Escolar Documentos
Profissional Documentos
Cultura Documentos
WAN
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe how the Cisco Enterprise Composite
Model (ECNM) provides integrated services
over an Enterprise network.
Describe the key WAN technology concepts.
Identify the appropriate WAN technologies to
use when matching ECNM best practices with
typical enterprise requirements for WAN
communications.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Explain the purpose and function of WANs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Describe the stages of business growth, the
corresponding business requirements for services and
how those requirements are reflected in the
Enterprise’s changing network topology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Describe the problems with the Hierarchical Design
Model that Cisco's Enterprise Composite Model has
been designed to address
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Explain the purpose of Cisco Enterprise Architectures
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the Key WAN Technology
Concepts
Describe WAN functions in terms of the OSI Reference
Model
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Describe the Key WAN Technology
Concepts
Describe the key WAN physical layer concepts for
network and Internet communications
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Describe the Key WAN Technology
Concepts
Describe the key WAN data link layer protocols used in
today’s Enterprise WAN networks
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Describe the Key WAN Technology
Concepts
Describe the switching technologies used for WANs in
an Enterprise setting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Select the Appropriate WAN Technology to meet
ECNM Requirements
List the various options for connecting subscribers to
the WAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Select the Appropriate WAN Technology to meet
ECNM Requirements
Describe how Enterprises use leased line services to
provide a WAN connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Select the Appropriate WAN Technology to meet
ECNM Requirements
Describe the circuit switching options available to
provide a WAN connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Select the Appropriate WAN Technology to meet
ECNM Requirements
Describe the packet switching options available to
provide a WAN connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Select the Appropriate WAN Technology to meet
ECNM Requirements
List factors to consider when selecting a WAN
connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Summary
A WAN is defined as
A data communications network that operates beyond the
geographic scope of a LAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Summary
Cisco Enterprise Architecture
–This is an expansion of the hierarchical model that further
divides the enterprise network into
•Physical areas
•Logical areas
•Functional areas
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Point-to-Point Protocol
(PPP)
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe the fundamental concepts of point-to-point serial
communication including TDM, demarcation point, DTE-DCE
functions, HDLC encapsulation, and serial interface
troubleshooting.
Describe PPP concepts including PPP layered architecture, PPP
frame structure, PPP session establishment, multiprotocol
encapsulation support, link control protocol (LCP), network
control protocol (NCP), and Internet Protocol Control Protocol
(IPCP).
Configure PPP on a serial interface including enabling PPP
encapsulation, verifying the PPP connection and troubleshooting
encapsulation problems.
Configure PPP authentication including explaining PAP and
CHAP authentication protocols, configuring PPP authentication
using PAP and CHAP, and troubleshooting PPP authentication
problems.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Describe the concept of serial communication as the
basis of WAN technologies
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Explain how two or more data streams are transported
across a single physical connection using TDM
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Define the location of the demarcation point relative to
customer and service provider networks
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Explain the terms DTE and DCE with relative to the
location of devices in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Describe how high-level data link control (HDLC) uses
one of three frame types to encapsulate data
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Explain when and how to configure HDLC
encapsulation on a router
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
Describe the procedure to follow when troubleshooting
a serial connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Describe Point-to-Point Concepts
Describe PPP in terms of its use in WAN links
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Describe Point-to-Point Concepts
Describe the general function of each layer of PPP
architecture
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Describe Point-to-Point Concepts
Describe the purpose and format of each of the fields in
a PPP frame
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Describe Point-to-Point Concepts
Define the three phases of PPP session establishment
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Describe Point-to-Point Concepts
Explain the role of the LCP in PPP
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Describe Point-to-Point Concepts
Describe the characteristics of NCP
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Configure PPP on a Serial Interface
Describe how configuration options are communicated
in the LCP frame
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Configure PPP on a Serial Interface
Explain the purpose of the commands used to
configure and verify PPP connections
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Configure PPP on a Serial Interface
Explain the output of the show interfaces serial
command
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Configure PPP on a Serial Interface
Explain the output of the debug ppp command
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Configuring PPP with Authentication
Differentiate between PAP and CHAP
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Configuring PPP with Authentication
Describe how to use PAP to authenticate a PPP
connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Configuring PPP with Authentication
Describe how to use CHAP to authenticate a PPP
connection
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Configuring PPP with Authentication
Outline the PPP encapsulation and authentication
process on a flow chart
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Configuring PPP with Authentication
Explain how to configure a PPP connection with
authentication
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Configuring PPP with Authentication
Explain the output of the debug ppp authentication
command
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Summary
WAN Encapsulation
–HDLC default encapsulation
–PPP
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Summary
PPP authentication
–PAP
•2 way handshake
–CHAP
•3 way handshake
–Use debug ppp authentication to confirm authentication
configuration
PPP configuration
–Done on a serial interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Frame Relay
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe the fundamental concepts of Frame Relay technology
in terms of Enterprise WAN services including Frame Relay
operation, Frame Relay implementation requirements, Frame
Relay maps, and LMI operation.
Configure a basic Frame Relay PVC including configuring and
troubleshooting Frame Relay on a router serial interface and
configuring a static Frame Relay map.
Describe advanced concepts of Frame Relay technology in
terms of Enterprise WAN services including Frame Relay sub-
interfaces, Frame Relay bandwidth and flow control.
Configure an advanced Frame Relay PVC including solving
reachability issues, configuring Frame Relay sub-interfaces,
verifying and troubleshooting Frame Relay configuration.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Describe the Fundamental Concepts of Frame
Relay Technology
Describe how Frame Relay is used to provide WAN
services to the Enterprise
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the Fundamental Concepts of Frame
Relay Technology
Describe how Frame Relay uses virtual circuits to carry
packets from one DTE to another
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the Fundamental Concepts of Frame
Relay Technology
Explain how Frame Relay encapsulation works
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Describe the Fundamental Concepts of Frame
Relay Technology
Describe the types of topologies that are used for
implementing Frame Relay in different environments
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the Fundamental Concepts of Frame
Relay Technology
Describe how a router attached to a Frame Relay
network uses LMI status messages and inverse ARP
queries to map VCs to layer 3 network IP Addresses
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Configure a Basic Frame Relay PVC
Configure a basic Frame Relay PVC on a router serial
interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Configure a Basic Frame Relay PVC
Configure a static Frame Relay map
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Describe Advanced Concepts of Frame Relay
Technology
Explain the reachability issues associated with the
Frame Relay NBMA topology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Describe Advanced Concepts of Frame Relay
Technology
Describe how to implement bandwidth control in the
Frame Relay technology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Describe Advanced Concepts of Frame Relay
Technology
Describe how to implement flow control in Frame Relay
technology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Configure an Advanced Frame Relay PVC
Explain the steps to configure point-to-point
subinterfaces on a physical interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Configure an Advanced Frame Relay PVC
Describe the commands used for verifying Frame Relay
operation
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Configure an Advanced Frame Relay PVC
Describe the steps for troubleshooting a Frame Relay
configuration
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Summary
Frame relay is the most widely used WAN technology
because it:
–Provides greater bandwidth than leased line
–Reduces cost because it uses less equipment
–Easy to implement
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Enterprise Network
Security
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe the general methods used to mitigate
security threats to Enterprise networks
Configure Basic Router Security
Explain how to disable unused Cisco router network
services and interfaces
Explain how to use Cisco SDM
Manage Cisco IOS devices
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Explain how sophisticated attack tools and open
networks have created an increased need for network
security and dynamic security policies
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Describe the most common security threats and how
they impact enterprises
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Describe the most common types of network attacks
and how they impact enterprises
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Describe the common mitigation techniques that
enterprises use to protect themselves against threats
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Explain the concept of the Network Security Wheel
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Describe the General Methods used to Mitigate
Security Threats to Enterprise Networks
Explain the goals of a comprehensive security policy in
an organization
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Configure Basic Router Security
Explain why the security of routers and their
configuration settings is vital to network operation
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Configure Basic Router Security
Describe the recommended approach to applying Cisco
IOS security features on network routers
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Configure Basic Router Security
Describe the basic security measures needed to secure
Cisco routers
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
Describe the router services and interfaces that are
vulnerable to network attack
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
Explain the vulnerabilities posed by commonly
configured management services
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
Explain how to secure a router with the command-line
interface (CLI) auto secure command
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Explain How to Use Cisco SDM
Provide an overview of Cisco SDM
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Explain How to Use Cisco SDM
Explain the steps to configure a router to use Cisco
SDM
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Explain How to Use Cisco SDM
Explain the steps you follow to start SDM
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Explain How to Use Cisco SDM
Describe the Cisco SDM Interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Explain How to Use Cisco SDM
Describe the commonly used Cisco SDM wizards
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Explain How to Use Cisco SDM
Explain how to use Cisco SDM for locking down your
router
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Manage Cisco IOS Devices
Describe the file systems used by a Cisco router
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Manage Cisco IOS Devices
Describe how to backup and upgrade a Cisco IOS
image
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Manage Cisco IOS Devices
Explain how to back up and upgrade Cisco IOS
software images using a network server
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Manage Cisco IOS Devices
Explain how to recover a Cisco IOS software image
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Manage Cisco IOS Devices
Compare the use of the show and debug commands
when troubleshooting Cisco router configurations
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Manage Cisco IOS Devices
Explain how to recover the enable password and the
enable secret passwords
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Summary
Security Threats to an Enterprise network include:
–Unstructured threats
–Structured threats
–External threats
–Internal threats
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Summary
Basic router security involves the following:
–Physical security
–Update and backup IOS
–Backup configuration files
–Password configuration
–Logging router activity
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
Access Control Lists
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Explain how ACLs are used to secure a medium-size
Enterprise branch office network.
Configure standard ACLs in a medium-size Enterprise
branch office network.
Configure extended ACLs in a medium-size
Enterprise branch office network.
Describe complex ACLs in a medium-size Enterprise
branch office network.
Implement, verify and troubleshoot ACLs in an
enterprise network environment.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Describe the steps that occur in a complete TCP
conversation
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Explain how a packet filter allows or blocks traffic
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Describe how ACLs control access to networks
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Use a flow chart to show how ACLs operate
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Describe the types and formats of ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Explain how Cisco ACLs can be identified using
standardized numbering or names
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Describe where ACLs should be placed in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Explain How ACLs are Used to Secure a
Medium-Size Enterprise Branch Office Network
Explain the considerations for creating ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Explain why the order in which criteria statements are
entered into an ACL is important
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Explain how to configure a standard ACL
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to use wildcard masks with ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to apply a standard ACL to an interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Explain the process for editing numbered ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Explain how to create a named ACL
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to monitor and verify ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Configure Standard ACLs in a Medium-
Size Enterprise Branch Office Network
Explain the process for editing named ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Configure Extended ACLs in a Medium-
Size Enterprise Branch Office Network
Explain how an extended ACL provides more filtering
then a standard ACL
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Configure Extended ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to configure extended ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Configure Extended ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to apply an extended ACL to an interface
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Configure Extended ACLs in a Medium-
Size Enterprise Branch Office Network
Describe how to create named extended ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Describe Complex ACLs in a Medium-Size
Enterprise Branch Office Network
List the three types of complex ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Describe Complex ACLs in a Medium-Size
Enterprise Branch Office Network
Explain how and when to use dynamic ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Describe Complex ACLs in a Medium-Size
Enterprise Branch Office Network
Explain how and when to use reflexive ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Describe Complex ACLs in a Medium-Size
Enterprise Branch Office Network
Explain how and when to use time-based ACLs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Describe Complex ACLs in a Medium-Size
Enterprise Branch Office Network
Describe how to troubleshoot common ACL problems
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Implement, Verify and Troubleshoot ACLs
in an Enterprise Network Environment
Create, place and verify a standard/ extended ACL and
verify its placement.
Verify ACL’s functionality and troubleshoot as needed.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Summary
An Access List (ACL) is:
A series of permit and deny statements that are used to filter
traffic
Standard ACL
–Identified by numbers 1 - 99 and 1300 - 1999
–Filter traffic based on source IP address
Extended ACL
–Identified by number 100 -199 & 2000 - 2699
–Filter traffic based on
•Source IP address
•Destination IP address
•Protocol
•Port number
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Summary
Named ACL
–Used with IOS 11.2 and above
–Can be used for either standard or extended ACL
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
Summary
Implementing ACLs
–1st create the ACL
–2nd place the ACL on an interface
•Standard ACL are placed nearest the destination
•Extended ACL are placed nearest the source
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 31
Summary
Complex ACL
–Dynamic ACL
–Reflexive ACL
–Time based ACL
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 33
Providing Teleworker
Services
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Describe the enterprise requirements for providing
teleworker services
Explain how broadband services extend Enterprise
Networks including DSL, cable, and wireless
Describe how VPN technology provides secure
teleworker services in an Enterprise setting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Describe the Enterprise Requirements for
Providing Teleworker Services
Describe the benefits of teleworkers for business,
society and the environment.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the Enterprise Requirements for
Providing Teleworker Services
List remote connection technologies and describe
scenarios in which each would be implemented.
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the Enterprise Requirements for
Providing Teleworker Services
Describe the key differences between private and
public network infrastructures
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Explain How Broadband Services extend
Enterprise Networks
Briefly describe how broadband services allow
teleworkers to use the Internet to connect to the
Enterprise WAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Explain How Broadband Services extend
Enterprise Networks
Describe how Enterprises use cable connectivity to
extend their reach
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Explain How Broadband Services extend
Enterprise Networks
Describe how Enterprises use DSL connectivity to
extend their reach
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Explain How Broadband Services extend
Enterprise Networks
Describe how Enterprises use broadband wireless
connectivity to extend their reach
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Explain How Broadband Services extend
Enterprise Networks
Describe how Enterprises defend themselves from
threats to wireless network security
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Explain the importance and benefits of VPN technology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Compare site-to-site VPNs to remote-access VPNs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Describe the hardware and software components that
typically make up a VPN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Describe the characteristics of secure VPNs
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Describe the concept of VPN tunneling
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Describe the concept of VPN encryption
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Describe How VPN Technology Provides Secure
Teleworker Services in an Enterprise Setting
Describe the concept of IPsec Protocols
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Summary
Broadband services used
–Cable
• transmits signal in either direction simultaneously
–DSL
• requires minimal changes to existing telephone
infrastructure
• delivers high bandwidth data rates to customers
–Wireless
• increases mobility
• wireless availability via:
» municipal WiFi
» WiMax
» satellite internet
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Implementing IP
Addressing Services
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Configure DHCP in an enterprise branch network
Configure NAT on a Cisco router
Configure new generation RIP (RIPng) to use IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Configure DHCP in an Enterprise Branch
Network
Describe the function of DHCP in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Configure DHCP in an Enterprise Branch
Network
Describe how DHCP dynamically assigns an IP
address to a client
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Configure DHCP in an Enterprise Branch
Network
Describe the differences between BOOTP and DHCP
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Configure DHCP in an Enterprise Branch
Network
Describe how to configure a DHCP server
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Configure DHCP in an Enterprise Branch
Network
Describe how to configure a Cisco router as a DHCP
client
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Configure DHCP in an Enterprise Branch
Network
Explain how DHCP Relay can be used to configure a
router to relay DHCP messages when the server and
the client are not on the same segment
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Configure DHCP in an Enterprise Branch
Network
Describe how to configure a Cisco router as a DHCP
client using SDM
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Configure DHCP in an Enterprise Branch
Network
Describe how to troubleshoot a DHCP configuration
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Configure NAT on a Cisco Router
Describe the operation and benefits of using private
and public IP addressing
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Configure NAT on a Cisco Router
Explain the key features of NAT and NAT overload
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Configure NAT on a Cisco Router
Explain the advantages and disadvantages of NAT
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Configure NAT on a Cisco Router
Describe how to configure static NAT to conserve IP
address space in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Configure NAT on a Cisco Router
Describe how to configure dynamic NAT to conserve IP
address space in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Configure NAT on a Cisco Router
Describe how to configure NAT Overload to conserve
IP address space in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Configure NAT on a Cisco Router
Describe how to configure port forwarding
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Configure NAT on a Cisco Router
Describe how to verify and troubleshoot NAT and NAT
overload configurations
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Configure New Generation RIP (RIPng) to
use IPv6
Explain the need for IPv6 to provide a long-term
solution to the depletion problem of IP address
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Configure New Generation RIP (RIPng) to
use IPv6
Describe the format of the IPv6 addresses and the
appropriate methods for abbreviating them
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Configure New Generation RIP (RIPng) to
use IPv6
Explain the various methods of assigning IPv6
addresses to a device
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Configure New Generation RIP (RIPng) to
use IPv6
Describe the transition strategies for implementing IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Configure New Generation RIP (RIPng) to
use IPv6
Describe how Cisco IOS dual stack enables IPv6 to run
concurrently with IPv4 in a network
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Configure New Generation RIP (RIPng) to
use IPv6
Describe the concept of IPv6 tunneling
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Configure New Generation RIP (RIPng) to
use IPv6
Describe how IPv6 affects common routing protocols,
and how these protocols are modified to support IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Configure New Generation RIP (RIPng) to
use IPv6
Explain how to configure a router to use IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Configure New Generation RIP (RIPng) to
use IPv6
Explain how to configure and verify RIPng for IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Configure New Generation RIP (RIPng) to
use IPv6
Explain how to verify and troubleshoot IPv6
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
Summary
DHCP operation
–3 different allocation methods
•Manual
•Automatic
•Dynamic
–Steps to configure DHCP
•Define range of addresses
•Create DHCP pool
•Configure DHCP pool specifics
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29
Summary
DHCP Relay
Concept of using a router configured to listen for DHCP
messages from DHCP clients and then forwards those
messages to servers on different subnets
Troubleshooting DHCP
–Most problems arise due to configuration errors
–Commands to aid troubleshooting
•Show ip dhcp
•Show run
•debug
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 30
Summary
Private IP addresses
–Class A = 10.x.x.x
–Class B = 172.16.x.x – 172.31.x.x
–Class C = 192.168.x.x
IPv6
–A 128 bit address that uses colons to separate entries
–Normally written as 8 groups of 4 hexadecimal digits
IPv6 Tunneling
–An IPV6 packet is encapsulated within another protocol
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 32
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 33
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 34
Network
Troubleshooting
ITE I Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1
Objectives
Establish a network baseline
Describe troubleshooting methodologies and
troubleshooting tools
Describe the common issues that occur during WAN
implementation
Troubleshoot enterprise network implementation
issues
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Establish a Network Baseline
Explain the importance of network documentation
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Establish a Network Baseline
Describe the stages of the network documentation
process
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Establish a Network Baseline
Explain the purpose for measuring normal network
performance when creating a baseline
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Establish a Network Baseline
Describe the steps for establishing a network baseline
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Explain why a systematic method is the generally the
best approach to troubleshooting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Describe how layered models, such as the OSI
reference model or TCP/IP model, are used for
troubleshooting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Describe the three stages of the general
troubleshooting process
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Describe the three main methods for troubleshooting
network problems
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Describe the stages for gathering symptoms for
troubleshooting a network problem
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Describe Troubleshooting Methodologies
and Troubleshooting Tools
Describe the types of software and hardware tools that
are commonly used when troubleshooting networks
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Describe the Common Issues that Occur
During WAN Implementation
Describe the fundamentals in WAN design and
communication
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Describe the Common Issues that Occur
During WAN Implementation
Describe the steps for designing or modifying a WAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Describe the Common Issues that Occur
During WAN Implementation
Describe the considerations for analyzing WAN traffic
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Describe the Common Issues that Occur
During WAN Implementation
Describe the considerations for designing a WAN
topology
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Describe the Common Issues that Occur
During WAN Implementation
Describe common WAN implementation issues
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Describe the Common Issues that Occur
During WAN Implementation
Describe the recommended steps for troubleshooting a
WAN
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Troubleshoot Enterprise Network
Implementation Issues
Explain how network diagrams are used for
troubleshooting
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Troubleshoot Enterprise Network
Implementation Issues
Describe how to troubleshoot network problems
occurring at the physical layer
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Troubleshoot Enterprise Network
Implementation Issues
Describe how to troubleshoot network problems
occurring at the data link layer
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Troubleshoot Enterprise Network
Implementation Issues
Describe how to troubleshoot network problems
occurring at the network layer
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Troubleshoot Enterprise Network
Implementation Issues
Describe how to troubleshoot network problems
occurring at the transport layer
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Troubleshoot Enterprise Network
Implementation Issues
Describe how to troubleshoot network problems
occurring in the application layers
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24
Summary
Network Baseline
How a network is expected to perform under normal conditions
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 25
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 26
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 27
Summary
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 28
ITE 1 Chapter 6 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 29