Professional Documents
Culture Documents
Ccna Report
Ccna Report
Ccna Report
Network
2
In a typical LAN configuration, one computer is designated as the
file server. It stores all of the software that controls the network,
as well as the software that can be shared by the computers
attached to the network. Computers connected to the file server
are called workstations. The workstations can be less powerful
than the file server, and they may have additional software on
their hard drives. On most LANs, cables are used to connect the
network interface cards in each computer. See the Topology,
Cabling, and Hardware sections of this tutorial for more
information on the configuration of a LAN.
3
One example of a MAN is the MIND Network located in Pasco
County, Florida. It connects all of Pasco's media centers to a
centralized mainframe at the district office by using dedicated
phone lines, coaxial cabling, and wireless communications
providers.
4
Hubs
Types of Hubs
5
As you may have already guessed, hubs perform a crucial
function on networks with a star topology. There are many
different types of hubs, each offering specific features that allow
you to provide varying levels of service.
Passive Hub
Passive hubs, as the name suggests, are rather quiescent
creatures. They do not do very much to enhance the performance
of your LAN, nor do they do anything to assist you in
troubleshooting faulty hardware or finding performance
bottlenecks. They simply take all of the packets they receive on a
single port and rebroadcast them across all ports-the simplest
thing that a hub can do. Passive hubs commonly have one
10base-2 port in addition to RJ-45 connectors that connect each
LAN device.
Active Hub
Active hubs actually do something other than simply
rebroadcast data. Generally, that have all of the features of
passive hubs, with the added bonus of actually watching the data
sent out. Active hubs take a larger role in Ethernet communication
6
by implementing a technology called store and forward where the
hubs actually look at the data they are transmitting before
sending it. This is not to say that the hub prioritizes certain
packets of data. It does, however, repair certain “damaged”
packets and will retime the distribution of other packets.
7
Bridges :
8
Network Bridge example
9
You can use Network Bridge to connect the Ethernet network
adapter, the HPNA network adapter, and the wireless network
adapter on PC1. Network Bridge can forward traffic from one LAN
segment to another and enable all of your computers to
communicate with each other.
Network switch
A network switch or switching hub is a computer networking
device that connects network segments. The network switch plays
an integral part in most modern Ethernet local area networks
(LANs). Mid-to-large sized LANs contain a number of linked
managed switches. Small office/home office (SOHO) applications
10
typically use a single switch, or an all-purpose converged device
such as a gateway to access small office/home broadband
services such as DSL or cable internet
Configuration options
11
• Show running-config: This command displays the memory
status of the Cisco Catalyst 1900 switch
12
• Copy tftp: //host/src_file nvram: This command is used to
download the configuration from a TFTP server.
13
• Show line: This command is used to view the brief
information about all the lines of the Cisco switch
14
• Duplex: This command is used to set the duplex setting for
the interface of the Cisco switch
15
MAKING OF
NETWORKING CABLE
16
Introduction
This cable can be used to directly connect two computers to each other
without the use of a hub or switch. The ends on a crossover cable are different from
each other, whereas a normal 'straight through' cable has identical ends. Their uses
are shown in the following diagrams.
Typically the ports on a hub are MDIX ports. This allows the machine at the other
end to utilize its MDI Port (which is what typically a NIC card uses) without the
need for a crossover cable. When I say that the ports on the hub are MDIX ports,
what I mean is that one of the functions of the hub is to automatically perform the
crossover functions, which are required to properly align the cables with each
other. When no hub or switch is used, your cable itself must physically perform
these crossover functions.
To expand on this a little, when using a hub or switch, the Transmit wires on the
17
workstation need to be connected to the Receive wires on the hub; likewise, the
Receive wires on the hub need to be connected to the Transmit wires on the
workstation. But if you remember what we stated earlier - cables which are run
from PC to Hub are 'straight through' type cables. This is because the hub is
providing the required crossover functions internally for you. Thus, when you
connect two machines together without the use of a hub or switch, a crossover
cable is required - because both 'ends' are essentially the same - a NIC Card. The
crossover function must take place somewhere, and since there is no hub or switch
Now that we know what a crossover cable is for, let's talk for a few about types of
cabling. The two most common unshielded twisted-pair (UTP) network standards
are the 10 Mbit (10BASE-T Ethernet) and the 100Mbit (100BASE-TX Fast
Ethernet). In order for a cable to properly support 100 Mbit transfers, it must be
rated Category 5 (or CAT 5). This type of low loss extended frequency cable will
support 10 Base T, 100 Base-T and the newer 100VG-AnyLAN applications. Other
types of cabling include Category 3 which supports data rates up to 16 Mbps, and
Category 1 which only supports speeds up to 1Mbps. The cable we are about to
make is considered Category 5, and will work on both 10 Mbit and 100 Mbit
systems, assuming all components used (cables and jacks) are rated for Category 5.
Cable - Be sure the cable(s) you are using is properly rated for
CAT 5. It should state clearly on the jacket of the cable, what it is
rated at. One option that you have when selecting your cable is to
use a pre-made normal 'straight through' cable, and simply whack
off one of the ends, and replace with a new "Crossed Over" end.
For the purpose of this article, though, we aren't going to go that
route. We are going to make the whole thing from scratch - using
bulk CAT 5 cable.
18
Connectors - Crossover cables are terminated with CAT 5 RJ-45
(RJ stands for "Registered Jack") modular plugs. RJ-45 plugs are
similar to those you'll see on the end of your telephone cable
except they have eight versus four contacts on the end of the
plug. Also, make sure the ends you select are rated for CAT 5
wiring. There are also different types of jacks which are used for
different types of cabling (such as Solid Core wire). Make sure you
buy the correct jacks for your cabling.
Stripper - No I'm not talking about what Spot had at his bachelor
party, I am talking about a tool to strip the ends off the wires you
pervert! There are several specialized tools, which can be used to
strip the jackets off of cabling. If you do not have access to one of
these tools, cautious use of a razor blade or knife should work just
fine - but keep in mind if you go the razor blade / knife route,
extra special care must be used as to not damage the wires inside
19
the jacket.
Cutters - You need a pair of cutters that will allow you to cut a
group of cables in a straight line. It is very important that all the
wires are the same lengths, and without proper cutters, this can
be a difficult task.
You now know what crossover cables are used for. You know why
you need one. You also know what you need to make one, so I
guess we're ready... First thing you will want to do it cut off the
appropriate length of cable that you will need. Be sure that it is
plenty long enough. If you screw up, and don't cut it long enough,
you will have to start all over, and you will not only waste you
time, but cable and the RJ-45 ends as well. If you are pulling this
cable through a wall, or ceiling, make sure the pulling is
completed first. It is much more difficult to pull a cable with the
ends already on it. So you have all the parts, you understand the
concepts, and you have your cable, lets get started!
20
2) - Spread the wires apart, but be sure to hold onto the base of the jacket
with your other hand. You do not want the wires to become untwisted
down inside the jacket. Category 5 cable must only have 1/2 of an inch
of 'untwisted' wire at the end; otherwise it will be 'out of spec'. At this
point, you obviously have ALOT more than 1/2 of an inch of un-
twisted wire, but don't worry - well take care of that soon enough.
Begin to untwist the twisted exposed wires on your cable. Use caution so that you
do not untwist them down inside the jacket. Once you have all the wires untwisted
begin to arrange them in the proper order based on the pictures above. This stage
can be a pain in the ass, especially some of the middle wires. Once you get all the
wired arranged in the proper order, make sure your wire cutters are within reach
then grasp them right at the point where they enter the jacket. Make sure you keep
them in the proper order! Grab your cutters now. Line them up along your prepared
21
wires about 1/2 inch above the jacket. Be sure at this point that you are both 1/2
inch above the jacket, and that your cutters are aligned straight across the wires.
You want to make a clean cut here - also make sure you don't let go of that jacket /
wires!
4) -. From this point forward things get a lot easier. Grab your
jack, and begin to slide the wires into the jack. Once you get to
the point where the jacket begins to enter the jack things might
get a little tough, but just have some patience and hold onto those
wires. It will fit in there just fine. Once it is in as far as it will go the
wires should extend almost to the front of the jack, and about 3/8
of an inch of the jacket will be inside the jack. Like the pictures
below.
22
5) - Grab those crimpers - because not all crimpers are exactly
the same your pictures may not match exactly what you see
below. Be sure to keep a good grip on that jack and the cable.
Insert the jack into the crimper. It should only go in one way, so
you don't have a whole lot to worry about inserting it. Begin to
compress those crimpers. You will more than likely hear a clicking
sound. Keep squeezing. If you try to let go to early, nothing will
happen. They will not release. Keep going until they stop clicking /
stop moving all together. At this point, you should be able to let
go of the jack, and the crimpers. The crimpers should release now
leaving you with a crimped jack. If the crimpers do not release,
you probably are a wimp and didn't press hard enough. Go ask
your mom to help you at this point. She can probably finish what
you started.
23
Insert the jack into the crimper C rimp it! Crimp it good!
It's time to examine what we have done. If you look at the end of
the jack (distal), you should see that the copper connectors should
not be pressed down into the wires. Toward the back of the jack
(where the jacket meets the jack) it should be crimped securely
holding the jacket / cable in the jack. If something has gone
wrong, don't worry, its not the end of the world. Grab those
cutters, and just whack the whole jack off and start back at step 1
(a pain in the ass I know, but its better to have a cable that works,
than to spend hours trouble shooting your PC trying to figure out
why you can't see the other machine). If everything is cool, all you
have to do now is make the other end of the cable (unless you are
using a pre-fab cable and have whacked one of the ends off), so
go back to step one, and make the other end now.
In closing
You should now have a fully functional CAT 5 Crossover cable. It's a good idea to
24
label it as such, especially if you have a lot of other cables lying around. So what
are ya waiting for... install the cable and test it out. If it doesn't work, double-check
the ends. There is always a possibility that you have overlooked something. If so
just whack the bad end and make new one. Remember the more jacks you install,
and the more cables you make, the easier it gets. It's really not that hard to do, the
first time is definitely the most difficult.
• Maximum Cable length for including connectors is 100 meters (or about 328
feet)
• Do not allow the cable to be sharply bent, or kinked, at any time. This can
cause permanent damage to the cables' interior
• Do not overtighten cable ties
• Do not use excessive force when pulling cable through floors, walls or
ceilings
• Do not use staples to secure category-5 cable, use the proper hangers, which
can be found at most hardware stores
25
ROUTERS
26
Routers :
A router is similar to a bridge but can handle more complex
types of communication between dissimilar networks. Routers are
usually employed by wide area networks which often connect
networks using different communication protocols and dissimilar
addressing schemes. The routers work in the Network layer thus
giving them the ability to understand the protocols being used to
carry the data over the network. Since routers can understand
protocols they can use the rules to decide what to do with a
specific data.
Features of Router
• l Identify address
• Traffic Management
27
is based on traffic loads line speeds number of hops or
administrator pre set costs.
• Sharing information
• Performance
28
Inside a Router
29
Internal Components of a 2600 Router
External Connections
Configuration connections
LAN connections
– FastEthernet (usually)
30
Makes upgrading cheaper
Router Connections
Connecting to a Router
31
First-time connection must be via console cable
attached to a PC
32
• Cisco 3600 Series
33
From the beginning, the Cisco 3600 series was designed with
performance, flexibility, and cost effectiveness in mind, making
the multi-service branch office possible today.
Enable
Disable
Log out of the router, end the console session, same as exit
command
Exit
Log out of the router, end the console session, same as logout
command
Logout
Setup
Show running-config
34
Show the startup configuration stored in NVRAM
Show startup-config
Show version
Show flash
35
Copy flash tftp
Congfig terminal
Banner motd#message#
36
(incoming is displayed with a reverse telnet connection, exec with
all others)
Hostname [name]
No ip domain-lookup
Ip name-server server-ip1[server-ip2………..server-ip6]
No ip http server
Passwords
Set a password for privileged Exec Mode
37
Set password TELNET access
Line vty 0 4
Login
Password [passwords]
Line console 0
Login
Password [passwords]
Interface Configuration
Configure the interface Ethernet 0
Interface e 0
Interface s 0
Interface t 1
Enable an interface
38
No shutdown
Disable an interface
Shutdown
Bandwidth 64
Keepalive 10
IP
Disable IP routing (IP routing is enabled by default)
No ip routing
39
Display IP routing table
Show ip route
Enable RIP
Router rip
Network [network-address1]
Network [network-address2…]
Ip rip triggered
No auto-summary
Enable IGRP
Network [network-address1]
40
Network [network-address2….]
ROUTER COMPONENTS
41
• Mini-IOS – a.k.a RXBOOT/boot loader by Cisco – small IOS
ROM used to bring up an interface and load a Cisco IOS into
flash memory from a TFTP server; can also do a few other
maintenance operations
• Flash memory – holds the IOS; is not erased when the router
is reloaded; is an EEPROM [Electrically Erasable
Programmable Read-Only Memory] created by Intel, that can
be erased and reprogrammed repeatedly through an
application of higher than normal electric voltage
Starting a Router
When a Cisco router is started for the first time, it does not have
an initial configuration. The router prompts the user for a
minimum of details. This basic setup is not intended for entering
complex configurations or protocol features. The setup command
gives you the following option:
42
• Accept the created configuration, save it to NRAM, and exit
the EXEC mode.
>enable
#configure terminal
(config)#hostname Router
Router(config)
43
44
45
46
47
Configuring a Serial Interface
Example
Router#
Configure terminal
Router(Config)#
Interface s1
Router(Config-if)#
Router(confi-if)#
Bandwidth 64
48
Router #
Router(config-line)#login
Router(config-line)#password homer
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password bart
Router(config)#service password-encryption
49
NAT AND PAT IN ROUTING
DYNAMIC NAT
50
STATIC NAT
Note
51
If a private user at 192.168.0.10 uses a Web browser to connect
to the Web server at w2.x2.y2.z2, the user's computer creates an
IP packet with the following information:
The NAT protocol checks its translation table and maps the public
addresses to private addresses and forwards the packet to the
computer at 192.168.0.10. The forwarded packet contains the
following address information:
52
• Destination IP address: 192.168.0.10
IP ROUTING
53
ROUTING BASICS:
When an internetwork is created by connecting WANs and
LANs to a router there is a need to configure logical
network address, such as IP addresses to all hosts on the
internetwork so that they can communicate across that
internetwork. The term routing is used for taking a packet
from one device and sending it through the network to
another device on a different network. Routers don’t care
about hosts. They only care about networks and the best
path to each network. The logical network address of the
destination host is used to get packets to a network through
a routed network, then the hardware address of host is used
to deliver the packets from a router to correct destination
host.
54
• Static Routing
• Dynamic Routing
STATIC ROUTING
55
BENEFITS OF STATIC ROUTING:
[administrative_distance] [permanent]
56
the next –hop router that will receive the packet and forward
it to the remote network. This is a router interface that’s on
a directly connected network. We must ping the router
interface before we add the route . If we type in the wrong
next-hop address, or the interface to that router is down, the
static route will show up in the router’s configuration, but
not in the routing table.
DEFAULT ROUTING:
• PC 1-ETHERNET 0(E0)
57
• PC2-ETHERNET 0(E0)
• PC3-ETHERNET 0(E0)
DYNAMIC ROUTING:
ROUTING PROTOCOLS
• RIP
• IGRP
• EIGRP
• OSPF
58
Default administrative distances:
CONNECTED INTERFACE 0
STATIC ROUTE 1
EIGRP 90
IGRP 100
OSPF 110
RIP 120
170
EXTERNAL EIGRP
ROUTING PROTOCOLS:
There are three classes of routing protocols:
Distance vector:
The distance vector protocols find the best path to a remote
network by judging distance. Each time a packet goes
through a router that’s called a hop. The router with least
number of hops to the network is determined to be the
best path. The vector indicates the direction to the remote
network. Both RIP and IGRP are distance- vector routing
protocols. They send the entire routing table to directly
connected neighbors.
59
The distance-vector routing algorithm passes complete routing
table contents to neighboring routers , which then combine
the received routing table with their own routing tables to
complete the router’s routing table. This is called routing by
rumer, because a router receiving an update from a
neighbor router believes the information about remote
networks without actually finding out for itself. It’s possible
to have a network that has multiple links to the same
network, and if that’s the case, the administrative distance is
checked firstl. If AD is same, the protocols will have to use
other metrics to determine the best path to use to that
network. RIP uses only hop count to determine the best
path to a network. If RIP finds more than one link to the
same remote network with same hop count, it will
automatically perform a round-robin load balancing. RIP can
perform load balancing for upto six equal cost links(four by
default).
Link state:
In link state protocols, also called shortest-path-first
protocols, the routers each create three separate tables. One
of these tables keep track of directly attached neighbors,
one determines the topology of entire internetwork, and one
is used as the routing table. Link state routers know more
about the internetwork than any distance-vector routing
protocol. Link-OSPF is an IP routing protocol that is
completely link state. Link state protocol send updates
containing the state of their own links to all other routers
on the network.
HYBRID:
Hybrid protocols use aspects of both distance vector and link
state- for example, EIGRP.
60
Characteristics of Routing Protocols
61
• RIP only uses hop count to determine the best way to
remote network, but it has maximum allowable hop
count of 15 by default, meaning that 16 is deemed
unreachable.
• RIP VERSION 1
• RIP VERSION 2
RIP TIMER
62
happens , the router will send out updates to all its
neighbors letting them know that the route is invalid.
HOLDDOWN TIMER:
63
INTERIOR GATEWAY ROUTING
PROTOCOL(IGRP)
64
INTERIOR GATEWAY ROUTING PROTOCOL(IGRP)
IGRP TIMERS
Update timers:
Invalid timers:
65
These specify how long a router should wait before declaring
a route invalid if it doesn’t receive a specific update about
it. The default is three times the update period.
Flush timer:
IGRP RIP
66
USES BANDWIDTH AND USES ONLY HOP COUNT TO
DELAY OF THE LINE AS DETERMINE THE BEST PATH
METRIC, WITH HOP COUNT TO A REMOTE NETWORK,
OF 255. WITH 15 HOPS BEING THE
MAXIMUM.
Interconnecting
67
Variance multiplier Router subcommand
Command Function
Debug p igrp event Issues log messages for each IGRP packet.
68
The network command matches some of the interfaces on a
router. The interfaces matched by the network command have the
three functions previously mentioned performed on them.
Examples provide a much easier understating of the network
command, as demonstratekd in.
IGRP Matrics
69
• EIGRP is sometimes referred to as a hybrid roting
protocol because it has characteristics of both distance-
vector and link -state protocols.
FEATURES OF EIGRP
Considered classless.
NEIGHBOR TABLE :
TOPOLOGY TABLE:
FEASIBLE SUCCESSOR :
SUCCESSOR:
71
between EIGRP speaking routers. And as name suggests,
reliability is a key concern of this protocol.
72
Secondly, if there isn’t a good alternative in the local
topology table,EIGRP routers very quickly ask their neighbors
for help finding one, they are not afraid to ask directions,
ralying on other routers and leveraging the information they
provide accounts for the “diffusing” character of DUAL.
MULTIPLE ASes
73
originated within a specific autonomous system by EIGRP
router that are members of the same autonomous system.
74
monitored. Like many distance-vector protocols, EIGRP uses
the routing by rumor mechanism.
• Neighborship table
• Topology table
• Route table
The route table stores the routes that are currently used
to make decisions. There would be seprate copies of each
of these tables for each protocol that is actively being
supported by EIGRP, wheather it is IP, IPX or AppleTalk.
EIGRP METRICS:
• Bandwidth
• Delay
• Load
• Reliability
75
MAXIMUM PATHS AND HOP COUNTS:
Allows scalability
Supports VLSM/CIDR
76
VIRTUAL LANs
(VLANs)
77
VLAN Basics
This works by, you, the administrator, putting some switch ports in
a VLAN other than 1, the default VLAN. All ports in a single VLAN
are in a single broadcast domain.
78
can just use all the ports on a switch and all devices will be able to
talk to one another.
When do I need a VLAN?
79
Types of VLAN
There are only two types of VLAN possible today, cell-based VLANs
and frame-based VLANs.
VLAN modes
80
VLAN configurations
81
other high risk environments where communication between
hosts on the same subnet are not necessary. Check your
Cisco documentation if you have questions about how to
configure and deploy private VLANs.
• VLAN modes – in Cisco IOS, there are only two modes an
interface can operate in, "mode access" and "mode trunk".
Access mode is for end devices or devices that will not
require multiple VLANs. Trunk mode is used for passing
multiple VLANs to other network devices, or for end devices
that need to have membership to multiple VLANs at once. If
you are wondering what mode to use, the mode is probably
"mode access"
Broadcast Control
• Type of protocol.
82
the internetwork is imperative. The most effective way of doing
this is through strategic switching and routing.
Security
• First, anyone connecting to the physical net work could
access the network resources located on that physical LAN.
83
also place restrictions on hardware addresses, protocols, and
applications-now we’re talking security.
• Another advantage is that when a VLAN gets too big, you can
create more VLANs to keep the broadcasts from consuming
too much bandwidth—the fewer users in a VLAN, the fewer
users affected by broadcasts. and good, but the users
connect to these services when you create your VLAN.
VLAN Memberships
VLAN are usually created by an administrator, who then assigns
switch ports to each VLAN. Such a VLAN is called a static VLAN. If
the administrator wants to do a little more work up front and
assign all the host devices’ hardware addresses in to a database,
84
the switches can be configured to assign VLANs dynamically
whenever a host is plugged into a switch. This is called a dynamic.
Static VLANs
• Static VLANs are the usual way of creating VLAN, and they’re
also the most secure. The switch port that you assign a VLAN
association to always maintains that association until an
administrator manually changes that port assignment.
Dynamic VLANs
Identifying VLANs :
As frames are switches throughout the network, switches must be
able to keep track of all the different types, plus understand what
to do with them depending on the hardware address. And
remember, frames are handled differently according to the type of
link they are traversing.. There are two different type of links in a
switched environment.
Access links :
• This type of link is only part of one VLAN and it’s referred to
as the native VLAN of the port. Any device attached to an
access link is unaware of a VLAN membership the device just
85
assumes it’s part of a broadcast domain, but has no
understanding of the physical network.
Trunk links :
86
87
88
TWO ROUTER LAB
89
Figure 1. Two router basic configuration
Objective
The objective of the lab is to configure a simple network to allow two routers to
route packets between two remote networks.
Set up
.Physical
Login to RouterA
, Click configure
Click device
Click modem
Click Terminal. It should now connect to the router console port. The
command line interface RouterA> should appear.
90
Configure RouterA and RouterB by typing the following commands. The console
port cable will need to be moved to the router being configured. The part
beginning with // are comments and should not be entered.
RouterA
RouterA>enable
RouterA#config t
RouterA(config)#int e0 //Choose Ethernet interface e0
RouterA(config-if)#ip address 172.16.12.1 255.255.255.0
RouterA(config-if)#description LAN Network for RouterA
RouterA(config-if)#no shutdown //this means interface
is up
RouterA(config-if)#int s0 //configure serial interface
RouterA(config-if)#ip address 172.16.10.1 255.255.255.0
RouterA(config-if)#clockrate 250000
RouterA(config-if)#no shutdown
RouterA(config-if)#description Network connection to
RouterB
RouterA(config-if)#^Z //combination of control+z, which
takes you back
to the privileged executive mode
RouterA# copy run start //Save your changes to NRVAM.
If you do not,
when the router reboots all changes are lost. Wait
until the router responds with [Ok]
RouterB
RouterB#config t
RouterB(config)#int e0 //Choose Ethernet interface e0
RouterB(config-if)#ip address 172.16.11.1 255.255.255.0
RouterB(config-if)#description LAN Network for RouterB
RouterB(config-if)#no shutdown //this means interface
is up
RouterB(config-if)#int s1 //configure serial interface
RouterB(config-if)#ip address 172.16.10.2 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#description Network connection to
RouterA
RouterB(config-if)#^Z
RouterB# copy run start
91
Once both routers are configured, use the ping command from a router to ping the
neighboring router's serial and Ethernet interfaces.
RouterB#ping 172.16.10.1
RouterB#ping 172.16.12.1
Repeat the steps for PC2 but set the IP address to 172.16.11.2 and the default
gateway to 172.16.11.1.
Start a terminal and do the following commands. Note and log what happens at
each point.
92
o #ping 172.16.11.1
o #ping 172.16.10.2
o #ping 172.16.10.1
o #ping 172.16.12.1
o #ping 172.16.12.2
RouterB
Part 5. Verify the two routers are routing packets to the remote network
Use PC1 and PC2 to verify that the two remote networks can communicate.
PC1
#ping 172.16.11.2
PC2
#ping 172.16.12.2
If both ping commands work, then the configuration is complete. Two remote
networks are communicating through two routers. Congratulations!
93
Wireless
94
Technologie
s
96
Modes
Aironet 1200 Series Aironet 1100 Series Aironet 1300 Series Bridge
97
Access-Point Access-Point
AGENCIES PURPOSE
Creates and maintains
Institute of Electrical and
operational
Electronics Engineers (IEEE)
standards
Regulates the use of
Federal Communications
wireless devices
Commission (FCC)
in the U.S.
98
European Chartered to produce
Telecommunications common
Standards Institute (ETSi) standards in Europe
Promotes and tests for
Wi-Fi Alliance WLAN
interoperability
Educates and raises
consumer
WLAN Association (WLANA) awareness regarding
WLANs
Wireless starts with 802.11, and there are various other up-
and-coming standard groups as well, like 802.16 and 802.20.
And there’s no doubt that cellular networks will become huge
players in our wireless future. But for now, we’re going to
concentrate on the 802.11 standards committee and
subcommittees.IEEE 802.11 was the first, original
standardized WLAN at 1 and 2Mbps. It runs in the 2.4GHz
radio frequency and was ratified in 1997 even though we
didn’t see many products pop up until around 1999 when
802.11b was introduced.
COMMITT PURPOSE
EE
99
IEEE 802.11a 54Mbps, 5GHz standard
IEEE 802.11b Enhancements to 802.11 to support 5.5 and
11Mbps
IEEE 802.11c Bridge operation procedures; included in the
IEEE 802.1D standard
IEEE 802.11d International roaming extensions
IEEE 802.11e Quality of service
IEEE 802.11f Inter-Access Point Protocol
IEEE 802.11g 54Mbps, 2.4GHz standard (backward
compatible with 802.11b)
IEEE 802.11h Dynamic Frequency Selection (DFS) and
Transmit Power Control (TPC)
at 5Ghz
IEEE 802.11i Enhanced security
IEEE 802.11j Extensions for Japan and U.S. public safety
IEEE 802.11k Radio resource measurement enhancements
IEEE 802.11m Maintenance of the standard; odds and ends
IEEE 802.11n Higher throughput improvements using MIMO
(multiple input, multiple
output antennas)
IEEE 802.11p Wireless Access for the Vehicular Environment
(WAVE)
IEEE 802.11r Fast roaming
IEEE 802.11s Extended Service Set (ESS) Mesh Networking
100
.
Cisco
101
SDM
The Cisco
Security Device Manager (SDM) is an intuitive, Web-based device
management tool embedded within Cisco IOS access routers.
Cisco SDM simplifiesrouter and security configuration through
intelligent wizards, enabling customers to quickly and easily
deploy, configure, and monitor a Cisco access router without
requiring knowledge of the Cisco IOS Software command-line
interface (CLI). Cisco Router and Security Device Manager (SDM)
is an easy-to-use device management tool that allowsyou to
configure Cisco IOS security features and network connections
through an intuitive web-based graphical user interface. This
quick start guide shows you how to connect your PC to your router
and begin using SDM.
102
router, such as WAN interface cards (WICs), network modules
(NMs), or advanced interface module (AIM) cards that you will use
to connect to the network. Refer to the quick start guide for your
router for instructions on installing these interface cards, cabling
the router, and
verifying that all the connections are working properly.
Task 2: Configure Your PC, and Connect It to
the Router
You have to set up the PC to communicate with SDM. SDM is
shipped with a default configuration file that assigns an IP address
to a LAN interface on the router, and you must configure the PC to
be on the same subnet as the router LAN interface.First determine
whether your router is configured as a Dynamic Host
Configuration Protocol (DHCP) server or not.
103
These Routers Are Not Configured as DHCP Servers
If you did not find your router in Table 1, your router is not
configured as a DHCP server, and you mustassign a static IP
address to the PC. Click Use the following IP address, and assign
an IP addressbetween 10.10.10.2 and 10.10.10.6 to the Ethernet
port of the PC, and use the subnet mask255.255.255.248, as
shown in Figure 2. You can leave the Default gateway and DNS
server fields blank.
104
Task 3: Log on to the Router
If you received the SDM CD with your router, use the CD to
connect to the router by following the next procedure. If you did
not receive the SDM CD, use the procedure in the “I Did Not
Receive the SDM CD” section on page 7.
105
Step 3 When the CD screen is displayed (Figure 3), click First-time
Router Setup.
Figure 3 SDM CD Screen
106
Figure 4 First-Time Router Setup Window
Step 5 Enter the username cisco, and the password cisco in the
login windows that appear during the startup process
107
Task 4: Complete Cisco SDM Express
Cisco SDM Express is an SDM program that lets you quickly
configure the router LAN and Internet connections.
Step 1 When you connect to the router, the SDM Express Launch
page (Figure 5) appears, followed by one or more certificate
windows. Click Yes, or click Grant to accept the certificates.
Figure 5 SDM Express Launch Page
Step 2 The SDM Express Overview page appears and then the
SDM Express Wizard page is also displayed (Figure 6). Click Next
to begin configuring the router
108
Figure 6 SDM Express Overview and Wizard Pages
The SDM Express wizard will ask you to enter an enable secret password to
control access to Cisco IOS software. Be sure to write down or remember the
enable secret password that you enter. It is not shown in the Enable
Password field or in the Summary window, and it cannot be reset without
erasing the router configuration. You are also asked to change the router’s
LAN IP address from its default value.
Step 3 When the Summary window appears, write down the LAN IP address,
the username and the userpassword that you entered, and click Finish. You
will need this information to reconnect to the router to perform additional
configuration.
Step 4 Exit SDM Express and complete “Task 5: Reconnect to the Router
Using the New IP Address” toreconfigure the PC and reconnect to your router,
using the new IP address that you gave to the LAN interface.reconfigure the
109
PC and reconnect to your router, using the new IP address that you gave to
the LAN interface
110
Figure 7 If you did not configure the router as a DHCP server,
configure the PC with a static IP address (Example)
Step 2 Open a web browser and enter the new IP address that
you gave the router LAN interface.http://new-IP-address
For example, if you gave the LAN interface the IP address
20.20.20.1, you would enter the following
command in the browser.http://20.20.20.1
Step 3 Enter the username and password that you specified in
Task 4. If SDM is installed on your router, the SDM home page
appears, as shown in Figure 8.
111
Figure 8 SDM Home Page
112
Figure 9 SDM Express Overview Window
113
Step 5 If you received the SDM CD, go to “Task 6: Install SDM from
the CD” to install SDM. If you did not receive the SDM CD, SDM is
already installed on your router.
114
Step 2 When the Install Options window appears (Figure 11),
select where you want to install SDM. Selecting
This Computer installs SDM on the PC and enables you to
configure and monitor other routers on the network besides the
router you have just set up
Figure 11 Select Where You Want to Install SDM
You
can
also
install SDM and its other applications on your router, or you can
install them on both thePC and the router.
Using SDM
If SDM is installed on the router, start it by opening a browser
and entering the new IP address thatyou gave the LAN interface,
just as you did in Task 5: Reconnect to the Router Using the New
IP Address, page 10.
http://new-IP-address If SDM is installed on the PC, start it by
selecting it from the program menu (Start > Programs > Cisco
Systems > SDM 2.1. Then, provide the IP address of the router
in the SDM Launcher window
115
(Figure 12)
117
Click the Help button in any SDM window for more information on
the task you are performing. SDM automatically saves changes to
the router’s running configuration, and you can direct it to save
the running configuration to the startup configuration
Note: The IP addressing schemes used in this configuration are not legally routable on the
Internet. They are RFC 1918 addresses which have been used in a lab environment.
Interface Configuration
The SDM Home page provides information such as hardware and software of the router,
feature availability, and a configuration summary. The green circles show the features
supported in this router and the red circles show the features not supported.
118
2. Choose Configure > Interfaces and Connections > Create Connection in order to
configure the WAN connection for the interface.
As an example, for serial interface 2/0, choose the Serial option and click Create New
Connection.
Note: For other types of interfaces like Ethernet, choose the respective interface type and
proceed by clicking the Create New Connection button.
119
3. Click Next in order to proceed once this interface appears.
120
4. Select Serial interface 2/0 (desired) from the Available Interfaces option and click Next.
121
5. Choose the encapsulation type for the serial interface and click Next.
122
6. Specify the static IP address with the corresponding subnet mask for the interface and
click Next.
123
7. Configure the default routing with optional parameters such as the next hop IP address
(192.168.1.2 as per network diagram) supplied by the ISP and click Next.
124
This window appears and shows the configuration summary configured by the user. Click
Finish.
125
This window appears and shows the command delivery status to the router. Otherwise, it
displays errors if the command delivery fails due to incompatible commands or
unsupported features.
126
8. Choose Configure > Interfaces and Connections > Edit Interfaces/Connections in
order to add/edit/delete the various interfaces.
Highlight the interface with which you want to make changes and click Edit if you want
to edit or change the interface configuration. Here you can change the existing static IP
address.
127
NAT Configuration
Complete these steps in order to configure the dynamic NAT in a Cisco router.
1. Choose Configure > NAT > Basic NAT and click Launch the selected task in order to
configure basic NATing.
128
2. Click Next.
3. Choose the interface that connects to the Internet or your ISP and choose the IP address
range to which Internet access is to be shared.
129
4. This window appears and shows the configuration summary configured by the user. Click
Finish.
130
5. The Edit NAT Configuration window shows the configured dynamic NAT configuration
with the translated IP address overloaded (PATing). If you want to configure the dynamic
NATing with address pool, click Address Pool.
6. Click Add.
131
Here informations such as the pool name and IP address range with netmask are provided.
There can be times when most of the addresses in the pool have been assigned, and the IP
address pool is nearly depleted. When this occurs, PAT can be used with a single IP
address in order to satisfy additional requests for IP addresses. Check Port Address
Translation (PAT) if you want the router to use PAT when the address pool is close to
depletion.
7. Click Add.
132
8. Click Edit.
9. Choose Address Pool in the Type field, provide the name to the Address Pool as pool1
and click OK.
133
10. This window shows the configuration for dynamic NATing with the address pool. Click
Designate NAT Interfaces.
Use this window in order to designate the inside and outside interfaces that you want to
use in NAT translations. NAT uses the inside and outside designations when it interprets
translation rules, because translations are performed from inside to outside, or from
outside to inside.
Once designated, these interfaces are used in all NAT translation rules. The designated
interfaces appear above the Translation Rules list in the main NAT window.
134
Static NAT Configuration
1. Choose Configure > NAT > Edit NAT Configuration and click Add in order to
configure static NATing.
2. Choose the Direction either from inside to outside or from outside to inside, specify the
inside IP address to be translated under Translate from Interface. For the Translate to
Interface area select the Type.
o Choose IP Address if you want the Translate from Address to be translated to an
IP address defined in the IP Address field.
135
o Choose Interface if you want the Translate from Address to use the address of
an interface on the router. The Translate from Address is translated to the IP
address assigned to the interface that you specify in the Interface field.
Check Redirect Port if you want to include port information for the inside device in the
translation. This enables you to use the same public IP address for multiple devices, as
long as the port specified for each device is different. You must create an entry for each
port mapping for this Translated to address. Click TCP if this is a TCP port number and
click UDP if it is a UDP port number. In the Original Port field, enter the port number on
the inside device. In the Translated Port field, enter the port number that the router is to
use for this translation. Refer to the Allowing the Internet to Access Internal Devices
section of Configuring Network Address Translation: Getting Started.
This window shows the static NATing configuration with port redirection enabled.
136
Routing Configuration
1. Choose Configure > Routing > Static Routing and click Add in order to configure static
routing.
2. Enter the Destination Network address with mask and select either outgoing interface or
next hop IP address.
137
This window shows the static route configured for the 10.1.1.0 network with 192.168.1.2
as the next hop IP address.
Complete these steps in order to configure the dynamic routing in a Cisco router.
138
3. Check Enable RIP, select the RIP version, and click Add.
139
4. Specify the Network address to be advertised.
5. Click OK.
140
6. Click Deliver in order to transfer the commands to the router.
141
This window shows the dynamic RIP routing configuration.
Miscellaneous Configuration
Complete these steps in order to configure the other basic settings in a Cisco router.
1. Choose Configure > Additional Tasks > Router Properties and click Edit if you want
to change the Hostname, Domain Name, Banner and Enable Secret Password properties
for a router.
142
2. Choose Configure > Additional Tasks > Router Access > User Accounts/View in
order to add/edit/delete the User Accounts to the router.
143
3. Choose File > Save Running Config to PC... in order to save the configuration to the
NVRAM of the router as well as the PC and to reset the current configuration to default
(factory) settings.
4. Go to the task bar and choose Edit > Preferences in order to enable these User
Preferences options:
o Preview commands before delivering to router.
o Save signature file to Flash.
o Confirm before exiting from SDM.
o Continue monitoring interface status when switching mode/task.
144
5. Choose View from the task bar if you want to:
o View the Home, Configure, or Monitor pages.
o View the running configuration of the router.
o View various show commands.
o View SDM default rules.
o Choose Refresh in order to synchronize the router configuration if there are any
configured through the CLI with SDM.
CLI Configuration
Router Configuration
Router#show run
Building configuration...
145
no logging buffered
enable password cisco
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!
!
!
146
86F70D01 01040500 03818
3B93B9DC 7DA78DF5 6D1D0D68 6CE075F3 FFDAD0FB
9C58E269 FE360329 2CEE3
D8661EB4 041DEFEF E14AA79D F33661FC 2E667519
E185D586 13FBD678 F52E1
E3C92ACD 52741FA4 4429D0B7 EB3DF979 0EB9D563
51C950E0 11504B41 4AE79
0DD0BE16 856B688C B727B3DB 30A9A91E 10236FA7
63BAEACB 5F7E8602 0C33D
quit
!
!
!
!
!
!
!
!
!
!
interface FastEthernet1/0
ip address 172.16.1.2 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
147
interface Serial2/0
ip address 192.168.1.1 255.255.255.0
ip nat outside
ip virtual-reassembly
!
interface Serial2/1
no ip address
shutdown
!
interface Serial2/2
no ip address
shutdown
!
interface Serial2/3
no ip address
shutdown
!
router rip
version 2
network 172.1.0.0
no auto-summary
ip http server
ip http secure-server
!
148
ip nat inside source list 1 pool pool1
!
!
!
149
line vty 0 4
password sdmsdm
login
!
!
end
Verify
Choose Configure > Interface & Connections > Edit Interface Connections > Test
Connection in order to test the end-to-end connectivity. You can specify the remote end IP
address if you click the User-specified radio button.
150
Troubleshoot
The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands.
Use the OIT to view an analysis of show command output.
Note: Refer to Important Information on Debug Commands before you issue debug commands.
• Choose Tools > Update SDM from the task bar in order to ping, Telnet, and upgrade the
SDM to the latest version. You can do this from Cisco.com, from the local PC, or from
the CD.
• Choose Help > About this Router in order to view information on the hardware
configuration of the router.
151
This window shows information about the IOS image stored in the router.
152
• The Help option provides information about the various available options in the SDM for
the configuration of routers.
153
154