Configure Cisco Network without CCNA
-
Upload
sulaim-king-x -
Category
Documents
-
view
109 -
download
2
description
Transcript of Configure Cisco Network without CCNA
[email protected] 11 September 2012
Configure a network without CCNA
1. INTRODUCTION
This paper guides you to configure ADSL (PPPoE) network using Cisco devices. To ensure that this paper is realistic, I try using „Streamyx‟ from Telekom Malaysia (TM) as our practical example. TM is our Internet Service Provider (ISP). This paper includes configuration of Dynamic Host Configuration Protocol (DHCP), Virtual LAN (VLAN), VLAN Trunk Protocol (VTP), Variable Length Subnet Mask (VLSM), Enhanced Interior Gateway Routing Protocol (EIGRP), Telnet, virtual private dial-up network (VPDN), access control list (ACL), network address translation (NAT) and IP-phone. I hope that this paper would be a good reference in helping you guys. Note that this configuration is just base on my readings and people experiences. I tested the network using packet tracer. Thus, the configuration would be more convincing if we had a chance of handling with real devices.
1.1 ADSL
Figure 1 : ADSL network connection to the internet. The computer represents the network.
The computer is where the network that we will build. Note that ADSL (and other xDSL technology) speed depends on the distance between your site and the ISP. The closer your network to the ISP, the more bandwidth or higher speed available to you. Specifically with xDSL
Ethernet cable (straight cable)
[email protected] 11 September 2012
Configure a network without CCNA
connection that ride over Plain Old Telephone Service (POTS), there might be some electromagnetic interference factors you also need to consider.
1.2 CHOOSING A MODEM
There is internal and external modem. In case that you use external modem, you need to verify if the modem is "just" a modem (dumb modem) or if the modem is an integrated modem/router. A simple dumb modem typically needs no special configuration such as cisco DSL modem. You can just connect the modem into your Internet gateway device. If the modem is an integrated modem/router, then you need to confirm further issues like bridge/route mode, NAT/PAT active, and so on. Thus, if using internal modem make sure that the modem is compatible with ISP. Internal modem is sometime given by the ISP such as steamyx. The configuration of this given modem is restricted (have been configured by ISP) and the configuration will not be cover here. 1.3 What you need to know about ADSL.
When using a Cisco router with internal DSL modem, there might be a need to have
interface BVI1 activated and to set VPI/VCI value for the ATM interface (I include this in appendix)
When there is no internal DSL modem, you should not need BVI interface receive either static or dynamic IP address with specific subnet mask from ISP the ISP IP address is a public IP address (Internet routable), thus we have to use
NAT. ISP assign the IP address by either PPP (PPPoE or PPPoA), DHCP, or static may or may not receive ISP DNS IP address. When you use Cisco router as the ISP gateway, there is a need to have interface
Dialer1 activated You need to tie the WAN port interface with the interface Dialer1 Under the interface Dialer1, there is a need to have either "ip address x.x.x.x y.y.y.y"
(statically assigned) or "ip address negotiated" (dynamically assigned)
When using a Cisco router with internal DSL modem, there might be a need to have either "ip address x.x.x.x y.y.y.y" (statically assigned) or "ip address negotiated" (dynamically assigned) under the interface BVI1
You might be required to set specific MAC address under the interface BVI1 When you do use interface BVI1, you need to tie the WAN port interface with the
interface BVI1 When the router has no internal DSL modem, then the IP address assignment (either
statically or dynamically) should be under the ISP-facing Ethernet interface Should you need to set specific MAC address and there is no internal DSL modem,
the MAC address should be under the ISP-facing Ethernet interface
I am using External modem so don’t bother much about that internal modem
[email protected] 11 September 2012
Configure a network without CCNA
2. GETTING STARTED
2.1 WHAT YOU NEED TO DO??
i) Get Console cable make connection between DB port (computer) and console
port (router or switch). The connection is made to program the device. The connection is similar for both router and switch.
Figure 3 : Console cable
Figure 4 : A Computer connected to a router using console cable.
if there is no DB-9 or DB-25 port on PC or laptop we need converter to USB
[email protected] 11 September 2012
Configure a network without CCNA
It is preferable to use either DB-9 or DB-25 serial port for console in instead of using USB port. In
some cases, using DB9-USB or DB25-USB adapter may not work; depending on the adapter model itself or adapter setting.
ii) Go to Hyper Terminal. Hyper Terminal is available in windows XP. Newer version
Microsoft OS are unavailable (windows 8 not sure). However, you can get the software from internet at www.hilgraeve.com/htpe/download.html.
Figure 5 : Windows XP interface pointing toward hyper terminal start up menu
iii) Select the terminal configuration as figure 6.
Figure 6 : Terminal configuration value
iv) Observe your router. Which port for WAN (internet or internetwork) and which for
LAN. Some router specify special port for console, WAN, LAN.
[email protected] 11 September 2012
Configure a network without CCNA
2.2 UNDERSTAND WHICH CABLE FOR WHICH
Types of cable we will be using :
i) cross-over cable: LAN Ethernet cable
ii) Straight cable: LAN Ethernet cable
Some people confuse in using cross (i) and straight cable (ii). Thus, I make this as simple as possible by memorize this word :
“Any device that connects to a switch or a hub should be using straight cable except itself (switch or hub “ Both of this cable can be recognized by differences in its wire arrangements. Tips : if you still not sure which type of cable to be used sometimes, try both cables and see which works.
Note: If there is an auto MDI/MDI-X feature support on the one of the device you don't have to use any crossover cable in the connection, having just straight cable would be ok.
[email protected] 11 September 2012
Configure a network without CCNA
iii) Serial cable: Mostly use for inter-router connection
iv) Telephone cable: connect to telephone line (ISDN)
v) Console cable : use for computer to program Cisco devices.
[email protected] 11 September 2012
Configure a network without CCNA
3. CONFIGURE A NETWORK
3.1 NETWORK The network that we will configure is as figure 7 having ADSL connection to the internet.
Figure 7 : Network that I have configure using packet tracer.
[email protected] 11 September 2012
Configure a network without CCNA
3.2 STREAMYX WAN SETTINGS (GIVEN BY ISP)
PORT / VPI / VCI: 0 / 0 / 35
Connection Type: PPPoE
Service Name: pppoe_0_0_35_1
Service Category: UBR
IP Address: Automatically Assigned
Service State: Enabled
NAT: Enabled
Firewall: Enabled
IGMP Multicast: Enabled
Quality Of Service: Disabled
…
Line Rate – Upstream (Kbps): xxx
Line Rate – Downstream (Kbps): xxxx
LAN IP Address: xxx.xxx.xxx.xxx
Default Gateway: 219.93.218.177
Primary DNS Server: 202.188.0.133
Secondary DNS Server: 202.188.1.5
MTU : 1400 bytes
MRU : 1492 bytes
Default Route: Disable
PPPoE Pass Through: Disable
PVC : Pvc0
Connection Type: PPPoE / LLC
Authentication Type: Auto / PAP
[email protected] 11 September 2012
Configure a network without CCNA
3.3 CALCULATE VARIABLE SUBNET LENGTH MASK (VLSM)
VLSM is used to assign IP addresses so that the available address won‟t waste because of subnet size difference. You can calculate using this site www.vlsm-calc.net. The data generated is as below :
Major Network: 192.168.1.0/24 Available IP addresses in major network: 254
Number of IP addresses needed: 22 Available IP addresses in allocated subnets: 34
About 17% of available major network address space is used About 65% of subnetted network address space is used
Subnet Name
Need Size
Size Address Mask Dec Mask Assignable
Range Broadcast
Network at swicth0
8 14 192.168.1.0 /28 255.255.255.
240 192.168.1.1 - 192.168.1.14
192.168.1.15
MGT VLAN 4 6 192.168.1.16 /29 255.255.255.
248
192.168.1.17 -
192.168.1.22 192.168.1.23
Engineer VLAN
4 6 192.168.1.24 /29 255.255.255.
248
192.168.1.25 -
192.168.1.30 192.168.1.31
IP-phone VLAN
4 6 192.168.1.32 /29 255.255.255.
248
192.168.1.33 -
192.168.1.38 192.168.1.39
Between router
2 2 192.168.1.40 /30 255.255.255.
252
192.168.1.41 -
192.168.1.42 192.168.1.43
Useful link to calculate regular subnet, wildcard etc. www.tlshopper.com/tools/calculate/ip_subnet
[email protected] 11 September 2012
Configure a network without CCNA
3.3 SETTING COMMAND FOR SWITCH 1 AND SWITCH 2 (FIRST NETWORK)
Figure 8 : Connection between switch 1 and switch 2
Switch 2
No
Enable
Conf t
vlan10
Name mgt
Exit
Vlan 22
Name engineer
Exit
Vlan 80
Name native
Vlan 150
Name voice
Create and name VLAN
Native VLAN is used for devices that not support
802.1q trunk encapsulation (mostly
non-Cisco device)
[email protected] 11 September 2012
Configure a network without CCNA
Int fa0/23
Switchport mode trunk
Switchport trunk allowed vlan 1-99,150
Switchport trunk native vlan 80
Exit
Int fa0/24
Switchport mode trunk
Switchport trunk allowed vlan 1-99,150
Exit
Int range fa0/1-22
Switchport mode access
Exit
Int range fa0/1-5
Switchport access vlan 10
Exit
Int range fa0/6-10
Switchport access vlan 22
Exit
Int range fa0/11-15
Swicthport voice vlan 150
Exit
Int range fa0/16-20
Switchport access vlan 80
Exit
End
Copy running-config start-config
Create trunk
Assign VLAN for specific
port
[email protected] 11 September 2012
Configure a network without CCNA
Switch 0
No
Enable
Conf t
vlan10
Name mgt
Exit
Vlan 22
Name engineer
Exit
Vlan 80
Name native
Vlan 150
Name voice
Int fa0/23
Switchport mode trunk
Switchport trunk allowed vlan 1-99,150
Switchport trunk native vlan 80
Exit
Int fa0/24
Switchport mode trunk
Switchport trunk allowed vlan 1-99,150
Exit
Int range fa0/1-22
Switchport mode access
Exit
[email protected] 11 September 2012
Configure a network without CCNA
Int range fa0/1-5
Switchport access vlan 10
Exit
Int range fa0/6-10
Switchport access vlan 22
Exit
Int range fa0/11-15
Swicthport voice vlan 150
Exit
Int range fa0/16-20
Switchport access vlan 80
Exit
End
Copy running-config start-config
-------------------------------------------------------------------------------------------------------------------------------
Tips:
You can replace:
Switchport mode trunk
Switchport trunk allowed vlan 1-99,150
Switchport trunk native vlan 80
To :
Switchport mode dynamic desirable
Switchport trunk allowed vlan 1-99,150
Switchport trunk native vlan 80
(By using this command you don‟t have to repeat the command on both side of the switch)
-------------------------------------------------------------------------------------------------------------------------------
[email protected] 11 September 2012
Configure a network without CCNA
3.4 SETTING COMMAND FOR ROUTER1 AND SWITCH0 (SECOND NETWORK)
Figure 8 : Second network
Router1
No
En
Conf t
Ip dhcp pool vlan1
Network 192.168.1.0 255.255.255.240
Default-router 192.168.1.1
exit
Int se0/1/0
Ip add 192.168.1.42 255.255.255.252
No shut
exit
Router eigrp 100
Network 192.168.1.40
No auto-summary
End
Copy running-config start-config
Assign DHCP to second network
(Automatically assign IP to connected device)
Assign EIGRP (LAN routing protocol for
connection between router)
[email protected] 11 September 2012
Configure a network without CCNA
3.5 SETTING ROUTER CONNECTION TO INTERNET
Figure 9 : Router that connect to the internet using DSL modem
Router home No
en
conf t
hostname home
banner motd @
Sila keluar @
no ip domain lookup
no logging console
enable password cisco
enable secret cisco1
service password-encryption
line vty 0
login
password cisco2
exit
conf t
ip dhcp pool MGT`
network 192.168.1.16 255.255.255.248
default-router 192.168.1.17
dns-server 202.188.0.133
exit
ip dhcp pool Engineer
network 192.168.1.24 255.255.255.248
default-router 192.168.1.25
Name the router as ‘home’
Notification when entering the router configuration
Avoid spelling mistake translate as domain
name
Prevent syslog
For TELNET
Secure the passwords
[email protected] 11 September 2012
Configure a network without CCNA
dns-server 202.188.0.133
exit
ip dhcp pool Native
network 192.168.1.48 255.255.255.248
default-router 192.168.1.49
dns-server 202.188.0.133
exit
ip dhcp pool Voice
network 192.168.1.32 255.255.255.248
default-router 192.168.1.33
option 150 ip 192.168.1.33
exit
telephony-service
max-dn 10
max-ephone 10
ip source address 192.168.1.33 port 2000
auto assign 1 to 9
exit
ephone-dn 1
number 62001
exit
ephone-dn 2
number 62002
exit
vpdn enable
vpdn-group 1
request-dialin
protocol pppoe
exit
interface fa0/0
description ADSL WAN Interface
no ip address
Set IP-phone
Assign IP-phone number
[email protected] 11 September 2012
Configure a network without CCNA
no ip redirects
no ip unreachables
no ip proxy-arp
no ip mroute-cache
pppoe enable
no cdp enable
exit
interface Dialer1
description ADSL WAN Dialer
ip address negotiated
no ip unreachables
ip nat outside
encapsulation ppp
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp pap sent-username ispusername password isppassword
exit
dialer-list 1 protocol ip permit
interface Dialer1
ip mtu 1400
ip tcp adjust-mss 1452
exit
int fa0/1
description ADSL LAN Interface
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
no shut
exit
[email protected] 11 September 2012
Configure a network without CCNA
int fa0/1.10
encapsulation dot1q 10
ip add 192.168.1.17 255.255.255.248
exit
int fa0/1.22
encapsulation dot1q 22
ip add 192.168.1.25 255.255.255.248
exit
int fa0/1.80
encapsulation dot1q 80
exit
ip nat inside source list 1 interface fa0/0 overload
access-list 1 permit 192.168.1.0 0.0.0.255
no cdp run
ip nat inside source list 10 interface dialer1 overload
ip classless
interface Dialer1
shutdown
ppp ipcp route default
no shutdown
ppp ipcp dns request accept
ppp ipcp address accept
exit
router eigrp 100
network 192.168.1.40
no auto-summary
int s0/0
ip add 192.168.1.41 255.255.255.252
clock rate 6400
no shut
end
Clock must be set at one end of serial
terminal. Known by command
“show controller”
Create sub-interface for each VLAN
NAT (translate private network to public)
[email protected] 11 September 2012
Configure a network without CCNA
4 TERMINOLOGY (notes)
VPI/VCI = Virtual Path Identifier / Virtual Channel Identifier ATM operates as a channel-based transport layer, using virtual circuits (VCs). This is encompassed in the concept of the Virtual Paths (VP) and Virtual Channels. Every ATM cell has an 8- or 12-bit Virtual Path Identifier (VPI) and 16-bit Virtual Channel Identifier (VCI) pair defined in its header. Together, these identify the virtual circuit used by the connection. The length of the VPI varies according to whether the cell is sent on the user-network interface (on the edge of the network), or if it is sent on the network-network interface (inside the network). As these cells traverse an ATM network, switching takes place by changing the VPI/VCI values (label swapping). Cable Internet =is a form of broadband Internet access that uses the cable television infrastructure. Like digital subscriber line and fiber to the premises services.It is integrated into the cable television infrastructure analogously to DSL which uses the existing telephone network. Private network = network that uses private IP address space, following the standards set by RFC 1918 and RFC 4193. These addresses are commonly used for home, office, and enterprise local area networks (LANs), when globally routable addresses are not mandatory, or are not available for the intended network applications. UnderInternet Protocol IPv4, private IP address spaces were originally defined in an effort to delay IPv4 address shortage, but they are also a feature of the next generation Internet Protocol, IPv6. IP packets addressed by them cannot be transmitted onto the public Internet. If such a private network needs to connect to the Internet, it must use either a network address translator (NAT) gateway, or a proxy server. Ex : 192.168.1.1 Public network = Public IP address is seen by the world and accessible from any internet connected device. You can check your public IP here http://whatismyipaddress.com/. ex : 175.141.28.62. Do not need to configure network address translator (NAT) gateway, or a proxy server. Zero-subnet = Under old IP subnetting rules, the all 0‟s subnet was reserved for the network, and the all 1‟s subnet was reserved for the broadcast. Over time, engineers found that the all 0‟s subnet wasn‟t really used and, if it could be handed out as a useable network, many IP addresses could be changed. An example of an IP address that is using a zero subnet is 10.1.0.1 with a subnet mask of 255.255.255.0. This IP address may look pretty weird to you. Some people may even try to argue that it is an invalid IP address because there is a 0 in third octet. However, today, this IP address is perfectly legal when it comes to subnetting. Thus, if I had an IP address of 10.1.0.0 with a 255.255.0.0 subnet mask and wanted to subnet it, I could actually get 255 valid networks out of it by using the 0 subnet. In other words, I could have networks ranging from 10.1.{0-254}.X where the X represents hosts 1-254. This gives me room for networks 0-254, or 255 total networks, by using the 0 subnet. Cisco IOS router, by default, has the command „ip subnet-zero‟ enabled on the router.
[email protected] 11 September 2012
Configure a network without CCNA
BRI = Basic Rate Interface.
PPP multilink = multiple PPP links and “bond” them together to act as a single PPP link. dialer rotary group = used to apply a single interface configuration to a set of physical interface...mostly used when you have multiple caller and calling destination.used for those situations where you have multiple lines bundled into a single rotary group used for async dial-in or ISDN channel rotation. Dial-On-Demand Routing (DDR) = a technique whereby a router can automatically initiate and close a circuit-switched session as transmitting stations demand. The router spoofs keepalives so that end stations treat the session as active. DDR permits routing over ISDN or telephone lines using an external ISDN terminal adaptor or modem. routing technique where a network connection to a remote site is established only when needed. In other words, if the router tries to send out data and the connection is off, then the router will automatically establish a connection, send the information, and close the connection when no more data needs to be sent. DDR is advantageous for companies that must pay per minute for a WAN setup, where a connection is always established. Constant connections can become needlessly expensive if the company does not require a constant internet connection.[1]
‘IP classless’ command = means „Do Not Drop Any Packet when the default route is configured‟. Meaning to use classless addressing (not bound to a network class A, B or C Classfull).
VPND = Virtual Private Dial-up Network. network that extends remote access to a private network using a shared infrastructure. nstead of making connections directly to the network by using the expensive Public Switched Telephone Network (PSTN), access VPDN users only need to use the PSTN to connect to the ISP local point of presence (POP).
[email protected] 11 September 2012
Configure a network without CCNA
PPoE = The PPPoE on Ethernet feature adds support to PPPoE by adding direct connection to actual Ethernet interfaces. PPPoE provides service-provider digital subscriber line (DSL) support.
The following restrictions apply when the PPPoE on Ethernet feature is used:
• PPPoE will not be supported on Frame Relay.
• PPPoE will not be supported on any other LAN interfaces such as FDDI and Token Ring.
• Fast switching is supported. PPP over Ethernet over RFC 1483 fibswitching will be supported for IP. All other protocols will be switched over process switching.
REFERENCE 1. http://www.dslreports.com/faq/8199 2. http://www.yourictmagazine.com/techonology/tips-a-tricks/206-basic-to-configure-a-cisco-router-to-connect-to-internet- 3. http://www.windowsitpro.com/article/internet/9-steps-to-setting-up-a-cisco-router 4. http://www.cisco.com/en/US/docs/routers/access/800/801/software/configuration/guide/basicsce.html 5. www.youtube.com 6. Wikipedia