Cisco Ios Collection For Gns3 And Actual Routers.
Guys , I'm sharing with you FTP Direct Download links for Cisco IOS Images which can be used with GNS3 or actual routers.
Small Collection of IOS Images.
ftp://ftp.unikon-ua.net/pub/Cisco/IOS/
{Updated}Big Collection of IOS Images (Almost All Cisco IOS Images)
ftp://62.117.115.92/upload/ios/
Another Big Collection
ftp://86.110.172.101/Soft/IOS/
(NEW)Cisco IOS Images Big Collection v3. **Direct HTTP Link**
http://www.jonsfiles.com/IOS%20Images%20for%20GNS3/Cisco_IOS_Collection/IOS/http://www.intranet.betomt.com.br/repositorio/IOS/CISCO/
ASA Binary files for GNS3
http://www.4shared.com/dir/5716575/72cbe353/IOS.html
New Big IOS Collection 10 Sept 2010
ftp://79.120.76.25/torrent/downloaded/ios/
Use Google search for Cisco IOS Images, Type the following in search box "index of ios parent directory bin" (without quotes)
Happy Learning..
Read More
32
comments
Latest TestInside CCNA 640 802 11.73 773
Latest TestInside CCNA 640 802 11.73 773
Rapidshare link
http://rapidshare.com/files/364858960/TI_640-802_11.73.rar
Hotfile link
http://hotfile.com/dl/33347012/36d8a48/TI_640-802_11.73.rar.html
Read More
0
comments
Cisco CCNA Exam Day Tips.
Here are some tips to follow for the CCNA test:
- Relax before exam: In order to avoid last minute stress, make sure that you arrive 10 to 15 minutes early and relax before exam.
- Familiarize yourself with exam: Before taking the CCNA exam, you are given an option of to familiarize yourself with the way the exam is carried out (the exam interface). You must make sure to take advantage of this.
- Time Management Tips:
- Manage Time Spent On Each Question: The duration for the exam is 90 minutes. You must determine how much time you will spend on each question. While determining this take into consideration that simulations take more time to answer. Also keep in mind that some other questions are weighed more heavily and may take more time to answer (e.g. difficult subnetting problems).
- Be Sure Of Exam Interface: Clear your doubts, in case if you have any, regarding the rules for the CCNA exam or using the testing computer/software with the supervisor after he sets up your machine and before you start the exam. Remember that the exam is timed and you may loose your valuable test time for such questions, which you could have asked earlier.
- Jot Down Important Points Before the Exam: Before you start the exam, ask for scratch paper and jot down points that you may require to recall when taking your exam. This is always allowed and proves to be very helpful while taking the exam. These may include:
- OSI Model layers
- Access lists
- Important tables such as powers of 2
- Class A,B,C address range and properties e.g.
Class A: Denoted by network.host.host.host first octet is between 1 to 126 - Important formulae such as 2^x-2 gives the number of hosts per subnet where x is the number of “off” bits in the subnet mask
- Binary to decimal conversion table & tips
- All Answers Are Final: Remember that you cannot return to a question once you have answered it. So, be very careful while answering to the questions and don’t rush as it might cost you valuable marks.
- Don’t Panic. There Is No Negative Marking: Although the exam software does not allow you to review questions you’ve answered, there are no negative marks for a wrong answer. The CCNA exam does not penalize you for wrong answer, so never leave any question unanswered. If you are not able to find out the correct answers to some questions, eliminate the possible answers that cannot be correct and narrow down your guess.
Read More
0
comments
IOS Commands
Router modes
| Modes | Description |
| Router> | User mode |
| Router# | Privileged mode |
| Router(config)# | Global configuration mode |
| Router(config-if)# | Interface mode |
Basic IOS Commands
| Command | Description | Syntax |
| Enable | Puts you into privileged mode | Router>enable |
| Disable | Takes you from privileged mode back to user mode | Router>disable |
| Config Terminal | Puts you in global configuration mode and change the running-config | Router#config t |
| Hostname | Sets the name of a router | Router(config)#hostname R1 |
| Banner | Creates a banner for users who log into the router | Router(config)#banner motd # |
| Enable Password | Sets the encrypted enable password | Router(config)#enable password |
| Enable Secret | Sets the encrypted enable secret. Supersedes the enable password if set | Router(config)#enable secret |
| Line Aux | Puts in the auxiliary interface configuration mode | Router(config)#line aux 0 Router(config-line)#login Router(config)# password cisco |
| Line Console 0 | Puts you in the console configuration mode | Router(config)#line console 0 Router(config-line)#login Router(config)# password cisco |
| Line Vty | Puts you in VTY (Telnet) interface configuration mode | Router(config-line)#line vty 0 4 Router(config-line)#login Router(config)# password cisco |
| Service Password-encryption | Encrypts the user mode and enable password | Router(config)#service password-encryption |
| Terminal History Size | Changes your history size from the default of 10 up to 256 | Router#terminal history size 25 |
| Telnet | Tests IP connectivity and configures a router | Telnet [destination ip] Router#telnet 172.16.10.2 |
| Ping | Tests IP connectivity | Ping [destination ip] Router#ping 172.16.10.2 |
| Interface Fastethernet 0/0 | Puts you in interface configuration mode for a fastethernet port | Router(config)#int fa 0/0 |
| Interface Serial 1 | Puts you in configuration mode for interface serial 1 and can be used for show commands | Router(config)#int serial 1 |
| Ip Address | Sets an IP address on an interface | Router(config)#ip address 172.16.10.2 255.255.255.0 |
| Bandwidth | Sets the bandwidth on a serial interface | Router(config-if)#bandwidth 64 |
| Copy Run Start | Short for copy running-config, startup-config. Places a configuration into NVRAM | Router#copy run start |
| Erase Startup | Deletes the startup-config | Router#erase startup-config |
| Show Controllers S 0 | Show the DTE or DCE status of an interface | Router#sh controllers s 0 |
| Show History | Shows you the last 10 commands entered by default | Router#sh history |
| Show Interface S 0 | Shows the statistics of interface serial 0 | Router#sh int s 0 |
| Show Run | Short for show running-config. Shows the configuration currently running on the router | Router#sh run |
| Show Start | Short for show startup-config. Shows the backup configuration stored in NVRAM | Router#sh start |
| Show Terminal | Shows you your configured history size | Router#sh terminal |
| Show Version | Shows you statistic of the router | Router#sh ver |
| Shutdown | Puts an interface in administratively-down mode | Router(config-if)#shutdown |
IP Routing Commands
| Command | Description | Syntax |
| Ip route | Creates static and default routes on a router | Ip route [destination_network] [mask] [next_hop_address or exitinterface] [administrative_distance] [permanent] Example: Router(config)#ip route 172.16.20.0 255.255.255.0 172.16.10.2 |
| No ip route | Removes a static default rout | Router(config)#no ip route 172.16.20.0 255.255.255.0 172.16.10.2 |
| Router RIP | Turns on ip rip routing on a router | Router(config)#router rip |
| Network | Tells the routing protocol what network to advertise | Router(config-if)#network 172.16.20.0 |
| Router igrp AS | Turns on ip igrp routing on a router | Router igrp[Autonomous system no.] Router(config)#router igrp 10 |
| Debug ip rip | Sends console messages displaying information about rip packets being sent and received on a router interface | Router#debug ip rip |
| Debug ip igrp events | Provides a summary of the igrp routing information running on the network | Router#debug ip igrp events |
| Debug ip igrp transactions | Shows message requests from neighbor routes asking for an update and the broadcast sent from your router to that neighbor router | Router#debug ip igrp transactions |
| Show ip route | Displays the ip routing table | Router#sh ip route |
| Show protocols | Shows the routed protocols and network addresses configured on each interface | Router#sh protocols |
| Show ip protocols | Shows the routing protocols and timers associated with each routing protocol configured on a router | Router#sh ip protocols |
Managing Internetwork
| Command | Description | Syntax |
| Cdp enable | Turns on cdp on an individual interface | Router#cdp enable |
| No cdp enable | Turns off cdp on an individual interface | Router#no cdp enable |
| Cdp run | Turns on cdp on a router | Router#cdp run |
| No cdp run | Turns off cdp completely on router | Router#no cdp run |
| Cdp holdtime | Changes the holdtime of cdp packets | Router(config)#cdp holdtime 240 |
| Cdp timer | Changes the cdp update timer | Router(config)#cdp timer 90 |
| Clear line | Clears a connection connected via telnet to your router | Router#clear line 2 |
| Config-register | Tells the router how to boot and to change the configuration register setting | Router(config)#config-register 0x0101 |
| Copy flash tftp | Copies a file from flash memory to a tftp host | Router# copy flash tftp |
| Copy run start | Copies the running-config file to the startup-config file | Router#copy run start |
| Copy run tftp | Copies the running-config file to a tftp host | Router#copy run tftp |
| Copy tftp flash | Copies a file from a tftp host to flash memory | Router#copy tftp flash |
| Copy tftp run | Copies a configuration from a tftp host to the running-config file | Router#copy tftp run |
| Erase startup-config | Deletes the contents of NVRAM on a router | Router#erase startup-config |
| Ip host | Creates a host table on a router | Ip host[hostname] [ip address] Example: Router(config)#ip host router2 172.16.10.2 |
| No ip host | Removes a hostname from a host table | Router(config)#no ip host router2 172.16.10.2 |
| Show cdp | Displays the cdp timer and holdtime frequencies | Router#sh cdp |
| Show cdp entry | Same as show cdp neighbor detail, but does not work on a 1900 switch | Router#sh cdp entry |
| Show cdp interface | Shows the individual interfaces enabled with cdp | Router#sh cdp interface |
| Show cdp neighbor | Shows the directly connected neighbors and the details about them | Router#sh cdp nei |
| Show cdp neighbor detail | Shows the ip address and IOS version and type, and includes all of the information from the show cdp neighbor command | Router#sh cdp neighbor detail |
| Show cdp traffic | Shows the cdp packets sent and received on a device and any errors | Router#sh cdp traffic |
| Show flash | Shows the files in flash memory | Router#sh flash |
| Show hosts | Shows the contents of the host table | Router#sh hosts |
| Show sessions | Shows your connections via telnet to remote device | Router#sh sessions |
Read More
0
comments
RIP configuration
Router-1
Router>enable
Router#configure terminal
Router(config)#hostname R1
R1(config)#interface fastethernet 0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#int serial 0/0
R1(config-if)#ip address 192.168.10.1 255.255.255.0
R1(config-if)#no shutdown
R1(config)#clock rate 64000 (if router 1 is DCE device)
R1(config-if)#exit
R1(config)#router rip
R1(config-router)#version 2 (if you configure version 2)
R1(config-router)#network 192.168.1.0
R1(config-router)#network 192.168.10.0
R1(config-router)#end
R1#copy running-config startup-config
Router-2
Router>enable
Router#configure terminal
Router(config)#host name R-2
R2(Config)#interface fastethernet 0/0
R2(Config-if)#ip address 192.168.2.1 255.255.255.0
R2(Config-if)#no shutdown
R2(Config-if)#interface serial 0/0
R2(Config-if)#ip address 192.168.10.2 255.255.255.0
R2(Config-if)#no shutdown
R2(Config-if)#interface serial 0/1
R2(Config-if)#ip address 192.168.11.1 255.255.255.0
R2(Config-if)#no shutdown
R2(Config-if)#exit
R2(config)#router rip
R2(config-router)#version 2 (if you configure version 2)
R2(config-router)#network 192.168.2.0
R2(config-router)#network 192.168.10.0
R2(config-router)#network 192.168.11.0
R2(config-router)#end
R2# copy running-config startup-config
Router-3
Router>enable
Router#configure terminal
Router(config)#host name R-3
R3(Config)#interface fastethernet 0/0
R3(Config-if)#ip address 192.168.3.1 255.255.255.0
R3(Config-if)#no shutdown
R3(Config-if)#interface serial 0/0
R3(Config-if)#ip address 192.168.11.2 255.255.255.0
R3(config)#clock rate 64000 (if router 1 is DCE device)
R3(Config-if)#no shutdown
R3(Config-if)#exit
R3(config)#router rip
R3(config-router)#version 2 (if you configure version 2)
R3(config-router)#network 192.168.3.0
R3(config-router)#network 192.168.11.0
R3(config-router)#end
R3# copy running-config startup-config
Verification Command:
R1#ping 192.168.2.1
R1#ping 192.168.11.1
R1#ping 192.168.11.2
R1#ping 192.168.3.1
R2#ping 192.168.1.1
R2#ping 192.168.3.1
R3#ping 192.168.1.1
R3#ping 192.168.10.1
R3#ping 192.168.10.2
R3#ping 192.168.2.1
Read More
0
comments
Easily Add OpenDNS To Your Router
OpenDNS is an incredible alternative to your ISP DNS server. Simply put DNS (Domain Name System) translates IP address to easy to remember hostname's. Not only will OpenDNS make your browsing faster, there are a lot of additional features provided by this free service.
OpenDNS is free with no software to install. It also has a bunch of features such as Phishing protection, Domain Blocking, Adult Site Blocking, Typo Correction, etc. If you are behind a router the easiest way to ensure every computer on your home network is using OpenDNS is to add it to your Router.
Open your web browser and go to your router's address. Usually it is 192.168.1.1 type in the user name and password to access administrator settings. For this example I am using a Linksys WRT54GS, yours maybe different but the entry is basically the same. Under basic setup find your routers static DNS settings. Type in 208.67.222.222 and 208.67.220.220 hit save and your done!
I highly recommend trying OpenDNS. I have been using it for over 6 months now, and in fact I forgot I was using it until I mistyped a URL and OpenDNS told me that I was accessing a shady site.
Read More
0
comments
Cisco Cabling Videos
I was amazed at home many Cisco cabling training videos are out on YouTube. I looked through and these are some of the better examples that I found. Enjoy!
How to connect Router to Router using Cisco Serial Cables
How to Connect to a Cisco Router using a USB port & Cable
How to make a CAT 5E patch cable
enjoy.
Read More
2
comments
How to Use HyperTerminal with Cisco Routers & Switches
Most Cisco devices do not have a graphical Web-based interface by default. You must configure them from the command line using the serial-based console port on the switch or router. While there are a variety of serial terminal emulation programs available, most people use HyperTerminal to do this because it is included free with Windows. This article will show you how to configure HyperTerminal to talk to a new Cisco device.
What is HyperTerminal?
HyperTerminal is a terminal emulator program that runs in Windows. What this means is that it offers you a text-based command prompt on a remote device. That device could be either a serial device, like a Cisco router, connected directly to your PC’s serial port OR a network device. HyperTerminal can either use the local serial interface for communications or the network. In the case of the network, HyperTerminal is simply using the telnet protocol.Connecting to your Cisco device with HyperTerminal
Run HyperTerminal in Windows by going to Start > Programs > Accessories > Communications > HyperTerminal.After clicking on the HyperTerminal icon, you will see this window:
HyperTerminal prompts you to create a new connection. Note that this is not required but let’s go ahead and do it.
Type in the word cisco for the connection name and click OK.
Connect your Cisco device to your PC’s COM1 port but don’t turn it on yet. On the next window that appears, make sure that the “Connect Using” field says COM1 and click OK.
On the next window, change the Baud rate to 9600 and click OK.
Now, turn on your Cisco device. In the HyperTerminal window, you should see the boot up process for your device, like this:
You have successfully configured HyperTerminal and connected to your Cisco device.
When you are done and try to close out HyperTerminal, you will be asked if you want to save this connection. I suggest saving it with the name you gave it, cisco, so that you don’t have to configure it again next time.
HyperTerminal Features
HyperTerminal can also be used to telnet to your Cisco network devices once they are configured with an IP address and are on the network. Thus, you don’t have to stop using HyperTerminal once you have configured your device.HyperTerminal can be used to paste Cisco commands into your device so that you can more quickly configure devices. For example, you can do a show running-config, copy the output to the Windows clipboard, paste it into notepad, edit parts of it, and paste it back into your router’s configuration.
HyperTerminal can also log anything that scrolls by on the window to a log file, for record keeping or analysis.
Article Summary
Here is what we have learned:- That HyperTerminal is a serial and network terminal emulation program included with Windows.
- To talk to a Cisco device, HyperTerminal must be configured on the right COM port and at 9600 baud
- HyperTerminal can be used to telnet to devices, over the network, once they are configured.
- Other features offered by HyperTerminal are cut/copy/paste of configurations and logging of sessions.
Read More
1 comments
How to: Reset a Cisco Router Back to Factory Defaults
You can use config-register 0x2102 command to reset a Cisco router back to Factory Defaults. Note: to check the configuration register on the router by issuing the show version command. The configuration register setting is displayed in the last line of the show version command output, and should be set to 0x2102.
This is example how to reset a Cisco router back to Factory Defaults:
This is example how to reset a Cisco router back to Factory Defaults:
Router1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#config-register 0x2102
Router1(config)#end
Router1#wr erase
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router1#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]
Read More
0
comments
5 Easy Steps to Securing Your Cisco Switch or Router
Every network administrator should know how to secure their network so that they lessen the encounter of malicious activity. Sometimes it really just comes down to following some best practices in securing a Cisco switch or router. Here are 5 easy steps to secure your Cisco switch or router.
enable secret
When you use the command,show rundo you see your passwords in plain text? That’s a no-no. Use
enable secret your-passwordto encrypt it to keep nosy people from seeing your password and entering your switch or router. Enable secret will encrypt your password – AWAY WITH PLAIN TEXT.
encrypt plain text passwords
If you’ve moved over to encrypted passwords and noticed that your existing passwords are still in plain text then run the global configuration command:service password-encryptionto encrypt all your passwords.
secure console access
Physical security should be your first line of defense. But what if you have shotty physical security? Then use console security to stop curious users from connecting to your console port:conf t line con 0 login password your-passwordBe aware that this does not protect your Cisco device from the password recovery procedure. This is why physical security is important!
secure remote access
What protocol are you using to remote into your Cisco switches and routers for management? If you said Telnet, shame on you! Telnet does not encrypt any traffic between you and your Cisco devices. Everything you type is in cleartext. The best alternative is to use SSH. All traffic between you and your Cisco switch or router will be encrypted.conf t line vty 0 4 login local transport input ssh username user password user-passwordip domain-name domain crypto key generate rsaThe above commands will allow only SSH traffic to your Cisco switch or router and will prompt for a username and password, in which the user account should be on the switch.
parking lot or shutdown the interface
Organize your network with the use of virtual local area networks (vlans). Put accounting on their own vlan, HR on their own vlan, IT on their own vlan. Not only is it good to segment these departments, you can also create a parking lot vlan. A parking lot vlan is where you can put all unused interfaces. So if a malicious user wanted to connect to your network via an open port from the wall, they wouldn’t be able to connect to anything because that unused port would be put on a vlan that is not being used.conf t vlan 3 name parking-lot int fa0/15 switchport mode access switchport access vlan 3A better solution would be to shutdown an unused interface. When an interface is shut down that means it cannot be used until you use the no shutdown command to bring the interface back up.
conf t int fa0/15 shutdownTo bring it back to a working interface:
conf t int fa0/15 no shutAnd those are my 5 easy steps to securing your Cisco switch or router. There are other advanced ways but if you’re new to Cisco then the above steps will be better than having a non-secured network. If you have any questions or feedback please comment below!
Read More
0
comments
How To Install GNS3 in Ubuntu 9.10
So here is how to install GNS3 and have it work efficiently for your Cisco studying needs.
1. First we will install Dynagen and Python-Qt4
sudo apt-get install dynagen python-qt4
2. Download GNS3 and extract in /opt
cd /opt sudo wget http://downloads.sourceforge.net/project/gns-3/GNS3/0.7/GNS3-0.7-
src.tar.bz2?use_mirror=softlayer sudo tar -xjvf GNS3-0.7-src.tar.bz2 && rm GNS3-0.7-src.tar.bz2 sudo mv GNS3-0.7-src /opt/GNS3
3. Create the following directories:
These directories will be used by GNS3 – such as projects – where your working projects will be stored, cache, temp, IOS images, etc.
cd /opt/GNS3 mkdir Dynamips mkdir IOS mkdir Project mkdir Cache mkdir tmp chmod o+rw -R ./Project chmod o+rw -R ./tmp
4. Download binary of dynamips and make it executable
cd Dynamips sudo wget http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-x86.bin sudo chmod +x ./dynamips-0.2.8-RC2-x86.bin
You can create a desktop shortcut by right-clicking on the desktop and select “Create Launcher..”, Name it GNS3 and in the command section type in
python "/opt/GNS3/gns3"
Double click to open GNS3 and we will edit the default settings. If you don’t want to use desktop icons you can create a launcher from your programs menu by right clicking on the Main Menu, selecting Edit Menu. Select New Item on the right and you will be presented with the same window where you type in the above. From there you can move the launcher into any menu section of your choice.
5. Go to edit | preferences and in the ‘Terminal command:’ section type in:
gnome-terminal -t %d -e 'telnet %h %p' > /dev/null 2>&1 &
6. Under ‘Paths’ change the ‘Project directory:’ to
/opt/GNS3/Project
and the ‘IOS/PIX directory:’ to
/opt/GNS3/IOS
7. Click on Dynamips tab on the left
For the ‘Executable path:’ type in
/opt/GNS3/Dynamips/dynamips-0.2.8-RC2-x86.bin
8. Change the ‘Working directory:’ to
/opt/GNS3/tmp
Click on the Capture tab on the left
9. For the ‘Working directory for capture files:’ change it to
/opt/GNS3/Project
After you have done all that you will be able to Open and Save your GNS3 projects properly and have an efficient setup for GNS3. In order to use the devices in GNS3 you must obtain our own IOS images from Cisco.
Read More
0
comments
Share Files and Printers between Windows 7 and XP
If you have a home network and are running Windows 7 and have XP on other PC(s) you might want to share files between them. Today we will look at the steps to share files and hardware devices like a printer
.
Sharing Files In Windows 7 and XP
Sharing folders between two Windows 7 machines with the new HomeGroup feature is an easy process, but the HomeGroup feature is not compatible with Vista or XP. For this tutorial we are using Windows 7 x64 and XP Professional SP3 connected through a basic Linksys home wireless router.
First make sure both machines are members of the same Workgroup which by default is named Workgroup.
On the Windows 7 machine go into Control Panel \ All Control Panel Items \ Network and Sharing Center then click on Change advanced sharing settings.
You will want to verify the following settings under Advanced Sharing Settings for the Home or Work and Public profile.
Now if you go into Network in Windows 7 you should see your XP machine and the Windows 7 as well which in this case is Mysticgeek-PC.
To share the printer on the Windows 7 machine go into Devices and Printers from the Start menu and double click on the printer icon.
Next double click on “Customize your printer”.
In the Properties screen click on the Sharing Tab and check the box to share the printer and type in its share name.
If your XP machine is an x86 OS you can install Additional Drivers before setting up the XP machine.
To find the shared folders and devices double click on the Windows 7 machine icon under Network. Here you can see the printer connected to my Windows 7 machine is shared and also the Users Folder.
Continue into the Users folder and Public to see the shared folders, here I also created a folder called XP Share just to keep everything in central location.
Double click on the Share folder to find a list of shared folders in the Public folder on Windows 7. If you have password protection enabled you will need to type in the username and password of the user account on the Windows 7 machine first.
Setup XP With Shared Printer
To set up the shared printer in XP you will need to go into Printers and Faxes from the Start menu and kick off the Add Printer Wizard.
Now select “A network printer, or a printer attached to another computer” then hit Next.
Now click Yes to the confirmation message.
This should help you get started with sharing your files and other devices with your Windows 7 machine. When I first started I was able to see the printer on XP right away because I had a HomeGroup set up, but once I deleted it I needed to share the printer like you would for a workgroup. You might also have to do a couple restarts of the XP machine for it to see the shared resources on Windows 7.
Source: http://www.howtogeek.com/
Read More
0
comments
Subnetting Made Easy! flash tutorial CCNA
Static Routes in the Cisco IOS
As a network administrator, you must be able to configure your routers to route traffic across the network. Static routes are commonly used on routers to accomplish this. For a network admin, knowing how to use a static route is a requirement. Let’s learn about static routes, and how to properly use them.
Static vs. Dynamic
There are two types of routing that can be configured on a network device- static and dynamic. Static routes are hard-coded on a network device. They tell the device exactly where to send traffic, no matter what. Dynamic routes, on the other hand, use a routing protocol to determine the best path. If one route becomes less preferred, the route being used may change. With dynamic routes, routes communicate with each other and exchange routing information. Examples of dynamic routing protocols are RIP, EIGRP, OSPF, and BGP.Basics of Static Routes
Now that you know the difference between static and dynamic routes, let’s learn the basics of static routes. When there are two or more routes to the same destination, routers use administrative distance to decide which routing protocol (or static route) to trust more. For example, here are some administrative distances (the lower the number, the more trustworthy the type of route is): - Static Route to a connected interface = 0 - Static Route to a IP address = 1 - Internal EIGRP = 90 - OSPF = 110 - RIP = 120Because of how administrative distance works, when you enter static routes that are the same as a dynamic route (learned from another router), your static route will be used over the dynamic route. As you may be overriding routes manually, you must make sure your routes are accurate.
As you may have noticed above, there are static routes that point to an interface on the router, and static routes that point to an IP address on the network. For example, a static route to an interface may tell a router “send all traffic going to X network out interface Ethernet0/0”. A static route to an IP address may tell a router “send all traffic going to X network to IP address 1.1.1.1”. Either of these types of routes can be used, depending on the situation.
There is a special kind of static route called a default route. Sometimes a default route is called a “zero / zero” route. This is because the network and subnet you are specifying, as the destination for the traffic it would match, are all zeros. A default route says “for any traffic that does not match a specific route in the routing table, send that traffic to this destination”. In other words, a default route is a “catch-all”.
The syntax for the global configuration command used to enter a static route is: ip route {destination prefix} {destination prefix mask} {interface OR forwarding router’s IP address}
For example, a static route sending all traffic out Serial 0/0 would look like this:
A specific route, sending traffic going to network 10.10.10.0, to router 1.1.1.1, would look like this:
Once these routes are configured, you can use the show ip route command to see the routing table:
Notice in this output the static routes being with an S on the left-hand side. You can see our two static routes 10.10.10.0, and 0.0.0.0/0. You can also see our connected interfaces (shown with a C). As a side-note, the show ip route command can be abbreviated sh ip ro.
Real-World Example of using Static Routes
Now that we understand the basics of using static routes, let me provide a real-world example. Say that you have two locations, connected by a WAN T1 circuit. On the LAN side of each of these locations, you have a small Ethernet network. Here is a network diagram:
The only way for the devices on Ethernet LAN 10.10.1.0 to communicate with devices on network 10.10.2.0, is to use routing. With such a simple network, static routing is a perfect solution. You can enter one route on each router and be done with the configuration. With dynamic routing, there would be slightly more configuration. You would also forever have the network overhead of the routing protocols communicating across the WAN circuit. To configure the static routes for this simple network, here is what you would do:
San Diego, CA Router-
Chicago, IL Router-
By doing this, you have told the San Diego Router that any traffic destined for the Chicago LAN, should be sent to IP address 20.1.1.2. The IP address 20.1.1.2 is the WAN serial interface of the Chicago router. In other words, you are sending that traffic to the “next hop” on the WAN, which happens to be the destination for this traffic. On the Chicago router, you are doing just the reverse so that the response from your San Diego traffic can find its way back to San Diego.
In two simple commands you have configured routing for this network.
Summary
Static routes are essential knowledge for any network administrator. While they do not scale well to a large network, they have their uses in all sizes of networks. Even if you are using a dynamic routing protocol, there are cases where using a static route is still a requirement. The ip route command has many more options than what we were able to explore in this short article. To learn more, go to your router and type ip route ?
Read More
0
comments
Configuring Router Interface Descriptions on a Cisco Router.
If someone were to look at your router’s configuration, could they understand what the real purpose of the network connections were, who they connect to, and what to do if the interface is down? If you answered no, then you need to look at using router interface descriptions.
What is a router interface description?
Router interface descriptions are description commands that network administrators configure on each interface of a router. With these commands, the administrator can enter whatever pertinent information he wants to, about that interface. This can be very useful for the original administrator that configured the interface. Or this can be valuable to any other administrator that has to try to troubleshoot or reconfigure the interface later. For example, you could put the following command on your router’s interface:description T1 circuit to Internet – Sprint Circuit ID QVX.123.098.765.DAX – Tech Support 800-555-1234
By using this command, I have described what the circuit’s purpose was, the Circuit ID, the provider, and the tech support phone number.
By doing this, the next time I look at the router, I have all the important troubleshooting information I need, right at my fingertips.
Uses of a router interface description
The recommended uses for the router interface description command are:- Identifying the interface
- Noting who to call if the interface is down
- Documenting the circuit information for that connection
- In general, using the description for a “notes” field
Keep in mind that while we are calling this field a “router” interface description, the description command works on Cisco IOS switches and PIX firewalls as well.
Sample configuration of a router interface configuration
To apply a description on your router’s interface, use the following steps:- Move to global configuration mode, like this:
router# config t router(config)#
- Move to interface configuration mode. In our example, let’s assign an a description to the Serial 0/0 interface:
router(config)# interface serial 0/0 router(config-if)#
- Use the description command with the description you define for this interface. Here is an example:
router(config-if)# description T1 circuit to Internet – Sprint Circuit ID QVX.123.098.765.DAX – Tech Support 800-555-1234
- To view the interface’s description, press Ctrl-Z to exit back to privileged mode then type:
router# show run interface serial 0/0 interface Serial 0/0 description T1 circuit to Internet – Sprint Circuit ID QVX.123.098.765.DAX – Tech Support 800-555-1234 ip address 1.1.1.1 255.255.255.0
In the graphic below, you can actually see how it is done:
Article Summary
What you need to take home from this article is that the Cisco IOS description command can be used on Cisco Routers, Switches, and PIX Firewalls to create custom descriptions for every interface on those devices. These custom descriptions can be used to better document and more quickly troubleshoot your network.
Read More
0
comments
How to Configure Passwords to Secure your Cisco Router
Maybe you have a new router or you want to verify that you have security properly configured on your existing router. Either way, password security is critical to properly securing your Cisco router. So let’s get started configuring passwords on your Cisco router.
Types of Cisco Router Passwords
When it comes to basic password security, there are three basic types:- Line Passwords
- Privileged mode Passwords (enable mode)
- Username Passwords (optional)
Line Passwords
Line passwords are configured on router lines. Examples of lines are:
- Console Line - The console is the main serial administrative port on a router. This is where you configure the router when it is new and has no network configuration.
- Aux Line – The aux line is an auxiliary port. Like the console, it is a physical port on every router. You can think of it as a backup console port. Besides being a backup console port, the aux port is periodically used for administrative console dial up access to the router.
- VTY Lines – Vty lines are “virtual tty” lines and are used when you connect to the router via telnet or ssh. These are not physical lines on the router but virtual “inbound network lines”.
- Async Lines – Async lines are asynchronous serial lines and are optional. These async lines are created when you insert an async serial card in a router. You can use the async serial lines to connect dumb-terminals (text-based terminals), serial printers, or modems.
Configuring Cisco Router Line Passwords
There are two commands used to configure line passwords, no matter what kind of line you are using. The commands are password and login. The password command is used to set your line password. The login command, when entered by itself, is used to tell the router to use the password that is configured on the line. Here is an example of how this is configured on the console port:
As you can see in the graphic, we first set the password to cisco using password cisco, then enabled login using that password with the login command.
We repeat this on the aux port, like this:
Finally, we configure the same commands on the VTY lines. The catch to doing this is that there is more than one VTY. Because you don’t want to have to configure them one at a time, you use a VTY range when performing the configuration. Using a VTY range works by specifying your router’s starting and ending VTY number. Inside the configuration mode for this range of VTYs is where you are configuring the password and login commands. In the past, router only had 0-4, or 5, VTY lines. Today, most routers have 0-15, or 16, VTY lines. Make sure that you know how many VTY’s your router has so that there aren’t some lines that are left without a password. Here is what you do to tell how many lines your router has:
As you can see from the screenshot above, this router has 16 (actually 0 to 15) VTY lines. You know this because the last line number is 15.
Here is how you would configure the password and login commands on the VTY lines using the range of VTY’s:
Configuring Cisco Router Privileged mode Passwords
Another basic router security requirement is that you configure a password used to enter privileged mode (enable mode). The enable password is a well-known way to do this but it is not recommended anymore because it does not encrypt the password with a strong encryption mechanism.The enable secret command does encrypt the password with a strong encryption mechanism and it also sets a password to enter enable mode. Here is how you configure an enable secret password:
Testing Password Configuration
To test our new password configuration from the console port, exit out of all IOS modes. Once logged off, press enter to log back in.You will be prompted with the console login prompt. Enter your console line password, cisco. Once you are logged in, type enable and press enter. You will be prompted for your privilege mode password. Type Cisco! and press enter. You should now be logged in. Here is an example:
Username Passwords
Optionally, you can configure usernames and associated passwords on a Cisco router. This is a more advanced level of security than line passwords. Once configured on the lines, the line password is then ignored.You configure the usernames with the username command and can add their password on the same command line. Optionally, you can configure the privilege level of that user. Level 15 is the administrative user.
Once you create the username, you need to tell each line to use the local username/password database, on the router. To do this, go back to each line and type login local.
Here is an example:
Now let’s test it out:
Notice that we were prompted for a username. We typed in one of the users we setup, admin. We were then prompted for admin’s password. Also, because we specified that admin’s privilege was 15, we were put directly into privileged mode, with full administrative privileges (and without having to type enable).
If we log out, and log back in, notice that user1 doesn’t have the # sign, telling us that we are already in privileged mode:
What you learned
In this article, you learned that there are line passwords and privileged mode passwords. The line passwords protect the console, aux, and vty lines. They are configured with the password and login command. The privileged mode password should be configured with enable secret. Optionally, you can configure usernames and use the login local command on the lines.All routers should be protected by a password, at minimum. Additionally, privileged mode (and configuration mode) should be controlled by an additional password.
Your action: check each router for proper line and password security as this is the minimum level of security you should employ.
Read More
0
comments
Cisco Press: CCNA Video Mentor, 2nd Edition.
CCNA Video Mentor 2nd Edition
By Wendell Odom | Published by Cisco Press
More than four hours of personal, visual instruction
CCNA 640-802 | Wendell Odom, CCIE® No. 1624
CCNA Video Mentor is a unique video product that provides you with more than four hours of personal visual instruction from best-selling author and instructor Wendell Odom. In the 20 videos presented on the DVD, Wendell walks you through common Cisco® router and switch configuration topics. Designed to develop and enhance hands-on skills, each video guides you through essential configuration tasks for both the CCENT and CCNA® certification exams, including router and switch configuration, IP subnetting, RIP, OSPF, and EIGRP configuration, configuring VLANs, IPv6, PAT, PPP and CHAP, and access lists.
Lab Layout:
Each video lab presents suggested reading lists, detailed objectives, lab diagrams, and video captures. Audio instruction throughout offers tips and shortcuts that truly make learning easy.
Network Animation:
Animated network diagrams show you lab setup, device addressing, and how traffic flows through the network.
Command-Line Interface (CLI) Video:
Video screencasts of router and switch CLI demonstrate command entry, configuration techniques, and device response.
System Requirements:
* Microsoft Windows XP, 2000, or Vista
* Apple OS 9 or later
* Linux operating systems that have a web browser with Flash 7 or later plug-in
* Speakers or headphones
* Color display with a minimum 1024×768 resolution
* 1 GHz or faster CPU recommended
* DVD drive
Category: Cisco Certification
Covers: CCNA Exam 640-802.
This product is part of the Cisco Press® Video Mentor Series. The video products in this series present expert training from industry-leading instructors and technologists. This dynamic learning environment combines animations, screencasts, and audio instruction to help users bridge the gap between conceptual knowledge and hands-on application.
ICND1
Lab 1: Navigating a Router/Switch Command-Line Interface (Video Length: 12:50)
Lab 2: Router Configuration and Managing Configuration Files (Video Length: 12:15)
Lab 3: Switch Basics: Learning, Forwarding/Filtering, and Interface Settings(Video Length: 10:32)
Lab 4: Finding the Subnet Number (Video Length: 6:03)
Lab 5: Finding the Broadcast Address and Range of Addresses in a Subnet(Video Length: 8:44)
Lab 6: Finding All Subnets of a Network with Less Than 8 Subnet Bits (Video Length: 7:15)
Lab 7: IP Subnet Design and Implementation (Video Length: 15:13)
Lab 8: Static and Connected Routes (Video Length: 13:15)
Lab 9: RIP Configuration (Video Length: 13:54)
ICND2
Lab 1: Configuring VLANs (Video Length: 10:10)
Lab 2: VTP Servers and Clients (Video Length: 15:44)
Lab 3: RIP with Split Horizon, Route Poisoning, and Poison Reverse (Video Length: 12:22)
Lab 4: Single Area and Multi-area OSPF Configuration (Video Length: 18:02)
Lab 5: EIGRP Configuration and Operation (Video Length: 11:33)
Lab 6: Understanding EIGRP Metric Calculations (Video Length: 12:26)
Lab 7: NAT Overload (PAT) (Video Length: 13:27)
Lab 8: IPv6 Subnetting and Address Configuration (Video Length: 18:16)
Lab 9: PPP and CHAP Configuration (Video Length: 12:25)
Lab 10: Access Lists (Video Length: 9:32)
Lab 11: Access Lists II (Video Length: 10:43)
Links:
Part 1 Part 2 Part 3 Part 4 Part 5 Part 6
Read More
0
comments
Cloud Computing.
Let's say you're an executive at a large corporation. Your particular responsibilities include making sure that all of your employees have the right hardware and software they need to do their jobs. Buying computers for everyone isn't enough -- you also have to purchase software or software licenses to give employees the tools they require. Whenever you have a new hire, you have to buy more software or make sure your current software license allows another user. It's so stressful that you find it difficult to go to sleep on your huge pile of money every night.
Instead of installing a suite of software for each computer, you'd only have to load one application. That application would allow workers to log into a Web-based service which hosts all the programs the user would need for his or her job. Remote machines owned by another company would run everything from e-mail to word processing to complex data analysis programs. It's called cloud computing.
In a cloud computing system, there's a significant workload shift. Local computers no longer have to do all the heavy lifting when it comes to running applications. The network of computers that make up the cloud handles them instead. Hardware and software demands on the user's side decrease. The only thing the user's computer needs to be able to run is the cloud computing system's interface software, which can be as simple as a Web browser, and the cloud's network takes care of the rest.
There's a good chance you've already used some form of cloud computing. If you have an e-mail account with a Web-based e-mail service like Hotmail, Yahoo! Mail or Gmail, then you've had some experience with cloud computing. Instead of running an e-mail program on your computer, you log in to a Web e-mail account remotely. The software and storage for your account doesn't exist on your computer -- it's on the service's computer cloud.
A cloud can be private or public. A public cloud sells services to anyone on the Internet. (Currently, Amazon Web Services is the largest public cloud provider.) A private cloud is a proprietary network or a data center that supplies hosted services to a limited number of people. When a service provider uses public cloud resources to create their private cloud, the result is called a virtual private cloud. Private or public, the goal of cloud computing is to provide easy, scalable access to computing resources and IT services.
Applications in the cloud: this is what almost everyone has already used in the form of gmail, yahoo mail, wordpress.com (hosting this blog), the rest of google apps, the various search engines, wikipedia, encyclopedia britannica, etc. Some company hosts an application in the internet that many users sign-up for and use without any concern about where, how, by whom the compute cycles and storage bits are provided. The service being sold (or offered in ad-sponsored form) is a complete end-user application.
Platforms in the cloud: this is the newest entry where an application platform is offered to developers in the cloud. Developers write their application to a more or less open specification and then upload their code into the cloud where the app is run magically somewhere, typically being able to scale up automagically as usage for the app grows. Examples are Mosso, Google App Engine, and Force.com. The service being sold is the machinery that funnels requests to an application and makes the application tick.
Infrastructure in the cloud: this is the most general offering that Amazon has pioneered and where RightScale offers its management platform. Developers and system administrators obtain general compute, storage, queuing, and other resources and run their applications with the fewest limitations. This is the most powerful type of cloud in that virtually any application and any configuration that is fit for the internet can be mapped to this type of service. Of course it also requires more work on the part of the buyer, which is where RightScale comes in to help with set-up and automation.
Read More
0
comments
Previous Article
