CCNA Course VII

WAN ( Wide Area Network ) Wan

The data link layer, the physical layer, running in the OSI model.

The protocols of the data link layer are mainly:

HDLC (High-level Data Link control)

PPP (Point-to-point Protocol-to-dot protocol)

Frame-relay (Frame Relay)

ATM (asynchronous Transfer mode Asynchronous transfer model)

configuration of the serial port ( Serial Interface )

R1 (config) #interface serial 0/1

R1 (config-if) #ip Add 1.1.1.1 255.255.255.0

R1 (config-if) #clock rate 128000//dce end needs configuration; The DTE side does not need to be configured.

R1 (config-if) #no sh

R1 (config-if) #end

To see if the serial port is a DCE command: Show Controller serial1/0

R1 (config-if) #encapsulation? What format is the serial port encapsulated into?

Frame-relay Frame Relay Networks

HDLC Serial HDLC Synchronous

PPP Point-to-Point Protocol

PPP Configuration:

PPP Basic configuration:

R1:

int s0/0//Enter serial interface (PPP can only be configured under serial port)

Encapsulation PPP//Two Layer protocol encapsulated as PPP

IP Add 1.1.1.1 255.255.255.0

No sh

R2

int s0/0

Encapsulation PPP

IP Add 1.1.1.2 255.255.255.0

Clock rate 2000000////The DCE end of the serial interface needs to provide the clocking (which will actually affect the data forwarding rate), "The following configuration is considered to be the DCE side of the R2"

No sh

PPP pap One-way certification:

R1:

Username AA password AA//locally established username database to provide the correct user name and password sent by the other party.

int s0/0

Encapsulation PPP

IP Add 1.1.1.1 255.255.255.0

PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password

No sh

R2:

int s0/0

Encapsulation PPP

IP Add 1.1.1.2 255.255.255.0

Clock rate 2000000

PPP pap sent-username AA password AA//Because the other party requires PAP authentication, so send username and password past authentication

No sh

PPP pap Two-way authentication:

R1:

Username AA password AA//locally established username database to provide the correct user name and password sent by the other party.

int s0/0

Encapsulation PPP

IP Add 1.1.1.1 255.255.255.0

PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password

PPP pap sent-username bb password bb//Because the other party requires authentication, so send username and password past authentication

No sh

R2:

username bb Password bb

int s0/0

Encapsulation PPP

IP Add 1.1.1.2 255.255.255.0

Clock rate 2000000

PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password

PPP pap sent-username AA password AA//Because the other requires authentication, so send user name and password past authentication

No sh

PPP Chap One-way certification:

R1:

Username R2 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password

int s0/0

Encapsulation PPP

IP Add 1.1.1.1 255.255.255.0

PPP Authentication CHAP//Open CHAP authentication

No sh

R2:

Username R1 Password Ccxx

int s0/0

Encapsulation PPP

IP add 1.1.1.2 255.255.255.0//local user name password database, the user name must be the other hostname, the same password

Clock rate 200000

No sh

PPP Chap Two-way authentication:

R1:

Username R2 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password

int s0/0

Encapsulation PPP

IP Add 1.1.1.1 255.255.255.0

PPP Authentication CHAP//Open CHAP authentication

No sh

R2

Username R1 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password

int s0/0

Encapsulation PPP

IP Add 1.1.1.2 255.255.255.0

Clock rate 200000

PPP Authentication CHAP//Open CHAP authentication

No sh

NAT: ( network address translation )

Role:

Resolves a private address transition to a public address transmitted over the Internet, combined with a private address to resolve the IPV4 address exhaustion issue.

Shields the private network topology, providing some security.

Concept:

Internal: The portion of an IP address that can be arbitrarily assigned, usually inside the enterprise

External: You cannot manage the portion of the assigned IP address, usually the ISP section

Internal local address: the IP address assigned to the internal PC by the administrator

Internal Global Address: Internal PC wants to go out to the address that the extranet needs to be turned into

Configuration:

Configure static NAT

R1 (config) #int s0/0

R1 (config-if) #ip nat inside//define internal interface

R1 (config-if) #exit

R1 (config) #int S0/1

R1 (config-if) #ip NAT outside//define external interface

R1 (config-if) #exit

R1 (config) #ip nat inside source static 192.168.1.1 10.1.1.1

R1 (config) #ip nat inside source static 192.168.1.2 10.1.1.2

Establish a static address mapping relationship and turn 192.168.1.1 into 10.1.1.1

Establish a static address mapping relationship and turn 192.168.1.2 into 10.1.1.2

Configure Dynamic NAT

R1 (config) #int s0/0

R1 (config-if) #ip nat inside//define internal interface

R1 (config-if) #exit

R1 (config) #int S0/1

R1 (config-if) #ip NAT outside//define external interface

R1 (config-if) #exit

R1 (config) #access-list 1 Permit 192.168.1.0 0.0.0.255//define which addresses are allowed internally for NAT

R1 (config) #ip nat pool VLAN2 10.1.1.1 10.1.1.9 netmask 255.255.255.0//define which addresses to convert to, with an address pool called "VLAN2"

R1 (config) #ip nat inside source list 1 pool VLAN2 [overload]//associate the internal and address pools together. The Add overload keyword implements overloading (multiplexing) purposes.

CCNA Course VII