Beruflich Dokumente
Kultur Dokumente
LAB
Install TFTP server on a virtual machine
Connect the machine to a Router
To see the content of Flash file
#show Flash
To copy flash
#Copy flash tftp
supply IP address of TFTP Server and file name
To copy running-configuration
#copy running-config tftp
supply IP address of TFTP Server and file name
To view table
R1#show hosts
To verify that the host table resolves names, try ping
hostnames at a router prompt.
9
Password Recovery
Normal Boot Sequence
POST
Bootstrap
IOS
Startup
Running
This
setup
is
decided
configuration register value
by
10
Configuration Register
Decimal
Bit
Default
4 2 1 8
4 2 1 8
4 2 1 8
4 2 1
15 14 13 12 11 10 9 8 7
6 5 4 3
2 1 0
0 0 0 0
0 1 0
0 1 0 0
0 0 1 0
2102
11
Password Recovery
Show version will give configuration
register value
Password is stored in NVRAM
To by pass NVRAM during boot sequence
we need to change the configuration
register value
To change the CR values press Ctr+Break
and go to ROM monitor mode
12
Password Recovery
Router 2500
o/r 0x2142
i
Router 2600
confreg 0x2142
>reset
13
14
WAN vs LAN
Distance between WAN and LAN
WAN speed is less
WAN is leased from Service provider
15
16
WAN Overview
Service
Provider
WAN
technology/terminology
Devices on the subscriber premises are called customer premises equipment (CPE).
The subscriber owns the CPE or leases the CPE from the service provider.
A copper or fiber cable connects the CPE to the service providers nearest exchange or
central office (CO). A central office (CO) is sometimes referred to as a point of presence
(POP)
This cabling is often called the local loop, or "last-mile".
CPE
(Customer
Premises
Equipment) are equipments
located at the customers
site,
they
are
owned,
operated and managed by
the customer.
18
WAN
technology/terminology
A demarcation point is
where customer premises
equipment (CPE) ends,
and local loop begins.
19
WAN
technology/terminology
Devices that put data on the local loop are called data
communications equipment (DCE).
The customer devices that pass the data to the DCE are called
data terminal equipment (DTE).
The DCE primarily provides an interface for the DTE into the
communication link on the WAN cloud.
These
protocols
establish the codes and
electrical
parameters
the devices use to
communicate with each
other.
20
WAN Devices
Modems
transmit data
over
voice-grade
telephone
lines
by
modulating
and
demodulating the signal.
The
modulated signal
can be heard as a series
of whistles by turning on
the
internal
modem
speaker.
21
22
WAN Technologies
Overview
Dedicated
T1, E1, T3,
E3
DSL
SONET
Circuit
Switched
POTS
ISDN
Switched
Analog
Dial-up
modems
Cable
modems
Wireless
Packet Switched
X.25
E1 = 2.048 Mbps
E3 = 34.368 Mbps
24
25
Analog Services
Dial-up Modems (switched analog)
Standard that can provides 56 kbps download speed and
33.6 kbps upload speed.
With the download path, there is a digital-to-analogue
conversion at the client side.
With the upload path, there is a analogue-to-digital
conversion at the client side.
26
27
Wireless
Terrestrial
Bandwidths typically in the 11 Mbps range
Cost is relatively low
Line-of-sight is usually required
Usage is moderate
Satellite
Can serve mobile users and remote users
Usage is widespread
Cost is very high
28
B
D
B
29
30
32
34
35
Maximum
Speed
Asynchronous Dial-Up
56-64 Kbps
128 Kbps
ISDN PRI
E1 / T1
E3/T3
37
Service
Provider
Telephone
Company
38
WAN Protocols
LAN
E0
S0
S0
Network
Datalink
WAN
Physical
39
HDLC Command
Router(configif)#encapsulationhdlc
Enable hdlc encapsulation
HDLC is the default encapsulation on
synchronous serial interfaces
41
An Overview of PPP
PPP Encapsulation
How It Operates
Protocol
Require a password
PAP
Perform Challenge Handshake CHAP
Compression
Error
Detection
Multilink
PPP Authentication
Overview
Dialup or
Circuit-Switched
Network
44
Selecting a PPP
Authentication Protocol
Remote Router
(SantaCruz)
PAP
2-Way Handshake
Central-Site Router
(HQ)
santacruz, boardwalk
Accept/Reject
Hostname: santacruz
Password: boardwalk
username santacruz
password boardwalk
Selecting a PPP
Authentication Protocol
(cont.)
Remote Router
(SantaCruz)
CHAP
3-Way Handshake
Central-Site Router
(HQ)
Challenge
Response
Hostname: santacruz
Password: boardwalk
Accept/Reject
username santacruz
password boardwalk
Service
Provider
Authenticating Router
Router to Be
Authenticated
Enabling PPP
ppp encapsulation
hostname
username / password
ppp authentication
ppp encapsulation
hostname
/ password
username
ppp authentication
47
Configuring PPP
Router(configif)#encapsulationppp
Enable PPP encapsulation
48
Configuring PPP
Authentication
Router(config)#hostnamename
49
Configuring PPP
Authentication
(cont.)
Router(configif)#pppauthentication
{chap|chappap|papchap|pap}
50
PSTN/ISDN
hostnameR1
hostnameR1
usernameR2passwordcisco
usernameR2passwordcisco
!!
intserial0
intserial0
ipaddress10.0.1.1255.255.255.0
ipaddress10.0.1.1255.255.255.0
encapsulationppp
encapsulationppp
pppauthenticationCHAP
pppauthenticationCHAP
R2
hostnameR2
usernameR1passwordcisco
!
intserial0
ipaddress10.0.1.2255.255.255.0
encapsulationppp
pppauthenticationCHAP
51
Router#showinterfaces0
Serial0isup,lineprotocolisup
HardwareisHD64570
Internetaddressis10.140.1.2/24
MTU1500bytes,BW1544Kbit,DLY20000usec,rely255/255,load1/255
EncapsulationPPP,loopbacknotset,keepaliveset(10sec)
LCPOpen
Open:IPCP,CDPCP
Lastinput00:00:05,output00:00:05,outputhangnever
Lastclearingof"showinterface"countersnever
Queueingstrategy:fifo
Outputqueue0/40,0drops;inputqueue0/75,0drops
5minuteinputrate0bits/sec,0packets/sec
5minuteoutputrate0bits/sec,0packets/sec
38021packetsinput,5656110bytes,0nobuffer
Received23488broadcasts,0runts,0giants,0throttles
0inputerrors,0CRC,0frame,0overrun,0ignored,0abort
38097packetsoutput,2135697bytes,0underruns
0outputerrors,0collisions,6045interfaceresets
0outputbufferfailures,0outputbuffersswappedout
482carriertransitions
DCD=upDSR=upDTR=upRTS=upCTS=up
52
Service
Provider
R2
4d20h:%LINK3UPDOWN:InterfaceSerial0,changedstatetoup
4d20h:%LINK3UPDOWN:InterfaceSerial0,changedstatetoup
4d20h:Se0PPP:Treatingconnectionasadedicatedline
4d20h:Se0PPP:Treatingconnectionasadedicatedline
4d20h:Se0PPP:PhaseisAUTHENTICATING,byboth
4d20h:Se0PPP:PhaseisAUTHENTICATING,byboth
4d20h:Se0CHAP:OCHALLENGEid2len28fromleft"
4d20h:Se0CHAP:OCHALLENGEid2len28fromleft"
4d20h:Se0CHAP:ICHALLENGEid3len28fromright"
4d20h:Se0CHAP:ICHALLENGEid3len28fromright"
4d20h:Se0CHAP:ORESPONSEid3len28fromleft"
4d20h:Se0CHAP:ORESPONSEid3len28fromleft"
4d20h:Se0CHAP:IRESPONSEid2len28fromright"
4d20h:Se0CHAP:IRESPONSEid2len28fromright"
4d20h:Se0CHAP:OSUCCESSid2len4
4d20h:Se0CHAP:OSUCCESSid2len4
4d20h:Se0CHAP:ISUCCESSid3len4
4d20h:Se0CHAP:ISUCCESSid3len4
4d20h:%LINEPROTO5UPDOWN:LineprotocolonInterfaceSerial0,changedstatetoup
4d20h:%LINEPROTO5UPDOWN:LineprotocolonInterfaceSerial0,changedstatetoup
53
What is ISDN?
Small office
Digital
PBX
Provider
network
Telecommuter
Home office
Central site
Why ISDN?
ISDN - Integrated Services Digital
Network
Telephone services ->
Telecommunication services
Used for voice, data and video
55
Capacity
64 kbps
16/64 kbps
BRI
D 2B
PRI
D 23 or 30B
ISDN Ready
BRI Port
4W
S/T interface
2W
NT1
U interface
TE2
Analog devices:
phone, Serial port
TA
After connecting to TA it becomes TE1
I
S
D
N
S
w
i
t
c
h
58
Reference Points
60
LAB-ISDN
ISDN Switch
R1
BRI
E0
192.168.0.1
10.0.0.1
192.168.0.2
Router(config)#hostname R1
R1(config)#username R2 password cisco
R1(config-if)#int bri 0
R1(config-if)# ip address 10.0.0.1 255.0.0.0
R1(config-if)#enacapsulation ppp
R1(config-if)#PPP authentication CHAP
R1(config-if)#no shut
Static Routes or default route
R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2
R1(config)#isdn switch-type basic-net3
R2
BRI
10.0.0.2 E0
192.168.1.1
192.168.1.2
Access List
R1(config)#dialer-list 1 protocol ip permit
R1(config)#int bri 0
R1(config-if)# dialergroup 1
R1(config-if)#dialer map ip 10.0.0.2 name
R2 20
R1(config-if)#no shut
R1(config-if)#dialer idle-timeout 100
61
Description
iproute
access-list
dialer-list 1 protocol IP
dialergroup 1
int bri 0
63
64
Terminology
R1
FR Network
R2
Interface Device
Encapsulate Data
Access Line
Trunk Line
Virtual Circuit an end to end connection between interface device - PVC or SVC
Data Link connection Identifiers (DLCI) number is the identification for VC, 16-1007
Committed Information Rate or CIR - agreed-upon bandwidth
Frame Relay there are two encapsulation types: Cisco and IETF
Local Management Interface (LMI) is a signaling standard used between your router
and the first Frame Relay switch i - Cisco, ANSI, and Q.933A.
65
R1
S0
E0
192.168.1.1/24
100
192.168.3.9/29
192.168.1.2/24
200
192.168.3.10/29 R2
S0
E0
DCE
DCE
192.168.2.1/24
192.168.2.2/24