8)! @@@

9outed "rotocol:
7 )esponsible for data deli'er-4 encapsulation t+e data traffic. 7 assign logical addressing. ;B. 3 I!4 Apple talk4 I!F.

)outer b s+

I!

route

0to display the routing table2

* %tatic routi+g:
7 1irect connected 0 auto/atic wit+out configuration 2 t+e router learn t+e I! network address of its direct connected4 s-/bol in routing table f C g. * 0a+ual routi+g 1static): 0/anuall- configuration2 7 To define certain output interface4 t+e data can go t+roug+ to reac+ certain destination 4 s-/bol in routing table f S g .
)est. I, n7w

)outer 0config2 b I!
%tub +et&or2:

route

@@@@@ @@@@@@@@

#u1net

ask

6ut"ut interface

@@@@@@@@.

Network +as one router and one interface. !efault route: 23

To define certain output interface t+at data can go t+roug+ to reac+ an- unknown destination. 7 S-/bol in routing table fSH f

)outer 0config2 b I!

router

&.&.&.&

&.&.&.&Na @@@@@@@@@@.. e of the interface
6r i" of Ne%t ho"

I, of out"ut interface

Note:

8atewa- of last resort isn`t set b- default.
(%.: .8, (.order 8atewa! ,rotocol) )istance ;ectorLink state 9I, 6#,& I89, I#*I# $!1rid (I89,

)est.i"

#u1net

ask I, of out"ut interface

24

1-na/ic routing protocol

Interior 8atewa- protocol 0I8!2 6andless routing wit+in a single Autono/ous S-ste/ 0AS2
)istance ;ectorLink state 9I, 6#,& I89, I#*I# 3uto+o-ous %yste-: $!1rid (I89,

;Bterior 8atewa- protocol 0;8!2 6andless routing between a different Autono/ous S-ste/ 0AS2
(%.: .8, (.order 8atewa! ,rotocol)

Area or do/ain t+at works under single ad/inistrati'e control or using t+e sa/e routing protocol. 3d-i+istrati4e dista+ce: Nu/ber between & and 2$$ t+at indicates t+e belie'abilit- of t+e routing protocol. C3 & 0etric:1efine +ow good t+e route is. Routi+g table: 7 contain t+e best protocols and t+e best pat+. 7 5inding t+e best protocol 0+as t+e lowest ad/inistrati'e distance2. 7 5inding t+e best pat+ 0+as t+e lowest /etric2. )est.i" #u1net S3 0&3 direct interface4 13 neBt +op2 SH3 2$$

)outer 0config2 b I!
To c+ange t+e priorit-.

route

@@@. @@@@@ @@@@@@@.

ask I, of out"ut interface

A) 2 233 @@@@@@..

* !ista+ce 4ector routi+g:7 )I! 0)outing Infor/ation !rotocol2 1B2.1A4.12.2 1B2.1A4.11.2 1B2.1A4.12.2 1B2.1A4.1'.2

5&

S1

S&

S1

S&

5&

0 12 0 11

&2 #1

2 2

0 0

1 1 1 2 1 1 1 2

#2 2 #1 2

0 0

12 1'

#2 &2

2 2

0

12

&2 #1

2 2

0 0

#2 2 #1 2

0 0

12 1'

#2 &2

2 2 2$

0 11

(9I. 27 6ig+ bandwidt+ waste 0periodic update2.on destination I! 2$$. 7 Cse bell /an7 ford algorit+/ to calculate routing table. +) Triggered u"date : 7 T+e router sends a new update as soon as a route fails. 7 )outers send full table update periodicall. )irect connected network * !isad4a+tages of dista+ce 4ector : 17 Slow con'ergence.2$$ out t+eir interfaces to ad'ertise t+e knowing routers.9 11 9 12 #1 #1 1 1 9 9 9 9 1 2 1 1 1 2 1 ' #2 #2 #1 #1 1 1 1 1 9 9 11 12 #2 #2 1 1 7 )outers eBc+ange its infor/ation e'er. To sol4e t'e routi+g loop: 1) #"lit $oriHon: 7 )oute learns fra/e interface can`t be sent back on t+e sa/e interface.large /etric t+ose ot+er routers consider t+e /etric infinite and t+e route is in'alid. ?if 2 routers found4 put t+e best route 0lowest /etric2 in t+e routing table > * Co+4erge+ce : 7 It`s t+e state at w+ic+ a router understands t+e current topolog.2$$. 37 Class full 0 t+e routing infor/ation does not include t+e subnet /ask2. 2# . 7 7 1 Class full protocol. 2) 9oute "oisoning : 7 Instead of not ad'ertising t+e field route4 still ad'ertised4 but wit+ 'er.2$$. 0 don`t care about t+e sub netting 2 (roadcast update o'er 3& sec.of t+e network. ') $old down ti er : 7 All routers ignore good routing infor/ation about t+at route until enoug+ ti/e is passing.). 47 )outing 9oop.fiBed ti/e4 and send its infor/ation plus one +op.

2 ? to use 0)I!2' 0<e put t+is co//and to > e'er.: (roadcast update o'er 3& sec. 2 . Ad/inistrati'e distance of )I! M 12& S-/bol in t+e routing table f) f. 0Cisco proprietar-2 2. 6old down period of 2. (roadcast update e'er. etric M +ig+est (andwidt+ * lowest delaAd/inistrati'e distance M 1&&. 0to show what happens on the telnet2. 0/aBi/u/ +op count M 1$2.:& sec. etric M depend on +op count Support eGual load balancing 0load s+aring2. aBi/u/ +op count M 2$$. 2 7 7 7 7 7 7 7 Class less protocol.+terior gate&ay routi+g protocol 1.connected network4 putting t+e /a]or network not t+e sub netting2. 0to stop the debugging2. )outer 0config2 b )outer )I! )irect connected network )outer 0config7router2 b network )outer 0config7 router2 b 'ersion )outer b s+ )outer b s+ I! I! route I! )I! @@@@@@@@@@.&.5R") 7 7 7 7 7 7 7 Class full protocol. Ad/inistrati'e distance of )I! M 12& *0onfigurations of ri" I#! 1ol in the routing ta1le J9 J. in this condition we can write the sub netting 0to show the routing table2. Send update on /ulticast 224. 6old down period of 1.7 7 7 7 7 7 6old down period of 1. 0/aBi/u/ +op count M 1$2.& sec. (9I.). 0to show what happens2.& sec. )irect connected N7W I. 1& 1$ protocols 0to show protocols2 /onitor )outer b debug )outer b ter/inal )outer b C all * . Support eGual load balancing 0load s+aring2. Support eGual * non7eGual load s+aring.&.& sec. .

70onfiguration of (I89.1#.).I#! 1ol in routing ta1le JI J. 27 .ac+ router will send 09SA2 9ink State Ad'ertise/ent to all its neig+bors telling t+e/ about its 9SA. . 2. 37 9ow /e/or.& 14 13 9 14 13 S up up A 1 1 9S1( ( 12 11 C 1$ 13 12 1 13 14 A 11 1& 14 A 1& 14 ) 13 1$ 11 12 0 . 0T+is command if we are on consol port for /onitor 0this command plus the later command write if we are on telnet2 $dvantages o" distance vector: 17 Si/ple configuration.. @@@@@@@@. )outer 0config2 b )outer I8)! As nu 1er 1 to A33'3 )outer 0config7 router2 b network @@@@@@@@@@@ )irect connected N7W I.ac+ router disco'ers its direct connected neig+bors using t+e 6ello protocol. *1) Poi$t + to + Poi$t: a) 3t start up: 17 . %ink state ro#ting protocol:6 11 A ( 12 C 1$ 9 11 12 S up up 1 A ( ( 1:2. )outer b debug /onitoring2 )outer b ter/inal I! I8)! transactions.1&.usage. 27 9ow C!C utilit-.

S!5 0S+ortest !at+ 5irst2 to get t+e routing table. 7 9oop free topolog-. Open s!ortest pat! "irst 2OSP)3: 7 Classless protocol. 7 Ad/inistrati'e distance M 11& 7 . I! <ild card /ask Note: 5or routers4 to be neig+bors /ust +a'e t+e sa/e3 12 area I1 *2) Broadcast ! ltiple Accesses *B!A): 4 22 6ello * dead inter'al.&. * Designated router (DR) election: 7 1) is t+e router wit+ +ig+est3 Ip @@@.of it and send it to its neig+bors. 7 So to confine t+e network in stabilit..for rebuilding t+e trace.'er. 47 .'er.< M cost.ac+ router will appl.all routers will be bus.OS!5 supports two +ierarc+al le'els3 !rocess I1 17 (ack bone area M area & 27 )egular area M 14 24 3@@@@.ac+ router will for/ a 9S1( 09ink State Ad'ertise/ent2 for all 9SAs. Note: At c+ange M a partial flas+ update.1& sec. 7 6ello inter'al e'er.4& sec.router will draw a link state treeh eac+ router will put itself as a root of t+e tree. #7 .router recei'es t+e 9SA packet will take a cop. etric M 1& " (. . 7 Support +ierarc+al design 7 aBi/u/ +op count M unli/ited 7 Send update on /ulticast address 0224.Ack N"w dest. $7 .&.$2. 7 1ead inter'al e'er. * "roble-s: 7 5lapping interface go up * down freGuentl.37 . &3 2$$ 2: .

)1 3.# and 1) sent t+is to e'er.&.. 7 9inks are sent to t+e 1) * (1) 0backup 1)2 on /ulticast 224. 0to displa. . kcA .. 3& )outer 0config2 b int )outer 0config7if2 b I! OS!5 prioritIp @@@.+22 kcA )1( . / Wild card )outer b s+ )outer b s+ ask: I! I! OS!5 OS!5 f& &3 2$$ 7 Continuous of &Es followed b.state of OS!54 1) or (1)2 @@@@.one else on seg/ent on 224. 0To c+ange t+e priorit-2. Ack . @@@@@@@.2.Ack kcA . nei int 0to s+ow t+e )I1 of t+e neBt neig+bor2.+22 kcA . !ress I13 9ocal significant 013 #$$3$2 (1S9 ssecorp enO 1I !rocess I1 Area @@.&.17 !riorit.2. I! <ild card /ask )outer 0config = router2 b network @@@@@@@. N"w dest.&. 1(1S9 2(1S9 D Isolation on t+e sa/e router4 use 2 process I1 one for eac+ network I!. .0default M12 fra/e &3 2$$ 27 )outer I1 0)I12 a7 6ig+est loop back interface on t+e router 09ogical interface2. )outer 0config2 b int loopback )outer 0config7if2 b I! address * Router discovery: @@@@ @@@@@ I! Subnet /ask @@@@@@@@.$ A#L 3.2.continuous of 1Es.2. b7 6ig+est acti'e p+-sical interface on t+e router.&. kcA . T+is router is failed / The configuration: )outer 0config2 b )outer OS!5 @@@@@.

&.9 (Area .&.&.order 9outer )20config2brouter ospf 1 )20config7router2bnet 1&.& &.&.& &.ertise ent •j ‘–x N}„{Tq $ello"acket —X–Œ« šZO˜ XYs .&.34 &&34&31$4 5ast.9 autono ous s!ste 1oundar! router ³8NS3³ kjTqnT ¢~s €ŽXZ‹Ž ¬Š–† °{u N}„{q |†X² kRqTk{ €O‚[T™{T ¥X‹’p{T i› ¥XjŠ‚„j vŒ™{ y~{T kRqTk{T Šsq )20config2brouter ospf 1 31 .14 &&34#3334 5ast.2$$ area & )20config7router2bnet 13.&.&.2$$ area 2& A.)outer 0config = router2 b router7id /6#.t+ernet&"& area ij klmT |x okZpj kRqTr yV 6#.vŽ €‚•Z}{T kRqTk{T €xk„}{ $ello €{X˜r N˜kŒ i{ €±X•Ž N‹Ž v†n €O–’{T •j N‰TŠZ{T ij kRqTk{T T~s i‹}ZŒ i‚x kjnT T~s SX§{¯Ž š–R A#.X}‡YOŽ X}Ox X•RnT X}‡Y‹}Œ i{q iOZ‹’p{T iOŽ A.&.&.&.&.9 router Šs ~{T 92 z‚› kjnT T~s ~•Y† tnT )2bs+ ip os"f z‚› ™Œ O —kŸq 11.&.&.& >11&"2&? 'ia 1&.&.& >11&"2&? 'ia 1&.&.& €‹’p{T ¢~s “kŒq N„•j os"f v†T z‚› ™Œ y~{Tq k••{T T~s q™…{T i}¡ “k† —Š˜ O O IA 11.9 (Area kRqTk{T T~s z}•Ox €•‚Zƒj area z{T |}ZYR vOx interface vwZx Nm yV area ij klmn okZpj kRqTr oXYs tXm TuT (.t+ernet&"& q™…{T i}¡ k••{T T~s ™sXp† —Š˜ 91 z‚› kjnT £•† XY‚„x Š{q 13.&.&.& ulti area: A.& inter area ”Š† ij kRqTr “kŒ kRqTk{T T~s tT z‚› ™Œ IA )1bs+ow ip ospf neig+bor )1bs+ow ip protocol ¤rqX…}{T kRqTk{T ¤™sXp}{ kjnT T~s N„•}{T ŠmŠRkŽ i› ¥X†XOŽ ¦k„{ )1bdebug ip ospf packet no v‚’¨ i‹{q kjnT £•† œZ‹† T~s —X–Œnq €‹’p{T i}¡ XsTkŒ |Z{T ¥X†XO’{T ¦Tk„Z˜QŽ V™’Œ —Š˜ ©OwŽ "acket NO§pZ{ AS T~s ª[ ij X‡O‚› N„•j Xj Nmq €wZ•{T ¢~s ¥X†XOŽ ¦Tk„Z˜n )1bs+ow ip ospf int f&"& ŠmŠRkŽ 1irect connected|RnT network ~O•YZŽ ¬Š–† I! vYO„j €wZx z‚› $ello"acket —X–Œ« qT SX§{T NPT ij )40config2bint f&"1 )40config7if2brouter ospf 3 ŠmŠRkŽ z{T Š[™{T œ…Œ )40config7router2bpassi'e7interface f&"1 š{q “k[V ¤kj Xl}{T T~s -Zxq Wª®T ™Y„x kjnT T~s SX§{¯Ž š¨ °{u ™„ŽqAd.order kRqTk{T T~s tŠ‹Œ T~‡Žq os"f |•† N[TU X‡„ˆYx N‰TŠZ{T X‡Y‹}Œq •„Ž •j €‚•Zj area ij klmT N„…†T X†UrT TuT (9outer Xj ”X•–†T N•wŒ —Š˜ v†T™–x šR TuT v†n vŽ SXYZ›nT œ…Œq T •™P š‡jq žX•Ÿ kRqTr T~s tŠ‹Œq area ij klmQŽ ‘’Rkj qT “kŒ kRqTr T~s yV .&.

/ 0onfiguration: )outer 0config2 b )outer / Trou1le shooting: AS @@@@.I8)! )outer 0config7router2 b network )outer b s+ )outer b s+ I! I! eigrp eigrp nei 1irect connected network I! @@@@.@@@@@@ 0to displa.table2.2$$. 7 Co/patible wit+ I8)!.1& 7 Class less * reliable.&. 7 S-/bol in routing table is ³1³.2$$.2$$. ( Feasible successor 1F%): 7 (ackup route 0in t+e topolog.&.protocol.)20config7router2barea 2& range .&.& Note t+at3 .&.2$$.. 7 Support /ultiple network la-er protocols 0I!4 I!B4 Apple talk2. 7 Ad/inistrati'e distance M :& 7 5ast con'ergence3 use 1CA9. 7 If a pri/ar.& is t+e su//ar.&.& 2$$. 7 Send updates on /ulticast 224.neig+bors2 0to displa.table. 7 )-AL: 1iffusion Cpdate Algorit+/.&. 32 topologauto7su//ar- )outer 0config7router2 b no . / )-AL: 7 T+is algorit+/ store neig+bors routing infor/ation in local topolog.&. ( %uccessor 1%): 7 (est route 0in t+e routing table * topolog.& 2$$.& and . 7 To"olog! ta1le: all route to all networks.&.of t+ese networks 'n!anced Interior gateway ro#ting protocol: 2'I7(P3 7 Cisco proprietar. 7 aBi/u/ +op count M 224.&. ter inolog!: 7 Neigh1or ta1le: table contains all neig+bors.&.routing fails4 1CA9 can take a back up route fro/ t+e topolog.&.table and place it in t+e routing table. / (I89.& )20config7router2barea 2& range .S * 5S of topolog. 7 9outing ta1le: best routes to all networks.&.table2 0to /ake it classless2.&.&.table2. .

(I89.1 k˜ €}‚m2 µXZ•j qT SXp†T2 )outer0config7ke-c+ain7ke-2bke-7string 1234 k˜ €}‚m2 µXZ•j ij2 )outer0config7ke-c+ain7ke-2bint f&"& k•pj X‡O‚› X•RnT N„…†q )outer0config7if2bip aut+entication /ode eigrp 1 /d$ klmT SXp†T i‹}Œ X}m 1234 tŠ‹Z˜ k•{T €}‚m ke.k•pj X•RnT ¤k}{T ¢~s i‹{q su1net £•† ij £O{ |Z{T ¥XwZ•{T •j ™Œ™P ij X•RnT UŠ„O˜ Xs™„Ž )outerbs+ow ip eigrp interfaces detail —Š˜ ™ŸTq š¨r kRqTk{T z‚› kjnT T~s €Žk…R ™Y› kO•pZ{T €’O–Ÿ š˜Tq kO•pZ{T ”Š† Xjq €•’Rkj “k[V vwZx š‹Ž €wZx Nm —k„† X‡Yj |Z{Tq ¥XjŠ‚„}{T ¢~s XY{ k‡»Œ I!7. eigr" X‡O‚› N„•}{T kRqTk{T iOŽ X•RnT kO•pZŽ ¬Š–† 9oute .X‡‚[TU |x |Z{T k•{T €}‚m œ•Ÿq X•RnT kO•pZ{ ah ed €’O–w{T ¬T™ƒZ˜T vYj XY’‚± XYs ¶’•† š{ |Z{T ¥XwZ•{T €O–Ž •j X•RnT ™–x ™¨ k•pj vŽ X•RnT -’‰T y~{T 91 kRqTk{T tT ™…Y˜ kRqTk{T €O–Ž z‚› kO•pZ{T N„•† š{ TuT XYs X‡O‚› ¶’•Œ š{q kRqTr kO® z‚› ·†Xm TuT zZŸ su1net £•† |x •j |Z{T ¥XwZ•{T “kŒ —Š˜ v†T yV .2 |†Xl{T 0k•{T €}‚m2 µXZ•}{T tŠ‹Œ tT i‹}j µXZ•}{T X‡O‚› ¶’•† N„…† |‹{ kRqTk{T ¥XwZ•{T z{T œs~† tnT d3 Š‹RkŽ ¬T™ƒZ˜XŽq kRqTk{T z‚› N„•j eigr" ij klmT XYŒ™{ tŠ‹Œ tT i‹}j v†n eigr"1 X•RT z‚› kO•pZ{T N„x ¢XY„j )outer0config7if2bip aut+entication ke-7c+ain eigrp 1 a+/ed ..oisoning €‚‹pj ij ´‚ƒZ‚{ )outer0config2bke.™„Ž kO•pZ{T tT i‹}j v†T z{T v’ZY† XYsq #witch ¸{XŽ €‚•Z}{T ¥XwZ•{T z‚› kO•pZ{T ¶’•†q 91 z‚› ¢XY‚„x X}m kO•pZ{T vO‚› N„•†q kRqTr N‹{ œs~† tnT hosa š˜T XsXYO•›T )3 |xq ali š˜T XsXYO•›T 92 |xq ah ied ·†Xm 91 |x ªlj k[T z{T kRqTr ij kO•pZ{T œ¹X–Ÿ SX}˜V º‚ZƒR . &"2 2$# & 6ello inter'al is $ sec eNeBt B/it serial enone Cn"reliable /casts3 &"4 Cn"reliable ucasts3 . KLMN OP QRSTUV MWXYT œZ‹† š² 91 z{T œs~Y˜ XY{Xlj œ•wx ..kO•pZ{T œ¹X–Ÿ Nm |x X‡••† tŠ‹R tT œ…Œ 012342 k•{T €}‚mq 0ke! 12 µXZ•}{T z{T €’•Y{XŽ i‹{q . |†Xl{T i› º‚ZƒŒ I. €xXl‹Ž qT ¤rT½§Ž |Y„R 9edundanc! €}‚m v{ 9outer Nm X • „’± .....". cast eBceptions3 1 C) packets3 1 AC^s suppressed3 & )etrans/issions sent3 2 Out7of7seGuence rc'd3 & ³Aut+entication /ode is /d$4 ke-7c+ain is ³a+/ed Cse /ulticast 5a&"1 & &"& & &"2 & & 6ello inter'al is $ sec eNeBt B/it serial enone Cn"reliable /casts3 &"& Cn"reliable ucasts3 &"& cast eBceptions3 & C) packets3 & AC^s suppressed3 & )etrans/issions sent3 & Out7of7seGuence rc'd3 & Aut+entication /ode is not set Cse /ulticast )irst 9op (ed#ndancy Protocols &-8 ªlj NAT ŠmŠRqkŽ š‡O‚› N„•jq €‹’p{T |x 0klmT i‹}j qT2)outer tXY²T XYŒ™{ ·†Xm TuT . iw† °{~{ N}„{T —Š–Œ —Š˜ €‚‹pj yV |x N•Ÿ TuT v†n k•[ ™ŸTq getawa! z‚› UX}Z›nT ·¨Š{T £•YŽq °{u ¾Š…Œnq -Ow‰ kO® S|¿ 33 . v‚}„Ž |†Xl{T ¬Š–Œ X}s™ŸT |x €‚‹pj N•Ÿ TuXx N}„{T iOjQR NPT ij °{uq iOY²nT z‚› ‘’ˆ{XŽ X‡••† |s š‡RTUT™›Tq T~sq ¾X‡…‚{ €•‚Zƒj getawa! tXY²T €ŽXZ‹Ž ¬Š–Œ ¾X‡…{T |x €‹’¿ ¥km ij klmT š‡Œ™{ iŒ~{T iOj™ƒZ•}{T •„Ž T~{ ...c+ian a+/ed k•{T ¥X}‚m ij kOlm U™› z‚› yŠZwR tT i‹}Œ ah ed š˜XŽ kO•pR €’O–Ÿ SXp†T |Y„Œ T~sq )outer0config7ke-c+ain2bke..I8)! interfaces for process 1 F/it ¼ueue ean !acing Ti/e ulticast !ending Interface !eers Cn")eliable S)TT Cn")eliable 5low Ti/er )outes 5a&"& 2 &"& #.su1net kO® ijq kO•pZ{T £•† X‡O‚› ..

0$#9.2$$.&.2$$.&... = 8L...t+ernet&"& 7 8roup 1 €›Š}…}{T š¨r State is Acti'e X„•{T Šs v†T XYs |Y„Rq kRqTk{T €{XŸ 2 state c+anges4 last state c+ange &&3143$2 %irtual I! address is 1&.1 2$$.&.$& .e k[ÀTq 0Acti.2.2$$.alance z}•Œ ..& )10config7if2bno s+ )10config2bint f&"& )10config7if2bstandb.&.alancing š›™Œn .ac&1 34 .‘–x ™ŸTq ŠmŠRqkŽ NO„•R œ…Œ .1 ip 1&.&c&..2 2$$.& )10config7if2bno s+ 92 z{T i" U™w† tnT )10config2bint f&"& )10config7if2bip add 1&.2$$.. G99..Load.&... I!'# š›™Œ .&. iOY²nT z‚› NO„•Z{T z‡Z†T Xs™„Žq ‘’ˆ{XŽ vO‚› ¥TŠ•ƒ{T £•† ~O•YZŽ ¬Š–†q 92 z{T X„•{T N’Om ••¨ šR Š‚x N}„Œ y~{T Šs ‘–x ™ŸTq oXYs i‹{q iŒkRqTk{XŽ ÂX[ i" T~s ....."ing N}„Œ k}Z•O˜ Ns “k†q X„•{T Šsq šs™ŸT N••Ž ¬Š–† š²q X • „j iŒkRqTk{T Nl}Œ y~{T i" T~s z‚› 9' ij "ing 91 z{T i" U™w† tnT )10config2bint f&"& )10config7if2bip add 1&. 29ot6Standby (o#ter Protocol 29S(P &-8-.&. = G99..‘–x 0isco €mkpŽ ÂX[ Šsq X •›ŠO¿ klmÀTq |•O¹k{T ŠsqLa!er ' ŠmŠRqkŽ Šsq N}„Y˜ š² X • –ŽX˜ XY}‚„R Xj Nlj ip š‡{ €wZx N‹{ U™ŸT tT ™„Ž ™ŸTq ip |Ž €‹’p{T z‚› TŠPkƒŒ 92 q91 N„…Y˜q kRqTr €²ª² XYŒ™{ XY{Xlj |x .2.e Xj i› º‚ZƒŒ T~sq €O‹ORXjŠRT ¤rŠ•Ž k[nT NO„•ZŽ °{u ™„Ž šZOx qÀT |x €‚‹pj N•wŒ tT z{T NotActi. .&.& )10config7if2bno s+ 9' z{T i" U™w† tnT )10config2bint f&"& )10config7if2bip add 1&.$& iŒkRqTk{T ª‹{ XY‚’¨ ij ¢SX•›T šR Xj Šs T~sq Acti'e 'irtual AC address is &&&&.¤™›X•}{T vYj œ‚•Œq k[nT kRqTk{T z‚› ™¹T½{T N}w{T |jkŽ ¬Š–Œ 0vZ¨X± 2 |s ¥nŠmŠRqk’{T ¢~sq šsXŒT½j •„Ž |x ‘O•’{T —ªZ[nT •j X • ’Œk–R vŽXpZj š‡‚O„•Rq €O‚}„{T ¢~s i› €{qÁ•j ¥nŠ‹RqkŽ €²ª² oXYs .Ur z‚› N•wŒ v†T “kY˜q k[T z‚› kRqTr yV ij "ing N}„†q Ãk…† kjnT T~s €ŽXZmq 91 z{T ÃXs~{T ¶Œk± i› 6S9! ŠmŠRqkŽ N„•† tnT X‡Yj XYPk[ ™¨ XYm TuT €wZ•{T z‚› —Š¨Š{T œ…Œ tT œ…Œ €O‰Xƒ{T ¢~s vO‚› N„•Z˜ kRqTr Nm °{~{ €O‰Xƒ{T ¢~s |x okZpZ˜ |Z{T ¥TkRqTk{T šˆZ˜ |Z{T €›Š}…}{T š¨r z‚› ™Œ ™ŸTq š¨r i" SX•›« ¾Š…Œnq €›Š}…}{T |x kRqTr Nm vOx okZpR —Š˜ y~{Tq iOj™ƒZ•}‚{ z•„Œ —Š˜ y~{T T~‡x i" XjT €›Š}…}{T š¨r £•† |x tŠ‹Œ œs~† tnTq 9edundanc! NO„•R šR T~s ™„Ž ..&. ŠmŠRqkŽ NO„•R €{XŸ |x nT €‹’p{T £•† |x ¬™ƒZ•j i" qT kRqTr €wZ•Ž ÂXƒ{T 12.2$$.&.vOPŠR šZO˜ °{~{ . º‚Zƒj i" v{ •’•{XŽ i‹{q qÀT kRqTk{T z{T vŽXpj ‘’ˆ{XŽq ¥TUT™›nT £•† vO‚› N„•j |†X² 9outer z{T €PXwŽ |x œZ‹† Xs™Y›q 0š‡Yj N‹{ €„ŽXR €wZx N‹{ º‚Zƒji" v{ kRqTr Nm tXŽ š‚„{T •j2 iŒkRqTk{T ªm z{T ™ŸTq i" •¡q ¶Œk± i› vO{T iOj™ƒZ•}{T Šsq iOY²nT ij ™ŸTq kRqTr tŠj™ƒZ•Œ —Š˜ iOj™ƒZ•}{T tT N•wŒ y~{T XYsq iŒkRqTk{T N‹{ z•„}{T ™Œ™…{T i" iOj™ƒZ•}{T €‹’¿ ¥qkm tŠ‹Œ ©OwŽ 9edundanc! z}•Œ Xj T~sq k[nT kRqTk{T z‚› €O‹ORXjŠRT ¤rŠ•Ž iOj™ƒZ•}{T NŒŠwR šZO˜ vOx €‚‹pj N•Ÿ TuXx acti.32 z‚› "ing N}„†q 9' z{T œs~† tnT .2$$.e2 X„x šs™ŸT ij klmT2 qÀT kRqTk{T z‚› ™¹T¾ N}Ÿ N•Ÿ TuT yV ·¨Š{T £•† |x •„Ž •j tŠ‚}„Œ iŒkRqTk{T tT |Y„R ¢~‡x Load .3 2$$. €{X„x €O‰Xƒ{T ¢~s tŠ‹R T~‡Žq Ur z‚› N•wY˜q N„•}{T iŒkRqTk{T z‚› kjnT T~s ~•Y† |±XOZŸnT š‡Yj yTq X„•{T š‡Yj yV €xk„j NPT ijq ¤k¿X’j ¤rŠ•Ž v‚}„Ž ¬Š–Œ —Š˜ |±XOZŸnT k[nT 3€O{XZ{T ¥X†XO’{T z‚› N•wY˜q €O‰Xƒ{T ¢~s š‡O‚› )1bs+ standb5ast.

riorit! z‚›T œŸX‰ kRqTk{T º¨ŠR šR TuT v†T |Y„Rq.ree "tion €O‰Xƒ{ €OYj½{T ¤™}{T n • qT U™w† 3$ .&. secs !ree/ption disabled Acti'e router is 1&.32 secs !ree/ption disabled Acti'e router is local Standb.24 priorit.1&& 0eBpires in :.ac&1 9ocal 'irtual AC address is &&&&..e X„•{T Šs €ŒrX’PT ¤rŠ•Žq X •}¹TU 9outer kRqTk{T k’ƒO˜ “k[V ¤kj UX›q ¤kZ•{ €j™ƒ{T i› .2.ree "tion Šs X}YOŽ ¤U™wj €OYj¾ ¤™}{ N}„{XŽ SX–’{T vYj œ‚•Œ i‹{q X„•{T Šs -’•O˜q €j™ƒ{T z{T UX› ™¨ v†T tnT X„x Šs y~{T 3 91 z‚› |‚Œ X}Ž ¬Š–† °{u N}› NPT ij .1#4 sec2 X„•{T Standb.kjT ~•Y†q 91 z{T X •Rk¿X’j œs~†q #witch q 91 iOŽXj N’O‹{T NO‰ŠR ™O„† T~s UŠ„Œ tT X†UrT Š‚x .e ¤rŠ•Ž N}„{T UqX„O˜ Xs™„Žq €‹’p‚{ €j¾ª{T ¥XjŠ‚„}{T •}…Œ .&c&.riorit! š¨r kOO§ZŽ ¬Š–† Acti.&..e Šs 92 tŠ‹O˜ °{u ™„Žq Ur z‚› N•wŒ š{ TuT Xsk»ZYŒ |Z{T ¤™}{T yV Ur #tand1!router is |s |Z{Tq ¥X†XO’{T i}¡ ij €jŠ‚„}{T ¢~s “kY˜ °{~mq .e X„•{T v‚„…Œqi" z‚›X’ŸX‰ 8roup na/e is ³+srp75a&"&71³ 0default2 |¡TkZxnT Šs XYsq €›Š}…}{T š˜T 3¥XjŠ‚„}{T ¢~s XY{ k‡»O˜ kjnT £•† X†~•†q )2 z{T XY’su TuT XjT )2bs+ standb5ast.&.ac&1 0'1 default2 6ello ti/e 3 sec4 +old ti/e 1& sec NeBt +ello sent in 2..32 z‚› ping kjT ~•Y†q ÄŠ•{XŽ 91 ‘ŽkŒ y~{T N’O‹{T ••–† ~O•YR ª[ ij °{u “k† tT •O•Z•†q Acti. 1&& €O¡TkZxnT |s XYsq €O{Š{qnT v{ ·†Xm Acti.2.UT™„Z˜T €{XŸ |x k[T kRqTr 0—qk„j kO®2 ™PŠŒn yV unknown ·w’‰V €{Xw{T tT ™…Y˜ s+ standb.1&& 0eBpires in :. Acti.ac&1 0'1 default2 6ello ti/e 3 sec4 +old ti/e 1& sec ·Oj k[nT k’Z„Œ —Š˜ |†TŠ² 1& ™„Ž Ur N•wŒ š{ TuTq €›Š}…}{T |x v„j ij ºpZ‹Œ |‹{ Š‚s €{X˜r N˜kŒ |†TŠ² 3 Nm v‚wj NwŒ Šsq NeBt +ello sent in 1.e Šs tŠ‹Œ tXŽ z‚›ÀT €ŒŠ{qÀT v{ ij z‚› ™Œ Uk…}Ž vO‚› N•wŒ š¨k{T T~s .1&& 0default 1&&2 8roup na/e is ³+srp75a&"&71³ 0default2 kRqTk{T tTŠY› z‚› N•ŸT tT z{T |†TŠ² 12 k[QZŒ —Š˜ 9' ij 12.14 priorit. Acti.riorit! rXOZ[XŽ ŠmŠRqk’{T ¬Š–Œ —Š˜ š¨k{T £•† iŒkRqTk{T |x ·†Xm TuXx..:2..router is local !riorit.e ¤kj qT tXm Xj™„Ž #tand1! z{T v‚ŒŠwR šR v†T ™…Y˜ “k[V ¤kj kjnT ~•Y†q Speak ™Œ™wR XYO‚› °{~mq €O–’{T ij z‚›T v‚„…†q...9ocal 'irtual AC address is &&&&..t+ernet&"& 7 8roup 1 State is StandbX„x £O{ yV UT™„Z˜T €{XŸ |x Šs XYs 1 state c+ange4 last state c+ange &&31#324 %irtual I! address is 1&.&.#1# sec2 kRqTk{T €wZ•Ž ÂXƒ{T i" Šs T~s !riorit.&.&c&.$& Acti'e 'irtual AC address is &&&&.&c&...&.router is 1&.1&& 0default 1&&2 z‚›T š¨k{T tXm X}‚‹x Acti. 92 z‚› shstand1! kjT .

1 priorit. !riorit. €O‰X[ X‡O‚› ~•Y}{T €wZ•{T z‚› —Š¨Š{T œ…Œ )10config2bint f&"& |†TŠl{XŽ ·¨Š{T rT™–jq X‡‚O§pR UTk}{T €O‰Xƒ{T Xs™„Žq kRqTk{T T~s X‡{ |}ZYŒ |Z{T €›Š}…}{T š¨r kmu œ…Œ )10config7if2bstandb..rr" œZ‹† stand1! €ŽXZm ™Ž T™› Xj $#9.....+old z{T iOj¾ ¤™j v{ £O{q €O†X² 1 Nm 0¥X†XO’{Tq ¥XlŒ™wZ{T Nm2Ad.1 pree/pt dela.e ™Ž 5aster š˜XŽ X„•{T kRqTk{T |}•Œ š›™Œn .Load. |†TŠ² 1& |s hold rX»Z†nT 3# .alancing &-8-/ 7%0P 27ateway %oad 0alancing Protocol ¤™jq €O†X² 3 Nm $ello €{X˜r ©„’Œ .Acti./ini/u/ 2&& )20config7if2bstandb.¤kOlm N¹X˜r X˜rT ¶Œk± i› *((P 2*irt#al (o#ter (ed#ndancy Protocol &-8-& °{~mq .ertise ent ..11& š¨k{T ij klmT š¨k{T T~sq 11& z{T XskOO§R šR 1&& Šs y~{T |¡TkZxnT N‹p{T T~s z‚› Xw’‰Tq tTkO§R iŒk•˜ oXYs “kY˜q 91 z‚› shstand1! kjT tnT ~•Y† !ree/ption enabled4 dela.Load.alancing š›™Œ .e Šs )2 -’•O˜ Xs™Y›q “k[V ¤kj 91 |Ž N‰Š}{T N’O‹{T z‚› kjTqÀT £•† ~O•YR •O•Z•† °{~m .€}O¨ kOO§R šR XYsq ••–† °{u ™„Žq #tand1! UŠ„O˜ 92 ¤UŠ› ™Y›q Acti'e Šs 91 -’•Œ —Š˜ #witch Z92 iOŽ Xj N’O‹{T ••–† tnT k»ZYO˜ Xs™Y›91 ‘ŽkŒ y~{T N’O‹{T ”XPrXŽ ¬Š–†q Acti.e Šs 91 UŠ„Œq €O†X² 222 3N‹p{T T~‡Žq 92 z‚› )20config2bint f&"& )20config7if2bstandb... I!'# š›™Œ n .1 ti/ers 1 $ ¬¾n kO® ij €‹’p{T X§¿T z{T yUÁO˜ T~sq ....1 priorit.z‚›T œŸX‰ v†n €ŒrX’PT ¤rŠ•Ž Acti... kRqTk{T z‚› N}„Œ °{u •jq La!er 2 ŠmŠRqkŽ Šsq . 0isco €mkpŽ ÂX[ .A š›™Œ .. NO„•R €–Œk± £•† v‚O„•R €–Œk± La!er' ŠmŠRqkŽ Šsq €{X˜r ©„’Œ . |†TŠ² $ |s hold ¤™jq €O†X² 1 Nm 6ello tT ¢XY„j T~sq . I./in 2&& secs N’¨ rX»Z†nT ·¨q ij vYOO„R šR Xj T~sq ”X•–†nT ™„Ž N}„‚{ ¤UŠ„{T enabled z{Tdisabled €}‚m kO§R ÅŸª†q X}m !riorit../ini/u/ 2&& kjnT T~s ~O•YR ¶Œk± i›.riorit! Šs v‚Œ™„R œ…Œ yuT |†Xl{T S|p{T )10config7if2bstandb.11& 0configured 11&2 configured z{T default €}‚m kOO§R šR °{~mq 11& ·w’‰Vq !riorit..$#9.1 pree/pt dela.....:& qnT kRqTk{T ij N¨T €}O¨ ¢XYO•›T 0°{u Nˆ•Œn i‹{q2 |{XZ{T kjnT ¶Œk± i› hold rX»Z†nT ¤™j °{~mq $ello €{X˜r X˜rn ·¨Š{T |x kOO§R i‹}Œ °{~m )10config2bint f&"& )10config7if2bstandb.. ‘–x 0isco £O{ ¤½‡PÀT ”TŠ†V Nm z‚› N}„Œ Šsq .

2$$.°ŽŠ˜XŸ z‚› €O{XZ{T ¥TŠ•ƒ{T ~O•YR °O‚› œ…Ox 1.S will co%p!te the checks!%" /. ”Š† ij ŠmŠRqkŽ Šsq . click Local Area Connection Link of the connection to change then choose 'Properties' !tton" #. choose the 'Ad$anced' ta to %odif& the ' IP V4 Checksum Offload' and 'TCP Checksum Offload (IPV4)' and 'UDP Checksum Offload (IPV4)'" DA9QR PF8..]ounin.kRqTk{T iOŽq |x ¢XYPkƒZ˜T y~{T i" N}wŒ y~{Tq y¾X‡…Ž ÂXƒ{T €’p{T ¥rXm kZƒ† N–Ÿ qT ijq NI6(thernet ¤~xX† qT ij X†¾X‡P ij •O•Z•† °{~Žq 0loud |Ž ÄŠ•{T N‰Š†q ÄŠ•{XŽ kRqTk{T N‰Š† —Š˜ XY†¯x T~‡Žq . LMNO8.Go to Control Panel->Network and Internet -> Network and Sharing Center..CDEFGH..1#.ÆjX†k’{T œO•YZŽ ¬Š–† š² XYŒ™{ ¾q™YŒŠ{T €ƒ•Y{ œ˜XY}{T rT™‰ÇXŽq standard edition NO}wZŽ ¬Š–† kjT ~•Y† 1os €¿X¿ XY{ k‡»Z˜ Xs™„Ž 9-N *[ 05) z{T ÃXs~{T ¶Œk± i› vO‚› N}„† y~{T ¾X‡…{T ip —k„† ºO»† i² ª • lj 9outerc?222 ºO»†q 8N#' ÆjX†kŽ z{T œs~† tnT XYŒ™{ ¾X‡…{T ip —k„† T~‡Žq i"config N‰Š† ºOm —k„† |‹{ X‡j™ƒZ•† cloud kZƒ†q ÆjX†k’{T rX•Œ €}¹X–{T ij ʘXw{T ¾X‡P N‹¿ z‚› ‘§ˆ† š² #witch ‘§ˆ{Tq žqX}{XŽ X‡O‚› —Š¨Š{T ¶Œk± i› configuration X‡{ N}„†q vOx N}„† y~{T €O–O–w{T ʘXw{T ¾X‡…Ž kRqTk{T y™{ €‹’p{T ¥rXm iOŽ |}sq ‘O˜q S|¿ i› ¤rX’› |s cloud ¢~sq configuration kZƒ†q i}ŒÀT žqX}{T °‚m z‚› .. Add ‘§¡T i² €ŒT™’{T . @IJK B.< 678 (.na le to -isa led so that the .. -). T™P ¤kOlm ÆjTkŽ |x UŠPŠj 3°Y‚{T T~s z{T œs~† ..XYŽ N‰Šj |–O–Ÿ kRqTr v†Xm9outer z‚› "ing N}› š² Slots X‡Yj kZƒ† ¤~xX† XY{ k‡»Z˜ ¢ª›V ¥TUT™›nT z{T Š[™{T ¶Œk± £•YŽq kRqTk{T z{T configuration N}„† °{~m €†X[ |x T~s rXZƒ† #lot 2: 0?222*I6*&( su1net £•† ij kRqTk{T €wZ•{ i" SX•›XŽ ¬Š–†q Console €wZx ij vO‚› N[™†q kRqTk{T N§p†q š‡YOŽ X}Ox N‰Š† š² 3€–Œk•{T ¢~‡Žq €‹’p{T £•† z‚› tXY²nT tŠ‹Œ |‹{ y™{ €‹’p{T ¥rXm )10config2bint f&"& )10config7if2bip add 1:2.2$$. £O{q Windows ? z‚› N}„R ·Ym TuT 3€}‡j €»Ÿªj ..Changed the setting fro% )* and +* .&-: 0ack#p process Š‹RqkŽ Šsq T&T. v}˜T ·†kZ†nT ij ÆjX†kŽ NO}wZŽ nqV ¬Š–† kRqTk{T ¥TUT™›T N‹{ €O±XOZŸT vƒ•† N}› NPT ij ™OP ÆjX†kŽ v†n ÆjX†k’{T T~s ¬™ƒZ•† œ{X§{T |xq . ¤kO§‰ vZŸX•jq ¤SX•m ·’²Tq +ttp3""tftpd32. ?@A => 9:..1.4& 2$$.°{~m kRqTk{T z‚› XYŽŠ˜XŸ ij qT Ur z‚› N•Ÿ tT tT œ…Ox XYZ‹’¿ ¥rXm z‚› kRqTk{T ij ping N}› Ãk…† š² "ing kjT ~O•YR ¶Œk± i› Ur z‚› N•wR š{ tQx Win\.net" . ..Press the 'Config!re"""' !tton.& )10config7if2bno s+ .)e oot &o!r %achine after the setting changes" )10config2b+ostna/e a+/ed a+/ed0config2benable secret 1234 a+/ed0config2bwr /e/ 3€O{XZ{T ¥TUT™›nT •„Ž vO‚› yk…†q kRqTk{T z{T UŠ„† kRqTk{T š˜T X†kO® kRqTk‚{ k˜ €}‚m XY„¡q 3iOZ–Œk± oXYsq kRqTk{T z‚› ¥TUT™›nT t½ƒŽ ¬Š–† tnT 9A5 ¤kmT~{T z‚› ¥TUT™›nT t½[ a+/ed0config2bwr 3.

.nter ‘§ˆ† .start tftp Address or na/e of re/ote +ost >?c 1:2.12& 1estination filena/e >a+/ed7confg?c start ÉÉ 1&&2 b-tes copied in &..1#.4..1#..& )20config7if2bno s+ |†Xl{T kRqTk{T z{T œs~† —Š˜ 0ÄŠ•{T •j v•ŽkŒ y~{T N’O‹{T ••–† —Š˜ XYsq2 qÀT kRqTk{T |x º¨ŠR N•Ÿ Š{ tnT 3€–Œk•{T ¢~‡Žq v†½[ šR y~{T ¥TUT™›nT º‚j È•† ¶Œk± i› qÀT kRqTk{T ¥TUT™›T £•† vO‚› ~•Y†q .2$$. 6] š² ™Œ™P r™{Šx QpY† . rX•}{ r™{Šx N[TU 9ocal I! 8lobal I! 3..¥XwZ•‚{ ´•ƒ}{T ip zZŸ ‘’ˆ{XŽ qnXm ™Œ™…{T kRqTk{T T~s ¥TUT™›T tŠ‹R —Š˜ |†TŠ² |xq . ¬X»Y{T €ƒ•† ©Œ™wR yV I6# €ƒ•† y™{ tXm TuT S|p{T £•† 3œZ‹†q kRqTk{T z{T œs~† š²q €–ŽX•{T ¥X•‚}{T ™PŠR ©OŸ T&T. ... š„†2 012 kRqTk{T 022 |x UŠPŠ}{T run z{T º‚}{T T~s È•† ™ŒkR Ns ™OmQR 1estination filena/e >running7config?c .er Interface €†X[ ij š² .. |}wjq ijTq |{X[ tX‹j |x V™’†q kRqTk{T z{T œs~† š² Tft"#er...vƒ•† UTk}{T º‚}{T š˜T z‚› Q•Œ tnT Source filena/e >?c Aaa .0....1. ¥TŠ•ƒ{T ¢~s ¶Œk± i› ™Œ™…{T kRqTk{T kRqTk{T z{T N[™† š² €wZ•{T £•YŽ |†Xl{T kRqTk{T N‰Š†q qÀT kRqTk{T N••†q qÀT kRqTk{T N••†q |†X² kRqTr •ˆ† 3vO‚› ~•Y†q |†Xl{T €‹’p{T su1net £•† ij kRqTk{T €wZ•{ ip SX•›« n • qT œ…Œ )20config2bint f&"& )20config7if2bip add 1:2.: b-tes"sec2 µX…YŽ t½ƒ{T šR . Ser.2$$.er €ŽXl}Ž y¾X‡P N„…Œ —Š˜ T~‡Žq X§¿ 3¥TUT™›nT È•† kjTqV ~O•YZŽ tft" ÆjX†kŽ |x X‡†½[Tq run |x ¤UŠPŠ}{T ¥TUT™›nT ij vƒ•† ~[ a+/edbcop. ÆjX†kŽ N§¿ vmkZ†q o¾X‡P ip kZ[T Ser.41 2$$. ÆjX†kŽ yŠwŒ y~{T ¾X‡…{T ip i› XY{X•Œ —Š˜ Address or na/e of re/ote +ost >?c 1:2. XsUT™ZjT tŠ‹Œ ¬X»Y{T €ƒ•† .2 secs 02.kRqTk{T z{T •ŽXZ{T run z{T tft" ÆjX†kŽ ij º‚}{T È•Y† yV X •–ŽX˜ XY’Zm Xj £‹› œZ‹† )2bcop.tftp run .run tftp o¾X‡P |x UŠPŠj Xj œ•Ÿ i" T~sqtft" ÆjX†kŽ vO‚› ™PŠŒ y~{T ¾X‡…{T ip œ‚•O˜ Address or na/e of re/ote +ost >?c 1:2.1. €–Œk•{T ¢~‡’xstartu" ¥TUT™›T t½[ X†UrT TuT a+/edbcop.er ÆjX†k’{T ¤~xX† ij rXZƒ† .1.XYŒ™{ šsÀT |s run ¥TUT™›T X •„’± ..1#.12& aaa œZ‹† —Š˜q ™ŒkR k[T š˜T yV œZmT qT ah ed*confg š˜nT T~‡Ž v†½[T Ns Q•Œ 1estination filena/e >a+/ed7confg?c aaa ÉÉ 1&&2 b-tes copied in 3..NˆxT T~sq NG9A5 z‚› ¥TUT™›nT t½ƒ{ tŠ‹Œq ¥TUT™›nT º‚j t½[ tX‹j U™w† 0urrent)irector! €†X[ ij š² ·Y{T ij ¢XY‚}Ÿ y~{T T&T..1$2 secs 0#$:2 b-tes"sec2 UT™›n t½[ y~{T ¥TUT™›nT º‚j ¬T™ƒZ˜T i‹}Ox ™Œ™P kRqTr XY’‚Pq ¢XY‚•x qT kRqTk{T |x €‚‹pj yV N•Ÿ TuT tnT .1.1#.X†¾X‡P |x UŠPŠjXj œ•Ÿ ip T~sq T&T.12& ...iO•‚Zƒj iŒrT™‰nT tn Q•ƒ{T N¹X˜r •„Ž XY{ k‡»R —Š˜ iO•‚Zƒj iŒrT™‰T ij iŒkRqTk{T tXm TuT º‚}{T T~s •¡ŠŽ ¬Š–Yx 1in.

.1#.1.1#.1#.2 1:2..3 !ort 1&2$ 1&2# 1&2$ 1&2.1.1 2&&.1.2 1B2.1 2&&.1A4.1.1 2&&. 1&2# I! 2&&. #rc.1...1.AT): 7 All /ac+ines +a'e t+e sa/e public I!. 1&2: 3: .1.1 !ort 1&2$ 1&2# 1&2...kRqTk{T ©Œ™wZŽ V™’Œ Xs™Y›q .1. ÆjX†kŽ yŠwŒ y~{T ¾X‡…{T ip i› XY{X•Œ —Š˜ Address or na/e of re/ote +ost >1:2.1. 2) )!na ic NAT : .1#.1.public I! address to e'er..1. (nd I.1.1.1 Internet 1B2.X†¾X‡P |x UŠPŠjXj œ•Ÿ ip T~sq T&T.12&?c 1:2.1.12& Source filena/e >aaa?c 1 : BB Na e of "ool . #u1net ask #rc.1A4.1A4.1.1#. 7 T+is process called 0address o'erload2.a+/edbcop. 7 T+e source port nu/ber are used to differentiate t+e different connection so itEs /ust be uniGue. Wild card ask &-.1.1#.tftp flas+ .pri'ate address.1.ool Na e T+e router is gi'en a pool t+at contains /an.nter ‘§ˆ†q º‚}{T UT™ZjT •j I6# º‚j š˜T v{ œZ‹† #tart I.2 1:2.1 1B2.1..1#.' 1B2. 1&2.1. ') .user tr.1. Network $ddress Translation: 2N$T3 T!"es of NAT: 1) #tatic NAT : Assign /anuall.1 2&&.I! address 0public2 and e'er. I. !assword 222.1 1:2.1 1:2.1.ort Addresses Translation (.1.to access a public network will be gi'en an I! rando/l-.+ I! 1:2.1A4.1.

net /ask ask #u1net @@@@@. O'erload NAT translations 0to displa.lain te%t v†n ijT kO® k’Z„Œ Telnet ¶Œk± i› Š[™{T ijT Š‡x ##$ 22 Š‹RkŽ ¬T™ƒZ˜T Nˆ•Œ T~‡{ . Wild card #tart I. (nd I. )outer 0config = line2 b login !er/it 1en1en- 't- 0to active the command2 !er/it ¤½sX…{T k‹‡{T ÆjTkŽ ™ŸT N§pŒ k‹‡{T ™ŸT i‹}j yV k•pj kO® -Œk‰ ¬ªm .k•pj v†n klmT (##$ (#ecure #hell • qT œZ‹† ijnT X•RnT T~s NO„•Z{q n 4& .H Configuration of NAT3 Inside 012 022 Outside 0Config7if2 b I! 0Config7if2 b I! 1* #tatic: 0Config2 b I! 2* )!na ic: 0Config2 b I! 0Config2 b I! b S+ I! NAT NAT NAT NAT NAT inside inside outside source static 9ocal I! @@@@@ @@@@@ 8lobal I! pool Na e of "ool @@@@@ @@@ @@@ #rc.. ask 1 : BB #rc.Telnet and SS9 * #et "assword to telneting of the router for re ote configuration.w+o uses t+e NAT2 If !AT #ecuring )e. I.> inside source Na e list @@ !ool ..kRqTk{T z{T €’sT~{T ¥XjŠ‚„}{T ‘–Z‚Œ šZŒ T~‡Žq kRqTk{T ip v{ U™wŒq 0š¿2 sniffing X‡}˜Tq . )outer 0config2 b line & 4 !assword )outer 0config = line2 b password @@@@@.ices -/ /-. 0Config2 b Access7list @@@ per/it @@@@ ? @@@@@@@.ool @@@@.

utt! ÆjX†kŽ ¶Œk± i›q €‹’p{T |x ʘXŸ z{T œs~† tnT œZ‹† !Cass+ 7l a+/ed 1&&. bit )SA ke-s4 ke-s will be non7eBportable.. 1&.&.:#. kO•pZ{T ¤Š¨ rXOZ[T šR XYs Ê 8enerating 2&4.)outer0config2buserna/e a+/ed secret cisco1234 €}‚m i› º‚ZƒŒ X‡‚}›q Š[™{T ™Y› X‡’‚± šZO˜ cisco12'+ |sq k˜ €}‚m X •ˆŒT N}„†q ah ed Šsq ¬™ƒZ•}‚{ š˜T .)0config2b cr-pto ke.&.a+/ed.&./odulus in t+e range of 3#& to 2&4..>O^? µX…YŽ šR kO•pZ{T ¤Š¨ rXOZ[T co unication X•RnT ¥XjŠ‚„j N–Y{ £O{q configuring ‘–x ¥TUT™›ª{ kO•pZ{T T~s Option )OCT. |x ª • O••R žr™R €•‚Zƒj ¥XOŸª‰ X}‡YOŽ |x 1$ |s €OŸª‰ z‚›Tq |s /ask €OŸª‰ N¨T H ar 1 134#34.:: +as been enabled )OCT..^e-s.co/ C+oose t+e siLe of t+e ke. for -our 8eneral !urpose .)0config7line2btransport input telnt €ŽXZm i› °{~m )OCT.&.generate rsa kRqTk{T š˜T kOO§R ™„Ž “k[V ¤kj T+e na/e for t+e ke-s will be3 )1.NA(9. C+oosing a ke.& 1$ ¥XOŸª•{T •’ZR XˆŒVq X•RT 1$ N’–Œ XYs Src.&.&.1&&.!lease define a +ostna/e ot+er t+an )outer Ê kO§Zj š˜nT tXm TuT k‡Ë ¥n ¢~s tXjÀT ij ”ŠYm k[T š˜T z{T |¡TkZxnT kRqTk{T š˜T kOO§R œ…Œ v†T ¢XY„j Q•ƒ{T T~s N‰nT |x )outer0config2b+ostna/e )OCT.3 1en27 den-.&. 7 AC9 can do one of two actions3 17 per/it .4 !er/it 7 3C s: are set of a co//and t+atEs grouped under certain nu/ber or na/e to control traffic flow.generate rsa k•p}{T X•RnT ¬T™ƒZ˜T œ‚± .)0config7line2btransport input ss+ k•pj kO§{T |§‚Œq SS6 ¶Œk± i› k•p}{T X•RnT ¬™ƒZ˜ tXŽ telnet ¶Œk± i› kRqTk{XŽ N•ZŒ ´ƒ¿ yV rX’PT k•p}{T kO§{T ¬X»Y{T z{T ¢™O„Œ T~s )OCT.)0config2bline 't.) kRqTk{T š˜T kOO§Z{ )OCT.13 SS6 1.take a few /inutes vRUXŒ¾ i‹}Œq ½jr $12 z{T k•pŒ —Š˜ ½jr Nm ©OŸ kO•pZ{T ¤Š¨ œ‚± Šs |{XZ{T TÁ•{Tq SS6 kO•pZ{T NO§pR šR XYs $12 š¨k{T €•›Xˆ}Ž 6ow /an.co/ œ…Œ ¤Š•[ |sq š˜nT T~s ·wR kRqTk{T ij U™› šˆR €mkp{ •ŽXR kRqTk{T T~s yVkRqTk{T Nm šˆŒ iOjqU š˜T Šs T~s co .3 ÊSS67$7./odulus greater t+an $12 /a. ¢™„Ž S|¿ yV tŠ‹Œ š˜nTq X‡‚}› )outer0config2bcr-pto ke.$1.&.1 L Š}‰ —kŸ ¢™„Ž œ{X˜ Open !assword3 cisco1234 k•{T €}‚m œZ‹† XYs /-& Network sec#rity: access control list 2$C%3 Nu/ber of AC9 Internet 1&.bits in t+e /odulus >$12?3 2&4. I! <ild& card 00N.)0config7line2blogin local ÄrX[ qT š‡ZOŽ ij N•ZŒ tT i‹}Œ ijUT yV tn T™P š‡j kjT T~s €‹’p{T N[TU ij tŠ‹Œ tT X•RnT k’…Œ T~sq €‹’p{T kOZO‚}•{T |x i‹{q ##$ ¶Œk± i› X•RnT rXZƒ†q .vŽ €¨ª› X‡{ £O{q vŸk¿ ¶ŽX•{T telnet k˜ )outer0config2bip do/ain7na/e a+/ed.1 !er/it 1&.2 1en- 1&.3C co+figuratio+: 41 .

2$$ t+is eGual M an-4 0per/it or den.³ 2. )est wild card ask Option card /ask #rc I.7I. 47 At least t+ere /ust be one per/it state/ent in AC9 or ot+erwise all packets will be dropped.na/e (1) #tandard nu 1ered A0L: Standard nu/bered AC9 filter packets based onl. )outer 0 config 2 bAccess7list Ì 1 3 :: Í Ì per/it " denÍ"rotocol @@@.AC94 -ou canEt add state/ent between state/entsh an.are routed to an outbound interface. > instead of wild card /ask.2$$. #rc<ild wild card ask T0.&2 or write M greater t+an @@@@@. aBi/u/ nu/ber of AC9 can be applied on eac+ interface is two 0one per direction4 per protocol2.&.³ 0 state/ent at t+e end of AC9 called ³ den. ? @@@@@@> . 47 In an. . In bound 7 In an inbound AC94 packets are processed before t+e. $C% processing: 17 State/ents are processed fro/ top to down.we write t+e wild8t card /ask as 0&.src I!4 onl.G M eGual 9t M less t+an 7 If I want to per/it or den.2$$.all networks2.na/e eBtended an.on source I! address in t+e packet +eader.&. / 0onfiguration: Src. Out bound 7 In an outbound AC9 0)outed and t+en pre'ented2.an. )outer 0config2 b int s& Nu/ber of AC9 42 .i/portant. Note: 7 If I write t+e wild card /ask is 2$$. 37 If no /atc+ is found t+e packet will be dropped due to ³ i/plicit den.a7 create AC9. Note: . I! )est I. A0L t!"e Nu/bered Standard 13 :: eBtended 1&&3 1:: Na/ed Standard an. 27 Once /atc+ is found no furt+er state/ents. .Í +ost @ip@@. 7 b7 Assign t+e AC9 to certain interface. ? +ost )outer 0 config 2 bAccess7list Ì 1 3 :: Í Ì per/it " den.new state/ent is added to t+e end of t+e list4 so t+e seGuence is 'er.

.&..1.&.$..2"24 )outer 0config2 b Access7list )outer 0config2 b Access7list )outer 0config2 b int e& $ $ denper/it 1:2. )est I.1.1"24 )outer 0config2 b Access7list )outer 0config2 b Access7list )outer 0config2 b int e& $ $ denper/it an- )outer 0config7if2 b I! access7group / ..1#.1#.@@ ?OperatorD 1ST protocol infor/ation? 43 .1.1. CCNA Telnet or / 0onfiguration: T0.1.1"24 S& Internet e& 1en- 1:2.1#.1#. (2) (%tended nu 1ered A0L : 7 ItEs /uc+ /ore fleBible t+an standard AC9. ask ?Operator Dsrc protocol infor/ation> @.)outer 0config7if2 b I! access7group (% 1 : !er/it @@@@@@@ Ì In " out Í.7I. 37 !rotocol infor/ation 0 port no. 4 IC ! /essage t-pe 2.1"24 1:2. "rotocol )outer0config2bAccess7list Ì 1&& 3 1:: Í Ìper/it"den-Í @@@@.lace ent of standard A0L: $ out 7 !lace I! standard AC9 as close to t+e destination as possible.@ @@@@.G M eGual 9t M less t+an 1:2..1#. $ in <ild card /ask 6ost e$Src I!e# Src wild card /ask Src I! e3 eTC! e4 protocol 2 " I! e1 1est wild card /ask . Telnet or 1:2. )est wild card ask #rc I..&.1#...& 8t M greater t+an 1:2. 27 TC!"I! protocols 0 I!4 TC!4 IC !4 @@@2.&.2 1:2.Btended AC9 can /atc+ on3 17 Source I!* destination I!..$.1 &.& &.2$$ AC9 na/e )outer 0config7if2 b I! access7group (% 2: Ser'er e& )est I.&.&.. @@@@.1#. #rc wild card @@. 7 ..1 &.

.1#.@@@@@ > * If e%tended: )outer0config7eBt7nacl2bÌ per/it " den-Í @@@.&"24 Internet e& 1:2.1#.1#.& Internet 44 .. 6ost (% : Ser'er e& 1.1&. operatorDsrc pro info > @.1 1:2.1 eG 23 anan- access7group 1#$ in / ..1. In na/ed AC94 -ou can delete certain state/ent inside t+e AC9.& 1:2. ? @@@.2..G M eGual 9t M less t+an 8t M greater t+an Note: 7 7 In nu/bered AC94 -ou cannot delete certain state/ent4 onl.$.lace ent of e%tended A0L 7 !lace I! eBtended AC9 as close to t+e source as possible.@.1#.1"24 Telnet or den.11.de'ice fro/ ping so we deal wit+ IC ! not TC! or C1!.. @@@@@@. 1:2.&.. D If I want to den..@ @@... )outer 0config7std7nacl2 bÌ per/it " den.G M eGual 9t M less t+an 8t M greater t+an 0Na/ed 0AC9 )outer0config2bAccess7list Ì 1&& 3 1:: Í per/it I! an- an- 0 to per/it all 2..1.1#...-ou can delete t+e w+ole AC9.1#.&"1# e1 e2 e3 e4 e$ e# 1:2.. <ild card /ask TC! " I! protocol Src I! Src wild card /ask ? 1est wild card /ask @@..@ )est I...13..1#.1#..& 1:2.Í @@@@.1...1#.1#.1 +ost 1:2..@@..1"24 0)estrict onl.& 1:2.$.13..telnet fro/ 6ost to Ser'er2 )outer0config2bAccess7list 1#$ )outer0config2bAccess7list 1#$ )outer 0config2 b int )outer 0config7if2 b I! e# 1:2.12.@@? operatorD1est protocol infor/ation> ..1#. (') Na ed A0L: > 0onfiguration: )outer 0config2 b I! * If standard: Access7list Ì standard " eBtended Src I! AC9 na/e Í @@@@@..TC! per/it I! +ost 1:2.

.ort €wZ•{T ¢~s N•–Œ —Š˜ ¢kO® ™sX¿ TuTq5A0 T~s N}wŒ ¾X‡P “Š˜ “kR i{ —Š˜ €wZ•{T ¢~s XYs config rXZƒ† k‡»R |Z{T ¤~xXY{T ij š² vO‚› °‚m N}›q ʘXw{T z{T ÃXs~{T ¶Œk± i› XY{Xlj ij 5A0 ÄTkƒZ˜T šZŒ .5A0address N–Ÿ |x ¢™…Y˜q &ast(thernet2 rXZƒ† ¤~xXY{T rX•Œ €}¹X–{T ij š² kjnT T~s )os kjTqV ¤~xX† |x œZ‹Yx iOjq™{T £•† i}¡ ™„Ž i› €’˜Xw{ AC €xk„}{ XjT C3daget/ac "s 1:2..ortsecurit! Switc+0config2bint f&"2 Switc+0config7if2bswitc+port /ode access €wZ•{T z‚› º–† iw†q €ŒX}w{T €O‰X[ |›™Z•† tnT Switc+0config7if2bswitc+port port7securitX‡Ž ‘’Rk}{T ʘXw{T ´ƒŒ y~{T 5A0 €ŽXZm •j €wZ•{T z‚› €ŒX}w{T €O‰X[ ~•Y† tnT Switc+0config7if2bswitc+port port7securit.ort#ecurit! z‚› yŠZwR N§ZpŒq €mkp{T ʘXŸ ‘Žr ”XPr¯Ž ¬X¨q kjnT T~‡Ž ºËŠ}{T —k› Tu« TuXj .)outer0config2b I! Access7list eBtended I! an- CCNA @@@@ &.1.1 eG 23 )outer 0config7if2 b I! access7group )outer b s+ )outer b s+ )outer b s+ I! I! I! int Access list Access list CCNA in 0to displa.ort €xk› tŠmV tT ™„Ž ™Œ™P ij €wZ•{T NO§pRq Š[™{XŽ ad in ¬Š–Œ tT z{T #hutdown €wZ•{T z–’R —Š˜ .2$$ Telnet or )outer0config7eBt7nacl2b den.1&3 ..13. X •Rk¿X’j #hutdown v{ N}„Œq ..&..ort#ecurit! NO„•R N’¨ .¥XwZ•{T N•¨ šZO˜ ºOm X‡O‚› ¶O’•Z{T UTk}{T ¥XwZx Nm qT €wZ•{T z‚› switch"ort odeaccess kjT ~O•YR œ…Œ .&..ort#ecurit! €O‰X[ ¢~sq kjÀXŽ “k†q .kjT )os €¿X¿ |x œZ‹Yx XYjXjT ʘXw{T tXm TuT XjT 4$ ..v{ 5A0 œ‚P UTk}{T ʘXw{XŽ ÂXƒ{T Šs i" T~s .&$C: .1#.& an- +ost 1:2.1#...ort#ecurit! €O‰X[ vO‚› ~•Y†q ¶ŽX•{T XY{Xlj z{T UŠ„† .TC! )outer0config7eBt7nacl2b per/it )outer0config2 b int e& 1:2.01 ʘXŸ T™ŽQŽ ¬Š–Y˜ °{u ™„Žq .t+e place/ent and direction of Access list2 0to s+ow state/ent of Access7list2. yUX› ...02 tX‹j .42:&. 0Na/ed 0AC9 Port Sec#rity /-/ N}„{T €‹’¿ z{T v•ŽkŽ ¬Š–Œq ·O’{T ij v„j La"to" œ‚…Ž ºËŠ}{T ¬Š–Œ tT i‹}}{T i}x €‹’p‚{ iOjQR oXYs i‹Œ š{ TuT ¥XmX‡Z†nT ¢~s ij €‹’p{T €ŒX}Ÿ œ…Œ °{~{ ¤kO’m rTk¡QŽ œ’•ZŒq ¥XOŸª•{T NjXm v{q €‹’p{T z{T qT ·Y{T z‚› Š[™{Tq X‡†T 0isco#witch Xlj ..riand#witch |x €‚O}…{T ´¹X•ƒ{T i}x ./ac7address &&&1...1#.1. €²™Ÿ TuT ¥X¨TkZ[nT ¢~s —XpZmT °{~mq N•–Ž ¬Š–Ox €mkp{T ʘXw{ £O{q kO§R ™¨ 5A0address tT #witch “kŒ tT Uk…}’x .

9d< S Switc+bs+ port7securit¾X‡…{T ´ƒR ·†Xm |Z{T €wZ•{XŽ ¾X‡P Nm š‡•Žr ™O„†q .address 5A0address |†Xl{T UŠ}„{Tq port X‡{ |}ZYŒ |Z{T €O›k•{T €‹’p{T š¨r Glan š¨r qÀT UŠ}„{T |x vOx q™P k‡»Ox £jXƒ{T UŠ}„{Tq €wZ•{T tTŠY› •ŽTk{T UŠ}„{Tq €wZ•{T z‚› vZO’lR X‡Ox šR |Z{T €–Œk•{T ©{Xl{T UŠ}„{Tq €wZ•{T z‚› ·’l}{Tq šZŒ tT ™„Ž nT q™…{T T~s |x 5A0address k‡»R n2 .02 ij "ing N}› Uk…}’x X’–Z˜T 3kjnT T~s œZ‹†q X‡{X•¨T šR |Z{T ¥XwZ•{T z‚› º–† š² X‡YmXjÀ ¤½‡PÀT ”XPrT nqV œ…Œ N}„‚{ "ort ”XPrT NPT ij Switc+0config2bint range f&"273 Switc+0config7if7range2bs+ut X‡‚O§pR ™O„† š² ijq "ortsecurit! kjT N’¨ ij X‡xX–ŒT šR X‡†T Š{q zZŸ €wZ•{T SX•±n shut kjT XY’Zm kjnT T~‡Ž “k[V ¤kj Switc+0config7if7range2bno s+ut ..@A TF7U $sticky Switc+bs+ port7securit. VWX D`WEk\K jM[\[8. VWX qui[8. c<h. g9Q8 oR."ortf272 N•¨ šZO˜ .t. BDZFI8. VWX TA@U n8...< lZFI8. gM[Q8.^FG.k[nT z‚› 0. ^>H.. g9Q8. MAC g9Q8 PUDi8.0¤½‡PÀT N’¨ ij ¥X†XOŽ X’–Z˜T qT X˜rT 4# . D |w<9w eFRDF{ zw^x =X.s."ort |x ·’l}{T 5A0address £•† N}wR |Z{T ¤½‡PÀT XY„PrT XY†T ÎkpŽ N}„‚{ UŠ„R T~‡Žq <.s.01 ij "ing N}„Ž ¬Š–† š² kˆ[T z{T €wZ•{T tŠ{ ŠwZR zZŸ 0€O†X² 3&2 k»ZY†q k[nT qT X˜rT yV X‡O‚› N•wŒ š{ tn T~sq kˆ[T ·{T¾Xj "ortf272 i‹{q k}ŸÀT tŠ‚{T z{T €{ŠwRq f27'T •rŠx €wZ•{T .02 q./ac7address stick.. gM[Q8. gM[Q8. eFEuiK yK lvw^x _DR< BDZFI8. ¶•{T Šs stick! zY„jq .^K PF8.01 = .< lZFI8.< qr9: PF8.022 ¾X‡P Nm ij "ing N}„Ž ¬Š–† D`EWX @IJ[8. gM[Q8Df eEf c<9d DJ8 ^`aEb _@8. m8Di8.^8.access Šs €wZ•{XŽ X•RnT ”Š† Switc+0config7if7range2bswitc+port /ode access ~O•YZ{T N’¨ X‡‚m ¥XwZ•{T z‚› €ŒX}w{T €O‰X[ |›™Z•† |‹{ |{XZ{T kjnT Switc+0config7if7range2bswitc+port port7securit€wZ•{XŽ v‚O‰ŠR šR ¾X‡P qÀ ¢TkŒ 5A0 qT Å•Ÿq NO…•Rq €ŒX}w{T kjT ~•Y† tnT Switc+0config7if7range2bswitc+port port7securit.. ¶¹X¨™{XŽ €wZ•{T ¢~s z‚› 5A0 T~s €O‚›X•{ |–’Z}{T ·¨Š{T . MACaddresses lf^Q> DUgC.. gM[Q8. €ŽXZ‹{T ™Y› X‡Ox Q•ƒ{T €O{X}ZŸT oXYsq €‹’p{T ¤½‡PV N‹{ 5A0address Nm •}…Ž ¬Š¨V tT T •™P ¤™–„j €{XŸ ¢~sq 5A0 qT Å•wŒ kjnT T~sq . N‹p{T T~‡Ž "ortsecurit! kjT ~O•YR tŠ‹O˜ iOZ{Xw{T ªm |xq v{ U™w† tT œ…Œ T~‡{qd!na ic"ort |s ¥XwZ•{T qT €wZ•{T €{XŸ tT XsUX•j €{X˜r XY{ k‡»Œ —Š˜ ¤k¿X’j ¢™„Ž y~{T . lZFI8. ../ac7address stick3N‹p{T T~‡Ž tŠ‹Œq €‚•‚•Z}{T ¥XwZ•{T ij €›Š}…j z‚› kjnT T~s ~O•YZ{ €–Œk± oXYs XˆŒVq Switc+0config2bint range f&"173 3kjnT T~s ¬™ƒZ•Yx €‚•‚•Zj ·•O{ ¥XwZx z‚› —Š¨Š{T X†UrT TuT °{~mq Switc+0config2bint range f&"14f&"34f&"2 kjT X†~•†q °{u N„•† š{ TuTq |{XZ{T kjnT ~O•YR œ…Œ n • qT .< portsecurity .^FGH.0' z‚› .02 z{T . |{XZ{T Šsq Auto ¤rŠ•Ž 5A0 œ‚…Œ k[T kjT oXYs . BDp.C3daipconfig all °{~{ . PWQI8.@A @IJU< P\E]^8.01 iŒ¾X‡…{Tq #witch iOŽ X•RnT ••–Ž ¬Š–† tnT N•¨ šR v†T “kY˜ . . . S ^>H.sD> Y>DO8. VWX @IJEb . DA.. YZ[8..€wZ•{XŽ v{X•ŒT šZŒ ¾X‡P qÀ Switc+0config7if2bswitc+port port7securit. MAC .

notification vŒ™{ y~{T ¾X‡…{T ”XPrT šR tTq zZŸ Xw{T |x €wZ•{T Wª®T šZŒ Wk[ N•Ÿ TuXx )efault |¡TkZxnT STkPnT Šsq .^FG. S Switc+0config2bint f&"2 c Switc+0config7if2bswitc+port port7securit..€wZ•{T ¢~s |x €‚‹pj N•wR —Š˜ ™ŸTq 5A0 “kŒ tT n v{ -}•Œ lEW[X _….hone X‡Yj rXZƒ†q (nd)e.@A zw^x =X †8s yFw< $t.€‹’p‚{ Wk[ N•Ÿ v†XŽ Ad in z{T ¬ª›T €{X˜r X˜rT •j ij ¥X†XO’{T X˜rT ¤UX›« shutdown ^ !uts t+e interface into t+e error7disabled state i//ediatel. .@A TF7U ewCDud. . S c Switc+0config7if2bswitc+port port7securit. ”Š† ij ºRTŠs ‘Žr |x ªlj °{uq ¾X‡P ij klmT “kR tT €wZ•‚{ i‹}Œ z‚› X •ˆŒT yŠZwŒq vOx |Z{T #witch €wZx ¶Œk± i› #witch ¸{XŽ v‚‰Š† š² I.counter to incre/ent šZO˜ ·’l}{T 5A0 ”XPrT ™Y›q º‚Zƒj 5A0address “Vr tT €wZ•{T ¢~s ¶Œk± i› ¥X†XOŽ X˜rT º¨ŠŒ —Š˜ . . ^>.and sends an SN ! trap Ï . #witching Purposes for using switching: 4.iolation €}‚mq . 9w9ZF8 ^G.0 z}•R “k[V €wZx ../aBi/u/ aBi/u/ addresses e17132a yV €wZ•{T ¢~‡Ž X•RnXŽ X‡{Š’¨ šZŒ —Š˜ |Z{T 5A0addresses U™› Nl}Œ ¬X¨rÀT ¢~s iOŽ Xj š¨r œZmT |Y„Œ T~sq ¤½‡PÀT z{T ÃXs~{T ¶Œk± i› °{u šZŒq G6I.'iolation protect Securit.secure AC addresses to drop below t+e /aBi/u/ 'alue šZO˜ ·’l}{T 5A0 ”XPrT ™Y›q º‚Zƒj 5A0address “Vr tT €wZ•{T ¢~s ¶Œk± i› ¥X†XOŽ X˜rT º¨ŠŒ —Š˜ .vO’YR €{X˜r X˜rT •j €wZ•{T |x ·’l}{T 5A0address ^>H. •.'iolation s+utdown /ode €²ª² vOxq ..^dH. DJw98 €^>H. ʘXw{XŽ N‰ŠR ..@A DJuF{ M8 }H. ^Eƒ 0AC address ‚^w D>9JX port eR •Mvw _@8. l>~X ?9QR< ^>H.'iolation restrict /ode s+utdown Securit.€P8DF8.ices n tXm Š‚x 5A0address ¾X‡P N‹{ iŒ¾X‡P "ort “kŒ —Š˜ °{~{q . .. STkPnT |Y„R . X‡O‚› ~O•YZ{T UTk}{T ¥XwZ•{T qT €wZ•{T z‚› º–† iw†q kjnT ~O•YR œ…Œ 3|sq vŽXpZj X’Œk–R šsklmTq ¥TrXOZ[T "rotect ^ 1rops packets wit+ unknown source addresses until -ou re/o'e a sufficient nu/ber ofÏ .'iolation protect /ode restrict Securit..€‹’p‚{ Wk[ N•Ÿ v†XŽ Ad in ¬ª›T kO® ij ¥X†XO’{T X˜rT ¤UX›« restrict ^ 1rops packets wit+ unknown source addresses until -ou re/o'e a sufficient nu/ber ofÏ secure AC addresses to drop below t+e /aBi/u/ 'alue and causes t+e Securit-%iolation . ?CMˆR oot MA ‡FwMb 6Qd S Switc+0config2bspanning7tree 'lan 1 root pri/ar€O†X² 3& z{T rX»Z†nT z{T €PXw{T tqU !%ST T ¶O’•Z{ S Switc+0config2bspanning7tree /ode rapid7p'st +.. DJ8 ^`aEb •D`IFb. eU„G yK _@8.

7 Onl. 1* .t+ernet run fra/es 0fra/es s/aller t+an /ini/u/ legal siLe of ..one pat+ can be taken fro/ one de'ice to an. 7 ItEs faster but /a. 2* (. 7 To reduce t+e nu/ber of . (2) 0ut _ through:* 7 T+e switc+ stores t+e first 14 b-te t+en begins to forward t+e fra/e M pass t+roug+. 4.). (') &rag ent free: * 0 /odified cut7t+roug+ 2 7 T+e switc+ store first #4 b-te t+en begin to forward t+e fra/e. 5 ain purpose of ST! is re/o'ing la-er 2 loops fro/ -our topolog-7switc+ingswitc+ing loop2.er! switch will take a co"! of .er! switch will for e.Switc#es do not break broadcast domains b! default Bridging VS.er! 2 sec).. Spanning tree protocol 2STP 3 A ( C 7 1 .)-s (.).ow cost and latenc! Switching limitations: . 7 C+ecking t+e 5CS4 if itEs t+e sa/e included in t+e fra/e4 forward it4 if itEs different4 drop it. .).Hardware – based bridging (ASIC) .ot+er de'ice. +-.Cost – effective – resilient internetworking Switching services: . LAN Switching& Bridge Switch Software based Hardware based ASIC c#ips Have one S'( per bridge Have man! ow number of ports "an! numbers of ports . 7 Switc+es will use (!1C 0 (ridge !rotocol 1ata Cnit 2 to learn t+e topolog.C resend it to other neigh1ors.is floated fro '* (."ake sure t#at users spend $% percent of t#eir time on t#e local segment .be switc+ing bad fra/es.Bot# make forwarding decisions based on la!er ) address 6 Met!ods o" switc!ing: (1) #tore _ and _ forward:* 7 T+e switc+ forwards t+e fra/e after t+e co/plete fra/e is recei'ed. a data1ase fro all .t+ernet fra/e2.sending e.Wire speed ."ust break up collision domains correctl! ..er! switch to all other switches.Breaks up collision domains ...of t+e network.

A* #lectio+ of desig+ated port 1!"): 7 ItEs t+e port +as t+e best port on eac+ 9AN seg/ent to reac+ t+e root switc+ 0+as least accu/ulated pat+ cost2. ') Learning: AC address 0 least AC is t+e best 2. +) &orwarding: 7 !rocess (!1C4 update AC table and forward user traffic t+roug+ t+e port. 7 All root switc+ ports are 1!.ort states: 1) .2. 6.Fi+di+g bloc2i+g port 1B"): 7 (! is neit+er )! nor 1!. AC (!1C @@@@@@ New 5CS TA8 AC table but still not forwarding t+ese fra/es. b2 T+e switc+ AC address.+* #lectio+ of root s&itc': 7 ItEs t+e switc+ wit+ t+e lowest switc+ 0(ridge2 I1. 7 1efault is 1$ sec. 7 T+e switc+ I1 0. b-te 4 7 Still listening processing * begins to eBa/ine t+e source address in t+e user fra/e updating its 9engt+ 1est.t+ernet M sa/e bandwidt+4 so we look at t+e / .#. 7 )oot bridge +as no root port. 7 So least cost /eans +ig+ bandwidt+. 3* #lectio+ of t'e root port 1R"): 7 ItEs t+e best port on a non7root bridge or switc+ to reac+ t+e root switc+. Note: 7 T+e bandwidt+ is con'ersel. 2) Listening: 7 Still listening for (!1C and double7c+ecking t+e la-er 2 topolog-4 user traffic is dropped.proportional to t+e cost.0default 324. 7 1efault is 1$ sec. AC and Src. 7 If a tie 0 if bot+ are t+e sa/e in bandwidt+ 2 3 t+e port connected to t+e switc+ wit+ least bridge I1. b-te2 is /ade up of 2 co/ponents3 a2 T+e switc+ priorit. Note: All links are fast . 4: . 7 1efault is 2& sec.locking: 7 9isten and process (!1C to elect root port4 designated port and blocked port.

7 %9AN can span on /ultiple switc+es. +-/ *%$N tr#nking  trunking t!"e 0 fra/e tagging wit+ %9AN I1 2 1) Inter #witch Link (I#L): 7 IS9 is a cisco propriater. 7 ItEs /ainl.lan Original 5CS $& .di'ides t+e switc+ into /ultiple independent switc+es at la-er 2.a port t+at is connected to a !C. AC Src.t+ernet fra/e and na e reco/puted t+e 5CS.t+ernet fra/e 4 7 (-te Trailer GLAN I) 2) I((( 422. * -sing GLAN to:* 17 8roups users b. GLAN connection t!"e: (1) Access "ort: 7 ItEs a port w+ic+ /e/ber in onl.keeping sensiti'e de'ices on separate %9AN. Note: ItEs unlogical to waste 2 ports for cable for eac+ %9AN.'en unicast or broadcast cannot be forward in ot+er %9AN. 27 )educe o'er+ead b. (2) Trunk "ort : 7 ItEs a port w+ic+ is /e/ber in all %9ANs.trunking /et+od t+at adds a 2#7b-te +eader and 47b-te trailer.depart/ent 0 function 2.ac+ %9AN is a single broadcast do/ain. of .b.one %9AN. 1est.ro1le : 7 If broadcast is found4 it will be flooded t+roug+ all t+e network because of single broadcast do/ain. IS9 fra/e 2#7(-te 6eader .nforce better securit. #olution: using %9AN. 7 .li/iting t+e siLe of eac+ broadcast.1B ( dot 1 <): nu 1er 7 ItEs a standardiLed trunking /et+od t+at inserts a four7b-te field into t+e original . 7 %9AN logicall. 37 .+-& *irt#al %$N 2 *%$N 3 . No. / #olution using GLAN : 7 . AC 9engt+ @@@@@@.

ser'er. #u1net ask 7 Switc+ing /ust be in t+e sa/e do/ain to s+are /essage. Switc+ b s+ Switc+ b s+ AC7address7table spanning7tree 0to displa.root I1 * bridge I1 and status of ports )!4 1!2 $1 . of the interface which is connected to 7T" pru+i+g :7 ItEs a Cisco %T! feature used on trunk connections to d-na/icall.er 7 client 7 trans"arent I. 7 It reGuires all of t+e switc+es to be in ser'er /ode. AC Src.re/o'e %9ANs not acti'e between 2switc+es.: IS9 O) Nu/ber of t+e port IS9 or na e #er. * There are ' odes of GT.b-te 4 1est.t+e AC address table2 0to displa.default all ports of switc+ in %9AN1. AC TA8 I. 7 %9AN /anage/ent !olic. 0% !S2 / GLAN trunk "rotocol: (GT.protocol t+at trans/its %9AN I. 7 (.) GLANinfor/ation nu 1er across trunk port. 9engt+ @@@@@@ #u1net ask To put I! for %9AN New 5CS GLAN Nu/ber of t+e port / GLAN e 1ershi"3 I) (1) #tatic GLAN assign ent: ³!ort based %9AN³ 7 Assign certain port to certain %9AN /anuall-. (2) )!na ic GLAN assign ent: ³ AC based %9AN³ 7 Support plug * pla./o'abilit-. 7 %T! is a Cisco proprietar.

@@@ )outer 0config7subif2 b I! address Note: I put I! address to t+e sub interface in t+e network of t+e %9AN network t+at connects to it. of the interface which is connected to . +-+ inter*lan 2s#b inter"ace on t!e ro#ter3 6n router: )outer 0config2 b int )outer 0config7if2 b no @)outer 0config2 b int 5& I! address IS9 O) )outer 0config 7if2 b no s+utdown 5&. 6n switch: Switc+ 0config2 b int Nu/ber of t+e port 5&"@@@. Switc+ 0config7'lan2 b na/e Switc+ 0config2 b int f&"1 /ode access 1 I.%9ANs2 0 to create %9AN 2 05or na/ing 'lan2 Switc+ 0config2 b %9AN @@@@@@. #u1net ask @@@@@@@@ . na e @@@@@ access 'lan Switc+ 0config7if2 b switc+port Switc+ 0config7if2 b switc+port Switc+ 0config2 b int %9AN Switc+ 0config7if2 b I! Switc+ 0config7if2 no To assign a trunk: Switc+ 0config2 b int No.lan @@@@. /ode Trunk na e Switc+ 0config7if2 b switc+port Switc+ 0config7if2 b switc+port Switc+bs+ %T! status do/ain /ode Switc+ 0config2 b %T! Switc+ 0config2 b %T! trunk IS9 or dot1¼ 0to /ake trunk port2 0to /ake t+e trunking2 encapsulation 0to s+ow status of %T! ser'er "client "transparent2 0To c+ange t+e na/e of t+e do/ain2 0State a /ode2 $2 @@@@ #er. /ode trunk Switc+ 0config7if2 b switc+port Note 37 -ou need a router to connect different %9ANs.Switc+ b s+ %9AN brief nu 1er 0to displa.. 0To assign t+e port in 'lan2 To put I! for %9AN address @@@ @@@@@@@ s+utdown #u1net ask Nu/ber of t+e port 5& " @@@@@@@@@.er 7 client 7 trans"arent @@@@.@@@@@@ I.. )outer 0config7subif2 b encapsulation I. 1 &r24 3 GLAN nu 1er dot1¼ @@@@@@@@. of ..@@@@.

1C. L^FI8.2 Switc+0config2bint range f&"173 Switc+0config7if7range2bc+annel7group 1 /ode on . |†TŠl{T X„’± I! z‚› ¤½‡PÀT Š•Ÿ k[QR œ’•Œ —Š˜ #T.to t+e switc+2 ..2 't!erc!annel +-1 T~sq 1251"s vZ›k˜q š‡YOŽ Trunk N’Om ‘ŽkY˜ T~‡Žq (thernet1251"s š‡RXwZx Nmq #witch tXY²T y™Y› Š{ ij klmT Æj™Ž ¬Š–† °{~{ ”k˜T ¥XwZx |x ™Œ™P ÄŠ˜ ykZpR tT €mkp{T €O†X‹j« |x oXYs £O{q T™P kO’m ЕŽ z{T yUÁ˜ XY‚‰q TuT tnT iw† . yFw< D |E]DvWK e8 lo#off lEW[X !"itch nW8 6ˆZw< eEf ^>.@7A z]Dp98DR qpM8.. ¥XwZx . y™{ tXm TuT z‚› Š•w{XŽ Np•R —Š˜ ¤½‡PV oXYsq I.¾X‡…{T ¥XjTr z‚› N}Ÿ N}„Œ n |‹{ ¶¹X¨U $ Nm q™…{T ¥XŒŠZwj -•j šZŒ :`abcd ^Nb •..Switc+ 0config2 bI! default7gatewa- @@@@@@@@@@@@@@. ij I.Guip/ent 0C!. N‹p{T T~s kjnT œZ‹Œq 3& qT . ŠmŠRqkŽ UŠPŠ’x ¤½‡PÀT z‚› I.ort €wZ•{XŽ š‹wZ{T •O•Z•†q i‹}Œ ªx 1251"s XYs µXZ}{Xx rT™–j yÀ X‡‚O‚–R i‹}Œ n °{~mq 1&& i› X‡RUXŒ¾ i‹}Œ (thernet 1T. #T. z‚› ¾X‡…{T N•wŒ tT z‚› €–O¨U ij klmT qT €–O¨U z{T N•Œ tT i‹}j k[QZ{Tq N}„{T |x Wk•R r~ŸT š‡j |¿ oXYsq .. X •„j N}„R ¥ªŽX‹{T Nm “kZ˜ Xs™„Ž port )ast +-.. UŠPq œ’•Ž I! TuTq €wZx yV z‚› €O‰Xƒ{T ¢~s NO„•R i› k‡»Œ —Š˜ y~{T kŒ~wZ{T “kR —Š˜q Trunk ”Š† ij ¥XwZx z‚› €O‰Xƒ{T ¢~s N„•R tT ij . ŠmŠRqk’{T T~s ·wR N}„R X‡†XŽ ¥XwZ•{T ¢~s kO¿XR ™sXpY˜ s+ run kjT X†~•† TuXx . c~G => D`R y7ZF8.:1a Ti/eout in /inutes Switc+0config7line2beBec7ti/eout 3& “™}{T T~s iOŽXj ¢™Œ™wR i‹}}{T ¶¹X¨™{T U™› €–O¨U tŠ²ª² ªlj k•‰ œZ‹Yx €O‚}„{T ¢~s —X–Œ« X†UrT TuT XjT Switc+0config7line2beBec7ti/eout & kRqTk{T ¥XwZx •j N„•† XYm X}m X‡O‚› —Š¨Š{XŽ "ort €wZ•{T z{T Š[™{T •O•Z•† Switc+0config2bint f&"1 &ast v†n 12251"s XYs €›k•{Xx . PA< !"itch D`R ^[w PF8.T •™P •O»x 9oop |Ž œ’•ZŒ —Š˜ °{u N•Ÿ z‚› !ort 5ast €O‰X[ N„•† —Š˜ T~{ f27' z{T f271 ij €‚•‚•Zj |s Trunk ¥XwZx ·†Xm ©OŸ ¶ŽX•{T XY{Xlj |x #witch XYj™ƒZ˜T TuT 3N‹p{T T~‡Žq €O–’Z}{T ¥XwZ•{T $3 .. ŠmŠRqkŽ ¬Š–O˜ Trunk ij klmT iOPŠ•{T iOŽ N’O‹m X„j X‡‚m N}„R X‡‚„…O˜ T~‡Žq ¥XwZ•{T ¢~s z‚› (therchannel ŠmŠRqkŽ NO„•ZŽ ¬Š–† °{~{ 9edundanc! 3¥XpRŠ•{T ™ŸT z‚› ¥TŠ•ƒ{T ¢~s ~O•YR ¢~s ¶Œk± i›q ™ŸTq Trunk 0‘–x ™ŸTq #witch z‚› ~•YR2 Switc+0config7if2bspeed auto Šs |¡TkZxnTq 0C!. z•¨T ™wmq tXY²T z†UT ™wm ÆjUT tT €O†X‹j« oXYsq ™ŸTq Trunk ¸m X„j N}„R |m €wZx €{XwŽ N}„ŒqLoo" €{XŸ •Y}{ ‘–x ™ŸTŠ{ µX}•{Tq X‡xX–Œ¯Ž #T.& rXOZ[T Switc+0config7if2bspeed 1& Custo/er !re/iser .ort&ast €O‰X[ NO„•R œ…Œ )$0. z‚› ¤½‡PÀT Š•Ÿ STUV •Œk•R NPT i}x ..<h.. 0to set default gatewa. idel l8D: •D‰8. €›k•{T ™Œ™wR ªlj ¤Uq™wj ¥X}‹wR i‹{q .n i‹{q X‡‚O‚–R i‹}Œ 1T.9OFb.. . 1C. €$DJ8Di> T\:. 9w9ZK< Co$sole Switc+0config2b line con & c Switc+0config7line2beBec7ti/eout e&73$. ”¾ŠŒ €‹’p{T |x )$0. }<g => ^[K Lg9Z> lEJ>„8. 9w9ZK =7[> S lZFf VWX ŠMpM8. <.

.ort#erial NŒkO˜ €wZx °Œ™{ €OY’{T k’› ¥X†XO’{T N–YR |‹{ X • •O•[ €}}•j ¥ªmŠRqk’{T ¢~sq k[T z{T tX‹j ij ¥X†XO’{T N–YR |Z{T ¥nŠ‹RqkŽ |sq 0 transitionWAN ¥nŠ‹RqkŽ NO„•R NPT ij . 7 No setup procedure before trans/itting data.be enabled on ports connected to a single +ost.bridging loops Cse wit+ CACTION 3.0&ra e9ela!= .2 / WAN connection t!"e: (1) )edicated lines: 7 T+e link is a'ailable all ti/es all dedicated bandwidt+.. 1C. 7 eB 3 leased line.Guip/ent 0C!..Serial ¥XwZx y™{ tŠ‹Œ tT ÎkZpR WAN N„•Rq €YO„j ¥nXŸ |x nT i" N}„Z•R n La!er2 i}¡ N}„R WAN ¥nŠ‹RqkŽ tT Šs 9outing ¥nŠ‹RqkŽ iOŽq X‡YOŽ Wk•{T ¥X†XO’{T tT €•‚Zƒ}{T ¥X‹’p{T i‹}R 9outing"rotocol tT Šs k[nT S|p{Tq La!er ' i}¡ N}„R 9outing ¥nŠ‹RqkŽq ip ¬T™ƒZ˜T kO® ij . Wide Area Network (WAN) Introd#ction to <$N 1-. X • ˆŒT &i1er z‚› €OY’j |†Š•‚Z{T ¥X‹’¿ tT X • }‚› &i1er ¥X‹’¿ ¬T™ƒZ˜T i‹}Œq X}m tŠ•‚Z{T €‹’¿ |sq €OZwZ{T N–† €›k˜ ¥nŠmŠRkŽ .N‰TŠZR €•‚Zƒ}{T ¥X‹’p{T N„…Ž N[U X‡{ £O{q k[T z{T tX‹j ij ¥X†XO’{T N–YZx WAN ¥nŠ‹RqkŽ XjT X‡ˆ„Ž •j N‰TŠZR .eBpensi'e. $4 .2 |s X‡˜r™† —Š˜ |Z{T ”TŠ†V Ѫl{T z‚› N}„Rq X›ŠO¿ XsklmT ijq WAN ¥nŠ‹RqkŽ ij kOlm oXYs 1T.Switc+0config2bint ra f&"4724 ¥XwZ•{T X†U™Ÿ c Switc+0config7if7range2bspanning7tree portfast disable 1isable portfast for t+is interface €O‰Xƒ{T ¢~s —X–Œ« X†UrT TuT trunk ..X‡†qU ij (nter z‚› ‘§ˆ{Tq X‡ZŽXZm ¬™› i‹}j qT trunk €ŽXZm i‹}j v‚O„•R X†UrT TuT Switc+0config7if7range2bspanning7tree portfast trunk ”Š† |Ž €‚•Zj ¥XwZx z‚› v‚O„•R ij r~w{XŽ X†k’ƒRq €O‰Xƒ{T ¢~s X‡O‚› N„•}{T ¥XwZ•{T U™„Ž kŒ~wR €{X˜r k‡»Z˜ tnT . Ê Connecting +ubs4 concentrators4 switc+es4 bridges4 etc. ·†kZ†nT ”TŠ†V ™ŸT Šsq 2X • †XOŸT X‡O‚› ¶‚•Œ |Z{Tq WAN ¥nŠ‹RqkŽ X‡O‚› NO„•R i‹}Œn (thernet ¥XwZx tn .. 7 %er. 1T.andwidth"rotocol X‡†XŽWAN ¥nŠ‹RqkŽ z‚› ¶‚•Œq . 1e/arcation point 1C.2 0C!.nable portfast on t+e interface e'en in trunk /ode €O‰Xƒ{T ¢~s NO„•R X†UrT TuT . Custo/er !re/iser . œ…Œ ·†kZ†nT orXpZR €O‚[T™{T €‹’p{T |x ¤½‡PÀT N„…R tT ™ŒkR qT kRqTr z‚› ·†kZ†nT NO„•R ™ŒkR Xj™Y› n • qT . 7 Onl.portfast is enabled4 can cause te/porar..support point = to = point connection.¤rŠm~}{T ”TŠ†V ij <arning3 portfast s+ould onl... to t+is interface w+en ..

for duration of call. 37 ultilink.acket switching: 7 . 9D%C 29ig! %evel Data %ink Control protocol3 7 ItEs t+e default encapsulation on serial interface of Cisco routers. 7 eB. 27 Call back. 3 fra/e rela. 7 +as no option. 7 !!! options3 17 Co/pression.:(.assword Authentication . de'ice connects to a Telco using a single p+-sical line wit+ possibilit.rotocol 09C!2 9C! 9C! Cser na/e is 4 password is <elco/e 9C! $$ Network 0ontrol .4 analog dial up 0/ode/2 * digital dial up 0IS1N2. 7 Support point = to = /ulti point.rotocol ) Cser na/e !assword Cser na/e !assword Client Open connection Negotiate options 9C! !A! is ok Cser na/e * password 9C! Ser'er Link 0ontrol .support point = to = point connection.A. 7 eB. 7 ItEs useful back up connection. +dlc 1-&-& PPP 2 Point = to = Point Protocol 3 7 Standard protocol.4 AT 4 F2$ 1-& <$N protocols 1-&-. )outer 0config = if2 b encapsulation 7 !roprietar. 7 Onl. /.ac+ 1T.rotocol 0NC!2 1ata flow .of being able to forward traffic to all ot+er sites 0%irtual circuit 2.protocol. (') . Cserna/e !assword 47 Aut+entication 0!A! * C6A! 2.(2) 0ircuit switching : 7 !ro'ide dedicated bandwidt+ between 2 points. (ut onl.

3&& 2&& / 0onfiguration: (1) . 2 Aencr-ption 0one7wa-1 C 3 )outer b +as+3 t-pe of encr-ption2.Note: Cserna/e !assword 7 !A! is a 27wa.er: 0Config2 b Cserna/e 0Config = if2 b !!! Cser na/e !!! sent7userna/e @@@@ password !assword !A! !assword Cserna/e !assword !A! @@@@.rotocol ) Client Cser na/e !assword Ser'er Open connection Negotiate options 9C! -ser na e . : ( 0hallenge $andshake Authentication .ncapsulation 0Config = if2 b !!! . !!! @@@@. 7 C6A! uses one7wa.+as+ function based on t+e /essage digest 1&& 1&& $ 0 1$2.ncapsulation aut+entication $# .A.* #er.. 7 T+e source sends its user na/e * password in clear teBt.+ands+ake process.+ands+ake process. a 37wa. @@@@. 0Config = if2 b .assword 9ando 9C! 9C! C6A! is ok Send user na/e * password 9C! 9C! 9C! 9C! Cser na/e is )ando/ b ( output C+allenge <elco/e 2&& 3&& 1ata flow 9C! NC! 0$A.: A* 0lient: 5) switc+ 0Config = if2 b . / 0$A.

S1 S& 1&& # 2 # 1 # 2 # 1 2&& 2&& 1&& $. .No. of 19CI 5ro/ 1#31&&.

7 5) wit+ %Cs is a good solution if -our router +as a single serial interface but needs to connect to /ultiple CISCO ANSI / )ata Link 0onnection Identifier ()L0I): ¼. <A< destinations.ncapsulation b debug !!! 0Config = if2 b !!! aut+entication aut+entication.depending on t+e concept of 'irtual circuit 0%C2.:33A 7 . 7 %irtual circuit 0%C2 is a logical connection between 2 de'ices.. 9A! = (3 F.(2) 0$A. 0Config = if2 b . ( 2&& 3&& 1&& A 2&& 1 2 1&& 3 3&& C 19CI in 1&& 3&& 9A! = 53 fra/e rela-. 7 19CIs are a locall. 1-&-/ )rame relay 2)(3: C6A! 0 atc+ ser'er wit+ client2 7 5) is a data link la-er packet switc+ing tec+nolog-.: On bot+3 0Config2 b Cserna/e Cserna/e @@@@. !!! !assword !assword @@@@. 7 5) supports /ultiple access tec+nolog. .2$ 9A! = 13 IS1N 5lag A)! AC In'erse A)! 19CI 19CI I! I! !ort in 1 3 5) switc+ 19CI out 2&& 2&& !ort out 2 1 Control t-pe 1ata 5CS $.significant.ac+ %C +as a uniGue local address called 019CI2.

ice (standard): Nu/ber HH 0Config7if2 b fra/e7 relaintf7t-pe 1est.interface of 5)S as 1C. 0to displa. fra/e7relafra/e7relaNu/ber HH not 0isco de.ncapsulation * If an! of the * 6n &9 switch: 0Config7if2 bencapsulation ake it &9 switch: 0to act a router as 5) switc+2.H 9 I 0 9ocal anage/ent Interface 23 7 Signaling !rotocol between router * 5) switc+./ap ip 7777dlci7777 77777ip7 .encapsulation 5)2 ietf I! switc+ing. 0to displa.. # 2 # 1 # 2 # 1 2&& @@@ @@@ 0On t+e point 12 0On t+e point 22 0Config7if2 b fra/e7rela.2 No. D 9 I t-pe 3 International A/erican Cisco 1 = ITC 0¼.).& sec p+one 5ro/ 1#31&&. @@@@@ Note: 19CI fro/ 1# to 1&&. of Access list * 6n router : ( on the interfaces of the routers No. @@.route 1&& Note: $: . 7 ^eep a li'e * %C status.@@. Int @@@. I! 1C.:33A2 2 = ANSI 0AnneB2 3 = Cisco 0default2 )outer 5) switc+ )0( )0( )T( 0onfiguration of &9:* )outer )T( 1 2 * 6n router: which we want to 0Config2 b fra/e7rela* 6n all : 0Config7if2 b .route 2&& . 7 9 I is local significant. of 19CI 0Config7if2 b fra/e7relainterface719CI 0Config7if2 b fra/e7rela.B3 1. Int @@@. S1 S& 0Config2b Int 7 6n &9 switch : ee 1&& 0Config7if2 b fra/e7rela.

)outer 5) switc+ )T( )0( )0( 5) switc+ )T( )0( )outer )T( 7 If we +a'e two 5) switc+es4 we will put one of t+eir interfaces 1C. 0.:33A in t+e co//and wit+out dot 0 ¼:33A2.7 T+e interfaces t+at connected to t+e router can take I! address but t+e interfaces t+at connected wit+ 5) switc+ canEt take I! address because it beco/es deal wit+ la-er 2.e one T( #7T . #& If we ha.e IS1N ()I rate M 0 2 S K #4 2 D 1# M 144 kbps.:33A 01ispla.)ate Interface 22 IS1N !)I 23 2 ter/ination t-pe 1 de. 0 !ri/ar. 9 I Switc+ b debug fra/e7relaSwitc+ 0config7if2 b fra/e7relaCISCO ANSI ¼. /bps. 1 I#)N de.19CI table2 0/onitoring for 9 I2 0To c+ange t+e 9 I t-pe2. 7 Take care t+at t+e all I!s are in t+e sa/e network. NT1 2 S Connects /ultiple 0onnects !our 0 in .ice ( c+annel 3 0 1ata c+annel 2 carr. 7 <e put ¼. and t+e Ot+er 1T. > 6n all: Switc+ b s+ I! fra/e7relaroute.e T(2 I#)N de.:33A. NT1 .ice to de'ices toget+er 06ub2 ) Ter inal carrier network Non Ada"tor (TA) H 5unctional group and reference points37 (I#)N ode ) nati. 9 I7t-pe @@@@.$44 /bps. 3 3&( D 21 M 03&K #42 D 02K #42 M 2. 7 ItEs a standard t+at define +ow 'oice * data connection can be setup across digital links. > ) 0 Ti/e 1i'ision ultipleBing 2 to di'ide single p+-sical c+annel to /ultiple logical c+annels. H Integrated Ser'ice 1igital Network 0IS1N23 7 IS1N is a circuit switc+ing digital dial up connection tec+nolog-.urope 2 !)I"..ice ter/ination t-pe switch 0 in A/erica 2 !)I"T13NT 23( D 1 T M 023K #42 D #4 MC 1. as s+own in t+e figure.( 1 c+annel 3 0 control c+annel 2 for call setup * call /anage/ent M 1# kbps. T(1 (ter inal equi" ent t!"e 1) Nati.ri. I#)N Network Network I#)N (ri.&4.users data M #4 kbps. 7 T+e 9 I t-pes are Cisco4 ansi and ¼. 7 It uses t+e so/e analog link of telep+one line4 using T1 H IS1N t-pes 3 12 IS1N ()I 0 (asic )ate Interface 23 2.

I! @@@@@@.. switc+7t-pe @@@@@@@@. of Access list @@@. 3d4a+tage : 7 1ecrease routing o'er+ead.& sec 0Config7if2 b dialer /ap Route su--ari8atio+: 1est. !rotocol @@@ I! 0Config7if2 b . Nu/ber HH list @@@@.!R) 7 grouping of /a]or network I!s to a single CI1) block. * Classless . 0config7if2 b bandwidt+ @@@.B3 1. 0If we want to c+ange t+e bandwidt+ of t+e interface2 #1 . s+utdown group @@@@@. @@@@@@@@@.@@@ Idle7ti/eout I! .to +a'e a single I! address representing a collection of continuous I! subnets. 7 ItEs su//ariLing t+e I! subnets to a certain /a]or network I1.ncapsulation 9ist No. 0 as later 2 0Config2 b IS1N 0Config2 b Access7list 0Config2 b Int 0Config7if2 b I! 0Config7if2 b No 0Config7if2 b dialer 0Config7if2 b dialer 0Config7if2 b dialer (ri address @@@@.I#)N ode : con'erts fro/ digital to analog or fro/ analog to digital.+ter !o-ai+ Routi+g 1C. Speed @@@@ p+one @@@@ 7 ItEs t+e abilit. !!! Nu/ber HH @@@@@@@.

Š‹RkŽ vO‚› N„•j .rotocolGersion + (T0. iOŽq vYOŽ ¦rX„R Š‹RkŽ vŽ y~§† Xj T~sq askaddress q su1net z{T XYZxk„j ™Y„x .61tainanI.1 ask qsu1net v¹X•›« šR XYs .1 2$$.ool Nmq kRqTk{T z‚› .&. |–‚Rq NjX„Z‚{ ½sXP yV )$0..addressauto aticall! œZ‹†q kRqTk{T z{T œs~† T~s XY{Xlj |x )outer0config2bint f&"& )outer0config7if2bip add 1&.&.•Œ¾ŠZ‚{ X‡Yj ÄkwŒ —Š˜ |Z{T €wZ•{T tTŠY› vO•„† XYs ¬Š–Œ |‹{ ¢™Œ™wZŽ ¬Š–Yx N„•j kO® dhc" Š‹RkŽ tT ™…Y˜ #i ulator N[TU XY†nq XY{Xlj |x ¤½‡PÀT z{T œs~† tnT .€‹’p{T i}¡ ™ŸTq )$0.& i" ¸‚{ •Œ¾ŠZ{T €ŒX‡†q €ŒT™Ž U™w† |‹{ i"range yV )outer0d+cp7config2bdefault7router 1&. ¬™ƒZ•† °{~{ €‹’p{T |x ¾X‡P N‹{ i" X[U¯Ž ¬Š¨Tq •„Ž tT œ’•Ž °{uq )$0. •j NmXpj X‡Ox N•wOŽ ¥Xmkp{T ij kOlm °{~m iŒ¾X‡…{ i" £•† SX•›« ¬™› ij ™mXZŒ N•wŒ —Š˜ °{~{ 0)#L9outer2 ªlj €O‹ORXjŠRT ¤rŠ•Ž X‡Ox N„•j )$0.2$$.&.& 2$$.+ .&.. NO„•Z{ ¾X‡P N‹{ ÃXs~‚{ ÄXZw† ªx T~‡Žq )$0.ool z}•Œ i"range Nmq ™ŸTŠ{T )$0.7I. config £wj z‚› dhc" NO„•R šZŒ tT œ…Œ n • qT .1D9CP 2Dynamic 9ost Con"ig#ration Protocol ¾X‡P ¾X‡…{ œsuT tT |‚}› kO® T~‡Žq 0¾X‡P $&&2 ªlj ʘXw{T ¤½‡PV ij kO’m U™› ij v†Š‹j €‹’p{T tŠ‹R Xj™Y› °{~mq €O‹ORXjŠRT ¤rŠ•Ž ¤½‡PÀT N‹{ i" SX•›XŽ ¬Š–Œ |‹{)$0. tŠ‹Œ ¥X‹’p{XŽ €‰Xƒ{T ¤½‡PÀT œ…Œ oXYs tŠ‹Œ tT œ…Œ kOxkO˜ z‚› N„•j )$0. |x •Œ¾ŠZ‚{i"range ij klmT ™PqT tT ij |YY‹}Œ T~sq €„ŽXR |s |Z{T €wZ•{T ij ÄkƒŒ .v„Œ¾ŠR i‹}Œ y~{T U™„{Tq i" k[Tq ip qT €xk„j XYY‹}Œ )$0.&. NO„•Z{ tnT )outer0config2bip d+cp pool a+/ed ...ro"erties v•¹X•[ z‚› Š[™{Tq €‹’p{T ¥rXm z{T ÃXs~{T ™Y› ¾q™†Š{T |x ªlj Šs U™w}{T rXOZ[nT tT ™…Y˜ (Internet. oXYs tŠ‹Œ tT .dhc" ij i" œw•Ž €O‚}› z}•R XYs i" z‚› Š•w{T €O‚}› €O›XŽr 1" -isco$er i› ©w’‚{ —Xp‹Z˜T N}„Œ ʘXw{T ¾X‡P €‹’p{T N[TU d+cp #" )epl& #2 .ool ij klmT ™PqT tT •O•Z˜T |Y†T zY„}Ž5ask q su1net .2$$."ool X‡O{T |}ZYŒ |Z{T su1net z{T 3œZ‹† )$0.vO‚› )$0.-Management Network Devices 2#. Š‹RkŽ ij i" z{T ÃXs~{Tq .& )outer0config7if2bno s+ su1net °‚Z}R €wZx Nm kRqTk{T £•YŒ — #u1net £•† z‚› tXZwZx ™PŠŒn v†T kRqTk{T |x š‡j S|¿ XYŒ™{ iw† X„’± . oXYs tXm TuT qT kRqTk{T z‚› N„•}{T )$0..2$$.€‹’p{T tX‹j qT š•–‚{ š˜T |•„R tT Nˆ•Œ N}„{T |x X„’± ah ed Šs XYs "ool z{T z•„}{T š˜nT )outer0d+cp7config2bnetwork 1&..!)efault žX˜ÀT Šs ʘXw{T |x €‹’p{T ¥rXm tT ™O…{T ij .&.2$$..º‚Zƒj z‚› yŠZwŒq .

. ij i" z‚› v–Œk± i› N•ŸT y~{T #.er ij klmT €‹’p{T |x XYŒ™{ iw† tnT °{~mq ”¾Š}{T su1net i}¡ ij i" T~s tŠ‹Œ tTq XŒq™Œ ip X‡{ U™wŒ tT œ…Œ yV -Ow‰ kO® T~‡x )$0.&..&.S!ONS.anage/ent !rotocol qV S8 ! v}˜V 1:.T7N..er ”¾ŠŒ )$0...&. 9e"l! €O‚}› |•{ )$0.kjnT T~s ¶Œk± i›i" ¢~s ½…wŽ °{uq 9outers °{~mq ser. ¬X› SN ! ¸{T ŠmŠRqkŽ kŒŠ•R |x V™’{T šR iË k[Ò ŠmŠRqkŽ ¢™„Ž SXPq Si/ple 8atewa. vj™ƒZ•Œ y~{T Šsq #..¤™„’Z•}{T i" i}¡ ij X–ŽX˜ uŠ[Q}{T i" tXm TuT ¤™„’Z•}{T kO® ij k[T v¹X•›Tq i" kOO§R kjnT T~s œZ‹† )$0.FT4 8. ¶Œk± i› z{T X‡¹X•›« šZŒ —Š˜ |Z{T i" z{T UX„’Z˜T šZŒ tXŽ )$0.-& šR k[Ò ŠmŠRqkŽ ij rŠ•j ŠmŠRqkŽ Šsq €’¨Tk}{T €O‚}„Ž ¬Š–O{ 1:.)$0. XYPk[ ™¨ XYm TuT"ool i}¡ N[™† X„’± .2.ers )outer0d+cp7config2bip d+cp eBcluded7address 1&. N’¨ ij v›¾Š}{T i" ¤™sXp}{q )outerbs+ow ip d+cp binding SNMp . z{T š‚› SX•›« œ…Œ °{~{ ..1& T~s i}¡ ”¾ŠZR nq Xs½…w† tT ™Œk† |Z{T i"range “™j XYO•›T tnTq . NO§pR ¤UX›« N}„†q ʘXw{T ¤½‡PV z{T œs~† °{u ™„Ž .)$0. |†X² ¾X‡P yV z{T v¹X•›« šZŒn . |†Xl{Tq kjnT T~s €ŽXZm ¶Œk± i› °{uq )N#ser..2 . |x y~{T pool ¸{T ij i" ij œ‚•Œ kRŠO’}‹{T ¾X‡P /" Acknowledg%ent i" vO•„Œq ʘXw{T ¾X‡P z‚› UkŒ )$0.4 S. Š‹RkŽ SX•±XŽ ¬Š–Yx XY{Xlj |x €’•Y{XŽ XjT . ¬X› ¢kŒŠ•R C I! secure Co//on anage/ent Infor/ation !rotocol ŠsqSN ! tX‹j NwŒ —Š˜ v†T •O}…{T NŽX¨q €„˜Tq ¥X¨X»† z‚› N}„Œ v†Šm €ŸX•{T z‚› “Š¨V N‹pŽ vZO{X„x ·’²V SN ! ¸{T tŠm TkOlm ¬q™Œ š{ kO[ÀT i‹{ iO}•¨ z{T š•–Œ SN ! ¸{T ŠmŠRqkŽ €–O–w{T |xq Network co/ponent2€‹’p{T ¥X†Š‹j ”TŠ†V •O}P •j N}„‚{ |†Xl{T š•–{T XjV È{T €„ŽX•{T 4ÓZŒŠ•{T 4kRqk{T Nlj vZ’¨Tkj UTk}{T ¾X‡…{T XYs Šsq kxkO•{T qT Agent z›™Œq qÀT š•–{T Agent ¸{T ij ¥X†XO’{T š‚Z•Œ —Š˜ y~{T ¾X‡…{ Šsq NO}„{T qV Network anage/ent Station 2N S Ô SN ! ¸{T N}„Œ ºOm Application 9a-er €„ŽX•{T €–’•{T ¥nŠmŠRqkŽ ™ŸV Šs ŠmŠRqk’{T T~s tV |sq X‡xk„† tT œ…Œ zZ{T €O˜X˜nT SXO¿ÀT z‚› nqV ¶•ZY{ |sq NO}„{Tq kxk•{T iOŽ N‰TŠZ‚{ N¹X˜k{T ij ”TŠ†V £}[ ¬™ƒZ˜ Šsq 1#2 * 1#1 ¥rŠ’{T ª[ ijq X˜rÕ{ C1!"I! ¸{T ¬™ƒZ•Œq 8.&..)N# SX•›« šR v†T “kY˜ Xs™„Ž ʘXŸ ¾X‡P Nm |x v‚O§pR i" ¸Ž ½‡…R tT i‹}Œnq ip X‡{ tŠ‹Œ tT œ…Œ X‡‚mq 9outer ij klmT °{~mq #er. N„…Y˜ XjT i" z‚› N•Ÿ ¾X‡…{T tnT )outer0config2bip d+cp pool a+/ed XYPk[ ™¨ XYm TuT"ool z{T Š[™‚{ )outer0d+cp7config2bdns7ser'er 4.ort2 ¥rŠŽ tXY²T œ‚•ZR €O‚}„{T ¢~s °{~{ .T4 8. Š‹RkŽ SX•±XŽ ¬Š–†q ʘXw{T ¤½‡PV z{T œs~† XY{Xlj |xq .€O‹ORX}RqT ¤rŠ•Ž "ool šR v†T “kY˜q ʘXŸ ¾X‡P Nm |x v‚O§pR ¤UX›«q )$0..2 1&. ¸{XŽ ÂXƒ{T i" Šs T~sq X„xq UŠPŠj v†XŽ €‹’p{XŽ UŠPŠj tXm TuTdhc" N’¨ ij Uk{T €O‚}› (" )e1!est )$0.2...T7). X}sq ™ŸTq £O{q 0.T4 and T)A! X}mq 8et7)esponse N‹¿ z‚› Ê‚•}{T N˜kŒ ¢rq™Ž Šsq Agent ¸{T z{T 8et /essage X˜rQŽ ¬Š–Œ €’¨Tk}{T V™’Œ tT NO}„{T ™ŒkŒ Xj™Y„x €jUX–{T ¤rŠ•{T ij “k† #3 .er Šs T~s ¤UX›«q )$0. "ool T~s i}¡ v„Œ¾ŠR šZŒ —Š˜ y~{T i")N#ser.

¥TkOO§Z}{T ij ™Œ½}{T z‚› Š•w{T |x œ®kŒq €’¨Tk}{T €O‚}› •ŽXZŒ tV ™ŒkŒ Xj™Y› |‡x 8et7NeBt €{X˜k‚{ €’•Y{XŽ XjV €}O¨ kOO§R kxkO•{T z‚› kOO§R yV Ñq™Ÿ XŸ |x ¢™Œ™wR šZŒ S|p{ Xj Agent ¸{T ij œ‚•Œ |‹{ NO}„{T N’¨ ij N˜kR Set ¸{T €{X˜r Šsq 9ink 1own"Cp2 N}„{T i› ¥rŠŽ º¨ŠR ªlj œ¨Tk}{T ¾X‡…{ |x Xj S|¿ Ñq™Ÿ XŸ |x Agent ¸{T N’¨ ij N˜kR Trab T €{X˜r 1#1 ¥rŠ’{T z‚› N˜kR N¹X˜k{T |¨XŽ X}YOŽ 1#2 ¥rŠ’{T z‚› X‡‚˜kŒ €{Xw{T ¢~s |x N[V™{T ij SN ! ¸{T N}„Œ ºOm XY{ µkpR €jUX–{T ¤rŠ•{Tq #4 .

./0.1.t+ernet1"& ip address 1:2.2$$.1 |’ŒnT 9oopback #$ ..3dbin |{XZ{T kjÀT €ŽXZ‹Ž š¨q 1os Co//and perl cfg/aker networksetÖ1:2.1.1#.& no s+utdown dupleB auto speed auto sn/p7ser'er co//unit.ch‹mrtg XYs ij v‚O}wR •O•Z•R kOŽ šPkZj z{T ÄXZwŒ ¾q™YŒq z‚› vZO’lZ{q http€‹‹strawberrySperl.cfg š¨ 6t/l º‚j ™sXpR —Š˜ C3dwwwd/rtg z{V vPŠR Xs™„Žq ¤kj qV v‚O§pZŽ ·}¨ XŸ |x |„O’± S|¿ T~sq SX•[ÀT •„Ž k‡»R ™¨ œ¨Tk}{T ¾X‡…‚{ €O¹X•ŸÀT ™sX¿q vwZ•Ž ¶ŽX•{T kjnT ~O•YZŽ €O†X² ¤kj š¨ ƹXZY{T ©Œ™wZŽ ¬Š–R |‹{q 1os Co//and perl /rtg /rtg.2 2$$.com‹files‹strawberrySperlSŒ./.1#..cfg kjÀT T~s œZmV ÆjX†k’{T NO§pZ{q 1os Co//and perl /rtg /rtg.1./.googlecode.cfg ¸{T |•›Vq €}O§{T ª[ ij kRqk{T •j v•ŽkRq 9oopback Interface N}„Ž ¬Š–R tV °O‚›Xj Nm 8NS3 z‚› ”Š¡Š}{T €Žk…R ¥UrV Š{q €O{XZ{T ¤rŠ•{XŽ -¡Šj Šs X}m 1:2.msi €O{XZ{T kjTqÀT €ŽXZ‹Ž ¬Š–Rq 0Š‹•O˜2kRqk‚{ œs~Rq ¤k¿X’j |•{T z‚› ÆjX†k’{T i› ‘§ˆ{T °•Ž ¬Š–R kOŽ ·O’lR ™„Ž CiscoEs IOS interface 5ast.I( |x v„ˆŒq NO}„{T ij œ‚•{T ~[QŒ Agent ¸{T tV XY{ -ˆZŒq NO}„{T z{T €ŽŠ‚•}{T ¥XjŠ‚„}{T X˜rQŽ I( ¸{T ¬Š–Œ ¢rq™Žq anage/ent Infor/ation (ase €•‚Zƒj ¥TrT™‰V Ѫ² SN ! ¸‚{q SN !'1 SN !'2 SN !'3 ™Œ™„{Tq |RrŠO‹•{Tq ijÀT rŠjV •„’{ €xX¡ÀXŽ k’mV ¥XjŠ‚„j N}wR •O•Z•R zZ{T 8et7(ulk |Ž 8et7NeBt T™’Z˜T šR |†Xl{T rT™‰ÀT |x rŠjÀT •„Ž €xX¡V šR ™–x 2&&4 ¬X› ~Yj |{Xw{T XYZ¨q |x ¬™ƒZ•}{T Šsq ©{Xl{T rT™‰ÀT XjV 1::. ¬X› ¢rT™‰« šR ™¨q €’¨Tk}{T ¥T½O}j ij Nlj Aut+entication !ri'acaccess control y~{T r™•}{T µŠZ•}{T |†X…}{T ÆjX†k’{T T~s N}wR tV °Y‹}Œ i‹{ €‰Xƒ{T vRT½O}j v{ ÆjX†kŽ N‹{q T™P ¤kOlm |‡x €j™ƒZ•}{T ÆjTk’‚{ €’•Y{XŽq €{XŸ °O•„Œ ÓZŒŠ•{T qV kRqk{T ª[ ij k’„R zZ{T °OxTkZ{T http€‹‹oss.1#.2$$.oetiker.1#.networkset )& |{XZ{T º‚}{T z‚› N[UV žq™{T ij Xs™„Ž 1os Co//and C3d/rtg72.2=global f<ork1ir3 c3dwwwd/rtgg =output /rtg.

#er. ÆjX†kŽ €¿X¿ z{T XY’su TuXx .>NTP >Network Time Protocol ..-+ Syslog klmT ™PŠŒ X„’±T&T. ÆjX†kŽ ¶Œk± i› X‡†½ƒŒq 9outer z‚› yk…Œ Xj Nmq ÑT™ŸT NO…•R vZ•OËq ŠmŠRqkŽ Šsq #!slog ¤~xX† oXYs ™…Y˜ T&T.er ## .ont+ -ear 9ike  )outerbset clock &..&. šsk‡¿T Šs T~s i‹{q T&T.-/ Set t+e ti/e on t+e de'ices 'ia NT! ser'er To s+ow ti/e on t+e router )outerbs+ow clock To set t+e ti/e on t+e router /anuall)outerbset clock ++3//3ss 1a. kO® NO…•Z‚{ ÆjX†kŽ ij 3œZ‹†q kRqTk{T z{T œs~† tnT ..&.1 ip of ntp ser'er ..3&&3&& 12 ]an 2&14 To set t+e NT! ser'er and /ake routers update ti/e auto/aticall- And configure t+e routers to take ti/e fro/ NT! ser'ers )outer0config2bntp ser'er 1&.

1&3 :::# i‹{q :::# X ×›ŠO¿ klmÀT Šs T~sq !ort yV ª[ ijq¾X‡…{T ip ¢SX•›XŽ ¥X†XO’{T NO…•ZŽ ¬Š–O˜ ¾X‡P yV z‚› v{ U™w† N•˜nT |x Netflow ÆjX†kŽ ¤~xX† |x Listen on "ort €†X[ |x UŠPŠj v••† Šs !ort T~s tŠ‹Œ tT œ…Œ a+/ed0config2bip flow7eBport source f&"& |x €wZx yV ij ÄkƒR ¥X†XO’{T v{ U™w† tnT kRqTk{T r¾ z‚› ‘§ˆ† z‚›T ijq €wZ•{T U™w†q X‡O‚› ‘§ˆYx €wZ•{T ¥X†XOŽ ™Pq ™¨ v†T ™…Y˜ Netflow ÆjX†kŽ z{T œs~† tnT ¥X†XOŽ Nm NO…•R V™’Œq NO‚¨ ™„Ž ¥X†XO’{T ‘•ƒj X‡Ox k‡»Œ ·†kZ†T €w••m ¤~xX† XY{ k‡»R |‹{ #tart &low 0a"ture .er ¤~xX† |xq T&T.T •™P €}‡j ¤Š•[ ¢~sq ¬Tk{T z‚› ¥X†XO’{T ¢~s t½ƒ{ ¤U™w}{T €ŸX•}{T ·Ž Š‚Om1#34.-1 ¥X†XO’{T NO‚wZŽ ÆjX†k’{T T~s ¬Š–Œq .ÆjX†k’{T NO}wR z‚› ÆjX†k’{T º‚j |x €†Š‹ŒnT ¢~s z‚› ‘§ˆ{T ¶Œk± i› ÆjX†kŽ yQm N‡˜ v’O•YR €–Œk±q v’O•YZŽ ¬Š–† ÆjX†k’{T NO}wR ™„Ž . .ÆjX†k’{T N§p† Xs™„Ž š²#olarWinds9ealti eNet&lowAnal!Her 3kjTqÀT ¢~s ª[ ij ¢UT™›XŽ V™’†q kRqTk{T z{T œs~† tnT a+/ed0config2bint f&"& a+/ed0config7if2bip route7cac+e flow .1#.1#. ÆjX†kŽ z{T ÃXs~{T ™Y› °{~m Xs½O}R i‹}Œq ·¨Š{T £•† |x kRqTr ij klmn ÑT™ŸT iŒ½ƒR i‹}Œ °{~mq vOx €–ŽX•{T ¥X•‚}{T t½[ šR y~{T ™‚…}{T £•† .1. ÑT™ŸnTq ‘§ˆR Xs™„Žq °RXjŠ‚„j €ŽXZ‹{ €w•‰ k‡»R š² NO}wZ{T °Y{ rXZƒ†q solarwinds realti e netflow anal!Her ..a+/ed0config2blogging 1:2..fro UŠ}› ·wR ™PŠŒ y~{Tq r™•}{T ip ¶Œk± i› Net)low ..a 5low onitor to t+is interface a+/ed0config7if2bip flow egress a+/ed0config7if2bip flow7eBport 'er $ $ Šs k‡¿nTq $ q : tTr™‰T oXYs a+/ed0config2bip flow7cac+e ti/eout acti'e 1 €–O¨U 1 Nm ÑT™ŸnT NO…•ZŽ V™ŽT a+/ed0config2bip flow7cac+e ti/eout inacti'e 1$ k’Z›T ¥XjŠ‚„j €ŒT š‚Z•R š{q €–O¨U 1$ rqkj ™„Ž TuT ••–Yj X•RnT a+/ed0config2bip flow7eBport destination 1:2.. ÆjX†kŽ yŠwŒ y~{T ¾X‡…{XŽ ÂXƒ{T ip T~s a+/ed0config2blogging on . ÆjX†kŽ z{T Š‰Š{T |x €‚‹pj N•Ÿ TuT XjT 3kjnT T~s ¶Œk± i› €j™ƒ{T ¢~‡{ €j™ƒZ•}{T €ŸX•}{T ™Œ™wZŽ ¬Š–Y˜ T~{ ¬Tk{T €ŸX•j oª‡Z˜T a+/ed0config2blogging buffered 1#34..nable inbound Net5low €wZ•{T ¢~s ij €‚[T™{T ¥X†XO’{T NO…•ZŽ V™ŽT /onitor Appl.12& .nable outbound Net5low €wZ•{T ¢~s ij €PrXƒ{T ¥X†XO’{T NO…•ZŽ V™ŽT ingress . 3kjnT T~s ~O•YZŽ ¬Š–Yx kRqTk{T ¬Tr z‚› X‡†½[ šR |Z{T ÑT™ŸnT ¤™sXpj X†UrT TuT XjT a+/ed0config2bs+ logging N[TU XsUX…ŒT i‹}Œ ÑT™Ÿª{ ¥X•‚j t½[ šR v†T ™…† #!slog#er..kRqTk{T z‚› Ñ™wR |Z{T #. #olarwinds €mk¿ |sq ¥X‹’p{T ÆjTk’{T ¥Xmk¿ k‡¿T ij €mkp{ ÆjX†k’{T T~s œZ‹†q ·†kZ†nT z{T œs~Yx €O†X…j ¤kZx |x i‹{q |†X…j £O{ Šsq ·Y{T ij T~s ÆjX†k’{T N}w† .1.€wZ•{T ¢~s z‚› Netflow XY‚„x iw† T~‹s 3¥X†XO’{T ij v‚O…•ZŽ ¬Š–† tT ™Œk† Xj rXZƒ†q kjnT T~s œZ‹† tnT c a+/ed0config7if2bip flow egress .¥X†XO’{T N…•Œ V™Ž ÆjX†k’{T tXx X‡’Z‹† š{ tTq zZŸ ¤Š•ƒ{T ¢~s z{T yUÁO˜ T~sq kRqTk{T )A z‚› ¥X†XO’{T iŒ½ƒR šZŒ —Š˜ T&T. .X†¾X‡P |x UŠPŠj Xj œ•Ÿ ip T~sq T&T.

7(' T#nnel .&"24 and 1:2. .2.t+e 8).1. tunnel between t+e two networks.(ot+ Tunnel 3 interfaces are part of t+e 1.1#.)1Es and )2Es Internal subnets01:2..1.2.1 #.1 )10config7if2b tunnel destination 2.1#. tunnel o'er internet.ncapsulation 08).1.2.2.2$$. T+e below diagra/ s+ows encapsulation process of 8).&"24 network.2 is one of t+e a'ailable tunneling /ec+anis/s w+ic+ uses I! as t+e transport protocol and can be used for carr-ing /an.1 2$$.2$$.2.5irst step is to create our tunnel interface on )1 and )2 91 92 )10config2b interface Tunnel1 )10config7if2b ip address 1.& )20config7if2b ip /tu 14&& )20config7if2b ip tcp ad]ust7/ss 13#& )20config7if2b tunnel source 2.2 )20config7if2b tunnel destination 1.1.&"242 are co//unicating wit+ eac+ ot+er using 8). T+e tunnels be+a'e as 'irtual point7to7point links t+at +a'e two endpoints identified b.1.-. 8eneric )outing .1#.1.t+e tunnel source and tunnel destination addresses at eac+ endpoint. packet 0onfiguring 89( Tunnel To create and 'erif.2.1#.different passenger protocols.& )10config7if2b ip /tu 14&& )10config7if2b ip tcp ad]ust7/ss 13#& )10config7if2b tunnel source 1.2 )20config2b interface Tunnel1 )20config7if2b ip address 1.2.2$$.1.1#.2 2$$.2$$..1.2.

&"242 are able to freel. .using an ic/p ec+o fro/ one end.1.co//unicate wit+ eac+ ot+er o'er t+e 8).and tunneling of non7TC!"I! protocols.1.2.&"24 and 1:2.Since 8).1.2 92(config)E i" route 1B2.1 Now bot+ networks 01:2.b. Sending $4 1&&7b-te IC ! .. is an encapsulating protocol4 we ad]ust t+e /aBi/u/ transfer unit 0/tu2 to 14&& b-tes and /aBi/u/ seg/ent siLe 0/ss2 to 13#& b-tes. Security %!Ns can pro'ide 'er.2 1?2.2 233..-+ Intro to *PN allows connecti'it.c+os to 1. After configuring tunnel4two tunnel endpoints can see eac+ ot+er can 'erif.2.+ost were rig+t t+ere on t+e sa/e %9AN as /.ings not like t+e traditional leased point7to7point lines #: .to pri'ate networks across t+e Internet4 enabling pri'ac.1.2 233.1#.1#.1.1.2.2 1?2.using ad'anced encr-ption and aut+entication !rotocols like I!sec and SS9 2.1A4.1A. virt#al private network 2*PN3 (enefits of %!Ns 1.233.4 we /ust reduce t+e TC to account for t+e eBtra o'er+ead.6ere <e will configure static route on bot+ router.1#. 0ost #a. )1b ping 1.1#. T+is i/age s+ow access to t+e re/ote network ser'ices and ser'ers as if /. A setting of 14&& is a co//on practice and will ensure unnecessar.ser'ers.2.packet frag/entation is kept to a /ini/u/. (ecause /ost transport TCs are 1$&& b-tes and we +a'e an added o'er+ead because of 8).233.233.233.2 T-pe escape seGuence to abort.1A4.24 ti/eout is 2 seconds3 ÉÉÉÉÉ Success rate is 1&& percent 0$"$24 round7trip /in"a'g"/aB M 1"2"4 /s <orkstations on eit+er network will still not be able to reac+ t+e ot+er side unless a routing is configure on eac+ router. 91(config)E i" route 1B2. Tunnel .good securit.1A.

ncr-ption Standard 0A.protocols used b.ncapsulation 08).ncr-ption Standard 01. T+is /eans t+at if -ou +a'e to encr-pt non7I! traffic4 -ou`ll need to create a 8eneric )outing . 2.S 031. 0o "ati1ilit! with 1road1and technolog! (ncr!"tion techniques to G.3. Scalabilit4.N 1.2 tunnel for and t+en use I!sec to encr-pt t+at tunnelÉ 7securit.& .I!sec are Authentication Header (AH) and Encapsulating Security Payload (ESP).S24 and Ad'anced . As! etric encr!"tion like )i'est4 S+a/ir4 and Adle/an 0)SA2 I"sec secure data trans/ission o'er an I!7based network and functions at t+e la-er 3* 7can`t be used to encr-pt non7I! traffic. #! etric encr!"tion like 1ata .S2.S24 Triple 1. -4 . IPv.

.1 .

I. .2 .)est.