Scott Empson
CCNA 200-301 Portable Command Guide
41,99 €
inkl. MwSt.
Versandkostenfrei*
Erscheint vorauss. 8. Januar 2027
Melden Sie sich
hier
hier
für den Produktalarm an, um über die Verfügbarkeit des Produkts informiert zu werden.
Scott Empson
CCNA 200-301 Portable Command Guide
- Broschiertes Buch
Andere Kunden interessierten sich auch für
- David HucabyCCNA 200-301 Official Cert Guide Library67,99 €
- Sean WilkinsCCNA 200-301 Official Cert Guide and Network Simulator Library210,99 €
- Bill FergusonvSphere 6 Foundations Exam Official Cert Guide (Exam #2V0-620)51,99 €
- Oracle8i: Networking 10141,99 €
- Carl Young's Adobe Acrobat 6.0: Getting Professional Results from Your PDFs36,99 €
- Joseph LabrecqueLearn Adobe Animate CC for Multiplatform Animations54,99 €
- David HucabyCCNP Enterprise Wireless Design ENWLSD 300-425 and Implementation ENWLSI 300-430 Official Cert Guide67,99 €
-
-
-
Produktdetails
- Verlag: Pearson Education (US)
- Erscheinungstermin: 8. Januar 2027
- Englisch
- ISBN-13: 9780138208684
- ISBN-10: 0138208689
- Artikelnr.: 71616657
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Scott Empson is an instructor in the Department of Information Systems Technology at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, where he has taught for more than 20 years. He teaches technical courses in Cisco routing and switching, along with courses in professional development and leadership. He has a Master of Education degree along with three undergraduate degrees: a Bachelor of Arts, with a major in English; a Bachelor of Education, again with a major in English/language arts; and a Bachelor of Applied Information Systems Technology, with a major in network management. Scott lives in Edmonton, Alberta, with his wife, Trina, and two university-attending-but-still-haven’t-moved-out-yet-but-hope-to-move-out-as-soon-aspossible-after-graduation-so-Dad-can-have-the-TV-room-back children, Zachariah and Shaelyn.
Introduction xix
Part I: Network Fundamentals
CHAPTER 1 IPv4 Addressing–How It Works 1
What Are IPv4 Addresses Used For? 1
What Does an IPv4 Address Look Like? 2
Network and Subnetwork Masks 2
Ways to Write a Network or Subnet Mask 3
Network, Node, and Broadcast Addresses 3
Classes of IPv4 Addresses 4
Network vs. Node (Host) Bits 5
RFC (Private) 1918 Addresses 6
Local vs. Remote Addresses 7
Classless Addressing 7
Lessons Learned 9
CHAPTER 2 How to Subnet IPv4 Addresses 11
Subnetting a Class C Network Using Binary 12
Subnetting a Class B Network Using Binary 15
Binary ANDing 17
So Why AND? 19
Shortcuts in Binary ANDing 20
CHAPTER 3 Variable Length Subnet Masking (VLSM) 23
IP Subnet Zero 23
VLSM Example 24
Step 1: Determine How Many H Bits Will Be Needed to Satisfy the Largest
Network 25
Step 2: Pick a Subnet for the Largest Network to Use 25
Step 3: Pick the Next Largest Network to Work With 26
Step 4: Pick the Third Largest Network to Work With 28
Step 5: Determine Network Numbers for Serial Links 30
CHAPTER 4 Route Summarization 33
Example for Understanding Route Summarization 33
Step 1: Summarize Winnipeg’s Routes 34
Step 2: Summarize Calgary’s Routes 35
Step 3: Summarize Edmonton’s Routes 35
Step 4: Summarize Vancouver’s Routes 36
Route Summarization and Route Flapping 38
Requirements for Route Summarization 38
CHAPTER 5 IPv6 Addressing–How It Works 39
IPv6: A Very Brief Introduction 39
What Does an IPv6 Address Look Like? 40
Reducing the Notation of an IPv6 Address 41
Rule 1: Omit Leading 0s 41
Rule 2: Omit All-0s Hextet 42
Combining Rule 1 and Rule 2 42
Prefix Length Notation 43
IPv6 Address Types 44
Unicast Addresses 45
Multicast Addresses 48
Anycast Addresses 50
CHAPTER 6 Cables and Connections 51
Connecting a Rollover Cable to Your Router or Switch 51
Using a USB Cable to Connect to Your Router or Switch 51
Terminal Settings 52
LAN Connections 53
Serial Cable Types 53
Which Cable to Use? 55
ANSI/TIA Cabling Standards 56
T568A Versus T568B Cables 57
CHAPTER 7 The Command-Line Interface 59
Shortcuts for Entering Commands 59
Using the Tab Key to Complete Commands 60
Console Error Messages 60
Using the Question Mark for Help 60
enable Command 61
exit Command 61
end Command 61
disable Command 61
logout Command 62
Setup Mode 62
Keyboard Help 62
History Commands 63
terminal Commands 64
show Commands 64
Using the Pipe Parameter ( ) with the show or more Commands 64
Using the no and default Forms of Commands 66
Part II: LAN Switching Technologies
CHAPTER 8 Configuring a Switch 67
Help Commands 68
Command Modes 68
Verifying Commands 68
Resetting Switch Configuration 69
Setting Host Names 69
Setting Passwords 69
Setting IP Addresses and Default Gateways 70
Setting Interface Descriptions 70
The mdix auto Command 70
Setting Duplex Operation 71
Setting Operation Speed 71
Managing the MAC Address Table 72
Configuration Example 72
CHAPTER 9 VLANs 75
Creating Static VLANs 75
Creating Static VLANs Using VLAN Configuration Mode 75
Assigning Ports to VLANs 76
Using the range Command 76
Configuring a Voice VLAN 76
Configuring Voice and Data with Trust 77
Configuring Voice and Data Without Trust 78
Verifying VLAN Information 78
Saving VLAN Configurations 79
Erasing VLAN Configurations 79
Configuration Example: VLANs 80
2960 Switch 80
CHAPTER 10 VLAN Trunking Protocol and Inter-VLAN Communication 83
Dynamic Trunking Protocol (DTP) 83
Setting the VLAN Encapsulation Type 84
VLAN Trunking Protocol (VTP) 84
Verifying VTP 86
Inter-VLAN Communication Using an External Router: Router-on-a-Stick 87
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual
Interface 88
Removing L2 Switchport Capability of an Interface on an L3 Switch 88
Configuring Inter-VLAN Communication on an L3 Switch 88
Inter-VLAN Communication Tips 88
Configuration Example: Inter-VLAN Communication 89
ISP Router 89
CORP Router 90
L2Switch2 (Catalyst 2960) 92
L3Switch1 (Catalyst 3560/3650/3750) 94
L2Switch1 (Catalyst 2960) 95
CHAPTER 11 Spanning Tree Protocol 97
Spanning Tree Protocol Definition 97
Enabling Spanning Tree Protocol 98
Changing the Spanning-Tree Mode 99
BPDU Guard (3650/9xxx Series) 99
Configuring the Root Switch 100
Configuring a Secondary Root Switch 100
Configuring Port Priority 100
Configuring the Path Cost 101
Configuring the Switch Priority of a VLAN 101
Configuring STP Timers 102
Configuring Optional Spanning-Tree Features 102
PortFast 102
BPDU Guard (2xxx/Older 3xxx Series) 103
Enabling the Extended System ID 103
Verifying STP 104
Troubleshooting Spanning Tree Protocol 104
Configuration Example: PVST+ 104
Core Switch (3650) 105
Distribution 1 Switch (3650) 106
Distribution 2 Switch (3650) 106
Access 1 Switch (2960) 107
Access 2 Switch (2960) 107
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 108
Access 1 Switch (2960) 108
Access 2 Switch (2960) 108
Distribution 1 Switch (3650) 109
Distribution 2 Switch (3650) 109
Core Switch (3650) 109
CHAPTER 12 EtherChannel 111
EtherChannel 111
Interface Modes in EtherChannel 111
Default EtherChannel Configuration 112
Guidelines for Configuring EtherChannel 112
Configuring Layer 2 EtherChannel 113
Configuring Layer 3 EtherChannel 114
Configuring EtherChannel Load Balancing 114
Configuring LACP Hot-Standby Ports 115
Monitoring and Verifying EtherChannel 116
Configuration Example: EtherChannel 117
DLSwitch (3560 or 9300) 117
ALSwitch1 (2960 or 9200) 118
ALSwitch2 (2960 or 9200) 119
CHAPTER 13 Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol
(LLDP) 121
Cisco Discovery Protocol 121
Configuring CDP 121
Verifying and Troubleshooting CDP 122
CDP Design Tips 122
Link Layer Discovery Protocol (802.1AB) 123
Configuring LLDP (802.1AB) 123
Verifying and Troubleshooting LLDP 124
Part III: Routing Technologies
CHAPTER 14 Configuring a Cisco Router 125
Router Modes 126
Entering Global Configuration Mode 126
Configuring a Router Name 126
Configuring Passwords 126
Password Encryption 127
Interface Names 127
Moving Between Interfaces 131
Configuring a Serial Interface 132
Assigning an IPv4 Address to a Fast Ethernet Interface 132
Assigning an IPv4 Address to a Gigabit Ethernet Interface 132
Assigning IPv6 Addresses to Interfaces 133
Creating a Message-of-the-Day Banner 133
Creating a Login Banner 134
Mapping a Local Host Name to a Remote IP Address 134
The no ip domain-lookup Command 134
Working with DNS on a Router 134
The logging synchronous Command 135
The exec-timeout Command 136
Saving Configurations 136
Erasing Configurations 136
The write Command 137
Verifying Your Configurations Using show Commands 137
EXEC Commands in Configuration Mode: The do Command 138
Configuration Example: Basic Router Configuration 138
Boston Router 138
CHAPTER 15 Static Routing 141
Configuring an IPv4 Static Route 141
Static Routes and Recursive Lookups 142
The permanent Keyword 142
Floating Static Routes in IPv4 and Administrative Distance 143
Configuring an IPv4 Default Route 144
Verifying IPv4 Static Routes 144
Configuration Example: IPv4 Static Routes 144
Ketchikan Router 145
Juneau Router 145
Sitka Router 146
Configuring an IPv6 Static Route 146
Floating Static Routes in IPv6 147
Configuring an IPv6 Default Route 147
Verifying IPv6 Static Routes 147
CHAPTER 16 Open Shortest Path First (OSPF) 149
OSPFv2 Versus OSPFv3 149
Configuring OSPF 150
Using Wildcard Masks with OSPF Areas 150
Loopback Interfaces 152
Router ID 152
DR/BDR Elections 153
Timers 153
Verifying OSPFv2 Configurations 153
Troubleshooting OSPFv2 154
Configuration Example: Single-Area OSPF 154
Austin Router 155
Houston Router 156
Galveston Router 157
Part IV: IP Services
CHAPTER 17 DHCP 159
Configuring a DHCP Server on an IOS Router 159
Using Cisco IP Phones with a DHCP Server 160
Verifying and Troubleshooting DHCP Configuration 160
Configuring a DHCP Helper Address 161
Configuring a DHCP Client on a Cisco IOS Software Ethernet Interface 162
Configuration Example: DHCP 162
Edmonton Router 162
Gibbons Router 164
CHAPTER 18 Network Address Translation (NAT) 165
Private IP Addresses: RFC 1918 165
Configuring Dynamic NAT: One Private to One Public Address Translation 165
Configuring PAT: Many Private to One Public Address Translation 167
Configuring Static NAT: One Private to One Permanent Public Address
Translation 169
Verifying NAT and PAT Configurations 170
Troubleshooting NAT and PAT Configurations 171
Configuration Example: PAT 171
ISP Router 171
Company Router 172
CHAPTER 19 Configuring Network Time Protocol (NTP) 175
NTP Configuration 175
NTP Design 176
Securing NTP 177
Enabling NTP Authentication 177
Limiting NTP Access with Access Lists 178
Verifying and Troubleshooting NTP 178
Setting the Clock on a Router 179
Using Time Stamps 182
Configuration Example: NTP 182
Core1 Router 183
Core2 Router 184
DLSwitch1 185
DLSwitch2 185
ALSwitch1 186
ALSwitch2 186
Part V: Security Fundamentals
CHAPTER 20 Layer Two Security Features 187
Setting Passwords on a Switch 187
Configuring Static MAC Addresses 188
Configuring Switch Port Security 188
Configuring Sticky MAC Addresses 189
Verifying Switch Port Security 189
Recovering Automatically from Error-Disabled Ports 190
Verifying Autorecovery of Error-Disabled Ports 190
Configuring DHCP Snooping 191
Verifying DHCP Snooping 192
Configuring Dynamic ARP Inspection (DAI) 193
Verifying Dynamic ARP Inspection 193
Configuration Example: Switch Security 194
CHAPTER 21 Managing Traffic Using Access Control Lists (ACLs) 197
Access List Numbers 197
Using Wildcard Masks 198
ACL Keywords 198
Creating Standard ACLs 198
Applying Standard ACLs to an Interface 199
Verifying ACLs 200
Removing ACLs 200
Creating Extended ACLs 200
Applying Extended ACLs to an Interface 201
The established Keyword 201
The log Keyword 202
Creating Named ACLs 203
Using Sequence Numbers in Named ACLs 203
Removing Specific Lines in Named ACLs Using Sequence Numbers 204
Sequence Number Tips 204
Including Comments About Entries in ACLs 205
Restricting Virtual Terminal Access 206
Tips for Configuring ACLs 206
IPv6 ACLs 207
Verifying IPv6 ACLs 207
Configuration Examples: IPv4 ACLs 208
Configuration Examples: IPv6 ACLs 210
CHAPTER 22 Device Monitoring and Hardening 213
Device Monitoring 213
Configuration Backups 213
Implementing Logging 214
Configuring Syslog 215
Syslog Message Format 215
Syslog Severity Levels 216
Syslog Message Example 216
Device Hardening 217
Configuring Passwords 217
Password Encryption 218
Password Encryption Algorithm Types 218
Configuring SSH 219
Verifying SSH 220
Restricting Virtual Terminal Access 220
Disabling Unneeded Services 221
Part VI: Wireless Technologies
CHAPTER 23 Configuring and Securing a WLAN AP 223
Initial Setup of a Wireless LAN Controller (WLC) 223
Monitoring the WLC 229
Configuring a VLAN (Dynamic) Interface 230
Configuring a DHCP Scope 234
Configuring a WLAN 237
Defining a RADIUS Server 239
Exploring Management Options 242
Configuring a WLAN Using WPA2 PSK 246
Part VII: Appendices
APPENDIX A How to Count in Decimal, Binary, and Hexadecimal 251
How to Count in Decimal 251
How to Count in Binary 253
How to Count in Hexadecimal 254
Representing Decimal, Binary, and Hexadecimal Numbers 256
APPENDIX B How to Convert Between Number Systems 259
How to Convert from Decimal to Binary 259
How to Convert from Binary to Decimal 260
How to Convert from Decimal IP Addresses to Binary and from Binary IP
Addresses to Decimal 261
A Bit of Perspective 262
How to Convert from Hexadecimal to Binary 262
How to Convert from Binary to Hexadecimal 263
How to Convert from Decimal to Hexadecimal 264
How to Convert from Hexadecimal to Decimal 265
APPENDIX C Binary/Hex/Decimal Conversion Chart 267
APPENDIX D Create Your Own Journal Here 275
9780135937822 TOC 10/31/2019
Part I: Network Fundamentals
CHAPTER 1 IPv4 Addressing–How It Works 1
What Are IPv4 Addresses Used For? 1
What Does an IPv4 Address Look Like? 2
Network and Subnetwork Masks 2
Ways to Write a Network or Subnet Mask 3
Network, Node, and Broadcast Addresses 3
Classes of IPv4 Addresses 4
Network vs. Node (Host) Bits 5
RFC (Private) 1918 Addresses 6
Local vs. Remote Addresses 7
Classless Addressing 7
Lessons Learned 9
CHAPTER 2 How to Subnet IPv4 Addresses 11
Subnetting a Class C Network Using Binary 12
Subnetting a Class B Network Using Binary 15
Binary ANDing 17
So Why AND? 19
Shortcuts in Binary ANDing 20
CHAPTER 3 Variable Length Subnet Masking (VLSM) 23
IP Subnet Zero 23
VLSM Example 24
Step 1: Determine How Many H Bits Will Be Needed to Satisfy the Largest
Network 25
Step 2: Pick a Subnet for the Largest Network to Use 25
Step 3: Pick the Next Largest Network to Work With 26
Step 4: Pick the Third Largest Network to Work With 28
Step 5: Determine Network Numbers for Serial Links 30
CHAPTER 4 Route Summarization 33
Example for Understanding Route Summarization 33
Step 1: Summarize Winnipeg’s Routes 34
Step 2: Summarize Calgary’s Routes 35
Step 3: Summarize Edmonton’s Routes 35
Step 4: Summarize Vancouver’s Routes 36
Route Summarization and Route Flapping 38
Requirements for Route Summarization 38
CHAPTER 5 IPv6 Addressing–How It Works 39
IPv6: A Very Brief Introduction 39
What Does an IPv6 Address Look Like? 40
Reducing the Notation of an IPv6 Address 41
Rule 1: Omit Leading 0s 41
Rule 2: Omit All-0s Hextet 42
Combining Rule 1 and Rule 2 42
Prefix Length Notation 43
IPv6 Address Types 44
Unicast Addresses 45
Multicast Addresses 48
Anycast Addresses 50
CHAPTER 6 Cables and Connections 51
Connecting a Rollover Cable to Your Router or Switch 51
Using a USB Cable to Connect to Your Router or Switch 51
Terminal Settings 52
LAN Connections 53
Serial Cable Types 53
Which Cable to Use? 55
ANSI/TIA Cabling Standards 56
T568A Versus T568B Cables 57
CHAPTER 7 The Command-Line Interface 59
Shortcuts for Entering Commands 59
Using the Tab Key to Complete Commands 60
Console Error Messages 60
Using the Question Mark for Help 60
enable Command 61
exit Command 61
end Command 61
disable Command 61
logout Command 62
Setup Mode 62
Keyboard Help 62
History Commands 63
terminal Commands 64
show Commands 64
Using the Pipe Parameter ( ) with the show or more Commands 64
Using the no and default Forms of Commands 66
Part II: LAN Switching Technologies
CHAPTER 8 Configuring a Switch 67
Help Commands 68
Command Modes 68
Verifying Commands 68
Resetting Switch Configuration 69
Setting Host Names 69
Setting Passwords 69
Setting IP Addresses and Default Gateways 70
Setting Interface Descriptions 70
The mdix auto Command 70
Setting Duplex Operation 71
Setting Operation Speed 71
Managing the MAC Address Table 72
Configuration Example 72
CHAPTER 9 VLANs 75
Creating Static VLANs 75
Creating Static VLANs Using VLAN Configuration Mode 75
Assigning Ports to VLANs 76
Using the range Command 76
Configuring a Voice VLAN 76
Configuring Voice and Data with Trust 77
Configuring Voice and Data Without Trust 78
Verifying VLAN Information 78
Saving VLAN Configurations 79
Erasing VLAN Configurations 79
Configuration Example: VLANs 80
2960 Switch 80
CHAPTER 10 VLAN Trunking Protocol and Inter-VLAN Communication 83
Dynamic Trunking Protocol (DTP) 83
Setting the VLAN Encapsulation Type 84
VLAN Trunking Protocol (VTP) 84
Verifying VTP 86
Inter-VLAN Communication Using an External Router: Router-on-a-Stick 87
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual
Interface 88
Removing L2 Switchport Capability of an Interface on an L3 Switch 88
Configuring Inter-VLAN Communication on an L3 Switch 88
Inter-VLAN Communication Tips 88
Configuration Example: Inter-VLAN Communication 89
ISP Router 89
CORP Router 90
L2Switch2 (Catalyst 2960) 92
L3Switch1 (Catalyst 3560/3650/3750) 94
L2Switch1 (Catalyst 2960) 95
CHAPTER 11 Spanning Tree Protocol 97
Spanning Tree Protocol Definition 97
Enabling Spanning Tree Protocol 98
Changing the Spanning-Tree Mode 99
BPDU Guard (3650/9xxx Series) 99
Configuring the Root Switch 100
Configuring a Secondary Root Switch 100
Configuring Port Priority 100
Configuring the Path Cost 101
Configuring the Switch Priority of a VLAN 101
Configuring STP Timers 102
Configuring Optional Spanning-Tree Features 102
PortFast 102
BPDU Guard (2xxx/Older 3xxx Series) 103
Enabling the Extended System ID 103
Verifying STP 104
Troubleshooting Spanning Tree Protocol 104
Configuration Example: PVST+ 104
Core Switch (3650) 105
Distribution 1 Switch (3650) 106
Distribution 2 Switch (3650) 106
Access 1 Switch (2960) 107
Access 2 Switch (2960) 107
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 108
Access 1 Switch (2960) 108
Access 2 Switch (2960) 108
Distribution 1 Switch (3650) 109
Distribution 2 Switch (3650) 109
Core Switch (3650) 109
CHAPTER 12 EtherChannel 111
EtherChannel 111
Interface Modes in EtherChannel 111
Default EtherChannel Configuration 112
Guidelines for Configuring EtherChannel 112
Configuring Layer 2 EtherChannel 113
Configuring Layer 3 EtherChannel 114
Configuring EtherChannel Load Balancing 114
Configuring LACP Hot-Standby Ports 115
Monitoring and Verifying EtherChannel 116
Configuration Example: EtherChannel 117
DLSwitch (3560 or 9300) 117
ALSwitch1 (2960 or 9200) 118
ALSwitch2 (2960 or 9200) 119
CHAPTER 13 Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol
(LLDP) 121
Cisco Discovery Protocol 121
Configuring CDP 121
Verifying and Troubleshooting CDP 122
CDP Design Tips 122
Link Layer Discovery Protocol (802.1AB) 123
Configuring LLDP (802.1AB) 123
Verifying and Troubleshooting LLDP 124
Part III: Routing Technologies
CHAPTER 14 Configuring a Cisco Router 125
Router Modes 126
Entering Global Configuration Mode 126
Configuring a Router Name 126
Configuring Passwords 126
Password Encryption 127
Interface Names 127
Moving Between Interfaces 131
Configuring a Serial Interface 132
Assigning an IPv4 Address to a Fast Ethernet Interface 132
Assigning an IPv4 Address to a Gigabit Ethernet Interface 132
Assigning IPv6 Addresses to Interfaces 133
Creating a Message-of-the-Day Banner 133
Creating a Login Banner 134
Mapping a Local Host Name to a Remote IP Address 134
The no ip domain-lookup Command 134
Working with DNS on a Router 134
The logging synchronous Command 135
The exec-timeout Command 136
Saving Configurations 136
Erasing Configurations 136
The write Command 137
Verifying Your Configurations Using show Commands 137
EXEC Commands in Configuration Mode: The do Command 138
Configuration Example: Basic Router Configuration 138
Boston Router 138
CHAPTER 15 Static Routing 141
Configuring an IPv4 Static Route 141
Static Routes and Recursive Lookups 142
The permanent Keyword 142
Floating Static Routes in IPv4 and Administrative Distance 143
Configuring an IPv4 Default Route 144
Verifying IPv4 Static Routes 144
Configuration Example: IPv4 Static Routes 144
Ketchikan Router 145
Juneau Router 145
Sitka Router 146
Configuring an IPv6 Static Route 146
Floating Static Routes in IPv6 147
Configuring an IPv6 Default Route 147
Verifying IPv6 Static Routes 147
CHAPTER 16 Open Shortest Path First (OSPF) 149
OSPFv2 Versus OSPFv3 149
Configuring OSPF 150
Using Wildcard Masks with OSPF Areas 150
Loopback Interfaces 152
Router ID 152
DR/BDR Elections 153
Timers 153
Verifying OSPFv2 Configurations 153
Troubleshooting OSPFv2 154
Configuration Example: Single-Area OSPF 154
Austin Router 155
Houston Router 156
Galveston Router 157
Part IV: IP Services
CHAPTER 17 DHCP 159
Configuring a DHCP Server on an IOS Router 159
Using Cisco IP Phones with a DHCP Server 160
Verifying and Troubleshooting DHCP Configuration 160
Configuring a DHCP Helper Address 161
Configuring a DHCP Client on a Cisco IOS Software Ethernet Interface 162
Configuration Example: DHCP 162
Edmonton Router 162
Gibbons Router 164
CHAPTER 18 Network Address Translation (NAT) 165
Private IP Addresses: RFC 1918 165
Configuring Dynamic NAT: One Private to One Public Address Translation 165
Configuring PAT: Many Private to One Public Address Translation 167
Configuring Static NAT: One Private to One Permanent Public Address
Translation 169
Verifying NAT and PAT Configurations 170
Troubleshooting NAT and PAT Configurations 171
Configuration Example: PAT 171
ISP Router 171
Company Router 172
CHAPTER 19 Configuring Network Time Protocol (NTP) 175
NTP Configuration 175
NTP Design 176
Securing NTP 177
Enabling NTP Authentication 177
Limiting NTP Access with Access Lists 178
Verifying and Troubleshooting NTP 178
Setting the Clock on a Router 179
Using Time Stamps 182
Configuration Example: NTP 182
Core1 Router 183
Core2 Router 184
DLSwitch1 185
DLSwitch2 185
ALSwitch1 186
ALSwitch2 186
Part V: Security Fundamentals
CHAPTER 20 Layer Two Security Features 187
Setting Passwords on a Switch 187
Configuring Static MAC Addresses 188
Configuring Switch Port Security 188
Configuring Sticky MAC Addresses 189
Verifying Switch Port Security 189
Recovering Automatically from Error-Disabled Ports 190
Verifying Autorecovery of Error-Disabled Ports 190
Configuring DHCP Snooping 191
Verifying DHCP Snooping 192
Configuring Dynamic ARP Inspection (DAI) 193
Verifying Dynamic ARP Inspection 193
Configuration Example: Switch Security 194
CHAPTER 21 Managing Traffic Using Access Control Lists (ACLs) 197
Access List Numbers 197
Using Wildcard Masks 198
ACL Keywords 198
Creating Standard ACLs 198
Applying Standard ACLs to an Interface 199
Verifying ACLs 200
Removing ACLs 200
Creating Extended ACLs 200
Applying Extended ACLs to an Interface 201
The established Keyword 201
The log Keyword 202
Creating Named ACLs 203
Using Sequence Numbers in Named ACLs 203
Removing Specific Lines in Named ACLs Using Sequence Numbers 204
Sequence Number Tips 204
Including Comments About Entries in ACLs 205
Restricting Virtual Terminal Access 206
Tips for Configuring ACLs 206
IPv6 ACLs 207
Verifying IPv6 ACLs 207
Configuration Examples: IPv4 ACLs 208
Configuration Examples: IPv6 ACLs 210
CHAPTER 22 Device Monitoring and Hardening 213
Device Monitoring 213
Configuration Backups 213
Implementing Logging 214
Configuring Syslog 215
Syslog Message Format 215
Syslog Severity Levels 216
Syslog Message Example 216
Device Hardening 217
Configuring Passwords 217
Password Encryption 218
Password Encryption Algorithm Types 218
Configuring SSH 219
Verifying SSH 220
Restricting Virtual Terminal Access 220
Disabling Unneeded Services 221
Part VI: Wireless Technologies
CHAPTER 23 Configuring and Securing a WLAN AP 223
Initial Setup of a Wireless LAN Controller (WLC) 223
Monitoring the WLC 229
Configuring a VLAN (Dynamic) Interface 230
Configuring a DHCP Scope 234
Configuring a WLAN 237
Defining a RADIUS Server 239
Exploring Management Options 242
Configuring a WLAN Using WPA2 PSK 246
Part VII: Appendices
APPENDIX A How to Count in Decimal, Binary, and Hexadecimal 251
How to Count in Decimal 251
How to Count in Binary 253
How to Count in Hexadecimal 254
Representing Decimal, Binary, and Hexadecimal Numbers 256
APPENDIX B How to Convert Between Number Systems 259
How to Convert from Decimal to Binary 259
How to Convert from Binary to Decimal 260
How to Convert from Decimal IP Addresses to Binary and from Binary IP
Addresses to Decimal 261
A Bit of Perspective 262
How to Convert from Hexadecimal to Binary 262
How to Convert from Binary to Hexadecimal 263
How to Convert from Decimal to Hexadecimal 264
How to Convert from Hexadecimal to Decimal 265
APPENDIX C Binary/Hex/Decimal Conversion Chart 267
APPENDIX D Create Your Own Journal Here 275
9780135937822 TOC 10/31/2019
Introduction xix
Part I: Network Fundamentals
CHAPTER 1 IPv4 Addressing–How It Works 1
What Are IPv4 Addresses Used For? 1
What Does an IPv4 Address Look Like? 2
Network and Subnetwork Masks 2
Ways to Write a Network or Subnet Mask 3
Network, Node, and Broadcast Addresses 3
Classes of IPv4 Addresses 4
Network vs. Node (Host) Bits 5
RFC (Private) 1918 Addresses 6
Local vs. Remote Addresses 7
Classless Addressing 7
Lessons Learned 9
CHAPTER 2 How to Subnet IPv4 Addresses 11
Subnetting a Class C Network Using Binary 12
Subnetting a Class B Network Using Binary 15
Binary ANDing 17
So Why AND? 19
Shortcuts in Binary ANDing 20
CHAPTER 3 Variable Length Subnet Masking (VLSM) 23
IP Subnet Zero 23
VLSM Example 24
Step 1: Determine How Many H Bits Will Be Needed to Satisfy the Largest
Network 25
Step 2: Pick a Subnet for the Largest Network to Use 25
Step 3: Pick the Next Largest Network to Work With 26
Step 4: Pick the Third Largest Network to Work With 28
Step 5: Determine Network Numbers for Serial Links 30
CHAPTER 4 Route Summarization 33
Example for Understanding Route Summarization 33
Step 1: Summarize Winnipeg’s Routes 34
Step 2: Summarize Calgary’s Routes 35
Step 3: Summarize Edmonton’s Routes 35
Step 4: Summarize Vancouver’s Routes 36
Route Summarization and Route Flapping 38
Requirements for Route Summarization 38
CHAPTER 5 IPv6 Addressing–How It Works 39
IPv6: A Very Brief Introduction 39
What Does an IPv6 Address Look Like? 40
Reducing the Notation of an IPv6 Address 41
Rule 1: Omit Leading 0s 41
Rule 2: Omit All-0s Hextet 42
Combining Rule 1 and Rule 2 42
Prefix Length Notation 43
IPv6 Address Types 44
Unicast Addresses 45
Multicast Addresses 48
Anycast Addresses 50
CHAPTER 6 Cables and Connections 51
Connecting a Rollover Cable to Your Router or Switch 51
Using a USB Cable to Connect to Your Router or Switch 51
Terminal Settings 52
LAN Connections 53
Serial Cable Types 53
Which Cable to Use? 55
ANSI/TIA Cabling Standards 56
T568A Versus T568B Cables 57
CHAPTER 7 The Command-Line Interface 59
Shortcuts for Entering Commands 59
Using the Tab Key to Complete Commands 60
Console Error Messages 60
Using the Question Mark for Help 60
enable Command 61
exit Command 61
end Command 61
disable Command 61
logout Command 62
Setup Mode 62
Keyboard Help 62
History Commands 63
terminal Commands 64
show Commands 64
Using the Pipe Parameter ( ) with the show or more Commands 64
Using the no and default Forms of Commands 66
Part II: LAN Switching Technologies
CHAPTER 8 Configuring a Switch 67
Help Commands 68
Command Modes 68
Verifying Commands 68
Resetting Switch Configuration 69
Setting Host Names 69
Setting Passwords 69
Setting IP Addresses and Default Gateways 70
Setting Interface Descriptions 70
The mdix auto Command 70
Setting Duplex Operation 71
Setting Operation Speed 71
Managing the MAC Address Table 72
Configuration Example 72
CHAPTER 9 VLANs 75
Creating Static VLANs 75
Creating Static VLANs Using VLAN Configuration Mode 75
Assigning Ports to VLANs 76
Using the range Command 76
Configuring a Voice VLAN 76
Configuring Voice and Data with Trust 77
Configuring Voice and Data Without Trust 78
Verifying VLAN Information 78
Saving VLAN Configurations 79
Erasing VLAN Configurations 79
Configuration Example: VLANs 80
2960 Switch 80
CHAPTER 10 VLAN Trunking Protocol and Inter-VLAN Communication 83
Dynamic Trunking Protocol (DTP) 83
Setting the VLAN Encapsulation Type 84
VLAN Trunking Protocol (VTP) 84
Verifying VTP 86
Inter-VLAN Communication Using an External Router: Router-on-a-Stick 87
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual
Interface 88
Removing L2 Switchport Capability of an Interface on an L3 Switch 88
Configuring Inter-VLAN Communication on an L3 Switch 88
Inter-VLAN Communication Tips 88
Configuration Example: Inter-VLAN Communication 89
ISP Router 89
CORP Router 90
L2Switch2 (Catalyst 2960) 92
L3Switch1 (Catalyst 3560/3650/3750) 94
L2Switch1 (Catalyst 2960) 95
CHAPTER 11 Spanning Tree Protocol 97
Spanning Tree Protocol Definition 97
Enabling Spanning Tree Protocol 98
Changing the Spanning-Tree Mode 99
BPDU Guard (3650/9xxx Series) 99
Configuring the Root Switch 100
Configuring a Secondary Root Switch 100
Configuring Port Priority 100
Configuring the Path Cost 101
Configuring the Switch Priority of a VLAN 101
Configuring STP Timers 102
Configuring Optional Spanning-Tree Features 102
PortFast 102
BPDU Guard (2xxx/Older 3xxx Series) 103
Enabling the Extended System ID 103
Verifying STP 104
Troubleshooting Spanning Tree Protocol 104
Configuration Example: PVST+ 104
Core Switch (3650) 105
Distribution 1 Switch (3650) 106
Distribution 2 Switch (3650) 106
Access 1 Switch (2960) 107
Access 2 Switch (2960) 107
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 108
Access 1 Switch (2960) 108
Access 2 Switch (2960) 108
Distribution 1 Switch (3650) 109
Distribution 2 Switch (3650) 109
Core Switch (3650) 109
CHAPTER 12 EtherChannel 111
EtherChannel 111
Interface Modes in EtherChannel 111
Default EtherChannel Configuration 112
Guidelines for Configuring EtherChannel 112
Configuring Layer 2 EtherChannel 113
Configuring Layer 3 EtherChannel 114
Configuring EtherChannel Load Balancing 114
Configuring LACP Hot-Standby Ports 115
Monitoring and Verifying EtherChannel 116
Configuration Example: EtherChannel 117
DLSwitch (3560 or 9300) 117
ALSwitch1 (2960 or 9200) 118
ALSwitch2 (2960 or 9200) 119
CHAPTER 13 Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol
(LLDP) 121
Cisco Discovery Protocol 121
Configuring CDP 121
Verifying and Troubleshooting CDP 122
CDP Design Tips 122
Link Layer Discovery Protocol (802.1AB) 123
Configuring LLDP (802.1AB) 123
Verifying and Troubleshooting LLDP 124
Part III: Routing Technologies
CHAPTER 14 Configuring a Cisco Router 125
Router Modes 126
Entering Global Configuration Mode 126
Configuring a Router Name 126
Configuring Passwords 126
Password Encryption 127
Interface Names 127
Moving Between Interfaces 131
Configuring a Serial Interface 132
Assigning an IPv4 Address to a Fast Ethernet Interface 132
Assigning an IPv4 Address to a Gigabit Ethernet Interface 132
Assigning IPv6 Addresses to Interfaces 133
Creating a Message-of-the-Day Banner 133
Creating a Login Banner 134
Mapping a Local Host Name to a Remote IP Address 134
The no ip domain-lookup Command 134
Working with DNS on a Router 134
The logging synchronous Command 135
The exec-timeout Command 136
Saving Configurations 136
Erasing Configurations 136
The write Command 137
Verifying Your Configurations Using show Commands 137
EXEC Commands in Configuration Mode: The do Command 138
Configuration Example: Basic Router Configuration 138
Boston Router 138
CHAPTER 15 Static Routing 141
Configuring an IPv4 Static Route 141
Static Routes and Recursive Lookups 142
The permanent Keyword 142
Floating Static Routes in IPv4 and Administrative Distance 143
Configuring an IPv4 Default Route 144
Verifying IPv4 Static Routes 144
Configuration Example: IPv4 Static Routes 144
Ketchikan Router 145
Juneau Router 145
Sitka Router 146
Configuring an IPv6 Static Route 146
Floating Static Routes in IPv6 147
Configuring an IPv6 Default Route 147
Verifying IPv6 Static Routes 147
CHAPTER 16 Open Shortest Path First (OSPF) 149
OSPFv2 Versus OSPFv3 149
Configuring OSPF 150
Using Wildcard Masks with OSPF Areas 150
Loopback Interfaces 152
Router ID 152
DR/BDR Elections 153
Timers 153
Verifying OSPFv2 Configurations 153
Troubleshooting OSPFv2 154
Configuration Example: Single-Area OSPF 154
Austin Router 155
Houston Router 156
Galveston Router 157
Part IV: IP Services
CHAPTER 17 DHCP 159
Configuring a DHCP Server on an IOS Router 159
Using Cisco IP Phones with a DHCP Server 160
Verifying and Troubleshooting DHCP Configuration 160
Configuring a DHCP Helper Address 161
Configuring a DHCP Client on a Cisco IOS Software Ethernet Interface 162
Configuration Example: DHCP 162
Edmonton Router 162
Gibbons Router 164
CHAPTER 18 Network Address Translation (NAT) 165
Private IP Addresses: RFC 1918 165
Configuring Dynamic NAT: One Private to One Public Address Translation 165
Configuring PAT: Many Private to One Public Address Translation 167
Configuring Static NAT: One Private to One Permanent Public Address
Translation 169
Verifying NAT and PAT Configurations 170
Troubleshooting NAT and PAT Configurations 171
Configuration Example: PAT 171
ISP Router 171
Company Router 172
CHAPTER 19 Configuring Network Time Protocol (NTP) 175
NTP Configuration 175
NTP Design 176
Securing NTP 177
Enabling NTP Authentication 177
Limiting NTP Access with Access Lists 178
Verifying and Troubleshooting NTP 178
Setting the Clock on a Router 179
Using Time Stamps 182
Configuration Example: NTP 182
Core1 Router 183
Core2 Router 184
DLSwitch1 185
DLSwitch2 185
ALSwitch1 186
ALSwitch2 186
Part V: Security Fundamentals
CHAPTER 20 Layer Two Security Features 187
Setting Passwords on a Switch 187
Configuring Static MAC Addresses 188
Configuring Switch Port Security 188
Configuring Sticky MAC Addresses 189
Verifying Switch Port Security 189
Recovering Automatically from Error-Disabled Ports 190
Verifying Autorecovery of Error-Disabled Ports 190
Configuring DHCP Snooping 191
Verifying DHCP Snooping 192
Configuring Dynamic ARP Inspection (DAI) 193
Verifying Dynamic ARP Inspection 193
Configuration Example: Switch Security 194
CHAPTER 21 Managing Traffic Using Access Control Lists (ACLs) 197
Access List Numbers 197
Using Wildcard Masks 198
ACL Keywords 198
Creating Standard ACLs 198
Applying Standard ACLs to an Interface 199
Verifying ACLs 200
Removing ACLs 200
Creating Extended ACLs 200
Applying Extended ACLs to an Interface 201
The established Keyword 201
The log Keyword 202
Creating Named ACLs 203
Using Sequence Numbers in Named ACLs 203
Removing Specific Lines in Named ACLs Using Sequence Numbers 204
Sequence Number Tips 204
Including Comments About Entries in ACLs 205
Restricting Virtual Terminal Access 206
Tips for Configuring ACLs 206
IPv6 ACLs 207
Verifying IPv6 ACLs 207
Configuration Examples: IPv4 ACLs 208
Configuration Examples: IPv6 ACLs 210
CHAPTER 22 Device Monitoring and Hardening 213
Device Monitoring 213
Configuration Backups 213
Implementing Logging 214
Configuring Syslog 215
Syslog Message Format 215
Syslog Severity Levels 216
Syslog Message Example 216
Device Hardening 217
Configuring Passwords 217
Password Encryption 218
Password Encryption Algorithm Types 218
Configuring SSH 219
Verifying SSH 220
Restricting Virtual Terminal Access 220
Disabling Unneeded Services 221
Part VI: Wireless Technologies
CHAPTER 23 Configuring and Securing a WLAN AP 223
Initial Setup of a Wireless LAN Controller (WLC) 223
Monitoring the WLC 229
Configuring a VLAN (Dynamic) Interface 230
Configuring a DHCP Scope 234
Configuring a WLAN 237
Defining a RADIUS Server 239
Exploring Management Options 242
Configuring a WLAN Using WPA2 PSK 246
Part VII: Appendices
APPENDIX A How to Count in Decimal, Binary, and Hexadecimal 251
How to Count in Decimal 251
How to Count in Binary 253
How to Count in Hexadecimal 254
Representing Decimal, Binary, and Hexadecimal Numbers 256
APPENDIX B How to Convert Between Number Systems 259
How to Convert from Decimal to Binary 259
How to Convert from Binary to Decimal 260
How to Convert from Decimal IP Addresses to Binary and from Binary IP
Addresses to Decimal 261
A Bit of Perspective 262
How to Convert from Hexadecimal to Binary 262
How to Convert from Binary to Hexadecimal 263
How to Convert from Decimal to Hexadecimal 264
How to Convert from Hexadecimal to Decimal 265
APPENDIX C Binary/Hex/Decimal Conversion Chart 267
APPENDIX D Create Your Own Journal Here 275
9780135937822 TOC 10/31/2019
Part I: Network Fundamentals
CHAPTER 1 IPv4 Addressing–How It Works 1
What Are IPv4 Addresses Used For? 1
What Does an IPv4 Address Look Like? 2
Network and Subnetwork Masks 2
Ways to Write a Network or Subnet Mask 3
Network, Node, and Broadcast Addresses 3
Classes of IPv4 Addresses 4
Network vs. Node (Host) Bits 5
RFC (Private) 1918 Addresses 6
Local vs. Remote Addresses 7
Classless Addressing 7
Lessons Learned 9
CHAPTER 2 How to Subnet IPv4 Addresses 11
Subnetting a Class C Network Using Binary 12
Subnetting a Class B Network Using Binary 15
Binary ANDing 17
So Why AND? 19
Shortcuts in Binary ANDing 20
CHAPTER 3 Variable Length Subnet Masking (VLSM) 23
IP Subnet Zero 23
VLSM Example 24
Step 1: Determine How Many H Bits Will Be Needed to Satisfy the Largest
Network 25
Step 2: Pick a Subnet for the Largest Network to Use 25
Step 3: Pick the Next Largest Network to Work With 26
Step 4: Pick the Third Largest Network to Work With 28
Step 5: Determine Network Numbers for Serial Links 30
CHAPTER 4 Route Summarization 33
Example for Understanding Route Summarization 33
Step 1: Summarize Winnipeg’s Routes 34
Step 2: Summarize Calgary’s Routes 35
Step 3: Summarize Edmonton’s Routes 35
Step 4: Summarize Vancouver’s Routes 36
Route Summarization and Route Flapping 38
Requirements for Route Summarization 38
CHAPTER 5 IPv6 Addressing–How It Works 39
IPv6: A Very Brief Introduction 39
What Does an IPv6 Address Look Like? 40
Reducing the Notation of an IPv6 Address 41
Rule 1: Omit Leading 0s 41
Rule 2: Omit All-0s Hextet 42
Combining Rule 1 and Rule 2 42
Prefix Length Notation 43
IPv6 Address Types 44
Unicast Addresses 45
Multicast Addresses 48
Anycast Addresses 50
CHAPTER 6 Cables and Connections 51
Connecting a Rollover Cable to Your Router or Switch 51
Using a USB Cable to Connect to Your Router or Switch 51
Terminal Settings 52
LAN Connections 53
Serial Cable Types 53
Which Cable to Use? 55
ANSI/TIA Cabling Standards 56
T568A Versus T568B Cables 57
CHAPTER 7 The Command-Line Interface 59
Shortcuts for Entering Commands 59
Using the Tab Key to Complete Commands 60
Console Error Messages 60
Using the Question Mark for Help 60
enable Command 61
exit Command 61
end Command 61
disable Command 61
logout Command 62
Setup Mode 62
Keyboard Help 62
History Commands 63
terminal Commands 64
show Commands 64
Using the Pipe Parameter ( ) with the show or more Commands 64
Using the no and default Forms of Commands 66
Part II: LAN Switching Technologies
CHAPTER 8 Configuring a Switch 67
Help Commands 68
Command Modes 68
Verifying Commands 68
Resetting Switch Configuration 69
Setting Host Names 69
Setting Passwords 69
Setting IP Addresses and Default Gateways 70
Setting Interface Descriptions 70
The mdix auto Command 70
Setting Duplex Operation 71
Setting Operation Speed 71
Managing the MAC Address Table 72
Configuration Example 72
CHAPTER 9 VLANs 75
Creating Static VLANs 75
Creating Static VLANs Using VLAN Configuration Mode 75
Assigning Ports to VLANs 76
Using the range Command 76
Configuring a Voice VLAN 76
Configuring Voice and Data with Trust 77
Configuring Voice and Data Without Trust 78
Verifying VLAN Information 78
Saving VLAN Configurations 79
Erasing VLAN Configurations 79
Configuration Example: VLANs 80
2960 Switch 80
CHAPTER 10 VLAN Trunking Protocol and Inter-VLAN Communication 83
Dynamic Trunking Protocol (DTP) 83
Setting the VLAN Encapsulation Type 84
VLAN Trunking Protocol (VTP) 84
Verifying VTP 86
Inter-VLAN Communication Using an External Router: Router-on-a-Stick 87
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual
Interface 88
Removing L2 Switchport Capability of an Interface on an L3 Switch 88
Configuring Inter-VLAN Communication on an L3 Switch 88
Inter-VLAN Communication Tips 88
Configuration Example: Inter-VLAN Communication 89
ISP Router 89
CORP Router 90
L2Switch2 (Catalyst 2960) 92
L3Switch1 (Catalyst 3560/3650/3750) 94
L2Switch1 (Catalyst 2960) 95
CHAPTER 11 Spanning Tree Protocol 97
Spanning Tree Protocol Definition 97
Enabling Spanning Tree Protocol 98
Changing the Spanning-Tree Mode 99
BPDU Guard (3650/9xxx Series) 99
Configuring the Root Switch 100
Configuring a Secondary Root Switch 100
Configuring Port Priority 100
Configuring the Path Cost 101
Configuring the Switch Priority of a VLAN 101
Configuring STP Timers 102
Configuring Optional Spanning-Tree Features 102
PortFast 102
BPDU Guard (2xxx/Older 3xxx Series) 103
Enabling the Extended System ID 103
Verifying STP 104
Troubleshooting Spanning Tree Protocol 104
Configuration Example: PVST+ 104
Core Switch (3650) 105
Distribution 1 Switch (3650) 106
Distribution 2 Switch (3650) 106
Access 1 Switch (2960) 107
Access 2 Switch (2960) 107
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 108
Access 1 Switch (2960) 108
Access 2 Switch (2960) 108
Distribution 1 Switch (3650) 109
Distribution 2 Switch (3650) 109
Core Switch (3650) 109
CHAPTER 12 EtherChannel 111
EtherChannel 111
Interface Modes in EtherChannel 111
Default EtherChannel Configuration 112
Guidelines for Configuring EtherChannel 112
Configuring Layer 2 EtherChannel 113
Configuring Layer 3 EtherChannel 114
Configuring EtherChannel Load Balancing 114
Configuring LACP Hot-Standby Ports 115
Monitoring and Verifying EtherChannel 116
Configuration Example: EtherChannel 117
DLSwitch (3560 or 9300) 117
ALSwitch1 (2960 or 9200) 118
ALSwitch2 (2960 or 9200) 119
CHAPTER 13 Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol
(LLDP) 121
Cisco Discovery Protocol 121
Configuring CDP 121
Verifying and Troubleshooting CDP 122
CDP Design Tips 122
Link Layer Discovery Protocol (802.1AB) 123
Configuring LLDP (802.1AB) 123
Verifying and Troubleshooting LLDP 124
Part III: Routing Technologies
CHAPTER 14 Configuring a Cisco Router 125
Router Modes 126
Entering Global Configuration Mode 126
Configuring a Router Name 126
Configuring Passwords 126
Password Encryption 127
Interface Names 127
Moving Between Interfaces 131
Configuring a Serial Interface 132
Assigning an IPv4 Address to a Fast Ethernet Interface 132
Assigning an IPv4 Address to a Gigabit Ethernet Interface 132
Assigning IPv6 Addresses to Interfaces 133
Creating a Message-of-the-Day Banner 133
Creating a Login Banner 134
Mapping a Local Host Name to a Remote IP Address 134
The no ip domain-lookup Command 134
Working with DNS on a Router 134
The logging synchronous Command 135
The exec-timeout Command 136
Saving Configurations 136
Erasing Configurations 136
The write Command 137
Verifying Your Configurations Using show Commands 137
EXEC Commands in Configuration Mode: The do Command 138
Configuration Example: Basic Router Configuration 138
Boston Router 138
CHAPTER 15 Static Routing 141
Configuring an IPv4 Static Route 141
Static Routes and Recursive Lookups 142
The permanent Keyword 142
Floating Static Routes in IPv4 and Administrative Distance 143
Configuring an IPv4 Default Route 144
Verifying IPv4 Static Routes 144
Configuration Example: IPv4 Static Routes 144
Ketchikan Router 145
Juneau Router 145
Sitka Router 146
Configuring an IPv6 Static Route 146
Floating Static Routes in IPv6 147
Configuring an IPv6 Default Route 147
Verifying IPv6 Static Routes 147
CHAPTER 16 Open Shortest Path First (OSPF) 149
OSPFv2 Versus OSPFv3 149
Configuring OSPF 150
Using Wildcard Masks with OSPF Areas 150
Loopback Interfaces 152
Router ID 152
DR/BDR Elections 153
Timers 153
Verifying OSPFv2 Configurations 153
Troubleshooting OSPFv2 154
Configuration Example: Single-Area OSPF 154
Austin Router 155
Houston Router 156
Galveston Router 157
Part IV: IP Services
CHAPTER 17 DHCP 159
Configuring a DHCP Server on an IOS Router 159
Using Cisco IP Phones with a DHCP Server 160
Verifying and Troubleshooting DHCP Configuration 160
Configuring a DHCP Helper Address 161
Configuring a DHCP Client on a Cisco IOS Software Ethernet Interface 162
Configuration Example: DHCP 162
Edmonton Router 162
Gibbons Router 164
CHAPTER 18 Network Address Translation (NAT) 165
Private IP Addresses: RFC 1918 165
Configuring Dynamic NAT: One Private to One Public Address Translation 165
Configuring PAT: Many Private to One Public Address Translation 167
Configuring Static NAT: One Private to One Permanent Public Address
Translation 169
Verifying NAT and PAT Configurations 170
Troubleshooting NAT and PAT Configurations 171
Configuration Example: PAT 171
ISP Router 171
Company Router 172
CHAPTER 19 Configuring Network Time Protocol (NTP) 175
NTP Configuration 175
NTP Design 176
Securing NTP 177
Enabling NTP Authentication 177
Limiting NTP Access with Access Lists 178
Verifying and Troubleshooting NTP 178
Setting the Clock on a Router 179
Using Time Stamps 182
Configuration Example: NTP 182
Core1 Router 183
Core2 Router 184
DLSwitch1 185
DLSwitch2 185
ALSwitch1 186
ALSwitch2 186
Part V: Security Fundamentals
CHAPTER 20 Layer Two Security Features 187
Setting Passwords on a Switch 187
Configuring Static MAC Addresses 188
Configuring Switch Port Security 188
Configuring Sticky MAC Addresses 189
Verifying Switch Port Security 189
Recovering Automatically from Error-Disabled Ports 190
Verifying Autorecovery of Error-Disabled Ports 190
Configuring DHCP Snooping 191
Verifying DHCP Snooping 192
Configuring Dynamic ARP Inspection (DAI) 193
Verifying Dynamic ARP Inspection 193
Configuration Example: Switch Security 194
CHAPTER 21 Managing Traffic Using Access Control Lists (ACLs) 197
Access List Numbers 197
Using Wildcard Masks 198
ACL Keywords 198
Creating Standard ACLs 198
Applying Standard ACLs to an Interface 199
Verifying ACLs 200
Removing ACLs 200
Creating Extended ACLs 200
Applying Extended ACLs to an Interface 201
The established Keyword 201
The log Keyword 202
Creating Named ACLs 203
Using Sequence Numbers in Named ACLs 203
Removing Specific Lines in Named ACLs Using Sequence Numbers 204
Sequence Number Tips 204
Including Comments About Entries in ACLs 205
Restricting Virtual Terminal Access 206
Tips for Configuring ACLs 206
IPv6 ACLs 207
Verifying IPv6 ACLs 207
Configuration Examples: IPv4 ACLs 208
Configuration Examples: IPv6 ACLs 210
CHAPTER 22 Device Monitoring and Hardening 213
Device Monitoring 213
Configuration Backups 213
Implementing Logging 214
Configuring Syslog 215
Syslog Message Format 215
Syslog Severity Levels 216
Syslog Message Example 216
Device Hardening 217
Configuring Passwords 217
Password Encryption 218
Password Encryption Algorithm Types 218
Configuring SSH 219
Verifying SSH 220
Restricting Virtual Terminal Access 220
Disabling Unneeded Services 221
Part VI: Wireless Technologies
CHAPTER 23 Configuring and Securing a WLAN AP 223
Initial Setup of a Wireless LAN Controller (WLC) 223
Monitoring the WLC 229
Configuring a VLAN (Dynamic) Interface 230
Configuring a DHCP Scope 234
Configuring a WLAN 237
Defining a RADIUS Server 239
Exploring Management Options 242
Configuring a WLAN Using WPA2 PSK 246
Part VII: Appendices
APPENDIX A How to Count in Decimal, Binary, and Hexadecimal 251
How to Count in Decimal 251
How to Count in Binary 253
How to Count in Hexadecimal 254
Representing Decimal, Binary, and Hexadecimal Numbers 256
APPENDIX B How to Convert Between Number Systems 259
How to Convert from Decimal to Binary 259
How to Convert from Binary to Decimal 260
How to Convert from Decimal IP Addresses to Binary and from Binary IP
Addresses to Decimal 261
A Bit of Perspective 262
How to Convert from Hexadecimal to Binary 262
How to Convert from Binary to Hexadecimal 263
How to Convert from Decimal to Hexadecimal 264
How to Convert from Hexadecimal to Decimal 265
APPENDIX C Binary/Hex/Decimal Conversion Chart 267
APPENDIX D Create Your Own Journal Here 275
9780135937822 TOC 10/31/2019