Exploration Accessing WAN Semester 4

212
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public ITE I Chapter 6 1 Services in a Converged WAN Accessing the WAN – Chapter 1

Transcript of Exploration Accessing WAN Semester 4

Page 1: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Services in a Converged WAN

Accessing the WAN – Chapter 1

Page 2: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesDescribe how the Cisco Enterprise Composite Model (ECNM) provides integrated services over an Enterprise network.

Describe the key WAN technology concepts.

Identify the appropriate WAN technologies to use when matching ECNM best practices with typical enterprise requirements for WAN communications.

Page 3: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Describe How ECNM Provides Integrated Services over an Enterprise Network

Explain the purpose and function of WANs

Page 4: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Describe How ECNM Provides Integrated Services over an Enterprise Network

Describe the stages of business growth, the corresponding business requirements for services and how those requirements are reflected in the Enterprise’s changing network topology

Page 5: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Describe How ECNM Provides Integrated Services over an Enterprise Network

Describe the problems with the Hierarchical Design Model that Cisco's Enterprise Composite Model has been designed to address

Page 6: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Describe How ECNM Provides Integrated Services over an Enterprise Network

Explain the purpose of Cisco Enterprise Architectures

Page 7: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Describe the Key WAN Technology Concepts

Describe WAN functions in terms of the OSI Reference Model

Page 8: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Describe the Key WAN Technology Concepts

Describe the key WAN physical layer concepts for network and Internet communications

Page 9: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Describe the Key WAN Technology Concepts

Describe the key WAN data link layer protocols used in today’s Enterprise WAN networks

Page 10: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Describe the Key WAN Technology Concepts

Describe the switching technologies used for WANs in an Enterprise setting

Page 11: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Select the Appropriate WAN Technology to meet ECNM Requirements

List the various options for connecting subscribers to the WAN

Page 12: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Select the Appropriate WAN Technology to meet ECNM Requirements

Describe how Enterprises use leased line services to provide a WAN connection

Page 13: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Select the Appropriate WAN Technology to meet ECNM Requirements

Describe the circuit switching options available to provide a WAN connection

Page 14: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Select the Appropriate WAN Technology to meet ECNM Requirements

Describe the packet switching options available to provide a WAN connection

Page 15: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Select the Appropriate WAN Technology to meet ECNM Requirements

List factors to consider when selecting a WAN connection

Page 16: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Summary

A WAN is defined asA data communications network that operates beyond the geographic scope of a LAN

WAN primarily operate on layer 1 & 2 of the OSI model

WAN technologies include–Leased line–ISDN–Frame relay–X.25–ATM

Page 17: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

SummaryCisco Enterprise Architecture

–This is an expansion of the hierarchical model that further divides the enterprise network into

•Physical areas•Logical areas•Functional areas

Selecting the appropriate WAN technology requires considering some of the following:

–WAN’s purpose–Geographic scope of WAN–Traffic requirements–If WAN uses a public or private infrastructure

Page 18: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Page 19: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Point-to-Point Protocol (PPP)

Accessing the WAN – Chapter 2

Page 20: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesDescribe the fundamental concepts of point-to-point serial communication including TDM, demarcation point, DTE-DCE functions, HDLC encapsulation, and serial interface troubleshooting.Describe PPP concepts including PPP layered architecture, PPP frame structure, PPP session establishment, multiprotocolencapsulation support, link control protocol (LCP), network control protocol (NCP), and Internet Protocol Control Protocol (IPCP).Configure PPP on a serial interface including enabling PPP encapsulation, verifying the PPP connection and troubleshooting encapsulation problems.Configure PPP authentication including explaining PAP and CHAP authentication protocols, configuring PPP authentication using PAP and CHAP, and troubleshooting PPP authentication problems.

Page 21: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Describe the concept of serial communication as the basis of WAN technologies

Page 22: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Explain how two or more data streams are transported across a single physical connection using TDM

Page 23: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Define the location of the demarcation point relative to customer and service provider networks

Page 24: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Explain the terms DTE and DCE with relative to the location of devices in a network

Page 25: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Describe how high-level data link control (HDLC) uses one of three frame types to encapsulate data

Page 26: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Explain when and how to configure HDLC encapsulation on a router

Page 27: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Describe the Fundamental Concepts of Point-to-Point Serial Communication

Describe the procedure to follow when troubleshooting a serial connection

Page 28: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Describe Point-to-Point Concepts Describe PPP in terms of its use in WAN links

Page 29: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Describe Point-to-Point Concepts Describe the general function of each layer of PPP architecture

Page 30: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Describe Point-to-Point Concepts Describe the purpose and format of each of the fields in a PPP frame

Page 31: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Describe Point-to-Point Concepts Define the three phases of PPP session establishment

Page 32: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Describe Point-to-Point Concepts Explain the role of the LCP in PPP

Page 33: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Describe Point-to-Point Concepts Describe the characteristics of NCP

Page 34: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Configure PPP on a Serial Interface Describe how configuration options are communicated in the LCP frame

Page 35: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Configure PPP on a Serial Interface Explain the purpose of the commands used to configure and verify PPP connections

Page 36: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Configure PPP on a Serial Interface Explain the output of the show interfaces serial command

Page 37: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Configure PPP on a Serial Interface Explain the output of the debug ppp command

Page 38: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Configuring PPP with AuthenticationDifferentiate between PAP and CHAP

Page 39: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Configuring PPP with AuthenticationDescribe how to use PAP to authenticate a PPP connection

Page 40: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22

Configuring PPP with AuthenticationDescribe how to use CHAP to authenticate a PPP connection

Page 41: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23

Configuring PPP with AuthenticationOutline the PPP encapsulation and authentication process on a flow chart

Page 42: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24

Configuring PPP with AuthenticationExplain how to configure a PPP connection with authentication

Page 43: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25

Configuring PPP with AuthenticationExplain the output of the debug ppp authentication command

Page 44: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26

Summary

PPP is a widely used WAN protocol

PPP provides multi-protocol LAN to WAN connections

PPP session establishment – 4 phasesLink establishmentLink quality determinationNetwork layer protocol configuration negotiationLink termination

WAN Encapsulation–HDLC default encapsulation–PPP

Page 45: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27

SummaryPPP authentication

–PAP•2 way handshake

–CHAP•3 way handshake

–Use debug ppp authentication to confirm authentication configuration

PPP configuration–Done on a serial interface

After PPP configuration, use show interfaces command to display:

–LCP state–NCP state

Page 46: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28

Page 47: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Frame Relay

Accessing the WAN – Chapter 3

Page 48: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesDescribe the fundamental concepts of Frame Relay technology in terms of Enterprise WAN services including Frame Relay operation, Frame Relay implementation requirements, Frame Relay maps, and LMI operation.Configure a basic Frame Relay PVC including configuring and troubleshooting Frame Relay on a router serial interface and configuring a static Frame Relay map.Describe advanced concepts of Frame Relay technology in terms of Enterprise WAN services including Frame Relay sub-interfaces, Frame Relay bandwidth and flow control.Configure an advanced Frame Relay PVC including solving reachability issues, configuring Frame Relay sub-interfaces, verifying and troubleshooting Frame Relay configuration.

Page 49: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Describe the Fundamental Concepts of Frame Relay Technology

Describe how Frame Relay is used to provide WAN services to the Enterprise

Page 50: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Describe the Fundamental Concepts of Frame Relay Technology

Describe how Frame Relay uses virtual circuits to carry packets from one DTE to another

Page 51: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Describe the Fundamental Concepts of Frame Relay Technology

Explain how Frame Relay encapsulation works

Page 52: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Describe the Fundamental Concepts of Frame Relay Technology

Describe the types of topologies that are used for implementing Frame Relay in different environments

Page 53: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Describe the Fundamental Concepts of Frame Relay Technology

Describe how a router attached to a Frame Relay network uses LMI status messages and inverse ARP queries to map VCs to layer 3 network IP Addresses

Page 54: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Configure a Basic Frame Relay PVCConfigure a basic Frame Relay PVC on a router serial interface

Page 55: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Configure a Basic Frame Relay PVCConfigure a static Frame Relay map

Page 56: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Describe Advanced Concepts of Frame Relay Technology

Explain the reachability issues associated with the Frame Relay NBMA topology

Page 57: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Describe Advanced Concepts of Frame Relay Technology

Describe how to implement bandwidth control in the Frame Relay technology

Page 58: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Describe Advanced Concepts of Frame Relay Technology

Describe how to implement flow control in Frame Relay technology

Page 59: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Configure an Advanced Frame Relay PVC Explain the steps to configure point-to-point subinterfaces on a physical interface

Page 60: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Configure an Advanced Frame Relay PVC Describe the commands used for verifying Frame Relay operation

Page 61: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Configure an Advanced Frame Relay PVC Describe the steps for troubleshooting a Frame Relay configuration

Page 62: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

SummaryFrame relay is the most widely used WAN technology because it:

–Provides greater bandwidth than leased line–Reduces cost because it uses less equipment–Easy to implement

Frame relay is associated with layer 2 of the OSI model and encapsulates data packets in a frame relay frame

Frame relay is configured on virtual circuits–These virtual circuits may be identified by a DLCI

Frame relay uses inverse ARP to map DLCI to IP addresses

Page 63: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Summary

Configuring frame relay requires–Enable frame relay encapsulation–Configuring either static or dynamic mapping–Considering split horizon problems that develop when multiple VCs are placed on a single physical interface

Factor affecting frame relay configuration–How service provider has their charging scheme set up

Frame relay flow control–DE–FECN–BECN

Page 64: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Summary

The following commands can be used to help verify frame relay configuration

–Show interfaces–Show frame-relay lmi–Show frame-relay pvc ###–Show frame-relay map

Use the following command to help troubleshoot a frame relay configuration

–Debug frame-relay lmi

Page 65: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Page 66: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Enterprise Network Security

Accessing the WAN – Chapter 4

Page 67: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesDescribe the general methods used to mitigate security threats to Enterprise networksConfigure Basic Router SecurityExplain how to disable unused Cisco router network services and interfacesExplain how to use Cisco SDMManage Cisco IOS devices

Page 68: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Explain how sophisticated attack tools and open networks have created an increased need for network security and dynamic security policies

Page 69: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Describe the most common security threats and how they impact enterprises

Page 70: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Describe the most common types of network attacks and how they impact enterprises

Page 71: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Describe the common mitigation techniques that enterprises use to protect themselves against threats

Page 72: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Explain the concept of the Network Security Wheel

Page 73: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Describe the General Methods used to Mitigate Security Threats to Enterprise Networks

Explain the goals of a comprehensive security policy in an organization

Page 74: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Configure Basic Router Security Explain why the security of routers and their configuration settings is vital to network operation

Page 75: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Configure Basic Router Security Describe the recommended approach to applying Cisco IOS security features on network routers

Page 76: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Configure Basic Router Security Describe the basic security measures needed to secure Cisco routers

Page 77: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Explain How to Disable Unused Cisco Router Network Services and Interfaces

Describe the router services and interfaces that are vulnerable to network attack

Page 78: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Explain How to Disable Unused Cisco Router Network Services and Interfaces

Explain the vulnerabilities posed by commonly configured management services

Page 79: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Explain How to Disable Unused Cisco Router Network Services and Interfaces

Explain how to secure a router with the command-line interface (CLI) auto secure command

Page 80: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Explain How to Use Cisco SDMProvide an overview of Cisco SDM

Page 81: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Explain How to Use Cisco SDMExplain the steps to configure a router to use Cisco SDM

Page 82: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Explain How to Use Cisco SDMExplain the steps you follow to start SDM

Page 83: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Explain How to Use Cisco SDMDescribe the Cisco SDM Interface

Page 84: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Explain How to Use Cisco SDMDescribe the commonly used Cisco SDM wizards

Page 85: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Explain How to Use Cisco SDMExplain how to use Cisco SDM for locking down your router

Page 86: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Manage Cisco IOS DevicesDescribe the file systems used by a Cisco router

Page 87: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22

Manage Cisco IOS DevicesDescribe how to backup and upgrade a Cisco IOS image

Page 88: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23

Manage Cisco IOS DevicesExplain how to back up and upgrade Cisco IOS software images using a network server

Page 89: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24

Manage Cisco IOS DevicesExplain how to recover a Cisco IOS software image

Page 90: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25

Manage Cisco IOS DevicesCompare the use of the show and debug commands when troubleshooting Cisco router configurations

Page 91: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26

Manage Cisco IOS DevicesExplain how to recover the enable password and the enable secret passwords

Page 92: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27

SummarySecurity Threats to an Enterprise network include:

–Unstructured threats–Structured threats–External threats–Internal threats

Methods to lessen security threats consist of:–Device hardening–Use of antivirus software–Firewalls–Download security updates

Page 93: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28

Summary

Basic router security involves the following:–Physical security–Update and backup IOS –Backup configuration files–Password configuration–Logging router activity

Disable unused router interfaces & services to minimize their exploitation by intruders

Cisco SDM–A web based management tool for configuring security measures on Cisco routers

Page 94: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 29

Summary

Cisco IOS Integrated File System (IFS)–Allows for the creation, navigation & manipulation of directories on a cisco device

Page 95: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 30

Page 96: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Access Control Lists

Accessing the WAN – Chapter 5

Page 97: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesExplain how ACLs are used to secure a medium-size Enterprise branch office network.

Configure standard ACLs in a medium-size Enterprise branch office network.

Configure extended ACLs in a medium-size Enterprise branch office network.

Describe complex ACLs in a medium-size Enterprise branch office network.

Implement, verify and troubleshoot ACLs in an enterprise network environment.

Page 98: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Describe the steps that occur in a complete TCP conversation

Page 99: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Explain how a packet filter allows or blocks traffic

Page 100: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Describe how ACLs control access to networks

Page 101: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Use a flow chart to show how ACLs operate

Page 102: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Describe the types and formats of ACLs

Page 103: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Explain how Cisco ACLs can be identified using standardized numbering or names

Page 104: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Describe where ACLs should be placed in a network

Page 105: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Explain How ACLs are Used to Secure a Medium-Size Enterprise Branch Office Network

Explain the considerations for creating ACLs

Page 106: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Explain why the order in which criteria statements are entered into an ACL is important

Page 107: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Explain how to configure a standard ACL

Page 108: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to use wildcard masks with ACLs

Page 109: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to apply a standard ACL to an interface

Page 110: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Explain the process for editing numbered ACLs

Page 111: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Explain how to create a named ACL

Page 112: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to monitor and verify ACLs

Page 113: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Configure Standard ACLs in a Medium- Size Enterprise Branch Office Network

Explain the process for editing named ACLs

Page 114: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Configure Extended ACLs in a Medium- Size Enterprise Branch Office Network

Explain how an extended ACL provides more filtering then a standard ACL

Page 115: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Configure Extended ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to configure extended ACLs

Page 116: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Configure Extended ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to apply an extended ACL to an interface

Page 117: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22

Configure Extended ACLs in a Medium- Size Enterprise Branch Office Network

Describe how to create named extended ACLs

Page 118: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23

Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network

List the three types of complex ACLs

Page 119: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24

Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network

Explain how and when to use dynamic ACLs

Page 120: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25

Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network

Explain how and when to use reflexive ACLs

Page 121: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26

Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network

Explain how and when to use time-based ACLs

Page 122: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27

Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network

Describe how to troubleshoot common ACL problems

Page 123: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28

Implement, Verify and Troubleshoot ACLs in an Enterprise Network Environment

Create, place and verify a standard/ extended ACL and verify its placement.

Verify ACL’s functionality and troubleshoot as needed.

Page 124: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 29

SummaryAn Access List (ACL) is:

A series of permit and deny statements that are used to filter traffic

Standard ACL–Identified by numbers 1 - 99 and 1300 - 1999–Filter traffic based on source IP address

Extended ACL–Identified by number 100 -199 & 2000 - 2699–Filter traffic based on

•Source IP address•Destination IP address•Protocol•Port number

Page 125: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 30

Summary

Named ACL–Used with IOS 11.2 and above–Can be used for either standard or extended ACL

ACL’s use Wildcard Masks (WCM)–Described as the inverse of a subnet mask

•Reason–0 check the bit–1 ignore the bit

Page 126: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 31

Summary

Implementing ACLs–1st create the ACL–2nd place the ACL on an interface

•Standard ACL are placed nearest the destination•Extended ACL are placed nearest the source

Use the following commands for verifying & troubleshooting an ACL

–Show access-list–Show interfaces–Show run

Page 127: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 32

Summary

Complex ACL–Dynamic ACL–Reflexive ACL–Time based ACL

Page 128: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 33

Page 129: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Providing Teleworker Services

Accessing the WAN – Chapter 6

Page 130: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesDescribe the enterprise requirements for providing teleworker services

Explain how broadband services extend Enterprise Networks including DSL, cable, and wireless

Describe how VPN technology provides secure teleworker services in an Enterprise setting

Page 131: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Describe the Enterprise Requirements for Providing Teleworker Services

Describe the benefits of teleworkers for business, society and the environment.

Page 132: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Describe the Enterprise Requirements for Providing Teleworker Services

List remote connection technologies and describe scenarios in which each would be implemented.

Page 133: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Describe the Enterprise Requirements for Providing Teleworker Services

Describe the key differences between private and public network infrastructures

Page 134: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Explain How Broadband Services extend Enterprise Networks

Briefly describe how broadband services allow teleworkers to use the Internet to connect to the Enterprise WAN

Page 135: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Explain How Broadband Services extend Enterprise Networks

Describe how Enterprises use cable connectivity to extend their reach

Page 136: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Explain How Broadband Services extend Enterprise Networks

Describe how Enterprises use DSL connectivity to extend their reach

Page 137: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Explain How Broadband Services extend Enterprise Networks

Describe how Enterprises use broadband wireless connectivity to extend their reach

Page 138: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Explain How Broadband Services extend Enterprise Networks

Describe how Enterprises defend themselves from threats to wireless network security

Page 139: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Explain the importance and benefits of VPN technology

Page 140: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Compare site-to-site VPNs to remote-access VPNs

Page 141: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Describe the hardware and software components that typically make up a VPN

Page 142: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Describe the characteristics of secure VPNs

Page 143: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Describe the concept of VPN tunneling

Page 144: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Describe the concept of VPN encryption

Page 145: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Describe How VPN Technology Provides Secure Teleworker Services in an Enterprise Setting

Describe the concept of IPsec Protocols

Page 146: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Summary

Requirements for providing teleworker services are:–Maintains continuity of operations–Provides for increased services–Secure & reliable access to information–Cost effective–Scalable

Components needed for a teleworker to connect to an organization’s network are:

–Home components–Corporate components

Page 147: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Summary

Broadband services used –Cable

• transmits signal in either direction simultaneously–DSL

• requires minimal changes to existing telephone infrastructure• delivers high bandwidth data rates to customers

–Wireless• increases mobility• wireless availability via:

» municipal WiFi» WiMax» satellite internet

Page 148: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Summary

Securing teleworker services–VPN security achieved through using

•Advanced encryption techniques•Tunneling

–Characteristics of a secure VPN•Data confidentiality•Data integrity•authentication

Page 149: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Page 150: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Implementing IP Addressing Services

Accessing the WAN – Chapter 7

Page 151: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesConfigure DHCP in an enterprise branch network

Configure NAT on a Cisco router

Configure new generation RIP (RIPng) to use IPv6

Page 152: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Configure DHCP in an Enterprise Branch Network

Describe the function of DHCP in a network

Page 153: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Configure DHCP in an Enterprise Branch Network

Describe how DHCP dynamically assigns an IP address to a client

Page 154: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Configure DHCP in an Enterprise Branch Network

Describe the differences between BOOTP and DHCP

Page 155: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Configure DHCP in an Enterprise Branch Network

Describe how to configure a DHCP server

Page 156: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Configure DHCP in an Enterprise Branch Network

Describe how to configure a Cisco router as a DHCP client

Page 157: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Configure DHCP in an Enterprise Branch Network

Explain how DHCP Relay can be used to configure a router to relay DHCP messages when the server and the client are not on the same segment

Page 158: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Configure DHCP in an Enterprise Branch Network

Describe how to configure a Cisco router as a DHCP client using SDM

Page 159: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Configure DHCP in an Enterprise Branch Network

Describe how to troubleshoot a DHCP configuration

Page 160: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Configure NAT on a Cisco Router Describe the operation and benefits of using private and public IP addressing

Page 161: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Configure NAT on a Cisco Router Explain the key features of NAT and NAT overload

Page 162: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Configure NAT on a Cisco Router Explain the advantages and disadvantages of NAT

Page 163: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Configure NAT on a Cisco Router Describe how to configure static NAT to conserve IP address space in a network

Page 164: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Configure NAT on a Cisco Router Describe how to configure dynamic NAT to conserve IP address space in a network

Page 165: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Configure NAT on a Cisco Router Describe how to configure NAT Overload to conserve IP address space in a network

Page 166: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Configure NAT on a Cisco Router Describe how to configure port forwarding

Page 167: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Configure NAT on a Cisco Router Describe how to verify and troubleshoot NAT and NAT overload configurations

Page 168: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Configure New Generation RIP (RIPng) to use IPv6

Explain the need for IPv6 to provide a long-term solution to the depletion problem of IP address

Page 169: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Configure New Generation RIP (RIPng) to use IPv6

Describe the format of the IPv6 addresses and the appropriate methods for abbreviating them

Page 170: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Configure New Generation RIP (RIPng) to use IPv6

Explain the various methods of assigning IPv6 addresses to a device

Page 171: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22

Configure New Generation RIP (RIPng) to use IPv6

Describe the transition strategies for implementing IPv6

Page 172: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23

Configure New Generation RIP (RIPng) to use IPv6

Describe how Cisco IOS dual stack enables IPv6 to run concurrently with IPv4 in a network

Page 173: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24

Configure New Generation RIP (RIPng) to use IPv6

Describe the concept of IPv6 tunneling

Page 174: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25

Configure New Generation RIP (RIPng) to use IPv6

Describe how IPv6 affects common routing protocols, and how these protocols are modified to support IPv6

Page 175: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26

Configure New Generation RIP (RIPng) to use IPv6

Explain how to configure a router to use IPv6

Page 176: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27

Configure New Generation RIP (RIPng) to use IPv6

Explain how to configure and verify RIPng for IPv6

Page 177: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28

Configure New Generation RIP (RIPng) to use IPv6

Explain how to verify and troubleshoot IPv6

Page 178: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 29

Summary

Dynamic Host Control Protocol (DHCP)This is a means of assigning IP address and other configuration information automatically.

DHCP operation–3 different allocation methods

•Manual•Automatic•Dynamic

–Steps to configure DHCP•Define range of addresses•Create DHCP pool•Configure DHCP pool specifics

Page 179: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 30

Summary

DHCP RelayConcept of using a router configured to listen for DHCP messages from DHCP clients and then forwards those messages to servers on different subnets

Troubleshooting DHCP–Most problems arise due to configuration errors–Commands to aid troubleshooting

•Show ip dhcp•Show run•debug

Page 180: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 31

SummaryPrivate IP addresses

–Class A = 10.x.x.x–Class B = 172.16.x.x – 172.31.x.x–Class C = 192.168.x.x

Network Address Translation (NAT)–A means of translating private IP addresses to public IP addresses–Type s of NAT

•Static•Dynamic

–Some commands used for troubleshooting•Show ip nat translations•Show ip nat statistics•Debug ip nat

Page 181: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 32

Summary

IPv6–A 128 bit address that uses colons to separate entries–Normally written as 8 groups of 4 hexadecimal digits

Cisco IOS Dual Stack–A way of permitting a node to have connectivity to an IPv4 & IP v6 network simultaneously

IPv6 Tunneling–An IPV6 packet is encapsulated within another protocol

Page 182: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 33

Summary

Configuring RIPng with IPv61st globally enable IPv62nd enable IPv6 on interfaces on which IPv6 is to be enabled3rd enable RIPng using either

ipv6 rotuer rip nameipv6 router name enable

Page 183: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 34

Page 184: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE I Chapter 6 1

Network Troubleshooting

Accessing the WAN – Chapter 8

Page 185: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 2

ObjectivesEstablish a network baseline

Describe troubleshooting methodologies and troubleshooting tools

Describe the common issues that occur during WAN implementation

Troubleshoot enterprise network implementation issues

Page 186: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 3

Establish a Network Baseline Explain the importance of network documentation

Page 187: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 4

Establish a Network Baseline Describe the stages of the network documentation process

Page 188: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 5

Establish a Network Baseline Explain the purpose for measuring normal network performance when creating a baseline

Page 189: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 6

Establish a Network Baseline Describe the steps for establishing a network baseline

Page 190: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 7

Describe Troubleshooting Methodologies and Troubleshooting Tools

Explain why a systematic method is the generally the best approach to troubleshooting

Page 191: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 8

Describe Troubleshooting Methodologies and Troubleshooting Tools

Describe how layered models, such as the OSI reference model or TCP/IP model, are used for troubleshooting

Page 192: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 9

Describe Troubleshooting Methodologies and Troubleshooting Tools

Describe the three stages of the general troubleshooting process

Page 193: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 10

Describe Troubleshooting Methodologies and Troubleshooting Tools

Describe the three main methods for troubleshooting network problems

Page 194: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 11

Describe Troubleshooting Methodologies and Troubleshooting Tools

Describe the stages for gathering symptoms for troubleshooting a network problem

Page 195: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 12

Describe Troubleshooting Methodologies and Troubleshooting Tools

Describe the types of software and hardware tools that are commonly used when troubleshooting networks

Page 196: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 13

Describe the Common Issues that Occur During WAN Implementation

Describe the fundamentals in WAN design and communication

Page 197: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 14

Describe the Common Issues that Occur During WAN Implementation

Describe the steps for designing or modifying a WAN

Page 198: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 15

Describe the Common Issues that Occur During WAN Implementation

Describe the considerations for analyzing WAN traffic

Page 199: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 16

Describe the Common Issues that Occur During WAN Implementation

Describe the considerations for designing a WAN topology

Page 200: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 17

Describe the Common Issues that Occur During WAN Implementation

Describe common WAN implementation issues

Page 201: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 18

Describe the Common Issues that Occur During WAN Implementation

Describe the recommended steps for troubleshooting a WAN

Page 202: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 19

Troubleshoot Enterprise Network Implementation Issues

Explain how network diagrams are used for troubleshooting

Page 203: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 20

Troubleshoot Enterprise Network Implementation Issues

Describe how to troubleshoot network problems occurring at the physical layer

Page 204: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 21

Troubleshoot Enterprise Network Implementation Issues

Describe how to troubleshoot network problems occurring at the data link layer

Page 205: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 22

Troubleshoot Enterprise Network Implementation Issues

Describe how to troubleshoot network problems occurring at the network layer

Page 206: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 23

Troubleshoot Enterprise Network Implementation Issues

Describe how to troubleshoot network problems occurring at the transport layer

Page 207: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 24

Troubleshoot Enterprise Network Implementation Issues

Describe how to troubleshoot network problems occurring in the application layers

Page 208: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 25

SummaryNetwork BaselineHow a network is expected to perform under normal conditions

Network documentation should include:– Network configuration table– End-system configuration table– Network topology diagram

Planning for the 1st baseline– Determine what type of data to collect– Identify devices and ports of interest– Determine baseline duration

Page 209: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 26

Summary

3 stages of the troubleshooting process–Gather symptoms–Isolate problem–Correct problem

3 main methods for troubleshooting a network–Bottom up–Top down–Divide & conquer

Page 210: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 27

Summary

Software troubleshooting tools–Cisco view–Solar winds–HP Open view

Hardware troubleshooting tools–Network analysis mode–Digital multi-meters–Cable testers–Network analyzer

Page 211: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 28

Summary

Common WAN implementation issues include–QoS–Reliability–Security–Latency–Confidentiality–Public or Private

Using a layered approach to troubleshooting aids in

isolating and solving the problem

Page 212: Exploration Accessing WAN Semester 4

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicITE 1 Chapter 6 29