zeldor.biz

Linux, programming and more

CCNA Exploration 4 – Module 4

by Leave a Comment

Configure R1 with OSPF simple authentication:

1
2
3
4
5

R1(config)#router ospf 1
R1(config-router)#area 0 authentication
 
R1(config-router)#interface S0/0/0
R1(config-if)#ip ospf authentication-key cisco123
1
2
3

R2(config)#interface S0/0/1
R2(config-if)#ip ospf authentication message-digest
R2(config-if)#ip ospf message-digest-key 1 md5 cisco12

Configure Router to support Cisco SDM:

1
2
3
4
5
6
7
8
9
10

R1# configure terminal
R1(config) # ip http server
R1(config) # ip http secure-server
R1(config) # ip http authentication local
R1(config) # username Student privilege 15 secret cisco
R1(config) # line vty 0 4
R1(config-line) # privilege level 15
R1(config-line) # login local
R1(config-line) # transport input telnet ssh
R1(config-line) # exit

Additional security for VTY:

1
2
3
4

R1 (config) # line vty 0 4
R1 (config-line) # exec-timeout 3
R1 (config-line) # exit
R1 (config) # service tcp-keepalives in

Additional tricks:

1
2
3

Router (config) # crypto key generate rsa
Router (config) # ip ssh time-out 15
Router (config) # ip ssh authentication-retries 2














Supports incoming telnet and SSH sessions:

1
2
3
4

R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input telnet ssh
R1 (config-line) # exit

Supports only incoming SSH sessions:

1
2
3
4

R1 (config) # line vty 0 4
R1 (config-line) # no transport input
R1 (config-line) # transport input ssh
R1 (config-line) # exit

CISCO CCNA-4 – Accessing the WAN Chapter one

by Leave a Comment





  • WANs generally connect devices that are separated by a broader geographical area than can be served by a LAN.
  • WANs use the services of carriers, such as telephone companies, cable companies, satellite systems, and network providers.
  • WANs use serial connections of various types to provide access to bandwidth over large geographic areas.

The Hierarchical Network Model

Access layer-Grants user access to network devices. In a network campus, the access layer generally incorporates switched LAN devices with ports that provide connectivity to workstations and servers. In the WAN environment, it may provide teleworkers or remote sites access to the corporate network across WAN technology.
Distribution layer-Aggregates the wiring closets, using switches to segment workgroups and isolate network problems in a campus environment. Similarly, the distribution layer aggregates WAN connections at the edge of the campus and provides policy-based connectivity.
Core layer (also referred to as the backbone) – A high-speed backbone that is designed to switch packets as fast as possible. Because the core is critical for connectivity, it must provide a high level of availability and adapt to changes very quickly. It also provides scalability and fast convergence.

Enterprise Campus Architecture:
An enterprise campus network is a building or group of buildings connected into one network that consists of many LANs.
It is generally limited to a fixed geographic area, but it can span several neighboring buildings.
The architecture is modular and scalable and can easily expand to include additional buildings or floors as required.
Enterprise Branch Architecture:
This module allows businesses to extend the applications and services found at the enterprise campus to thousands of remote locations and users or to a small group of branches.
Enterprise Data Center Architecture:
Data centers are responsible for managing and maintaining the many data systems that are vital to modern business operations.
This module centrally houses the data and resources to enable users to effectively create, collaborate, and interact.
Enterprise Teleworker Architecture:
This module leverages the network resources of the enterprise from home using broadband services such as cable modem or DSL to connect to the corporate network.
Typically implemented using remote access VPNs.
Enterprise Edge Architecture:
This module often functions as a liaison between the campus module and the other modules in the Enterprise Architecture.

PAP – 2 Way handshake
PAP usernames and passwords are sent as clear text strings, which can be intercepted and reused.

CHAP is a more secure procedure for connecting to a system than PAP

CHAP – 3 Way handshake

CHAP authentication sends a challenge message to the remote device. The remote device encrypts the challenge value with a shared secret and returns the encrypted value and its name to the local router in a Response message.

[Read more…]