Professional Documents
Culture Documents
Practical 01: Configure cisco routers for syslog, ntp and sssh operation ........................................ 2
Practical 01: A ................................................................................................................................... 2
Practical 01: B ................................................................................................................................... 6
Practical 01: C SSH Secure Shell..................................................................................................... 8
Practical 02: Configure AAA authentication on cisco routers.......................................................... 9
Practical 03: Configure extended ACL. ............................................................................................ 12
Practical 04: Configure ip ACL to migrate attacks ......................................................................... 15
Practical 05: Configuring IPV6 ACL ................................................................................................ 18
Practical 06: Configuring a zone-based policy firewall ................................................................... 22
Practical 07: Configure IOS intrusion prevention system using CLI ............................................ 30
7A: Enable IOS IPS ........................................................................................................................ 30
7B: Open router1 and modify the signature. ................................................................................ 34
Practical 08: ......................................................................................................................................... 36
Practical 09: Layer 2 VLAN Security ............................................................................................... 42
Practical 07: B: Create a Redundant Link between SW-1 and SW-2 ........................................ 49
Practical 10: Configure and Verify a Site-to-Site Ipse VPN Using CLI......................................... 54
Practical 01: Configure cisco routers for syslog, ntp and sssh
operation
Practical 01: A
Steps:
1) Assign ip addresses:
• Syslog Server
• Ntp server:
• Pc 0:
• PC 1:
• Router 0:
• Router 1:
Practical 01: B
Open Router 1
Practical 01: C SSH Secure Shell
Steps:
1) Assign the IP addresses:
• PC1 : 192.168.1.3
• PC0 : 192.168.1.2
• Router0 : (gig0/0: 192.168.1.1) (gig0/1: 192.168.2.1)
• Tacacs Sever : 192.168.2.3
• Radius Server: 192.168.2.2
2) Open configure wizard of tacacs server:
3) Open the configure wizard of radius server:
Steps:
1) Click on router 0 and router 1 > Go to the config tab > click on RIP tab insert network
address:
2) Open the server 0 > Go to services > Enable/On the FTP services > Login id: cisco
Password: cisco:
3) Click on router 1 open CLI window and fire following command:
Steps:
1) For All Routers some configuration we should perform here.
Click on router > Physical mode > power off > Right side (HWIC-2T)
Drag and drop this on screen > power on off router.
2) Open the CLI window of Router0 and execute following command:
3) Open CLI window of Router1 and Router2 and execute the same command instead of
hostname R0 command:
For Router1: hostname R1
For Router2: hostname R2
Change this command accordingly.
4) Open CLI window of Router0 and execute following command:
Steps:
1) Configuration for all routers:
Click on router > Physical mode > power off > Right side (HWIC-2T)
Drag and drop this on screen > power on off router.
2) Open the CLI window of router0 and execute the following command:
3) Open CLI window of router1 and execute following commands:
Steps:
9) Open web browser on pc0 and hit the following address 192.168.1.2.
Practical 07: Configure IOS intrusion prevention system using
CLI
7A: Enable IOS IPS
Steps:
Steps:
5) Assign trunk mode to other switch interfaces: SWA, SWB, SW1 & SW2
6) Create sub-interfaces on router to support VLAN
7) Verify Connectivity
Steps:
1) Configure router: All routers
2) Configure OSPF on routers: This is for R1 change network address for
R2 and R3.