May 1

This lab is to implement security policies in the network by using access lists (ACLs).
Please note that these solutions are not the only applicable: as often happens in the world of computing and telecommunications, there may be several solutions to the same problem.

Using access list extended

RTD (config) # access-list 100 permit tcp 192.25.0.0 192.168.1.1 0.0.0.0 eq telnet 0.0.0.127
RTD (config) # access-list 100 deny tcp 192.25.0.0 0.0.0.255 eq telnet Any
RTD (config) # access-list 100 permit ip any any
RTD (config) # interface Ethernet0
RTD (config-if) # access-group 100 in ip

An agreement stipulates that the Cisco Extended Access List is applied as close as possible to the source of traffic to monitor. Read the rest of this entry »

Posted in Lab, Security | No Comments »
Apr 16

This is the default BGP behavior. Just turn on BGP, configure it correctly and everything is OK. No really worries about this.
Same for this point, this is the default BGP behavior.
For the first part: This is the default BGP behavior. For the second part: we do not want to go to AS4 via AS2 AS1 AS3 and AS4 between the unless link is down. We can reach this target using local preference. But anyway also we want to use the community attribute to simplify the policy for adding new customers. So let’s do this conf RTC: Read the rest of this entry »

Posted in Lab | 1 Comment »
Apr 7

In this lab two local networks, each separated and protected by a firewall will be put into communication through an IPSec VPN. Verify by a sniffer placed on intermediate links, the traffic between two LAN is encrypted and therefore incomprehensible to the direct opposite of what other hosts as PC3. The occasion is also good to check the interoperability of IPSec between devices of different brands.

IPSec is the standard de facto used for VPNs. Guarantees confidentiality (data is encrypted in a serious way) integrity (the data can not be changed during transport) and authentication (end points are authenticated). Uses an asymmetric key mechanism to negotiate a symmetric key with which the data is actually encrypted in transit. The asymmetric key gives the opportunity to create an encrypted connection on an insecure channel, and then allow the subsequent exchange of a symmetric key. The latter is most effective encryption continues, and the key is renegotiated every few seconds of operation (or tot data travels through the tunnel), thus avoiding the possibility that someone, analyzing traffic, try to calculate the key time. Read the rest of this entry »

Posted in Lab | No Comments »
Nov 16

Knowing how to use and interpret the show commands allow the rapid diagnosis of faults. CCNA student should understand and assimilate the outputs of each of the shows one of the most important commands, these will give you the answer to more of a problem.

The user mode allows the execution of the show commands to a limited extent, from the privileged mode far outweighs quantity. Read the rest of this entry »

Posted in Cisco, Lab, Networking Basics | No Comments »
Nov 14

The interfaces of a router are part of networks that are directly connected to the device.
These interfaces must have an active and its corresponding IP address mask, as a host belonging to that network. The administrator must enable administrative interface with the command no shutdown if necessary the interface can be disabled with the shutdown command.

The screenshot shows a configuration of an ethernet interface:

Router> enable
Password :*******
Router # configure terminal
Enter configuration commands, one per line. End with CNTL / Z.
Router (config) # interface ethernet 0
Router (config-if) # ip address 192.168.1.1 255.255.255.0
Router (config-if) # no shutdown
Router (config-if) # description
Router (config-if) # description INTERFAZ_DE_LAN Read the rest of this entry »

Posted in Lab, Networking Basics | 1 Comment »
Nov 3

The main functionality of a router packet forwarding and filtering the same.
An alternative way to apply an ACL to filter packets based on destination is to create a series of static routes, making them point to null0, this technique is commonly described as a black hole routing or forwarding to null0.

Null0 is a pseudo-interface that works much like the null device of some operating systems (ie / dev / null) is always active and can not send or receive traffic. Being a pseudo-interface for the EFC is a bad interface, so a route that points to null0 is discarded and directly forwarding, CEF or dCEF no impact on the processor of the router.
For example:

interface null0
no icmp unreachables
!
ip route 127.0.0.0 255.0.0.0 null 0
ip route 193.121.1.254 0 255 255 255 255 null

In this case the no icmp unreachables is to prevent unnecessary responses when traffic is passed to null0.

We can assume that the black hole routing technique exploits the ability to forward the router to make the drop packets destined for networks that want to protect. Read the rest of this entry »

Posted in Lab, Security | No Comments »
Oct 31

Probably more familiar to identify a device, a host or a server with a name that associated with its tasks or other performance criteria. This is done by creating a table host, associating a name with one or more IP addresses.

The following table has created a host with the command

ip host [name] IP address
MADRID (config) # ip host 204.200.1.2 SERVER
MADRID (config) # ip host 220.220.10.32 ROUTER
MADRID (config) # ip host 210.210.2.22 HOST
MADRID (config) # exit Read the rest of this entry »

Posted in Lab, Networking Basics | No Comments »
Oct 13

Designing networks using only static routes would be tedious to administer and would not respond well to interruptions and changes in topology that usually occur with some frequency. To respond to these problems dynamic routing protocols were developed. The dynamic routing protocols are algorithms that allow routers to publish or announce the existence of the network routing information necessary to create the IP routing table. These algorithms also determine the criteria for selecting the path of the package when it is presented to the router waiting for a decision to commute. The objectives of the routing protocol are to provide the user the ability to select the appropriate path in the network to react quickly to changing it and perform such tasks more easily and with less overhead on the router as possible. Read the rest of this entry »

Posted in Lab, Routing | No Comments »
Oct 1

To check the routing tables, running the command show ip route:

Router # show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Read the rest of this entry »

Posted in Lab, Protocol | No Comments »
Sep 30

Router (config) # router IGRP 100
Router (config-router) # network 192.168.1.0
Router (config-router) # network 200.200.1.0
Router (config-router) # variance?
<1-128> Metric variance multiplier
Router (config-router) # variance 2
Router (config-router) # traffic-share?
Share inversely proportional to balanced metric
Among min All traffic shared min metric paths Read the rest of this entry »

Posted in Generic, Lab, Protocol | No Comments »

« Previous Entries Next Entries »



Designed By :Xperwebbuilder.com  All Right Reserved