GNI102 Lab 11

From Datateknik
(Difference between revisions)
Jump to: navigation, search
(Created page with "Networking Academy <span style="font-size:500%;">   LAB 11</span> University West <b...")
 
Line 2: Line 2:
  
 
<br>
 
<br>
Detta är sjunde labben i denna kurs. <br>
+
The workflow in this laboration is that you work in pairs of two together and configure ''one'' device at a time; not parallel on a device each.<br>
Arbetssättet i denna labb är att man jobbar i par på enheterna och tillsammans konfigurerar ''en'' gång; inte att båda jobbar parallellt och att båda skriver samma sak. Dock viktigt att båda antecknar flitigt. <br>
+
The three first parts are made up of areas we have worked on multiple times before: Base-configuration, IP-addressing and subnetting and Address configuration. Therefor you will only get the assignments but no commands on how to do the actual configuration. At the end of the lab paper there is a so called "Cheat-sheet". Peak there ONLY if you absolutely have too, try and practice without(You will not have any "Cheat-sheets" on exam day. If you manage to complete the full assignment today without looking at the cheat-sheet you only need to do the lab once. If you need to peak on the sheet you '''should''' repeat the parts you had to use the cheat-sheet for. Repeat as many times as needed untill you have learnt the commands. You should have started to learn and memorized of them by now! Remember no cheat-sheets on exam day. <br>
De första tre delarna består av saker ni gjort flera gånger tidigare: Grundkonfiguration, IP-adressering och Adresskonfiguration. Därför får ni där bara uppgifterna, inga kommandon till hjälp. I slutet av laborationen finns ett så kallat "Cheat-sheet". Tjuvkika där endast om ni absolut inte kommer ihåg hur man gör. Klarar ni labben utan att tjuvkika slipper ni göra den två gånger. Behöver ni tjuvkika gör ni om de delarna minst en gång till när ni gjort klart hela labben, helst tills ni inte behöver kika mer. Detta ska sitta nu! <br>
+
 
I resten av labben kikar vi på Telnet och SSH samt lite felsökning.
+
= Topology=
= Topologi=
+
  
 
[[File:Lab11.png|x250px|baseline|Lab11_topologi]]
 
[[File:Lab11.png|x250px|baseline|Lab11_topologi]]
Line 12: Line 11:
 
<p style="page-break-after: always;">&nbsp;</p>
 
<p style="page-break-after: always;">&nbsp;</p>
  
= Grundkonfiguration =
+
= Base Configuration =
1. Koppla enligt topologin <br>
+
1. Connect the devices as show in the image <br>
2. På samtliga enheter konfigurera följande: <br>
+
2. On all the devices configure the following: <br>
 
* hostname  
 
* hostname  
* lösenord för privileged exec-mode (använd lösenordet cisco)
+
* password for privileged exec-mode (Use the password cisco)
* se till att alla lösenord är krypterade i running-config
+
* make sure that all the passwords are encrypted in running-config
* skapa en lämplig message-of-the-day-banner
+
* set a appropriate message-of-the-day-banner
* säkra inloggningen på console-porten med lösenord (lösenord cisco)
+
* secure usage of the console-port with a password (password cisco)
* säkra inloggning på fem vty-portar (lösenord cisco för telnet, ej konfigurera ssh)
+
* secure the usage on five VTY-ports (password cisco for telnet, don't configure ssh yet)
3. Spara konfigurationen i nvram på samtliga enheter <br><br>
+
3. Safe your configuration in the nvram on all your devices <br><br>
  
= IP-addressering =
+
= IP-addressing =
Ni har IPv4-nätet 172.16.0.0/25 samt IPv6-prefixet 2001:DB8:ACAD::/48
+
You have the IPv4 network 172.16.0.0/25 and the IPv6-prefix 2001:DB8:ACAD::/48
 
== IPv4 ==  
 
== IPv4 ==  
Skapa två lika stora subnät. Skriv ner era nya subnät här: <br><br>
+
Create to equally large subnets. Write down your new subnets here: <br><br>
1) Nätadress: ______.______.______.______ Subnätmask:______.______.______.______ <br><br>
+
1) Networkaddress: ______.______.______.______ Subnet mask:______.______.______.______ <br><br>
2) Nätadress: ______.______.______.______ Subnätmask:______.______.______.______ <br><br>
+
2) Networkaddress: ______.______.______.______ Subnet mask:______.______.______.______ <br><br>
  
 
== IPv6 ==
 
== IPv6 ==
Skapa två subnät med prefixlängd /64. Skriv ner era nya subnät här: <br><br>
+
Create two subnets with the prefix length of /64. Write down your new subnets here: <br><br>
1) Nätadress: ______________________________________________________________________/____ <br><br>
+
1) Networkaddress: ______________________________________________________________________/____ <br><br>
2) Nätadress: ______________________________________________________________________/____ <br><br>
+
2) Networkaddress: ______________________________________________________________________/____ <br><br>
 
<p style="page-break-after: always;">&nbsp;</p>
 
<p style="page-break-after: always;">&nbsp;</p>
  
== Adresskonfiguration ==
+
== Address configuration ==
  
Använd subnät 1 till det lokala nätverket till vänster. Använd subnät 2 till det lokala nätverket till höger. <br><br>
+
Use subnet one for the local network to the left. Use subnet two for the local network to the right. <br><br>
1. Planera er adressering på papper i topologin innan ni börjar konfigurera enheterna. <br>
+
1. Plan your addressing scheme on paper for the topology before you start the configuration of your devices. <br>
* Använd den första adressen i subnäten på routerns interfaces
+
* Use the first address in the subnet on the interfaces of the router
* Använd den femte adressen i subnäten på switcharnas interface (tomten)
+
* Use the fifth address in the subnet on the switches interfaces(SVI)
* Använd den tionde adressen i subnäten på vardera PC <br><br>
+
* Use the tenth address in the subnet on each of the PCs <br><br>
 
&nbsp; &nbsp; Router <br>
 
&nbsp; &nbsp; Router <br>
2. Slå igång ipv6 unicast-routing på routern <br>
+
2. Activate ipv6 unicast-routing on the router <br>
3. Konfigurera routerns interfaces med lämpliga descriptions, sätt valda IPv4- och IPv6-adresser samt ändra IPv6 link-local-adress till fe80::1. Glöm inte att aktivera interfacet! <br><br>
+
3. Configure the interfaces on the router with appropriate descriptions, apply the chosen IPv4- and IPv6-addresses and also change the IPv6 link-local-address to fe80::1. Don't forget to activate the interfaces! <br><br>
 
&nbsp; &nbsp; Switch <br>
 
&nbsp; &nbsp; Switch <br>
4. Se till att switchen har stöd för IPv6 annars använd kommandot:<br>
+
4. Make sure the switch supports IPv6 and if it doesn't, use:<br>
 
<tt> sdm prefer dual-ipv4-and-ipv6 default </tt> <br>
 
<tt> sdm prefer dual-ipv4-and-ipv6 default </tt> <br>
5. Konfigurera switcharnas interface (tomten) med lämpliga descriptions och sätt valda IPv4- och IPv6-adresser. Aktivera interfacet!<br>
+
5. Configure the interface on the switches (SVI) with a appropriate descriptions, apply the chosen IPv4- and IPv6-addresses. Activate the interfaces!<br>
6. Konfigurera också rätt default gateway för IPv4 på switcharna <br><br>
+
6. Also configure the correct default gateway for IPv4 on the switches <br><br>
 
&nbsp; &nbsp; PC <br>
 
&nbsp; &nbsp; PC <br>
7. Adressera slutligen era PC's med valda IPv4- och IPv6-adresser samt IPv4 och IPv6 default gateway <br><br>
+
7. Lastly apply IP-Addresses on the PC's with the chosen valda IPv4- and IPv6-addresses as well as IPv4 and IPv6 default gateways <br><br>
8. Testa nu att skicka ping från PC1 till PC2 med både IPv4 och IPv6 <br>
+
8. Test now to send a ping from PC1 to PC2 with both IPv4 och IPv6 <br>
9. Fungerar inte allt, felsök! Använd ping el traceoute för att hitta var problemet finns. För problem med IPv6-konnektivitet kan kommandot <tt>ipv6 nd autoconfig default-route</tt> att behöva användas på switchens vlan-interface (tomten). <br>
+
9. Does it work?, if no: Troubleshoot! Use ping and/or traceoute to find where the issue exists. For issues with IPv6-connectivity the command <tt>ipv6 nd autoconfig default-route</tt> might be needed on the switches interfaces (SVI). <br>
10. När allt fungerar spara konfigurationen till nvram på routern och switcharna <br>
+
10. If all pings works: Save configuration to nvram on both the router and switches. <br>
 
<p style="page-break-after: always;">&nbsp;</p>
 
<p style="page-break-after: always;">&nbsp;</p>
  
 
= TELNET vs SSH =
 
= TELNET vs SSH =
1. Konfigurera samtliga nätverksenheter för att kommunicera med både Telnet och SSH.
+
1. Configure all network devices for communication with both Telnet and SSH.
* Steg 1: Skapa användare på varje enhet med global configuration-kommandot:
+
* Step 1: Create users on each device with the global configuration-command:
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# username Admin secret cisco</tt>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# username Admin secret cisco</tt>
* Steg 2: Konfigurera ett domän för enheterna: <br>
+
* Step 2: Configure a domain on all the devices: <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# ip domain-name cnap.hv.se </tt>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# ip domain-name cnap.hv.se </tt>
* Steg 3: Skapa nycklar för kryptering: <br>
+
* Step 3: Create keys for encryption: <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# crypto key generate rsa modulus 1024</tt>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# crypto key generate rsa modulus 1024</tt>
* Steg 4: Konfigurera vty-portarna för både ssh och telnet, login med lokal databas samt automatiskt utloggning efter 5 minuters inaktivitet <br>
+
* Step 4: Configure the vty lines for both ssh and telnet, login with the local database and automatic disconnection after 5 minutes of idle-time <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# line vty 0 4 </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config)# line vty 0 4 </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# transport input telnet ssh </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# transport input telnet ssh </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# login local </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# login local </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# exec-timeout 5 0 </tt> <br>
 
&nbsp;&nbsp;&nbsp;&nbsp;<tt>R1(config-line)# exec-timeout 5 0 </tt> <br>
2. Testa nu att kommunicera med R1 via telnet från PC1 genom att öppna cmd på PC'n och skriva kommandot <tt>telnet</tt> följt av en av IP-adresserna på routern <br>
+
2. Now test to communicate with R1 using telnet from PC1 <br>
Om inte datorn känner igen kommandot telnet, måste detta installeras först. Skriv då:  <tt>dism /online /Enable-Feature /FeatureName:TelnetClient</tt>. Alternativt högerklicka på startknappen i Windows, välj Programs and Features, sedan "Turn Windows features on or off i vänsterkanten, leta upp Telnet Client i listan och bocka i rutan, välj ok. Testa nu att använda telnet igen. Även Teraterm och Putty kan användas för telnet<br>
+
3. Try and login in with the username and password you created in the local database <br>
3. Prova att logga in med användarnamnet och lösenordet ni skapat i er lokala databas <br>
+
4. Did it work? Great! Now close down the session <br>
4. Fungerade det bra? Avsluta sessionen med <tt>quit</tt> <br>
+
5. Start the software Wireshark on the same computer (Blue sharkfin icon in windows taskbar)<br>
5. Starta nu programmet Wireshark på samma PC<br>
+
6. Choose the correct networks card connection, you want wired ethernet (might exist multiple ones if WIFI-card is activated) and start a recording <br>
6. Välj rätt nätverksanslutning och starta en inspelning <br>
+
7. Now go back to your terminal software and start a new telnet-session with the router <br>
7. Gå tillbaka till cmd och starta en ny telnetsession <br>
+
8. When you have done a successful login enter privileged mode and show running-config. <br>
8. När ni loggat in kan gå in i privileged mode och visa running-config. Avsluta sedan sessionen med <tt>quit</tt> <br>
+
9. Go back to the Wireshark software and stop the recording and filter on telnet-traffic by using a appropriate filter (try something related to telnet)<br>
9. Avsluta Wiresharkinspelningen och filtrera telnet-trafik med lämpligt filter <br>
+
10. What port does Telnet use? _____________ <br>
10. Vilken port använder telnet? _____________ <br>
+
11. Right click a telnet packet, choose the option Follow stream, and then pick TCP <br>
11. Markera ett telnet-paket och högerklicka, välj Follow stream, sedan TCP <br>
+
12. Now a new window should had opened up, here you can read what have been sent in the telnet conversation between your PC and the router <br>
12. Här kan ni utläsa vad som skickats i konversationen <br>
+
13. Why does some of the letters get written twice?<br><br>
13. Varför skrivs en del tecken ut dubbelt?<br><br>
+
 
___________________________________________________________________________<br><br>
 
___________________________________________________________________________<br><br>
 
___________________________________________________________________________<br>
 
___________________________________________________________________________<br>
14. Starta en ny inspelning utan att spara <br>
+
14. Start a new recording without saveing the previous one <br>
15. Öppna programmet Putty. Se till att SSH är vald Connection type och skriv in IP-adressen ni vill kontakta routern på. Klicka på Open. Får ni upp en Putty Security alert, välj YES för att fortsätta <br>
+
15. open the software Putty (Is located on your windows taskbar). Make sure that SSH is the chosen connection type and write the IP-address you want to talk with on the router. Press Open. If a new window called Putty Security alert opens up, choose YES to continue <br>
16. Logga in med er användare och lösenord. När inloggningen är klar avsluta med <tt>quit</tt> <br>
+
16. Login with your username and password. When you have successfully completed your login, exit the session by writing <tt>quit</tt> <br>
17. Gå tillbaka till Wireshark, avsluta Wiresharkinspelningen och filtrera ssh-trafik med lämpligt filter <br>
+
17. Go back to Wireshark, finish the Wireshark recording and filter on ssh-trafic with a appropriate filter <br>
18. Vilken port använder SSH?______________<br>
+
18. What port does SSH use?______________<br>
19. Högerklicka på ett SSH-paket och välj åter Follow Stream och TCP <br>
+
19. Right click a SSH packet, choose the option Follow stream, and then pick TCP <br>
20. Försök nu att utläsa inloggningsuppgifterna <br>
+
20. Now try to read the content of the conversation (as you previously did in the telnet stream) <br>
21. Givetvis vill vi alltså hellre använda SSH än telnet. Kan ni komma på när man ändå använder telnet i stället för SSH?<br><br>
+
21. As you might have noticed the difference the preferred protocol is SSH over telnet. Can you come up a reason as to why some may use telnet instead of SSH?<br><br>
 
___________________________________________________________________________<br><br>
 
___________________________________________________________________________<br><br>
  
 
<p style="page-break-before: always;">&nbsp;</p>
 
<p style="page-break-before: always;">&nbsp;</p>
  
= FELSÖKNING =
+
= Troubleshooting =
  
Något man inte kan få för mycket av är felsökning! <br><br>
+
Something you can't do to much of is troubleshooting! Troubleshooting is the best way of learning how to configure and how to fix misconfigurations <br><br>
Innan ni börjar med det kanske ni vill visa labhandledaren att ni har full konnektivitet (ifall det går åt skogen i felsökningsdelen) <br><br>
+
Before you start with this part go talk with a instructor and show that you have full connectivity in your topology <br><br>
  
1. Person 1 får gå ut medan Person 2 hittar på och skapar 3 fel. Ni kan hålla er till IPv4-näten så det inte blir för stort. Felen ska gå att upptäcka med ping/traceroute och samt vid försök att logga in med SSH. Några exempel på fel kan vara: stängda portar, felkopplade kablar, fel ip-adress (t ex fel gateway, olika nät på ett LAN, dubbla adresser på länken, ingen adress alls), fel inloggning ssh, fel ssh-konfiguration etc. Ha lite fantasi! <br>
+
1. Student 1 should leave the room while Student 2 creates and applies 3 faults in the topology. Try and stick to the IPv4 network so the faulty area doesn't become to large. The faults should be detectable with the help of ping/traceroute as well as by using SSH to try and login to the devices. Some examples of faults can be: closed down ports, cables moved and connected to the wrong place, wrong ip-addressing (example inconsistent gateway, different networks on a single LAN, no ip-address at all), wrong username/password for ssh, wrong configuration for ssh, and so on. Use your imagination! =) <br>
2. Därefter släpps Person 2 in och felsöker tills denne hittar felen samt åtgärdar dem. Den felsökande ska alltså kunna pinga alla enheter med IPv4 samt kontakta enheterna med ssh när alla fel är åtgärdade. <br>
+
2. After Student 2 have completed creating 3 faults let Student 1 back inside to troubleshoot and correct the faults. The student troubleshooting should when completed manage to ping all devices with IPv4 as well communicate with the devices using ssh. <br>
3. Gör sedan tvärtom (person 2 skapar fel och person 1 hittar dem) <br>
+
3. Once first Student have completed troubleshooting you change (Student 1 creates faults and student 2 troubleshoots) <br>
Försök att inte hinta varandra för tidigt utan låt den felsökande ta tid på sig. <br><br>
+
Try to not assist each other to early, let your lab-partner first try to find the faults by themself before you give them tips of where the issues might be. <br><br>
  
Bra jobbat! <br><br>
+
Good job! <br><br>
  
Behövde ni tjuvkika någonstans för att lösa delarna Grundkonfiguration, IP-adressering och Adresskonfiguration? <br>
+
Did you have to peek at the cheat-sheet while doing any of the parts?? <br>
Då är det dags att göra om den delen nu! <br>
+
If you did, redo that prat! <br>
Be gärna er labhandledare om nya nät att subnäta <br><br><br>
+
Please ask your lab instructor for new networks to subnet <br><br><br>
  
Är ni klara och har full koll? Be handledaren gå igenom labben med er. Ni ska kunna visa upp:<br>
+
Are you done and did not use the cheat-sheet? Ask your instructor to go through the lab with you, you should be able to show the following:<br>
* Att ni har full konnektivitet i både IPv4 och IPv6 om ni inte gjorde det innan felsökningen
+
* You have full connectivity in both IPv4 and IPv6, if you don't you need to troubleshoot
* Era anteckningar och svar <br><br>
+
* Your notes and answers to the questions <br><br>
Nu ska ni rensa konfigurationerna på routrar och switchar (det går bra att tjuvkika i CheatSheet om ni inte minns hur man gör) samt återställ era PC'c till automatisk adressering.
+
  
  

Revision as of 15:04, 12 October 2020

Networking Academy   LAB 11
University West


The workflow in this laboration is that you work in pairs of two together and configure one device at a time; not parallel on a device each.
The three first parts are made up of areas we have worked on multiple times before: Base-configuration, IP-addressing and subnetting and Address configuration. Therefor you will only get the assignments but no commands on how to do the actual configuration. At the end of the lab paper there is a so called "Cheat-sheet". Peak there ONLY if you absolutely have too, try and practice without(You will not have any "Cheat-sheets" on exam day. If you manage to complete the full assignment today without looking at the cheat-sheet you only need to do the lab once. If you need to peak on the sheet you should repeat the parts you had to use the cheat-sheet for. Repeat as many times as needed untill you have learnt the commands. You should have started to learn and memorized of them by now! Remember no cheat-sheets on exam day.

Contents

Topology

Lab11_topologi

 

Base Configuration

1. Connect the devices as show in the image
2. On all the devices configure the following:

  • hostname
  • password for privileged exec-mode (Use the password cisco)
  • make sure that all the passwords are encrypted in running-config
  • set a appropriate message-of-the-day-banner
  • secure usage of the console-port with a password (password cisco)
  • secure the usage on five VTY-ports (password cisco for telnet, don't configure ssh yet)

3. Safe your configuration in the nvram on all your devices

IP-addressing

You have the IPv4 network 172.16.0.0/25 and the IPv6-prefix 2001:DB8:ACAD::/48

IPv4

Create to equally large subnets. Write down your new subnets here:

1) Networkaddress: ______.______.______.______ Subnet mask:______.______.______.______

2) Networkaddress: ______.______.______.______ Subnet mask:______.______.______.______

IPv6

Create two subnets with the prefix length of /64. Write down your new subnets here:

1) Networkaddress: ______________________________________________________________________/____

2) Networkaddress: ______________________________________________________________________/____

 

Address configuration

Use subnet one for the local network to the left. Use subnet two for the local network to the right.

1. Plan your addressing scheme on paper for the topology before you start the configuration of your devices.

  • Use the first address in the subnet on the interfaces of the router
  • Use the fifth address in the subnet on the switches interfaces(SVI)
  • Use the tenth address in the subnet on each of the PCs

    Router
2. Activate ipv6 unicast-routing on the router
3. Configure the interfaces on the router with appropriate descriptions, apply the chosen IPv4- and IPv6-addresses and also change the IPv6 link-local-address to fe80::1. Don't forget to activate the interfaces!

    Switch
4. Make sure the switch supports IPv6 and if it doesn't, use:
sdm prefer dual-ipv4-and-ipv6 default
5. Configure the interface on the switches (SVI) with a appropriate descriptions, apply the chosen IPv4- and IPv6-addresses. Activate the interfaces!
6. Also configure the correct default gateway for IPv4 on the switches

    PC
7. Lastly apply IP-Addresses on the PC's with the chosen valda IPv4- and IPv6-addresses as well as IPv4 and IPv6 default gateways

8. Test now to send a ping from PC1 to PC2 with both IPv4 och IPv6
9. Does it work?, if no: Troubleshoot! Use ping and/or traceoute to find where the issue exists. For issues with IPv6-connectivity the command ipv6 nd autoconfig default-route might be needed on the switches interfaces (SVI).
10. If all pings works: Save configuration to nvram on both the router and switches.

 

TELNET vs SSH

1. Configure all network devices for communication with both Telnet and SSH.

  • Step 1: Create users on each device with the global configuration-command:

    R1(config)# username Admin secret cisco

  • Step 2: Configure a domain on all the devices:

    R1(config)# ip domain-name cnap.hv.se

  • Step 3: Create keys for encryption:

    R1(config)# crypto key generate rsa modulus 1024

  • Step 4: Configure the vty lines for both ssh and telnet, login with the local database and automatic disconnection after 5 minutes of idle-time

    R1(config)# line vty 0 4
    R1(config-line)# transport input telnet ssh
    R1(config-line)# login local
    R1(config-line)# exec-timeout 5 0
2. Now test to communicate with R1 using telnet from PC1
3. Try and login in with the username and password you created in the local database
4. Did it work? Great! Now close down the session
5. Start the software Wireshark on the same computer (Blue sharkfin icon in windows taskbar)
6. Choose the correct networks card connection, you want wired ethernet (might exist multiple ones if WIFI-card is activated) and start a recording
7. Now go back to your terminal software and start a new telnet-session with the router
8. When you have done a successful login enter privileged mode and show running-config.
9. Go back to the Wireshark software and stop the recording and filter on telnet-traffic by using a appropriate filter (try something related to telnet)
10. What port does Telnet use? _____________
11. Right click a telnet packet, choose the option Follow stream, and then pick TCP
12. Now a new window should had opened up, here you can read what have been sent in the telnet conversation between your PC and the router
13. Why does some of the letters get written twice?

___________________________________________________________________________

___________________________________________________________________________
14. Start a new recording without saveing the previous one
15. open the software Putty (Is located on your windows taskbar). Make sure that SSH is the chosen connection type and write the IP-address you want to talk with on the router. Press Open. If a new window called Putty Security alert opens up, choose YES to continue
16. Login with your username and password. When you have successfully completed your login, exit the session by writing quit
17. Go back to Wireshark, finish the Wireshark recording and filter on ssh-trafic with a appropriate filter
18. What port does SSH use?______________
19. Right click a SSH packet, choose the option Follow stream, and then pick TCP
20. Now try to read the content of the conversation (as you previously did in the telnet stream)
21. As you might have noticed the difference the preferred protocol is SSH over telnet. Can you come up a reason as to why some may use telnet instead of SSH?

___________________________________________________________________________

 

Troubleshooting

Something you can't do to much of is troubleshooting! Troubleshooting is the best way of learning how to configure and how to fix misconfigurations

Before you start with this part go talk with a instructor and show that you have full connectivity in your topology

1. Student 1 should leave the room while Student 2 creates and applies 3 faults in the topology. Try and stick to the IPv4 network so the faulty area doesn't become to large. The faults should be detectable with the help of ping/traceroute as well as by using SSH to try and login to the devices. Some examples of faults can be: closed down ports, cables moved and connected to the wrong place, wrong ip-addressing (example inconsistent gateway, different networks on a single LAN, no ip-address at all), wrong username/password for ssh, wrong configuration for ssh, and so on. Use your imagination! =)
2. After Student 2 have completed creating 3 faults let Student 1 back inside to troubleshoot and correct the faults. The student troubleshooting should when completed manage to ping all devices with IPv4 as well communicate with the devices using ssh.
3. Once first Student have completed troubleshooting you change (Student 1 creates faults and student 2 troubleshoots)
Try to not assist each other to early, let your lab-partner first try to find the faults by themself before you give them tips of where the issues might be.

Good job!

Did you have to peek at the cheat-sheet while doing any of the parts??
If you did, redo that prat!
Please ask your lab instructor for new networks to subnet


Are you done and did not use the cheat-sheet? Ask your instructor to go through the lab with you, you should be able to show the following:

  • You have full connectivity in both IPv4 and IPv6, if you don't you need to troubleshoot
  • Your notes and answers to the questions


 

CCNA 1 Cheat Sheet 

Minimum                                            | Maximum                               | Överkurs
 
Router# show running-config                        |                                       |show runn | include unicast-routing
Router# show ip interface brief                    |show ip interface                      |
                                                   |show interface                         |
                                                   |show ip route                          |
                                                   |show ip arp                            |
                                                   |show mac address-table (switch)        |
                                                   |                                       |show clock
                                                      
Router# copy running-config startup-config         |                                       |write
Router# erase startup-config                       |                                       |write erase
Router# reload                                     |                                       |
                                                   |                                       |clock set 16:15:00 11 OCTOBER 2017
                                                     
Anything(config)# hostname Robert                  |                                       |
                                                   |username Admin secret cisco            |
                                                   |ip domain-name                         |
                                                   |                                       |no ip-domain lookup
Router(config)# banner motd % Keep out! %          |                                       |
Router(config)# enable secret cisco                |                                       |                         
Router(config)# service password-encryption        |                                       |
                                                   |security passwords min-length 12       |
                                                   |login block-for 90 attempts 3 within 60|
                                                   |crypto key generate rsa modulus 1024   | 
                                                   
Router(config)# line console 0                     |                                       |
Router(config)# line vty 0 4                       |                                       |
 
Router(config-line)# password cisco                |                                       |
Router(config-line)# login                         |login local                            |   
                                                   |exec-timeout 5 0                       | 
                                                   |                                       |logging synchronous
                                                   |transport input ssh (endast vty)       |                                          
 
Router(config)# ipv6 unicast-routing               |                                       |
Router(config)# interface gigabitethernet 0/?      |                                       |   
Router(config-if)# ip address 1.2.3.1 255.255.240.0|                                       |  
Router(config-if)# ipv6 address a:b:c:d::1234/64   |                                       |  
Router(config-if)# ipv6 address fe80::1 link-local |                                       | 
Router(config-if)# description PC1 connected       |                                       |
Router(config-if)# no shutdown                     |                                       |  
                                                   |                                       |ipv6 enable

Switch(config)# ip default-gateway 1.2.3.1         |                                       |
                                                   |                                       |sdm prefer dual-ipv4-and-ipv6 default
Switch(config)# interface vlan 1                   |                                       | 
Switch(config-if)# Description GÄLLER ENDAST TOMTEN|                                       |
Switch(config-if)# ip address 1.2.3.5 255.255.240.0|                                       |
Switch(config-if)# ipv6 address a:b:c:d::1234/64   |                                       |
Switch(config-if)# ipv6 address fe80::5 link-local |                                       | 
Switch(config-if)# no shutdown                     |                                       |
                                                   |                                       |ipv6 nd autoconfig default-route
Retrieved from "http://catch-up.cnap.hv.se/wiki/index.php?title=GNI102_Lab_11&oldid=8282"
Personal tools
Namespaces

Variants
Actions
Navigation
Tools