Accessing the WAN
Trang 1© 2006 Cisco Systems, Inc All rights reserved Cisco Public 1
Trang 2© 2006 Cisco Systems, Inc All rights reserved Cisco Public 2
Objectives
Describe how the Cisco Enterprise Composite
Model (ECNM) provides integrated services
over an Enterprise network
Describe the key WAN technology concepts
Identify the appropriate WAN technologies to
use when matching ECNM best practices with typical enterprise requirements for WAN
communications
Trang 3© 2006 Cisco Systems, Inc All rights reserved Cisco Public 3
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Trang 4© 2006 Cisco Systems, Inc All rights reserved Cisco Public 4
Describe How ECNM Provides Integrated
Services over an Enterprise Network
corresponding business requirements for services and
how those requirements are reflected in the
Enterprise’s changing network topology
Trang 5© 2006 Cisco Systems, Inc All rights reserved Cisco Public 5
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Model that Cisco's Enterprise Composite Model has
been designed to address
Trang 6© 2006 Cisco Systems, Inc All rights reserved Cisco Public 6
Describe How ECNM Provides Integrated
Services over an Enterprise Network
Trang 7© 2006 Cisco Systems, Inc All rights reserved Cisco Public 7
Describe the Key WAN Technology
Concepts
Model
Trang 8© 2006 Cisco Systems, Inc All rights reserved Cisco Public 8
Describe the Key WAN Technology
Concepts
network and Internet communications
Trang 9© 2006 Cisco Systems, Inc All rights reserved Cisco Public 9
Describe the Key WAN Technology
Concepts
today’s Enterprise WAN networks
Trang 10© 2006 Cisco Systems, Inc All rights reserved Cisco Public 10
Describe the Key WAN Technology
Concepts
an Enterprise setting
Trang 11© 2006 Cisco Systems, Inc All rights reserved Cisco Public 11
Select the Appropriate WAN Technology to meet ECNM Requirements
the WAN
Trang 12© 2006 Cisco Systems, Inc All rights reserved Cisco Public 12
Select the Appropriate WAN Technology to meet ECNM Requirements
provide a WAN connection
Trang 13© 2006 Cisco Systems, Inc All rights reserved Cisco Public 13
Select the Appropriate WAN Technology to meet ECNM Requirements
provide a WAN connection
Trang 14© 2006 Cisco Systems, Inc All rights reserved Cisco Public 14
Select the Appropriate WAN Technology to meet ECNM Requirements
provide a WAN connection
Trang 15© 2006 Cisco Systems, Inc All rights reserved Cisco Public 15
Select the Appropriate WAN Technology to meet ECNM Requirements
connection
Trang 16© 2006 Cisco Systems, Inc All rights reserved Cisco Public 16
Summary
A data communications network that operates beyond the
geographic scope of a LAN
Trang 17© 2006 Cisco Systems, Inc All rights reserved Cisco Public 17
Summary
–This is an expansion of the hierarchical model that further
divides the enterprise network into
•Physical areas
•Logical areas
•Functional areas
considering some of the following:
Trang 18© 2006 Cisco Systems, Inc All rights reserved Cisco Public 18
Trang 19© 2006 Cisco Systems, Inc All rights reserved Cisco Public 1
Trang 20© 2006 Cisco Systems, Inc All rights reserved Cisco Public 2
Objectives
Describe the fundamental concepts of point-to-point serial
communication including TDM, demarcation point, DTE-DCE
functions, HDLC encapsulation, and serial interface
troubleshooting
Describe PPP concepts including PPP layered architecture, PPP
frame structure, PPP session establishment, multiprotocol
encapsulation support, link control protocol (LCP), network
control protocol (NCP), and Internet Protocol Control Protocol
(IPCP)
Configure PPP on a serial interface including enabling PPP
encapsulation, verifying the PPP connection and troubleshooting encapsulation problems
Configure PPP authentication including explaining PAP and
CHAP authentication protocols, configuring PPP authentication
using PAP and CHAP, and troubleshooting PPP authentication
problems
Trang 21© 2006 Cisco Systems, Inc All rights reserved Cisco Public 3
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
basis of WAN technologies
Trang 22© 2006 Cisco Systems, Inc All rights reserved Cisco Public 4
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
across a single physical connection using TDM
Trang 23© 2006 Cisco Systems, Inc All rights reserved Cisco Public 5
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
customer and service provider networks
Trang 24© 2006 Cisco Systems, Inc All rights reserved Cisco Public 6
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
location of devices in a network
Trang 25© 2006 Cisco Systems, Inc All rights reserved Cisco Public 7
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
one of three frame types to encapsulate data
Trang 26© 2006 Cisco Systems, Inc All rights reserved Cisco Public 8
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
encapsulation on a router
Trang 27© 2006 Cisco Systems, Inc All rights reserved Cisco Public 9
Describe the Fundamental Concepts of
Point-to-Point Serial Communication
a serial connection
Trang 28© 2006 Cisco Systems, Inc All rights reserved Cisco Public 10
Describe Point-to-Point Concepts
Trang 29© 2006 Cisco Systems, Inc All rights reserved Cisco Public 11
Describe Point-to-Point Concepts
architecture
Trang 30© 2006 Cisco Systems, Inc All rights reserved Cisco Public 12
Describe Point-to-Point Concepts
a PPP frame
Trang 31© 2006 Cisco Systems, Inc All rights reserved Cisco Public 13
Describe Point-to-Point Concepts
Trang 32© 2006 Cisco Systems, Inc All rights reserved Cisco Public 14
Describe Point-to-Point Concepts
Trang 33© 2006 Cisco Systems, Inc All rights reserved Cisco Public 15
Describe Point-to-Point Concepts
Trang 34© 2006 Cisco Systems, Inc All rights reserved Cisco Public 16
Configure PPP on a Serial Interface
in the LCP frame
Trang 35© 2006 Cisco Systems, Inc All rights reserved Cisco Public 17
Configure PPP on a Serial Interface
configure and verify PPP connections
Trang 36© 2006 Cisco Systems, Inc All rights reserved Cisco Public 18
Configure PPP on a Serial Interface
command
Trang 37© 2006 Cisco Systems, Inc All rights reserved Cisco Public 19
Configure PPP on a Serial Interface
Trang 38© 2006 Cisco Systems, Inc All rights reserved Cisco Public 20
Configuring PPP with Authentication
Trang 39© 2006 Cisco Systems, Inc All rights reserved Cisco Public 21
Configuring PPP with Authentication
connection
Trang 40© 2006 Cisco Systems, Inc All rights reserved Cisco Public 22
Configuring PPP with Authentication
connection
Trang 41© 2006 Cisco Systems, Inc All rights reserved Cisco Public 23
Configuring PPP with Authentication
process on a flow chart
Trang 42© 2006 Cisco Systems, Inc All rights reserved Cisco Public 24
Configuring PPP with Authentication
authentication
Trang 43© 2006 Cisco Systems, Inc All rights reserved Cisco Public 25
Configuring PPP with Authentication
command
Trang 44© 2006 Cisco Systems, Inc All rights reserved Cisco Public 26
Summary
Link establishment
Link quality determination
Network layer protocol configuration negotiation
Link termination
–HDLC default encapsulation
–PPP
Trang 45© 2006 Cisco Systems, Inc All rights reserved Cisco Public 27
Summary
–PAP
•2 way handshake –CHAP
•3 way handshake
–Use debug ppp authentication to confirm authentication
configuration
–Done on a serial interface
to display:
–LCP state
–NCP state
Trang 46© 2006 Cisco Systems, Inc All rights reserved Cisco Public 28
Trang 47© 2006 Cisco Systems, Inc All rights reserved Cisco Public 1
Version 4.0
Frame Relay
Accessing the WAN – Chapter 3
Trang 48© 2006 Cisco Systems, Inc All rights reserved Cisco Public 2
Objectives
Describe the fundamental concepts of Frame Relay technology
in terms of Enterprise WAN services including Frame Relay
operation, Frame Relay implementation requirements, Frame
Relay maps, and LMI operation
Configure a basic Frame Relay PVC including configuring and
troubleshooting Frame Relay on a router serial interface and
configuring a static Frame Relay map
Describe advanced concepts of Frame Relay technology in
terms of Enterprise WAN services including Frame Relay
sub-interfaces, Frame Relay bandwidth and flow control
Configure an advanced Frame Relay PVC including solving
reachability issues, configuring Frame Relay sub-interfaces,
verifying and troubleshooting Frame Relay configuration
Trang 49© 2006 Cisco Systems, Inc All rights reserved Cisco Public 3
Describe the Fundamental Concepts of Frame Relay Technology
services to the Enterprise
Trang 50© 2006 Cisco Systems, Inc All rights reserved Cisco Public 4
Describe the Fundamental Concepts of Frame Relay Technology
packets from one DTE to another
Trang 51© 2006 Cisco Systems, Inc All rights reserved Cisco Public 5
Describe the Fundamental Concepts of Frame Relay Technology
Trang 52© 2006 Cisco Systems, Inc All rights reserved Cisco Public 6
Describe the Fundamental Concepts of Frame Relay Technology
implementing Frame Relay in different environments
Trang 53© 2006 Cisco Systems, Inc All rights reserved Cisco Public 7
Describe the Fundamental Concepts of Frame Relay Technology
network uses LMI status messages and inverse ARP
queries to map VCs to layer 3 network IP Addresses
Trang 54© 2006 Cisco Systems, Inc All rights reserved Cisco Public 8
Configure a Basic Frame Relay PVC
interface
Trang 55© 2006 Cisco Systems, Inc All rights reserved Cisco Public 9
Configure a Basic Frame Relay PVC
Trang 56© 2006 Cisco Systems, Inc All rights reserved Cisco Public 10
Describe Advanced Concepts of Frame Relay Technology
Frame Relay NBMA topology
Trang 57© 2006 Cisco Systems, Inc All rights reserved Cisco Public 11
Describe Advanced Concepts of Frame Relay Technology
Frame Relay technology
Trang 58© 2006 Cisco Systems, Inc All rights reserved Cisco Public 12
Describe Advanced Concepts of Frame Relay Technology
technology
Trang 59© 2006 Cisco Systems, Inc All rights reserved Cisco Public 13
Configure an Advanced Frame Relay PVC
subinterfaces on a physical interface
Trang 60© 2006 Cisco Systems, Inc All rights reserved Cisco Public 14
Configure an Advanced Frame Relay PVC
operation
Trang 61© 2006 Cisco Systems, Inc All rights reserved Cisco Public 15
Configure an Advanced Frame Relay PVC
configuration
Trang 62© 2006 Cisco Systems, Inc All rights reserved Cisco Public 16
Summary
because it:
–Provides greater bandwidth than leased line
–Reduces cost because it uses less equipment
–Easy to implement
and encapsulates data packets in a frame relay frame
–These virtual circuits may be identified by a DLCI
addresses
Trang 63© 2006 Cisco Systems, Inc All rights reserved Cisco Public 17
Summary
–Enable frame relay encapsulation
–Configuring either static or dynamic mapping
–Considering split horizon problems that develop when multiple VCs are placed on a single physical interface
–How service provider has their charging scheme set up
–DE
–FECN
–BECN
Trang 64© 2006 Cisco Systems, Inc All rights reserved Cisco Public 18
Summary
frame relay configuration
–Show interfaces
–Show frame-relay lmi
–Show frame-relay pvc ###
–Show frame-relay map
frame relay configuration
–Debug frame-relay lmi
Trang 65© 2006 Cisco Systems, Inc All rights reserved Cisco Public 19
Trang 66© 2006 Cisco Systems, Inc All rights reserved Cisco Public 1
Trang 67© 2006 Cisco Systems, Inc All rights reserved Cisco Public 2
Objectives
security threats to Enterprise networks
services and interfaces
Trang 68© 2006 Cisco Systems, Inc All rights reserved Cisco Public 3
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
networks have created an increased need for network
security and dynamic security policies
Trang 69© 2006 Cisco Systems, Inc All rights reserved Cisco Public 4
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
they impact enterprises
Trang 70© 2006 Cisco Systems, Inc All rights reserved Cisco Public 5
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
and how they impact enterprises
Trang 71© 2006 Cisco Systems, Inc All rights reserved Cisco Public 6
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
enterprises use to protect themselves against threats
Trang 72© 2006 Cisco Systems, Inc All rights reserved Cisco Public 7
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
Trang 73© 2006 Cisco Systems, Inc All rights reserved Cisco Public 8
Describe the General Methods used to Mitigate Security Threats to Enterprise Networks
an organization
Trang 74© 2006 Cisco Systems, Inc All rights reserved Cisco Public 9
Configure Basic Router Security
configuration settings is vital to network operation
Trang 75© 2006 Cisco Systems, Inc All rights reserved Cisco Public 10
Configure Basic Router Security
IOS security features on network routers
Trang 76© 2006 Cisco Systems, Inc All rights reserved Cisco Public 11
Configure Basic Router Security
Cisco routers
Trang 77© 2006 Cisco Systems, Inc All rights reserved Cisco Public 12
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
vulnerable to network attack
Trang 78© 2006 Cisco Systems, Inc All rights reserved Cisco Public 13
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
configured management services
Trang 79© 2006 Cisco Systems, Inc All rights reserved Cisco Public 14
Explain How to Disable Unused Cisco
Router Network Services and Interfaces
interface (CLI) auto secure command
Trang 80© 2006 Cisco Systems, Inc All rights reserved Cisco Public 15
Explain How to Use Cisco SDM
Trang 81© 2006 Cisco Systems, Inc All rights reserved Cisco Public 16
Explain How to Use Cisco SDM
SDM
Trang 82© 2006 Cisco Systems, Inc All rights reserved Cisco Public 17
Explain How to Use Cisco SDM
Trang 83© 2006 Cisco Systems, Inc All rights reserved Cisco Public 18
Explain How to Use Cisco SDM
Trang 84© 2006 Cisco Systems, Inc All rights reserved Cisco Public 19
Explain How to Use Cisco SDM
Trang 85© 2006 Cisco Systems, Inc All rights reserved Cisco Public 20
Explain How to Use Cisco SDM
router
Trang 86© 2006 Cisco Systems, Inc All rights reserved Cisco Public 21
Manage Cisco IOS Devices
Trang 87© 2006 Cisco Systems, Inc All rights reserved Cisco Public 22
Manage Cisco IOS Devices
image
Trang 88© 2006 Cisco Systems, Inc All rights reserved Cisco Public 23
Manage Cisco IOS Devices
software images using a network server
Trang 89© 2006 Cisco Systems, Inc All rights reserved Cisco Public 24
Manage Cisco IOS Devices
Trang 90© 2006 Cisco Systems, Inc All rights reserved Cisco Public 25
Manage Cisco IOS Devices
when troubleshooting Cisco router configurations
Trang 91© 2006 Cisco Systems, Inc All rights reserved Cisco Public 26
Manage Cisco IOS Devices
enable secret passwords
Trang 92© 2006 Cisco Systems, Inc All rights reserved Cisco Public 27
Trang 93© 2006 Cisco Systems, Inc All rights reserved Cisco Public 28
Summary
–Physical security
–Update and backup IOS
–Backup configuration files
–Password configuration
–Logging router activity
their exploitation by intruders
–A web based management tool for configuring security
measures on Cisco routers