Module 5.0 - Configuring Network Devices 5.0 - Chapter Introduction 5.0.1 - Introduction Single Diagram Diagram 1, Slide Show Slide 1 One network infrastructure is now expected to support enhanced integrated applications, like voice and video for more users than ever before. Slide 2 The underlying routing and switching technologies must provide the foundation for a wide range of business applications. Slide 3 Network engineers and technicians set up and configure the routers and switches that provide LAN and WAN connectivity and services. Slide 4 After completion of this chapter, you should be able to: Configure a router with an initial configuration. Use Cisco Security Device Manager to configure a Cisco ISR with LAN connectivity, Internet connectivity and NAT. Configure a Cisco router for LAN connectivity, Internet connectivity and NAT using the Cisco IOS CLI . Configure a WAN connection from a customer premise to an ISP. Describe, setup, and configure a stand-alone LAN switch. 5.1 - Initial ISR Router Configuration 5.1.1 - ISR Three Diagrams Diagram 1, Image Cisco 800 series ISR Designed for small offices and home-based users 1 WAN Supports 4 10/100 Mbps Combines data, security, and wireless services Provides services at broadband speeds Cisco 3800 series ISR Designed for medium to large businesses and enterprise branch offices Supports up to 2 10/100/1000 Mbps router ports Supports up to 112 10/100 Mbps switch ports Supports 240 Cisco IP phone users Combines data, security, voice, video, and wireless service Provides services at broadband speeds using DSL, cable and T1/E1 connections Cisco 1800 series ISR Designed for small to medium businesses and small enterprise branch offices Supports up to 8 10/100 Mbps router ports Supports 8 10/100 Mbps switch ports Combines data, security, and wireless services Provides services at broadband speeds using DSL, cable and T1/E1 connections Cisco 2800 series ISR Designed for small to medium businesses and small enterprise branch offices Supports up to 2 10/100/1000 Mbps router ports Supports up to 64 10/100 Mbps switch ports Supports 96 Cisco IP phone users Combines data, security, voice, video, and wireless services Provides services at broadband speeds using multiple T1/E1 connections Diagram 2, Image Image shows the front and rear view of a Series ISR: Model 1841. Front Front view: The 1841 is a relatively low cost ISR designed for small to medium-sized businesses and small enterprise branch offices. It combines the features of data, security, and wireless services with the addition of a wireless module. Click the LEDs for a description System Power LED (SYS-PWR) Indicates power is received and that the internal power supply is functional. LED is solid green. System Activity (SYS ACT) A blinking LED indicates the system is actively transferring packets. Rear Rear View: The 1841 ISR uses modules that allow for different configurations of ports. Click the components for more information. Modular Slot 1 with a High-speed WAN Interface Card (HWIC): Modular slots can be used for different types of interfaces. The HWIC shown here provides serial connectivity over a wide-area network. Console Port: This port is used to configure the ISR via a directly connected host. Auxiliary Port: This port is used to configure the ISR via a modem connection. Single Slot USB Port: The USB Flash feature allows users to store images and configurations and boot directly via USB Flash memory. Fast Ethernet Ports: These ports provide 10/100 Mbps connectivity for local area networks. Compact Flash Module: This removable module is used to store the Cisco IOS and other operating software for the ISR. Modular Slot 0 with a Four Port Ethernet Switch: Modular slots can be used for different types of interfaces. The four port ethernet card shown here provides LAN connectivity to multiple devices. Diagram 3, Image Flowchart of IOS Software, from the bottom up IP Base connects to Advanced Security, IP Voice and Service Provider Services. IP Voice flows to SP Services Advanced Security flows to Advanced IP Services. SP Services flows to Advanced IP Services and Enterprise Services. Service Provider Services flows to Enterprise Services. Advanced IP Services flows to Advanced Enterprise Services. Enterprise Services flows to Advanced Enterprise Services. 5.1.2 - Physical Setup of the ISR Three Diagrams Diagram 1, Image What comes with a new Cisco ISR? Black power supply cord Serial port adapter for converting a 25 pin serial port (DB-25) on a PC or a modem to a 9 pin serial port (DB-9) in order to connect the console cable. Cisco documentation and software CD. Blue console cable to connect the PC or modem to the device console port in order to monitor or configure the device. Diagram 2, Image What else do I need to set up my Cisco ISR? PC with Terminal Emulation Program Cable ties and Number 2 Phillips Screwdriver WAN Interface Cable LAN Interface Cable USB Interface Cable Ethernet Switch Modem Diagram 3, Image Step 1 Cisco router and IRSs can be wall-mounted, set on a shelf or desktop, or installed in a rack. Step 2 Seat the external compact flash memory card into the slot. Be certain that it is firmly seated and verify that the eject button is fully extended. The eject button is usually located to the left of the slot. Step 3 Connect the power cable to the device and then to a reliable power source. Routers and networking devices are usually connected to an uninterruptible power supply that contains a battery. This ensures that the device does not fail if the electricity goes off unexpectedly. Step 4 On a PC, configure the terminal emulating software with required settings for communication with a Cisco router. Connect the PC running the emulation program to the console port of the ISR using the console that came with the device. Step 5 Turn the ISR on using the power switch located on the rear of the device. Step 6 Observe the start-up messages as they appear in the terminal program window. These messages are generated by the router?s operating system. 5.1.3 ? Boot Up Process Five Diagrams Diagram 1, Image Stage 1 ROM POST Perform Post Perform POST ROM Bootstrap Load Bootstrap Execute Bootstrap Loader Sytem Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fcl) Cisco 1841 (revision 5.0) with 114688K/1684K bytes of memory. Stage 2 Flash Cisco Internetwork Operating System Locate and load Operating system Locate the IOS TFTP Server Cisco Internetwork Operating System Locate and load Operating system Load the ISO Sytem Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fcl) Cisco 1841 (revision 5.0) with 114688K/1684K bytes of memory. Self decompressing the image: ######################################################## [OK] Stage 3 NVRAM Configuration Locate and load Configuration file or enter "setup" mode Locate the Configuration file TFTP Server Configuration Locate and load Configuration file or enter "setup" mode Execute the Configuration file Console Configuration Locate and load Configuration file or enter "setup" mode Enter Setup Mode Sytem Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fcl) Cisco 1841 (revision 5.0) with 114688K/1684K bytes of memory. Self decompressing the image: ######################################################## [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set fourth in subparagraph (c) of the Commercial Computer Software ? Restricted Rights clause at FAR Sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227.7013. Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco IOS Software, 1840 Software (C1841-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) Technical Support: http//www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Mon 15-May-06 14:54 by pt_team Image text-base: 0x6007D180, data-base: 0x61400000 Port Statistics for unclassified packets is not turned on. Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory. Processor board ID FTX0947Z18E M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial (sync/async) network interface(s) 191K bytes of NVRAM/ 3130K bytes of ATA CompactFlash (Read/Write) Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTEWAR (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c)1986-2006 by Cisco Systems, Inc. Compiled Mon 15-May-06 14:54 by pt_team ---System Configuration Dialog--- Continue with configuration dialog? [yes/no]: no Diagram 2, Animation Animation shows the startup config being copied from NVRAM to the RAM. More info text: Warning: Making a spelling mistake when typing startup-config in the copy command could lead to copying the running configuration to a different file name. This may result in the loss of configuration changes when the router is reloaded. Diagram 3, Animation The animation highlights the following information that is displayed when the show version command is issued. IOS Version IOS(t) 2500 Software (C2500-I-L,Version 12.0(17a), RELEASE SOFTWARE (fc1) Bootstrap Version ROM:system Bootstracp, Version 11.0(10c), SOFTWARE BOOTFLASH :3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE (fc1) IOS image file System image file is ?flash:c2500-i-l.120-17a.bin? Model and CPU Cisco 2500 (68030 processor(revision N) Amount of RAM With 2048K/2048K Number and type of interfaces 1 Ethernet/IEEE 802.3 interface(s) 2 Serial network interface(s) Amount of NVRAM 32K bytes of non-volatile Configuration memory. Amount of flash 8192K bytes of processor board system flash (Read ONLY) Configuration register Configuration register is 0x2102 The configuration register tells the router how to boot. There are many possible settings for the configuration register. The most common ones are: 0x2102 - Factory default setting for Cisco routers (load the IOS image from flash and load the startup config file from NVRAM) 0x2142 - Router ignores the contents of Non-Volatile RAM (NVRAM) 0x2120 - Router boots into ROMmon mode Diagram 4, Image A screen shot showing the output of the Router# show startup-config command. Diagram 5, Hands-on Lab 5.1.4 - Cisco IOS Programs Five Diagrams Diagram 1, Image Out-of-band Router Configuration PC connected to router via console port. PC connected via PSTN link to router auxiliary port. In-band Router Configuration PC connected to router via Ethernet interface. PC connected via internet to an Ethernet interface of a router. Diagram 2, Image Screen shot of a hyper Terminal window. Diagram 3, Image Screen shot of the opening screen of the Cisco SDM express and Cisco router and security device manager (SDM). Diagram 4, Tabular User Interface Cisco IOS CLI: Terminal emulation software Telnet session Cisco SDM: Web-based browser Router Configuration Method Cisco IOS CLI: Text-based Cisco commands Cisco SDM: GUI buttons and text boxes Expertise in Cisco Device Configuration Cisco IOS CLI: Depends on configuration task Cisco SDM: Do not need knowledge of the CLI commands Help Features Cisco IOS CLI: Command prompt based Cisco SDM: GUI based on-line help and tutorials Router Flash Memory Requirements Cisco IOS CLI: Covered by IOS image Cisco SDM: 6 MB of free memory Availability Cisco IOS CLI: All Cisco devices Cisco SDM: Cisco 830 Series through Cisco 7301 When Used Cisco IOS CLI: Cisco Device does not support Cisco SDM Configuration task not supported by Cisco SDM Cisco SDM: Performing the initial configuration on an SDM equipped device Step through configuration of devices without CLI knowledge required Diagram 5, Activity Determine when to use CLI or SDM. 1. Used to configure a Cisco router with both in-band and out-of-band management 2. Used for initial configuration of a Cisco router using a Web-based GUI 3. Used to configure a Cisco router with limited knowledge of IOS commands 4. Supported, by default, on all Cisco IOS routers 5.2 - Using Cisco SDM Express and SDM 5.2.1 ? Cisco SDM Exprss Two Diagrams Diagram 1. Tabular Best Practice: 1. Obtain and document all information before beginning the configuration. Details: Name assigned to device Location where it will be installed User names and passwords Types of connections required (LAN and WAN) IP address information for all network interfaces, including IP address, subnet mask and default gateway DHCP server settings Network Address Translation Settings Firewall settings Best Practice: 2. Create a network diagram showing how cables will be connected. Details: Label the diagram with the interface designation and address information Best Practice: 3. Create a checklist of configuration steps Details: Mark off each step as it is successfully completed Best Practice: 4. Verify the configuration using a network simulation Details: Test before it is place on the running network Best Practice: 5. Update the network documentation and keep a copy in a safe place Details: Save on a server Print and keep in a file cabinet Diagram 2. Animation Animation shows a router deployment using SDM Express, which is ideal for now expert users. The SDM disk will guide the user through the setup of the router. 5.2.2 - SDM Express Configuration Options Five Diagrams Diagram 1. Image A screen shot of the Cisco SDM Express Wizard Window showing the options for Basic Configuration option highlighted. Diagram 2. Image A screen shot of the Cisco SDM Express Wizard Window showing the options for LAN IP Address option highlighted. Diagram 3. Image A screen shot of the Cisco SDM Express Wizard Window showing the options for DHCP option highlighted. Diagram 4. Image A screen shot of the Cisco SDM Express Wizard Window showing the options for DHCP option highlighted and the DNS section filled in. Diagram 5.Activity Identify the configuration parameters from the SDM Express. Match the configuration parameter to the information that must be entered. Parameter: A: Secondary DNS Server Address B: Domain Name C: Host Name D: Enable Secret Password E: Primary DNS Server Address F: Starting IP Address G: Subnet Bits Information 1. IP Address of server to use to resolve name if first configured server is not available. 2. The registered name assigned to the organization, such as cisco.com. 3. The name assigned to the device by an administrator. 4. Controls user access to make configuration changes through Telnet or the console. 5. The IP address of the first server hosts can use to resolve names. 6. First IP address in the range assigned to hosts by the DHCP server. 7. Designates the portion of the IP address that represents the network and subnetwork. 5.2.3 - Configuring WAN Connections Using SDM Express Three Diagrams Diagram 1, Image A screen shot of the Add Serial0/1/0 Connection window. High-Level Data Link Control (HDLC) A bit orientated Data Link Layer protocol developed by the International Standards Organization (ISO). Frame Relay A packer-switch Data Link Layer protocol that handles multiple virtual circuits, meaning that the circuit connections are temporarily built up and torn down based on need. The DLCI is a required number, supplied by the service provider to identify the virtual circuit. Point-to-Point Protocol (PPP)> Commonly used to establish a direct connection between two devices. It can connect computers using serial cable, phone line, trunk line, cellular telephone, specialized radio links or fibre optic links. Most Internet service providers use PPP for customer Dial-up access to the Internet. There are features of PPP to allow authentication before a connection is made. PPP username and passwords can be setup using SDM. Diagram 2, Image Screen shot of an Add Serial0/1/0 Connection Window being configured. Diagram 3, Hands-On Lab 5.2.4 - Configuring NAT Using Cisco SDM Two Diagrams Diagram 1, Image Configuring NAT on a Cisco ISR Router Step 1 Enable NAT Configuration using SDM Choose Configure>NAT>Basic NAT, then click Launch the selected task. Step 2 Navigate through the Basic NAT Wizard Step 3 Choose the interface that connects to the Internet or the ISP. This interface should have the public registered address assigned to it. Next, select the IP address range of the internal network addresses that should be translated to the public registered address. Step 4 Review Configuration Click Finish, if the configuration is satisfactory. Diagram 2, Hands-on Lab: 5.3 - Configuring a Router Using IOS CLI 5.3.1 - Command Line Interface Modes Three Diagrams Diagram 1, Image Inside a screen shot of a Hyper Terminal window Cisco IOS CLI Command Modes are indicated. User-Mode Prompt: route> Privileged-Mode Prompt: router# Diagram 2, Image Inside a Hyper Terminal window Configuration Modes are indicated. Command to enter global configuration mode: configure terminal Using the help command to search commands: ip address ? Diagram 3, E-Lab 5.3.2 - Using the Cisco IOS CLI Five Diagrams Diagram 1, Image A screen shot of the Hyper Terminal window shows the following highlighted text. Commands available to complete initial command fragment: configure connect Diagram 2, Image A screen shot of a Hyper Terminal window showing the difference between an incomplete command and a misspelt command. Diagram 3, Image A screen shot of a Hyper Terminal window showing the show history command and listing all previous commands issued. Diagram 4, Activity Match the commands to their function. Keystroke A: Ctrl-P or up arrow key B: Ctrl-N or down arrow key C: Show history D: Terminal history size number-of-lines E: Definition 1. Steps backwards through the command history 2. Steps forward through the command history 3. Shows the contents of the command buffer 4. Sets the command buffer size 5. Completes a command entry Diagram 5.Packet Tracer Exercise 5.3.3 - Using Show Commands Three Diagrams Diagram 1, Image Show running-config R1#show running-config < Some output omitted > Building configuration? Current configuration : 1063 bytes ! Version 12.4 Service timestamps debug datetime msec Service timestamps log datetime msec No service password-encryption Hostname R1 Enable secret 5 $1$i6w9$dvdpVM6zV10E^tSLdkR5/ No ip domain lookup ! Interface FastEthernet0/0 Description LAN 192.168.1.0 default gateway ip address 192.168.1.1 255.255.255.0 Duplex auto Speed auto ! Interface FastEthernet0/1 No ip address Shutdown Duplex auto Speed auto ! Interface Serial0/0/0 Description WAN link to R2 Encapsultation ppp Clock rate 64000 No fair-queue ! Interface Serial0/0/1 No ip address shutdown ! Interface Vlan1 No ip address ! Router rip Version 2 Network 192.168.1.0 Network 192.168.2.0 ! Banner motd ^CUanuthorized Access Prohibited^C ! Ip http server ! Line con 0 Password cisco Login Line aux 0 Line vty 0 4 Password cisco login Show interfaces R1#show interfaces < Some output omitted > FastEthernet0/0 is up, line protocol is up Hardware is Gt96k FE, address is 001b.5325.256e (bia 001b.5325.256e Internet address is 192.168.1.1/24 MTU 1500 bytes, BW 100000 kbit, DLY 100 usec, Reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARP, ARP timeout 04:00:00 Last input 00:00:17, output 00:00:01, output hang never Last clearing of ?show interface? counters never Input queue: 0/75/0/0 (size/max/drops/flushes); total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 196 packets input, 31850 bytes Received 181 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 392 packets output, 35239 bytes, 0 underruns 0 output errors, 0 collisions, 3 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out FastEthernet0/1 is administratively down, line protocol is down Serial0/0/0 is up, line protocol is up Hardware is GT96K serial Internet address is 192.168.2.1/24 MTU 1500 bytes, BW 1544 kbit, DLY 20000 usec, Reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Listen, loopback not set Keepalive set (10 sec) Last input 00:00:02, output 00:00:03, output hang never Last clearing of ?show interface? counters 00:51:52 Input queue: 0/75/0/0 (size/max/drops/flushes); total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 401 packets input, 27437 bytes, 0 no buffer Received 293 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 389 packets output, 26940 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 6 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Serial0/0/1 is administratively down, line protocol is down Show arp R1#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 172.17.0.1 - 001b.5325.256e ARPA FastEthernet0/0 Internet 172.17.0.2 12 000b.db04.a5cd ARPA FastEthernet0/0 Show ip route R1#show ip route Codes: C ? connected, S ? static, R ? RIP, M ? mobile, B ? BGP D ? EIGRP, Ex - -EIGRP external, O ? OSPF, IA ? OSPF inter area N1 ? OSPF NSSA external type 1, N2 ? OSPF NSSA external type 2 E1 ? OSPF external type 1, E2 ? OSPF external type 2 i ? IS-IS, su ? IS-IS summary, L1 ? IS-IS level-1, L2 ? IS-IS level-2 ia ? IS-IS inter area, * - candidate default, U ? per-user static route o ? ODR, P ? periodic downloaded static route Gateway of last resort is no set C 192.168.1.0/24 is directly connected, FastEthernet0/0 C 192.168.2.0/24 is directly connected, Serial0/0/0 R 192.168.3.0/24 [120/1] via 192.168.2.2, 00:00:24, Serial0/0/0 Show protocols , IR1#ShOWprotocols Global values : Internet Protocol routing is enabled FastEthernet0/0 is up , line protocol is up Internet address is 192 .168 .1 .1 /24 FastEthernet0/1 is administratively down , line protocol is down FastEthernet 0/ 1/ 0 is up , line protocol ~s down FastEthernet 0/1/1 is up , l ine protocol 15 down FastEthernet 0/1 / 2 is up , l ine protocol is down FastEthernet 0/1 / 3 is up , line protocol 15 down Serial 0/0/0 is up , line protocol is up Internet address is 192.168 . 2 .1 /24 Serial 0/0/1 is administratively down , line protocol is down VLAN1 is up , line protocol is down Show version R!# show version 1< Some output omitted> Cisco lOS Software , 1841 Software (C1841-ADVIPSERVICESK9-M) , Version 12.4(lOb) , RELEASE SOFTWARE (f c3) Technical Support: http: / /www .cisco .com/techsupport copyright (c) 1986-2007 by Cisco Systems , Inc. Compiled Fri 19-Jan-07 15 :15 by prod_reI_team ROM: System Bootstrap, Version 12.4(13r)T , RELEASE SOFTWARE (fc1) IR1 uptime is 43 minutes System returned to ROM by reload at 22 :05 :12 UTC Sat Jan 5 2008 System image file is "flash: c1841-advipservicesk9-mz. 124-10b .bin" Cisco 1841 (revision 6.0) with 174080K/22528K bytes of memory . Processor board 10 FTX1111WOQF 6 FastEthernet interfaces 2 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with parity disabled. 19lK bytes of NVRAM . 62720K bytes of ATA CompactFlash (Read/Write) Configuration register is Ox2l02 Diagram 2, E-Lab Diagram 3, Packet Tracer Exercise 5.3.4 - Basic Configuration Four Diagrams Diagram 1, Image Set Device Name Router(config)# hostname TokyoRouter TokyoRouter(config)# Enable Password Router(config)# enable password san-fran Enable Encrypted Password Router(config)# enable secret password123 Diagram 2, Image A screen shot of a New Connection SSH Hyper Terminal window showing the banner motd # command. Diagram 3, Image Console Password Router(config)# line console 0 Router(config-line)# password cisco Router(config-line)# login Virtual Terminal Password Router(config)# line vty 0 4 Router(config-line)# password cisco Router(config-line)# login Perform Password Encryption Router(config)# service password-encryption Diagram 4, Packet Tracer Exersise 5.3.5 - Configuring An Interface Five Diagrams Diagram 1, Image Image shows a router connected via a DTE to a CSU/DSU (DCE) which connects to another CSU/DSU (DCE) across the internet via a transmission line. The second DCE connects to a router (DTE). Diagram 2, Image Router(config)# interface fastethernet 0/0 Router(config-if)# description connection to Admin LAN Router(config-if)# ip address 192.168.2.1 255.255.255.0 Router(config-if)# no shutdown Router(config-if)# exit Router(config)# interface serial 0/0/0 Router(config-if)# description connection to Router2 Router(config-if)# ip address 192.168.1.125 255.255.255.0 Router(config-if)# clock rate 64000 Router(config-if)# no shutdown More Information On serial links that are directly interconnected, as in a lab environment, one side must be considered a DCE and provide a clocking signal. The clock is enabled and speed is specified with the clock rate command. The available clock rates in bits per second are 1200, 2400, 9600, 19200, 38400, 56000, 64000, 72000, 125000, 148000, 500000, 800000, 1000000, 1300000, 2000000, or 4000000. Some bit rates might not be available on certain serial interfaces. This depends on the capacity of each interface. The commands that are used to set a clock rate and enable a serial interface are shown above. Diagram 3, E-Lab Diagram 4, Packet Tracer Exercise Diagram 5, Hands-on Lab 5.3.6 - Configuring a Default Route Two Diagrams Diagram 1, Image Configure a Default Route Router1(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.5 OR Router1(config)# ip route 0.0.0.0 0.0.0.0 S0/0/0 Router 1 is connected via S0/0/0 with the IP address 192.168.1.4 to router 2?s S0/0/1 with the IP address 192.168.1.5. Diagram 2, Packet Tracer Exrcise 5.3.7 - Configuring DHCP Services Three Diagrams Diagram 1, Image Step 1 Router (config)# ip dhcp pool LAN-address Router (dhcp-config)# Create DHCP Address Pool Navigate to the privileged EXEC mode, enter the password if prompted and then enter the global configuration mode. Now create a name for the DHCP server address pool. More than one address pool can exist on a router. The Cisco IOS CLI will enter the DHCP pool configuration mode. Use these commands: Router> enable Router# configure terminal Router(config)# ip dhcp pool LAN-address Router(config)# ip dhcp pool LAN-address This example created an address pool named "LAN-address". Step 2 Router (dhcp-config)# network 172.16.0.0 255.255.0.0 Specify the Network or Subnet Specify the network or subnet network number and the subnet mask of the DHCP address pool. Use this command: Router(dhcp-config)# network 172.16.0.0 255.255.0.0 Depending on the version of IOS, the subnet mask may also be specified using the prefix convention /16. Step 3 Router (config)# ip dhcp excluded-address 172.16.1.100 172.16.1.103 Exclude IP Addresses Recall that the DHCP server assumes that all other IP addresses in a DHCP address pool subnet are available for assigning to DHCP clients. Exclude addresses from the pool so the DHCP server does not allocate those IP addresses. If a range of addresses is to be excluded, only the starting address and ending address need to be entered. Use this command: Router(config)# ip dhcp excluded-address 172.16.1.100 172.16.1.103 The example shown excludes the four addresses, 172.16.1.100, 172.16.1.101, 172.16.1.102, and 172.16.1.103 from being given out to hosts by DHCP. These addresses can be statically assigned by the administrator. Step 4 Specify the Domain Name Router(dhcp-config)# domain-name cisco.com Now specify the domain name for the client. Use this command: Router(dhcp-config)# domain-name cisco.com Clients in this example will receive the domain name cisco.com as part of their DHCP configuration. Domain name is an optional DHCP configuration parameter and is not necessary for DHCP to function. The network administrator can provide information as to whether or not a domain name is necessary. Step 5 Router(dhcp-config)# dns-server 172.16.1.103 172.16.2.103 DNS Server IP Address Now specify the IP address of a DNS server that is available to a DHCP client. One IP address is required. Up to eight IP addresses can be configured on one line. If listing more than one DNS Server list the servers in order of importance. Use this command: Router(dhcp-config)# dns-server 172.16.1.103 172.16.2.103 In this example, there are two DNS servers that clients can use, a primary server and a secondary server. At least one DNS server must be configured for hosts to resolve host names and URLs in order to access services on the network. Step 6 Router(dhcp-config)# default-router 172.16.1.100 Set the Default Gateway Now specify the IP address of the default router for the DHCP clients on the network. Typically this will be the LAN IP of the router. This command will set the default gateway for the client devices on the network that will be using DHCP. After a DHCP client has booted, the client begins sending packets to its default router. The IP address must be on the same subnet as the client IP addresses given out by the router. One IP address is required. Use this command: Router(dhcp-config)# default-router 172.16.1.100 Clients in this example use the router interface 172.16.1.100 as their default gateway. Step 7 Router (dhcp-config)# lease {days [hours] [minutes] | infinite} Router (dhcp-config)# end Set the Lease Duration DHCP gives out IP address information each time a host powers on and connects to the network. The default time that a client IP address is reserved for a specific host is one day. If the host does not renew its address, then the reservation ends and the IP address is again available to be given out through DHCP. It is possible to change the lease timer to a longer period of time, if necessary. This is the last step in configuring a DHCP service on a router. Use the end command to finish the DHCP configuration and return to the Global configuration mode. Use these commands: Router (dhcp-config)# lease {days [hours] [minutes] | infinite} Router (dhcp-config)# end Step 8 Router# show running-config Verify the Configuration Verify the DHCP configuration by viewing the running-configuration. To do this use the command: Router# show running-config Here is an example of the DHCP part of the configuration running on a DHCP enabled router: ! ip dhcp pool LAN-addresses domain-name cisco.com network 172.16.0.0 255.255.0.0 ip dhcp excluded-address 172.16.1.100 172.16.1.103 dns-server 172.16.1.103 172.16.2.103 default-router 172.16.1.100 lease infinite ! When the configuration is correct, copy the running-configuration to the startup-configuration. Diagram 2, Packet Tracer Exercise Diagram 3, Hands-on Lab 5.3.8 - Configuring Static NAT Using Cisco IOS CLI Four Diagrams Diagram 1, Image Step 1 Router(config)# interface fastethernet 0/0 Specify the inside interface To begin configuring NAT services on a Cisco router navigate to the privileged EXEC mode, enter the password if prompted to and then enter the global configuration mode. Specify which interface is connected to the inside local network. Doing this enters the interface configuration mode. Use these commands: Router> enable Router# configure terminal Router(config)# interface fastethernet 0/0 Step 2 Router(config-if)# ip address 172.31.232.182 255.255.255.0 Set the primary IP address of the inside interface Use this command to set the primary IP address for the inside interface: Router(config-if)# ip address 172.31.232.182 255.255.255.0 Step 3 Router(config-if)# ip nat inside Router(config-if)# no shutdown Router(config-if)# exit Identify the inside interface using the ip nat inside command Now identify this interface as the interface connected to the inside of the network and then exit the configuration of the inside interface and return to configuration mode. Use these commands: Router(config-if)# ip nat inside Router(config-if)# no shutdown Router(config-if)# exit Step 4 Router(config)# interface serial 0/0 Specify the outside interface Configure the outside interface. Specify the interface connecting to the Internet Service Provider and return to the interface configuration mode. Use this command: Router(config)# interface serial 0/0 Step 5 Router(config-if)# ip address 209.165.201.1 255.255.255.252 Set the primary IP address of the outside interface Now identify this interface as the interface connected to the outside of the network and then exit the configuration of the outside interface and return to configuration mode. Use these commands: Router(config-if)# ip address 209.165.201.1 255.255.255.252 Step 6 Router(config-if)# ip nat outside Router(config-if)# no shutdown Router(config-if)# exit Identify the outside interface using the ip nat outside command Now identify this interface as the interface connected to the outside of the network and then exit the configuration of the outside interface and return to configuration mode. Use these commands: Router(config-if)# ip nat outside Router(config-if)# no shutdown Router(config-if)# exit Step 7 Router(config)# ip nat inside source static 172.31.232.14 209.165.202.130 Router(config)# exit Define the static address translation Use this command to create the translation: Router(config)# ip nat inside source static 172.31.232.14 209.165.202.130 In this example, a server with the inside address 172.31.232.14 is always translated to the external address 209.165.202.130. Use this command to create the translation. When finished, exit the global configuration mode. Step 8 show running-config Verify the configuration Verify the static NAT configuration. Use this command: show running-config Here is an example: ! interface fastethernet 0/0 ip address 172.31.232.182 255.255.255.0 ip nat inside ! interface serial 0/0 ip address 209.165.201.1 255.255.255.252 ip nat outside ip nat inside source static 172.31.232.14 209.165.202.130 Be sure to save the running-configuration to the startup-configuration. Diagram 2, image A man sitting at his workstation has entered the show ip nat translations command in his routers cli interface. He says to himself ?I have to verity NAT operation?. Diagram 3, Packet Tracer Exercise Diagram 4, Hands-on Lab 5.3.9 - Backing Up a Cisco Router Configuration Five Diagrams Diagram 1, Image Saving a Configuration Screen shot of a HyperTerminal Window with the following: Router#copy startup-config tftp Address or name of remote host []?10.10.10.1 Destination filename [router-config]? tokyo.2 Write file tokyo.2 to 10.10.10.2 [confirm] Writing tokyo.2 !!!!!! [OK] Router# Restoring a Configuration Screen shot of a HyperTerminal Window with the following: Router#copy tftp running-config Address or name of remote host []? 131.108.2.155 Source filename []? tokyo.2 Destination filename [running-config]? y Accessing tftp://131.108.2.155/ tokyo.2? Diagram 2, Image A screen shot of a Hyper Terminal window with the Transfer > Capture Text > Stop menu item open. Diagram 3, Packet Tracer Exercise Diagram 4, Hands-on Lab Diagram 5, Hands-on Lab 5.4 - Connecting the CPE to the ISP 5.4.1 - Installing the CPE Four Diagrams Diagram 1, Image Date and Work Order * Used to record the date that the configuration checklist is issued * Used to record a number used to track the contract work ISP Contact * The name and telephone number of the ISP representative if any questions or concerns arise Customer * The name of the company or customer. Customer Contact * The name and telephone number of the person at the customer site responsible for the project. Router Manufacturer and Model * The router manufacturer and model number Router Serial Number * The router serial number Configured Basic Parameters * Check here to confirm that basic router parameters are configured. * Cisco SDM can be used to configure basic parameters, if supported by the device. Configured Global Parameters * Check here to confirm that the global parameters are configured. * Including: host name of the router, a privilege mode password, and disabling the router from recognizing typing mistakes as commands. Configured Fast Ethernet LAN Interfaces * Check here to confirm that the Fast Ethernet LAN interfaces have been configured. Configured WAN Interfaces * Check here to confirm that the WAN interfaces have been configured Configured Command-Line Access to the Router * Check here to confirm that the parameters used to control Cisco IOS CLI access to the router have been configured. * This includes: the interval of time that the EXEC command interpreter waits until user input is detected. Configured Static Routes * Check here to confirm that the static routes are configured. * An ISP may use a separate sheet to detail each static route configured. * Static routes are manually configured on the router and must be changed manually if new routes are required. Configured Dynamic Routing Protocols * Check here to confirm that the dynamic routing protocols are configured. * In dynamic routing, the network protocol adjusts the path automatically, based on network traffic or topology. Changes in dynamic routes are shared with other routers in the network. Configured Security Features * Check here to confirm that security features on the router are configured. * The Cisco SDM configuration tool makes it easy to configure the basic security features. * To configure security features using the Cisco IOS CLI requires an in-depth knowledge of the Cisco IOS security commands. Diagram 2, Image Two images depicting plan the installation with the customer and install the router following the plan. Diagram 3, Image Two images depicting complete the checklist and review the installation with the customer representative and obtain the customer acceptance of the new equipment and approval of the installation. Diagram 4, Image Three images depicting the following: Verify Checklists Document any installation modifications that were not part of the original installation plan. Clearly label all cables for future identification. Finally, verify the install by using the installation checklist. Prepare Activity Logs Use activity logs to document when modifications are made so they can be used to determine if a configuration activity has contributed to a network problem. Update Network Diagrams Update any network diagrams to include any changes made during the installation. This is an example of a network diagram created using Microsoft Visio. 5.4.2 - Customer Connections over a WAN Two diagrams Diagram 1, Image Two LANs connected via a WAN link using CSU/DSU equipment. Diagram 2, Image. Point-to-Point A Host is connected to a switch which is connected to a router which it connected to another router via a WAN link which is connected to a switch which is connected to a host. Circuit-Switched An ISDN Circuit switched network showing three customer sites connected using DCE equipment. The ISDN circuit switched network is represented by a cloud of switched with paths (circuits) connecting the customer sites together. Packet-Switched Customer A, Site1, 2 and 3 and Customer B, Site 1 and 2 are all connected to each other via DCE equipment. Any of these sits can communicate with any of the other sites. Paths of traffic flow may not be the same for all packets in a message. 5.4.3 - Choosing a WAN Connection Three Diagrams Diagram 1, Tabular Connection: Dialup Bandwidth: Up to 56 Kbps Cost: Low Connection: Frame Relay Bandwidth: 128 Kbps - 512 Kbps Cost: Low - Medium Connection: DSL (note 1) Bandwidth: 128 Kbps -6+ Mbps? Cost: Low Connection: Cable (note 1) Bandwidth: 128 Kbps -10+ Mbps? Cost: Low Connection: Fractional T1 Bandwidth: 64 Kbps - 1.544 Mbps Cost: Low - Medium Connection: T1/E1 Bandwidth: 1.544/2.048 Mbps Cost: Medium Connection: Fractional T3 Bandwidth: 1.544Mbps - 44.736 Mbps Cost: Medium - High Connection: T3/E3 Bandwidth: 44.736/34.368 Mbps Cost: High Connection: SONET Bandwidth: 51.840 Mbps - 9953.280 Mbps Cost: High - Very High Connection: ATM Bandwidth: 622 Mbps Cost: Very High *This list is a small subset of available options available from an ISP or Telco provider. Availability varies by provider and location. Note 1: Upstream bandwidth is typically slower than the listed downstream bandwidth Diagram 2, Image Image contains no useful information Diagram 3, Hands-on Lab 5.4.4 - Configuring WAN Connections Two Diagrams Diagram 1, Image Customer Cisco ISP Router connects to a Customer CSU/DSU which is connected to an ISP CSU/DSU via the WAN cloud. The ISP CSU/DSU is connected to the ISP Cisco ISR Router. Customer Cisco ISR Router Router> enable Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z, Router(config)# interface serial 0/0 Router(config-if)# ip address 192.168.2.125 255.255.255.0 Router(config-if)# encapsulation ppp Router(config-if)# no shutdown ISP Cisco ISR Router Router> enable Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z, Router(config)# interface serial 0/0 Router(config-if)# ip address 192.168.2.123 255.255.255.0 Router(config-if)# encapsulation ppp Router(config-if)# no shutdown Diagram 2, Packet Tracer Exercise 5.5 - Initial Cisco 2960 Switch Configuration 5.5.1 - Standalone Switches Four Diagrams Diagram 1, Image Cisco 2960 Fast Ethernet Switch * 8 Fast Ethernet ports * One dual purpose Gigabit Ethernet uplink port * The Gigabit Ethernet uplink port can support a 10/100/1000 copper cable or a fiber based SFP connector. * This switch does not require a fan Cisco 2960 Gigabit Ethernet Switch * 7 Gigabit Ethernet ports * One dual purpose Gigabit Ethernet uplink port * The Ethernet uplink port can support a 10/100/1000 copper cable or a fiber based small form-factor pluggable (SFP) connector. * This switch does not require a fan Cisco Catalyst 2960-24TT * 24 10/100 ports * 2 10/100/1000 uplink ports Cisco Catalyst 2960-24TC * 24 10/100 ports * 2 dual-purpose uplink ports Cisco Catalyst 2960-48TT * 48 10/100 ports * 2 10/100/1000 uplink ports Cisco Catalyst 2960-48TC * 44 10/100/1000 ports * 4 dual-purpose uplink ports Cisco Catalyst 2960G-24TC * 24 10/100/1000 ports * 4 dual-purpose uplink ports Cisco Catalyst 2960G-48TC * 44 10/100/1000 ports * 4 dual-purpose uplink ports Diagram 2, Image Front Cisco Catalyst 2960 Series Intelligent Ethernet Switches are suitable for small and medium-sized networks. They provide 10/100 Fast Ethernet and 10/100/1000 Gigabit Ethernet LAN connectivity. Status LEDs SYST LED: Shows whether the system is receiving power and is working properly. * Green: The system is working properly. * Amber: The system is receiving power but is not working properly. RPS LED: The redundant power system (RPS) LED shows the RPS status. * Green: The RPS is connected and ready to provide back-up power, if required. * Blinking green: The RPS is connected but is unavailable because it is providing power to another device. * Amber: The RPS is in standby mode or in a fault condition. * Blinking amber: The internal power supply in a switch has failed, the RPS is providing power to the switch. Mode Button and Port Status LED: Port LEDs display information about the switch and about the individual ports. Mode Button: The mode button is used to select one of the port modes: status mode, duplex mode or speed mode. To select or change a mode, press the Mode button until the desired mode is highlighted. The purpose of the LED is dependant upon the port mode setting. Port Status, or STAT, the Default Port Mode: * Off: No link, or port was administratively shut down. * Green: Link present. * Blinking green: Port is transmitting or receiving data. * Alternating green-amber: Link fault. Error frames can affect connectivity, and errors such as excessive collisions, CRC errors, and alignment and jabber errors are monitored for a link-fault indication. * Amber: Port is blocked by Spanning Tree Protocol (STP) and is not forwarding data. * Blinking amber: Port is blocked by STP but continues to transmit and receive inter-switch information messages. Duplex LED: Port duplex mode, or DUPLX, is either full duplex or half duplex. * Off: Port is operating in half duplex. * Green: Port is operating in full duplex. Speed LED: SPEED mode: The 10/100 ports, 10/100/1000 ports and SPF module ports operating speeds. For 10/100 ports: * Off: Port is operating at 10 Mbps * Green: Port is operating at 100 Mbps. For 10/100/1000 ports: * Off: Port is operating at 10 Mbps * Green: Port is operating at 100 Mbps. * Blinking green: Port is operating at 1000 Mbps. 10/100 and 10/100/1000 Ports The 10/100 Ethernet ports can be set to support speeds of 10 or 100 Mbps. The 10/100/1000 ports operate at 10, 100, or 1000 Mbps SFP Ports: A Gigabit capable Ethernet SFP port can be used to support Fiber and Copper transceivers modules. The fiber transceivers support Fiber-optic cables. The copper transceivers support Category 5 cables with RJ-45 connectors. The ability to plug into the Gigabit Ethernet SFP ports allows the fiber and copper transceivers to be easily replaceable in the field should a connection go bad. Rear All of the Ethernet ports are located on the front of the 2960. The back of the 2960 contains the power plug, the console port and the fan ventilation. Console Port: * Used to connect the switch to a PC by means of a RJ-45-to-DB-9 cable. * Used for out-of-band management tasks. Diagram 3, Animation Half-Duplex A server and a switch, only one device can send at any one time. Full-Duplex A server and a router both devices can send and receive at the same time. Diagram 4, Image Image of a flowchart IP Services provided by the IP Base flow to Enterprise Services and Advanced IP Services which then both flow to Advanced Enterprise Services. 5.5.2 - Power Up the Cisco 2960 Switch Two Diagrams Diagram 1, Image Step 1 - Check the Components Ensure all the components that came with the Cisco 2960 switch are available. These include the console cable, power cord, Ethernet cable and switch documentation. Step 2 - Connect the Cables to the Switch Connect the PC to the switch with a console cable and start a terminal emulation session. Connect the AC power cord to the switch and to a grounded AC outlet. Step 3 - Power up the switch Some Cisco switch models do not have an on/off switch. The 2960 switch powers up as soon as the power cord is connected to the electrical power. Catalyst 2960 switch Diagram 2, Hands-on Lab 5.5.3 - Initial Switch Configuration Four Diagrams Diagram 1, Image Cisco Network Assistant * PC-based network management GUI application optimized for LANs of small and medium-sized businesses * Offers centralized management of Cisco switches through a user-friendly GUI * Used to configure and manage groups of switches or standalone switches * Available at no cost and can be downloaded from Cisco website Device Manager * Web browser based software that is stored in the switch memory * Web interface that offers quick configuration and monitoring * Used to fully configure and monitor a switch * Access through a web browser by using Telnet or SSH from a remote PC Cisco IOS CLI * Based on Cisco IOS software and enhanced to support desktop-switching features * Used to fully configure and monitor the switch and members in a group of switches from the CLI * Access by connecting the PC directly to the switch console port or by using Telnet from a remote PC CiscoView * Displays the switch image used to set configuration parameters and to view switch status and performance information * Purchased separately and it can be a standalone application or part of a Simple Network Management Protocol (SNMP) platform Simple Network Management Protocol * Managed from an SNMP-compatible management station * Examples of SNMP-compatible management stations are HP OpenView or SunNet Manager * Typically utilized at large companies Diagram 2, Image Diagram shows the console output of a switch, lines of interest are in bold text. Switch> enable Switch# configure terminal Switch(config)# interface vlan 1 Switch(config-if)# ip address 192.168.1.2 255.255.255.0 Switch(config-if)# no shut down Switch(config-if)# exit Switch(config)# ip default-gateway 192.168.1.1 Switch(config)# end Switch# copy running-config startup-config Diagram 3, E-Lab Diagram 4, Packet Tracer Exercise 5.5.4 - Connecting the LAN Switch to the Router Five Diagrams Diagram 1, Image Hosts H1, H2 and H3 are all connected to a 2960-24TT Switch. The switch is connected to an 1841 Router. Link between H3 and 2960-24TT Switch Connect PCs to the switch using a straight-through Ethernet cable. Green Lights of 2960-24TT Switch The port lights on the switch will blink green when the connection is up and running. Link between 1841 and 2960-24TT Switch Connect the router to the switch using a straight-through Ethernet cable. Diagram 2, Tabular Configure Static Port Security Cisco IOS CLI Command Syntax Enter global configuration mode: S1#configure terminal Cisco IOS CLI Command Syntax Specify the type and number of the physical interface to configure, for example fastEthernet Fa0/18. And enter interface configuration mode: S1(config)#interface fastEthernet 0/18 Cisco IOS CLI Command Syntax Set the interface mode to: access. An interface in the dynamic desirable default mode cannot be configured as a secure port: S1(config)#switchport mode access Cisco IOS CLI Command Syntax Enable port security on the interface: S1(config-if)#switchport-security Mac-address Cisco IOS CLI Command Syntax Return to privileged EXEC mode: S1(config-if)#end Configure Dynamic Port Security Cisco IOS CLI Command Syntax Enter global configuration mode. S1#configure terminal Cisco IOS CLI Command Syntax Specify the type and number of the physical interface to configure, for example fastEthernet Fa0/18. And enter interface configuration mode: S1(config)#interface fastEthernet 0/18 Cisco IOS CLI Command Syntax Set the interface mode to: access. An interface in the dynamic desirable default mode cannot be configured as a secure port: S1(config)#switchport mode access Cisco IOS CLI Command Syntax Enable port security on the interface: S1(config-if)#switchport-security Cisco IOS CLI Command Syntax Return to privileged EXEC mode: S1(config-if)#end Configure Sticky Port Security Cisco IOS CLI Command Syntax Enter global configuration mode. S1#configure terminal Cisco IOS CLI Command Syntax Specify the type and number of the physical interface to configure. S1(config)#interface fastEthernet 0/18 Cisco IOS CLI Command Syntax Set the interface mode to: access. S1(config)#switchport mode access Cisco IOS CLI Command Syntax Enable port security on the interface: S1(config-if)#switchport-security Cisco IOS CLI Command Syntax Set the maximum number of secure addresses to 50. S1(config-if)#switchport port-security maximum 50 Cisco IOS CLI Command Syntax Enable sticky learning of MAC address S1(config-if)#switchport port-security Mac-address sticky Cisco IOS CLI Command Syntax Return to privileged EXEC mode: S1(config-if)#end More Info Port security is similar to MAC-address filtering on the Linksys device. Only secure MAC addresses, learned dynamically or manually configured, are permitted to send and receive messages over the network. Diagram 3, Image Image depicts a terminal window. Verify Port Security Settings Switch#show port-security interface fastEthernet 0/18 View this output in the Hands on Lab Verify Secure MAC Addresses Switch#show port security address Secure Mac Address Table Vlan Mac Address Type Ports Remaining Age (mins) 99 050.BAA6.06CE SecureConfigured Fa0/18 - Total Addresses in System (excluding one mac per port) :0 Max addresses limit in System (excluding one mac per port) :8320 Diagram 4, Packet Tracer Exercise Diagram 5, Hands-on Lab 5.5.5 - Cisco Discovery Protocol Two Diagrams Diagram 1, Image A host H2 is connected to a switch with the address 172.16.1.0/24 which is connected to the Fa0/0 of router R2 with the address 172.16.1.1/24. R2 is connected via S0/0/0 with the address 172.16.2.2/24 to S0/0/1 of router R1 with the address 172.16.2.1/24. R1 is connected via Fa0/0 with the address 172.16.3.1/24 to a switch which is connected to host H1. R2 is connected via S0/0/1 DCE with the address 192.168.1.2/24 to router R3 with the address192.168.1.1/24. R3 is connected via Fa0/0 with the address 192.168.2.1/24 to a switch which is connected to host H3. Show CDP Neighbors R3#show cdp neighbours Capability Codes: R ? Router, T ? Trans Bridge, B ? Source Route Bridge S ? Switch, H ? Hose, I ? IGMP, r ? Repeater, P ? phone Device ID Local Intrfce Holdtme Capability Platform Port ID Switch Fas 0/0 133 S I WS-C2950-2Fas 0/11 R2 Ser 0/0/ 149 R S I Cisco 1841Ser 0/0/1 Show CDP Neighbors Detail R3#show cdp neighbours detail Device ID: R2 Entry address(es): IP address: 192.168.1.2 Platform: Cisco 1840, Capabilities: Router Switch IGMP Interface: Serial10/0/1, port ID (outgoing port): Serial0/0/1 Holdtime : 161 sec Version: Cisco ISO Software, 1840 Software (C1841-ADVIPSERVICESK-9M), Version 12.4 (10b), RELEASE SOFTWARE (fc3) Techhnical support: http://www.cisco.com/technsupport Copyright (c)1986-2007 by Cisco System, Inc. Compiled Fri 19-Jun-07 15:15 by prod_rel_team Advertisement version: 2 VTP Management Domain: Device ID: s3 Entry address(es): Platform: Cisco 1840, Capabilities: Router Switch IGMP Interface: FastEthernet0/0, port ID (outgoing port): FastEthernet0/11 Holdtime : 148 sec Version: Cisco Internetwork Operating System Software ISO ? c2950 Software (c2950-I6Q4L2-M), Version 12.1 (9) EA1, RELEASE SOFTWARE (fc1) Copyright (c)1986-2002 by Cisco System, Inc. Compiled Wed 24-Apr-02 06:57 by antonio Advertisement version: 2 Protocol Hello: OUI=0x0000C, protocol ID=0x0112; payload len=27, Value=00000000FFFFFFFF0 10231FF000000000000000AB769F6C0FF0000 VTP Management Domain: ?CCNA3? Duplex: full R3# Show Disabling and Enabling CDP !To disable CDP globally use ... R3 (config) #no cdp run ! !or, to disable CDP on only an inter face... R3 (config-if) #no cdp enable ! If CDP is disabled globally, it must be enabled globally and per interface with the following two commands: Router (config), cdp run Router (config-if), cdp enable Diagram 2, Packet Tracer Exercise 5.6 - Chapter Summary 5.6.1 - Summary Single Diagram Diagram 1, Slideshow Slide 1 * The key components on a Cisco 1841 ISR are: o HWIC slots o Compact flash module o USB port o Dual 10/100 fast Ethernet ports o Console and auxiliary ports o System Power LED o The router bootup process has three stages: * 1. Performing the POST * 2. Locating and Loading the IOS software * 3. Locating and executing the startup configuration file o Cisco IOS software image * There are two possible methods to connect a PC to a network device for configuration and monitoring tasks, in-band and out-of-band management. Slide 2 * Cisco Router and Security Device Manager (SDM) is a graphical user interface (GUI) tool that can be used to configure, monitor, and maintain Cisco devices. Cisco SDM is the recommended way to configure a new Cisco ISR. * The Cisco IOS command line interface (CLI) is a text-based program that enables the entering and executing of Cisco IOS commands to configure, monitor, and maintain Cisco devices. The Cisco IOS CLI is used for the advanced configuration of Cisco devices and to configure older devices that do not support SDM. * The configuration checklist job aid is an important tool to help ensure that the customer gets the configuration they want. Slide 3 * SDM Express is a tool bundled within the Cisco Router and Security Device Manager that makes it easy to create a basic router configuration. * SDM is a more advanced GUI interface with more configuration options available. * Both SDM and SDM Express use GUI-based configuration Wizards to simplify the configuration of the Cisco devices. * Some of the features that can be configured include: basic configuration, LAN IP configurations, DHCP, WAN IP configurations and NAT. Slide 4 * The CLI does not provide step-by-step configuration assistance; therefore it requires more planning and expertise to complete. * The privileged exec, global config and interface modes are all used when configuring a router using the Cisco IOS CLI. * Context-sensitive help can provide suggestions for completing a command as well as determining additional command parameters. Slide 5 * The IOS show commands are a fundamental tool for verifying and troubleshooting router configurations. * The startup configuration file is stored on the device in NVRAM and is loaded into working memory and begins device operation. * The running configuration is the set of commands that is currently active in the device RAM. * IOS CLI can be used to configure basic router setting including router name, password, and banners. It can also be used to configure serial and Ethernet interfaces, DHCP and NAT. Slide 6 * A WAN connection is a type of network connection that can send a network signal over long distances. * There are three types of serial WAN connections: point-to-point, circuit switched and packet switched. Choosing the correct WAN involves planning and consideration. * Cisco devices can be configured remotely across a WAN connection using Telnet or SSH. SSH is the preferred method. * Some WAN connections support Ethernet interfaces. Other WAN connections support serial interfaces. Slide 7 * The key components of a Cisco Catalyst 2960 Series Switch are: o 24 10/100 Ethernet Ports o Port Status LEDs o Mode button o Console port o Dual Purpose 10/100/1000 or SFP port o Cisco IOS LAN-based Software Image * The 2960 supports port autonegotiation of duplex and speed. Slide 8 * When configured with an IP address, interface VLAN 1 allows you to remotely manage the switch using SSH or other TCP/IP applications such as network management software. * A basic switch configuration includes switch name and encrypted passwords used to access the switch and the Cisco CLI configuration commands. * Port security limits the number of valid MAC addresses allowed per port and can be configured statically, dynamically, or dynamic sticky.