Scribd Logo
Upload

Welcome to Scribd!

  • SNRS30CAG

    Uploaded by

    Péter Beleznay
    1 views19 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PPS, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pps, pdf, or txt
    1 views19 pages

    SNRS30CAG

    Uploaded by

    Péter Beleznay

    Copyright:

    © All Rights Reserved
    Download as PPS, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pps, pdf, or txt
    of 19

    Securing Networks

    with Cisco Routers and


    Switches (SNRS) v3.0

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—1


    Course Lab Guide

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—2


    SNRS 3.0 Lab Topology
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    Bastion Host .2 .2 Bastion Host


    Web .2 .1 .1 .2 Web
    FTP .1 .1 172.16.Q.0 FTP
    172.16.P.0

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—3
    Visual Objective for Lab 1-1: Configure
    Advanced Layer 2 Security
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    .2 .2

    .1 .1

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—4
    Visual Objective for Lab 1-2: Configure
    Basic 802.1X Authentication
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    .2 .2

    .1 .1

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—5
    Visual Objective for Lab 1-3: Configure
    Advanced 802.1X Authentication
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    .2 .2

    .1 .1

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—6
    Visual Objective for Lab 1-4: Configure
    802.1X VLAN Assignments
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    .2 .2

    .1 .1

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—7
    Visual Objective for Lab 2-1: Configure the
    Cisco Network Foundation Protection Strategy
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—8


    Visual Objective for Lab 3-1: Configure a
    Site-to-Site VPN Using Certificates
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—9


    Visual Objective for Lab 3-2: Configure
    a GRE over IPsec Tunnel
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—10


    Visual Objective for Lab 3-3: Configure a
    DMVPN Spoke Using Cisco SDM
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—11


    Visual Objective for Lab 3-4: Configure
    GET VPN Using the CLI
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—12


    Visual Objective for Lab 4-1: Configure
    Cisco Easy VPN Remote
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—13


    Visual Objective for Lab 4-2: Configure
    Cisco Easy VPN Server
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—14


    Visual Objective for Lab 4-3: Configure
    a Cisco IOS SSL VPN
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    .2 .2

    .1 .1

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—15


    Visual Objective for Lab 5-1: Configure a
    Cisco IOS Classic Firewall on a Cisco Router
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    Bastion Host .2 .2 Bastion Host


    Web .2 .1 .1 .2 Web
    FTP .1 .1 172.16.Q.0 FTP
    172.16.P.0

    10.0.P.0 .2 10.0.Q.0
    .2
    .100 .100
    RTS RTS

    Web or FTP Web or FTP


    and Cisco and Cisco
    Secure ACS Secure ACS Local: 10.0.Q.11
    Local: 10.0.P.11

    Server Server

    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—16


    Visual Objective for Lab 5-2: Configure a Cisco
    IOS Zone-Based Policy Firewall with URL Filtering
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 RBB 192.168.Q.0

    Bastion Host .2 .2 Bastion Host


    Web .2 .1 .1 .2 Web
    FTP .1 .1 172.16.Q.0 FTP
    172.16.P.0

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—17
    Visual Objective for Lab 5-3: Configure
    Cisco IOS IPS on a Cisco Router
    Web
    FTP
    Super Server

    .50
    172.26.26.0
    .150
    .1 .1
    Pods 1–4 Pods 5–8
    192.168.P.0 192.168.Q.0
    RBB

    .2 .2

    .1 .1

    10.0.P.0 Fa 0/2 .2 Fa 0/2 10.0.Q.0


    .2
    .100 Fa 0/3 Fa 0/4 Fa 0/4 Fa 0/3 .100
    RTS Web or FTP Web or FTP RTS
    and Cisco and Cisco
    Secure ACS Secure ACS
    Client PC Client PC
    Local: Local: 10.0.Q.10
    10.0.P.10
    Server Server
    Local:
    Local: 10.0.Q.11
    10.0.P.11
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—18
    © 2008 Cisco Systems, Inc. All rights reserved. SNRS v3.0—19

    You might also like