0 output buffer failures, 0 output buffers swapped out
5 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Can the serial interface on Router2 be pinged from Router1?Ya
Can the serial interface on Router1 be pinged from Router2?Ya
If the answer is no for either question, troubleshoot the router configurations to find the error.
Then issue the pings again until the answer to both questions is yes.
Step 8: Configure PPP authentication on R1 with CHAP
a. Configure the CHAP username and password on the R1 router. The username must be identical to
the hostname of the other router. Both the password and usernames are case-sensitive. Define the
username and password to expect from the remote router. On Cisco routers, the secret password
must be the same for both routers.
Router1(config)#username Router2 password cisco
Router1(config)#interface serial 0/1/0
Router1(config-if)#ppp authentication chap
Router1(config-if)#end
Router1#
Step 9: Configure PPP authentication on R2 with CHAP
a. Configure the CHAP username and password on the R2 router. The passwords must be the
same on both routers. The username must be identical to the hostname on the other router. Both
the password and user names are case-sensitive. Define the username and password to expect
from the remote router.
Router2(config)#username Router1 password cisco
Router2(config)#interface serial 0/1/1
Router2(config-if)#ppp authentication chap
Router2(config-if)#end
Router2#
Step 10: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Was it successful? yes
Router2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Why or why not?
Kedua router menggunakan PPP dengan CHAP dan username yang sesuai dan password diatur pada kedua router.
Step 12: Clean up
a. Erase the configurations and reload the routers.
b. Disconnect and store the cabling.
c. For PC hosts that are normally connected to other networks (such as the school LAN or to the
Internet), reconnect the appropriate cabling and restore the TCP/IP settings.
Lab 8.2.2 Creating a WAN Connectivity Test Plan
Task 1: Review the Supporting Documentation
Step 1: Refer to the WAN Design Test Plan document provided for this lab
Download the WAN Design Test Plan. What is the purpose of this WAN design test? Which elements
of the design will be tested using this plan?
The purpose of this prototype is to demonstrate the use of Frame Relay WAN links to connect a remote site router to a central site router through a router that simulates a Frame Relay switch. Backup Ethernet links from the remote site and central site to a 4th router simulate a VPN backup capability and provide an alternate path in the event that one of the Frame Relay WAN links goes down.
a. Document the purpose of the test in the Introduction section of the WAN Design Test Plan.
b.Review the tests that will be run to validate the prototype.
Step 2: Review the equipment needed to perform the tests
Review the list of all equipment needed to build the prototype and to perform the tests. Be sure to include
cables, optional connectors or components, and software. If the recommended equipment is not available in your lab, discuss possible substitutes with your instructor and classmates, based on interface requirements of the topology.
a. If substitute equipment must be used, list the devices here:
b. Determine the amount of each type of cabling necessary to create the prototype test topology. Record the information on the Equipment chart in the WAN Design Test Plan.
c. Document any special configuration or cabling issues that might arise if substitute equipment is used.
Task 2: Document information regarding Test 1
Task 3: Document information regarding Test 2
Task 4: Reflection / Challenge
Why is Frame Relay a good choice as a primary WAN technology?
Ini adalah teknologi yang fleksibel yang banyak didukung oleh peralatanvendor. Layanan ini biasanya tersedia dari sebagian besar penyedia layanan Telecom (TSPS). Memberikan kestabilan data digital link dengan berbagai CIRs tergantung pada kebutuhan pelanggan. Mendukung berbagai topologi. SLA biasanya available.
When is it most important to have a backup link? How does a backup link compare to a redundant link?
LinkBackupdiperlukanketikahilangnyalinkprimeryang akanmenyebabkanhilangnyaakses kesumber dayakritis. Iniadalahbiaya/resikokeputusanyang dibuatoleh sebuah organisasi.
Lab 8.2.5 Configuring and Verifying WAN Backup Links
Task 1: Build the Network. Task Complete
Step 1 Connect devices
a. Connect the routers as shown in the topology diagram. Refer to the Test Plan in Lab 8.2.2 for cabling
required.
b. For each of the routers to be configured, use the erase startup-config and the reload commands from the privileged EXEC prompt, to ensure that you are starting with a clean configuration.
Task 2: Configure Router ISPX as a Backup. Task Complete
Step 1: Perform basic configuration of the ISPX router
Connect a PC to the console port of the router to perform configurations using a terminal emulation
program.
Configure the router with hostname, passwords, message-of-the–day, and no ip domain lookup.
Router(config)#hostname ISPX
ISPX(config)#line console 0
ISPX(config-line)#password cisco
ISPX(config-line)#login
ISPX(config-line)#exit
ISPX(config)#line vty 0 4
ISPX(config-line)#password cisco
ISPX(config-line)#login
ISPX(config-line)#exit
ISPX(config)#enable password cisco
ISPX(config)#enable secret class
ISPX(config)#no ip domain-lookup
ISPX(config)#banner motd #Unauthorized use prohibited#
Configure the FastEthernet interfaces for the backup links to the Edge2 and BR3 routers. Configure a
description and the IP address, and activate each interface.
Step 3: Configure a static route on the ISPX router to the FilmCompany local network
On the ISPX router, configure a normal static route to the BR3 network 172.18.225.0/25 via the Fa0/0
interface on BR3.
Step 4: Configure a static route on the ISPX router to the stadium local network
On the ISPX router, configure a normal static route to the Edge2 network 172.18.3.0/24 via the Fa0/1
interface on Edge2.
Task 3: Configure the Stadium Edge2 Router. Task Complete:
Step 1: Perform basic configuration of the router
Connect a PC to the console port of the router to perform configurations using a terminal emulation program. Erase and reload the router before starting.
Configure the router with a hostname, passwords, message-of-the–day, and no ip domain lookup.
Step 2: Configure stadium router Edge2 interfaces
Configure the Serial 0/1/1 interface with Frame Relay encapsulation. Configure a point-to-point
When authentication is configured, both Edge2 and BR3 should begin accepting EIGRP updates. Use
the show ip route command to verify that the routes to the LAN devices have been learned.
Until EIGRP and MD5 configuration are complete on router BR3, no EIGRP updates will be received
successfully. The command debug eigrp packet shows when EIGRP authentication is
successful. Example output of the debug eigrp packet command once BR3 is correctly
configured is shown below:
BR3#debug eigrp packet
00:47:04: EIGRP: received packet with MD5 authentication, key id = 1
00:47:04: EIGRP: Received HELLO on Serial0/1/0.100 nbr 172.18.0.9
Task 5: Conduct Primary Frame Relay Link Testing Based on the Test Plan. Task
Complete:
Execute the procedures outlined in Test 1 to test the simulated Frame relay network. Record the results of the tests in the Test 1: Results and Conclusions section.
Step 1: Console into routers Edge2 and BR3 and verify the basic configuration, IP addressing, Frame Relay
Issue the show running-config command for each of the routers to verify passwords, IP addressing, and Frame Relay configuration. See end of lab for router configs.
Step 2: Verify the Frame Relay configuration on Edge2, BR3, and FR1
Use show frame-relay commands to verify the Frame Relay configurations. See Lab 8.2.4 for command output.
show frame-relay map – Status of point-to-point links
show frame-relay pvc – Permanent Virtual Circuit (PVC) status and statistics
show frame-relay lmi – Local Management Interface (LMI) statistics
show frame-relay route – DLCI/interface routing (FR1 switch only)
Step 3: Verify routing table contents on router Edge2
Display the routing table for Edge2 using the show ip route command.
Edge2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user static
route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.18.0.0/16 is variably subnetted, 4 subnets, 3 masks
C 172.18.0.248/30 is directly connected, FastEthernet0/1
D 172.18.225.0/25
[90/2172416] via 172.18.0.10, 00:09:33, Serial0/0/1.110
C 172.18.0.8/30 is directly connected, Serial0/0/1.110
C 172.18.3.0/24 is directly connected, FastEthernet0/0
Is there an EIGRP route to the FilmCompany LAN 172.18.225.0/25?Ya
What is the AD of this route? 90
What is the next hop IP address to get to this network? 172.18.0.10 (F/R link)
Does the primary route take the Frame Relay link? Ya
Step 4: Verify routing table contents on router BR3
Display the routing table for BR3 using the show ip route command.
BR3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user static
route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.18.0.0/16 is variably subnetted, 4 subnets, 3 masks
C 172.18.225.0/25 is directly connected, FastEthernet0/1
C 172.18.225.248/30 is directly connected, FastEthernet0/0
C 172.18.0.8/30 is directly connected, Serial0/0/0.100
D 172.18.3.0/24 [90/2172416] via 172.18.0.9, 00:11:59,
Serial0/0/0.100
Is there an EIGRP route to the Edge2 network 172.18.3.1/24? __________ Ya
What is the AD of this route? __________ 90
Step 5: Verify routing table contents on router ISPX
Display the routing table for ISPX using the show ip route command.
ISPX#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.18.0.0/16 is variably subnetted, 4 subnets, 3 masks
C 172.18.0.248/30 is directly connected, FastEthernet0/1
S 172.18.225.0/25 [1/0] via 172.18.225.249
C 172.18.225.248/30 is directly connected, FastEthernet0/0
S 172.18.3.0/24 [1/0] via 172.18.0.249
Are there any EIGRP routes? __________ Tidak
Why or why not?
ISPX router tidak menjalankan protokol EIGRP.
Are there any static routes and if so, to what network?
Ya, pada BR3 LAN network 172.18.225.0/25 dan pada Edge2 LAN network 172.18.3.0/24
What is the purpose of these static routes?
Menyediakan rute dari Edge2 untuk LAN BR3 melalui router ISPX. Jika ISP tidak akan tahu bagaimana untuk sampai ke sana.
Step 6: Test IP connectivity between routers Edge2 and BR3 via the primary Frame Relay link
Ping from Edge2 to the IP address of host PC2. Was the ping successful?Ya
If not, troubleshoot until successful.
Ping from BR3 to the IP address of host PC1.
Was the ping successful? Ya
If not, troubleshoot until successful.
Verify that traffic is taking the correct path by using the traceroute command.
Turn off all debugging using the undebug all command.
Record all results in the WAN Design Test Plan document in the Test 1: Results and Conclusions section.
Step 1: Configure a floating static route on Edge2 and BR3 via the primary Frame Relay link.
On Edge2, configure a static route to the FilmCompany LAN (172.18.225.0/25) using the next hop
address of the interface Fa0/1 on router ISPX. Configure the administrative distance on the floating
static routes to be 130, greater than the administrative distance of the EIGRP learned route.
On BR3, configure a static route to the stadium LAN (172.18.3.0/24) using the next hop address of
the interface Fa0/0 on router ISPX. Configure the administrative distance on the floating static route
to be 130, greater than the administrative distance of the EIGRP learned route.
Task 7: Conduct Backup Link Test. Task Complete:
Step 1: Test the backup link though the ISPX router by taking down the primary Frame Relay link
Cause the Frame Relay link from Edge2 to FR1 to fail by shutting down the Serial 0/1/1 interface.
Step 2: Verify routing table contents on router Edge2
Display the routing table for Edge2 using the show ip route command.
Edge2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user
static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.18.0.0/16 is variably subnetted, 3 subnets, 3 masks
C 172.18.0.248/30 is directly connected, FastEthernet0/1
S 172.18.225.0/25 [130/0] via 172.18.0.250
C 172.18.3.0/24 is directly connected, FastEthernet0/0
Is there an EIGRP route to the FilmCompany network 172.18.225.0/25 now? Tidak
Is the floating static backup route to the FilmCompany network 172.18.225.0/25 that you defined
earlier now present? Ya
What is the AD of this route? 130
What is the next hop IP address to get to the 172.18.225.0/25 network?172.18.0.250 (ISPX Fa0/1 link)
Does the backup route take the ISPX link? Ya
Step 3: Verify routing table contents on router BR3
Display the routing table for BR3 using the show ip route command.
BR3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
level-2
ia - IS-IS inter area, * - candidate default, U - per-user static
route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.18.0.0/16 is variably subnetted, 3 subnets, 3 masks
C 172.18.225.0/25 is directly connected, FastEthernet0/1
C 172.18.225.248/30 is directly connected, FastEthernet0/0
S 172.18.3.0/24 [130/0] via 172.18.225.250
Continue to issue the show ip route command until the EIGRP route is gone and the floating
static route is installed, otherwise ping responses (echo reply) cannot be sent back to Edge2.
Is there an EIGRP route to the Edge2 network 172.18.3.0/24? Tidak
Is there a floating static route? Ya
What is the AD of this route? 130
What is the next hop IP address to get to the 172.18.3.0/24 network?172.18.225.250 (ISPX Fa0/0)
Step 4: Test IP connectivity between routers Edge2 and BR3 via the backup Ethernet link
a. Ping from PC1 on Edge2 to the IP address of host PC2.
Was the ping successful? Ya
If not, troubleshoot until successful.
Verify that traffic is taking the backup link by using the tracert command from PC1 to PC2. Record the results in the WAN Design Test Plan section Test 2: Results and Conclusions.
Turn off any debugging using the undebug all command.
Step 5: Clean up
Erase the configurations and reload the routers. Disconnect and store the cabling. For PC hosts that are
normally connected to other networks (such as the school LAN or to the Internet), reconnect the
appropriate cabling and restore the TCP/IP settings.
Task 8: Reflection / Challenge
When is it most important to have a backup link? How does a backup link compare to a redundant link?
LinkBackupdiperlukanketikahilangnyalinkprimer yangakanmenyebabkanhilangnyaakseske sumber dayakritis. Iniadalahbiaya/resikokeputusanyang dibuatoleh sebuah organisasi.
This lab uses the RIP dynamic routing protocol and floating static routes to demonstrate primary and backup routes. Would it be possible to use all static routes and no dynamic routing protocol?
Ya, tapirutestatisuntuksemualokasijaringanharusditetapkanuntukkomunikasiend-to-end antara jaringan. Harus adaruteuntukmencapaitujuanjaringandanruteditempat tujuanuntukkembali, agarkomunikasiduaarahterjadi.
Lab 8.2.6 Evaluating the Prototype Test
Step 1: Identify if weaknesses are present in the design
Is the Frame Relay WAN design able to scale to meet the expected growth?
Ya, layananFrame Relaybiasanyasangatterukur. CIRtambahan dapatdibelidansirkuittambahan dapatditambahkanjikadiperlukan.
Do the results of the prototype test indicate that the Frame Relay configuration will work as expected?
Karena sebuah router bertindak sebagai saklar Frame Relay simulasi, tidak ada cara untuk menguji bandwidth dan kinerja Frame Relay nyata switched jaringan. Karena tidak mungkin untuk menguji kemampuan melalui jaringan Frame Relay TSP sebenarnya ada risiko yang berkaitan dengan desain.
Are there any weaknesses associated with using the VPN connections as backup to the Frame Relay WAN?
WalaupunpengujianmemverifikasibahwafungsiEthernetberbasissimulasibackup, ini tidakcukupmensimulasikanpenggunaanlinkVPNsebagailinkFast Ethernetjauh lebihcepatdaripadaVPNkhas. Daerah yang paling kritisrisikoadalah kinerjadarilinkVPNsebagaibackupdalamjaringannyata. ApabilakomponensuaradanvideodarijaringanditambahkankeWANlalu lintasyang ada, mungkin adamasalahkualitaslayananjikakoneksiVPNharusdigunakan. VPNarusmelaluiISPtidakmemilikitingkatjaminanpelayanan. Selainitu,tidakmemiliki mekanisme untukmenyediakanQoS. Akibatnya, linkcadanganhanyabisamenyediakankonektivitas terbatasdalamhalkegagalan.
Will a failure of the primary link cause the FilmCompany to lose connectivity to the Stadium LAN?
Tidak, link backup dengan rute statis mengambang akan diaktifkan untuk menyediakan konektivitas ketika F primer / link R gagal.
Does the EIGRP authentication provide for a secure transmission of the routing updates?
Ya, meskipun penggunaan Pesan Digest 5 (MD5). Kombinasi kunci pengenal dan antarmuka yang terkait dengan pesan unik mengidentifikasi algoritma otentikasi dan kunci MD5 otentikasi digunakan.
Step 2: Determine what the risks are of not correcting the weaknesses
If, in Step 1, you identify weaknesses in the proposed design, what risks do these weaknesses present to
Step 3: Suggest ways that the design can be improved to reduce the risk
In what ways could the proposed design be improved to reduce the areas of risk?
Jikawaktudanuang mengizinkan,ujicobadapatdijalankandi manasirkuit F/R sementaradenganCIRtertentubisadipasangdengankerjasamalayananyang disediakandanbebanujisimulasidapatdihasilkanpadaberbagai waktuuntukmemastikankinerjadi bawahtinggi-volume kondisi. Tingkatperjanjian layanan(SLA) juga bisadinegosiasikanuntukmenyediakanasuransiyangrangkaianakanbekerja seperti yang diharapkanselamaperiodebebanpuncak. SehubungandenganlinkbackupVPN, pilotdapattermasukpenggunaankoneksiVPNaktualmelalui linkDSLkelebihakuratmenunjukkankemampuanpemulihandaridesainyang diusulkan.
Step 4: Document the weaknesses and risks on the test plan
In the Results and Conclusions section of the test plan, record any weaknesses, risks, and suggested improvements.
Step 4: Reflection
Why do you think it is important to identify weaknesses and risks in the proposed design before presenting it to the customer? What are some reasons that weaknesses cannot be corrected?
Adalah penting untuk mengidentifikasi kelemahan dan risiko dalam desain yang diusulkan sebelum menyajikannya kepada pelanggan untuk memastikan bahwa pelanggan memahami keterbatasan prototipe dan tidak mengarah pada memiliki harapan yang tidak realistis berdasarkan prototipe. Mungkin tidak mungkin untuk mengimbangi semua kelemahan yang dapat diidentifikasi karena waktu, uang atau kendala personil. Risiko harus dianalisa dan seimbang terhadap variabel-variabel lainnya.
Lab 8.3.2 Creating a VPN Connectivity Test Plan
Step 1: Review the VPN Design Test Plan
Review the VPN Design Test Plan. Note the tests that the designer indicates are necessary to perform using the prototype network.
Test 1: Description and purpose:
EasyVPNServerSetupVerifikasi
Test 2: Description and purpose:
KonektivitasTestKlienVPN
Step 2: Review the Equipment section
Which device will be used as the VPN server in the prototype network? 1841 Router
What IOS version is necessary to configure the EasyVPN server? Advanced Layanan IP versi 12,4 atau di atas dan Cisco SDM
Is equipment available in your lab with the correct IOS to build the prototype network configuration?
Step 3: Review the Design and Topology section
At the top of this lab, the actual VPN topology is shown, as well as the topology being used in the prototype test. Compare both topologies. Remote workers usually connect to the Internet and then use client software to create the VPN tunnel to the server. In the prototype environment, the connection between the VPN client and the VPN server is a much more direct connection.
What is the risk of testing the VPN operation in a prototype environment?
Kondisi dunia nyata tidak dapat dengan mudah disimulasikan. Server VPN akan memberikan alamat logis ke remote host H1 yang berlaku di jaringan internal. Alamat ini akan ditugaskan secara dinamis, ketika terowongan VPN dibuat.
Step 4: Review the Test 1 Description, Procedures, and Expected Results sections
The designer needs to verify that the EasyVPN server can be configured and managed by the existing
personnel. It is important to document how the Cisco SDM software can be used to configure and manage the VPN server.
Step 5: Review the Test 2 Description, Procedures, and Expected Results sections
Read through the Test 2 information in the test plan. Determine an appropriate goal for Test 2 and fill in the table in the VPN Design Test Plan.
After reading the Procedures section, what do you think would be a successful outcome of completing the
Test 2 procedures?
Successful connection to the VPN server using the external VPN client
Successful tunnel establishment
VPN client has received an internal IP address from the VPN server.
VPN client can ping an internal host or connect to an internal server service
Record your answers in the Expected Results and Success Criteria section for Test 2.
Reflection / Challenge
Why do you think it is important to test the VPN operation in a pilot installation, as well as a prototype test?
