ebook img

Cisco Systems. Interconnecting Cisco Network Devices. Volume 2 PDF

234 Pages·2016·2.79 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Cisco Systems. Interconnecting Cisco Network Devices. Volume 2

ICND Interconnecting Cisco Network Devices Volume 2 Version 2.3 Student Guide Text Part Number: 97-2322-02 © 2006, Cisco Systems, Inc. All rights reserved. Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices. Argentina • Australia • Austria • Belgium • Brazil • Bulgaria • Canada • Chile • China PRC • Colombia • Costa Rica Croatia • Cyprus • Czech Republic • Denmark • Dubai, UAE • Finland • France • Germany • Greece Hong Kong SAR • Hungary • India • Indonesia • Ireland • Israel • Italy • Japan • Korea • Luxembourg • Malaysia Mexico • The Netherlands • New Zealand • Norway • Peru • Philippines • Poland • Portugal • Puerto Rico • Romania Russia • Saudi Arabia • Scotland • Singapore • Slovakia • Slovenia • South Africa • Spain • Sweden • Switzerland Taiwan • Thailand • Turkey • Ukraine • United Kingdom • United States • Venezuela • Vietnam • Zimbabwe © 2006 Cisco Systems, Inc. All rights reserved. CCSP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StrataView Plus, SwitchProbe, TeleRouter, The Fastest Way to Increase Your Internet Quotient, TransPath, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0501R) DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED “AS IS.” CISCO MAKES AND YOU RECEIVE NO WARRANTIES IN CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN ANY OTHER PROVISION OF THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. This learning product may contain early release content, and while Cisco believes it to be accurate, it falls subject to the disclaimer above. Students, this letter describes important course evaluation access information! Welcome to Cisco Systems Learning. Through the Cisco Learning Partner Program, Cisco Systems is committed to bringing you the highest-quality training in the industry. Cisco learning products are designed to advance your professional goals and give you the expertise you need to build and maintain strategic networks. Cisco relies on customer feedback to guide business decisions; therefore, your valuable input will help shape future Cisco course curricula, products, and training offerings. We would appreciate a few minutes of your time to complete a brief Cisco online course evaluation of your instructor and the course materials in this student kit. On the final day of class, your instructor will provide you with a URL directing you to a short post-course evaluation. If there is no Internet access in the classroom, please complete the evaluation within the next 48 hours or as soon as you can access the web. On behalf of Cisco, thank you for choosing Cisco Learning Partners for your Internet technology training. Sincerely, Cisco Systems Learning Table of Contents Volume 2 Managing IP Traffic with ACLs 4-1 Overview 4-1 Module Objectives 4-1 Introducing ACLs 4-3 Overview 4-3 Objectives 4-3 ACL Overview 4-4 Example: ACL Implementation 4-4 ACL Applications 4-5 Types of ACLs 4-7 ACL Identification 4-8 ACL Operations 4-11 Example: Outbound ACL 4-12 ACL Statement Processing 4-13 Wildcard Masking Process 4-14 Example: Wildcard Masking Process with a Single IP Address 4-15 Wildcard Masking Process with a “Match Any” IP Address 4-16 Example: Wildcard Masking Process for IP Subnets 4-17 Summary 4-18 Configuring IP ACLs 4-21 Overview 4-21 Objectives 4-21 Implementing ACLs 4-22 ACL Configuration 4-23 Configuring Standard IP ACLs 4-24 Example: Standard ACL—Permit My Network Only 4-26 Example: Standard IP ACL—Deny a Specific Host 4-27 Example: Standard IP ACL—Deny a Specific Subnet 4-28 Configuring Extended IP ACLs 4-29 Example: Extended ACL—Deny FTP from Subnets 4-31 Example: Extended ACL—Deny Only Telnet from Subnet 4-32 Using Named ACLs 4-33 Configuring vty ACLs 4-34 Example: vty Access 4-37 Guidelines for Placing ACLs 4-38 Example: Placing IP ACLs 4-39 Verifying the ACL Configuration 4-40 Summary 4-42 Scaling the Network with NAT and PAT 4-45 Overview 4-45 Objectives 4-45 Introducing NAT and PAT 4-46 Translating Inside Source Addresses 4-49 Example: Translating Inside Source Addresses 4-49 Example: Static NAT Address Mapping 4-52 Example: Dynamic Address Translation 4-54 Overloading an Inside Global Address 4-55 Example: Overloading an Inside Global Address 4-55 Verifying the NAT and PAT Configuration 4-59 Example: Cannot Ping Remote Host 4-61 Troubleshooting the NAT and PAT Configuration 4-63 Example: Using the debug ip nat Command 4-64 Summary 4-65 Module Summary 4-66 Module Self-Check 4-67 Module Self-Check Answer Key 4-72 Establishing Serial Point-to-Point Connections 5-1 Overview 5-1 Module Objectives 5-1 Introducing Wide-Area Networks 5-3 Overview 5-3 Objectives 5-3 WAN Overview 5-4 WAN Connection Types 5-5 WAN Components 5-6 WAN Cabling 5-7 Layer 2 Encapsulation Protocols 5-9 Summary 5-11 Configuring Serial Point-to-Point Encapsulation 5-13 Overview 5-13 Objectives 5-13 HDLC Encapsulation Configuration 5-14 PPP Layered Architecture 5-16 PPP Configuration 5-18 PPP Session Establishment 5-19 PPP Authentication Protocols 5-20 PPP Authentication Configuration 5-22 Example: CHAP Configuration 5-26 Serial Encapsulation Configuration Verification 5-27 Example: Verifying HDLC and PPP Encapsulation Configuration 5-27 PPP Authentication Configuration Troubleshooting 5-28 Example: Verifying PPP Authentication 5-28 Summary 5-32 Module Summary 5-35 Module Self-Check 5-36 Module Self Check Answer Key 5-40 Establishing Frame Relay Connections 6-1 Overview 6-1 Module Objectives 6-1 ii Interconnecting Cisco Network Devices (ICND) v2.3 © 2006, Cisco Systems, Inc. Introducing Frame Relay 6-3 Overview 6-3 Objectives 6-3 Frame Relay Overview 6-4 Frame Relay Stack Layered Support 6-5 Frame Relay Terminology 6-6 Example: Frame Relay Terminology—DLCI 6-7 Frame Relay Topologies 6-8 Reachability Issues in Frame Relay 6-10 Reachability Issue Resolution 6-12 Frame Relay Address Mapping 6-13 Example: Frame Relay Address Mapping 6-13 Frame Relay Signaling 6-14 Example: Inverse ARP and LMI Operation 6-16 How Service Providers Map Frame Relay DLCIs 6-17 Example: Mapping Frame Relay DLCIs—Service Provider View 6-17 Example: Mapping Frame Relay DLCIs—Enterprise View 6-18 Service Provider Frame Relay-to-ATM Internetworking 6-19 Summary 6-21 Configuring Frame Relay 6-23 Overview 6-23 Objectives 6-23 Basic Frame Relay Network Configuration 6-24 Static Frame Relay Map Configuration 6-26 Frame Relay Subinterface Configuration 6-28 Example: Configuring Point-to-Point Subinterfaces 6-29 Example: Multipoint Subinterface Configuration 6-31 Basic Frame Relay Operation Verification 6-32 Basic Frame Relay Operation Troubleshooting 6-40 Summary 6-44 Module Summary 6-45 Module Self-Check 6-46 Module Self-Check Answer Key 6-50 Completing ISDN Calls 7-1 Overview 7-1 Module Objectives 7-1 Configuring ISDN BRI and PRI 7-3 Overview 7-3 Objectives 7-3 ISDN Overview 7-4 ISDN Standards 7-5 ISDN Access Methods 7-7 ISDN BRI or PRI Call Establishment 7-8 Example: BRI and PRI Call Processing 7-8 ISDN Functions and Reference Points 7-9 Router ISDN Interface Determination 7-11 ISDN Switch Types 7-13 ISDN BRI Configuration 7-15 ISDN PRI Configuration 7-17 Example: ISDN PRI Configuration 7-19 ISDN Configuration Verification 7-20 ISDN Configuration Troubleshooting 7-21 Summary 7-23 © 2006, Cisco Systems, Inc. Interconnecting Cisco Network Devices (ICND) v2.3 iii Configuring Dial-on-Demand Routing 7-25 Overview 7-25 Objectives 7-25 DDR Overview 7-26 DDR Operation 7-28 Legacy DDR Configuration 7-30 Static Routes for DDR Defined 7-31 Interesting Traffic for DDR 7-33 DDR Dialer Information Configuration 7-35 Example: Legacy DDR Configuration Tasks 7-39 ISDN PRI and Legacy DDR Configuration 7-41 Example: Dialer Profile Configuration Concepts 7-43 DDR Configuration Verification 7-46 Example: Verifying Dialer Profile Operation 7-47 DDR Configuration Troubleshooting 7-48 Example: debug isdn q921 7-49 Example: debug isdn q931 7-50 Troubleshooting Inbound Calls 7-51 Troubleshooting Outbound Calls 7-52 Summary 7-54 Module Summary 7-56 Module Self-Check 7-57 Module Self-Check Answer Key 7-63 iv Interconnecting Cisco Network Devices (ICND) v2.3 © 2006, Cisco Systems, Inc. Module 4 Managing IP Traffic with ACLs Overview Standard and extended Cisco IOS access control lists (ACLs) are used to classify IP packets. You can apply a number of features, such as access control (security), encryption, policy-based routing, quality of service (QoS), Network Address Translation (NAT), and port address translation (PAT), to the classified packets. You can also configure standard and extended IOS ACLs on router and switch interfaces. IOS features are applied on interfaces for specific directions (inbound versus outbound). Some features use ACLs globally. This module describes the operation of different types of ACLs and shows you how to configure IP ACLs. Module Objectives Upon completing this module, you will be able to configure different types of IP ACLs in order to manage IP traffic. This ability includes being able to meet these objectives: (cid:132) Describe how Cisco IOS software processes ACLs (cid:132) Configure IP ACLs (cid:132) Configure NAT and PAT on Cisco routers 4-2 Interconnecting Cisco Network Devices (ICND) v2.3 © 2006, Cisco Systems, Inc.

Description:
Cisco Systems, 2006. — 234 pages.Standard and extended Cisco IOS access control lists (ACLs) are used to classify IP packets. You can apply a number of features, such as access control (security), encryption, policy-based routing, quality of service (QoS), Network Address Translation (NAT), and po
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.