WAN ( Wide Area Network ) Wan
The data link layer, the physical layer, running in the OSI model.
The protocols of the data link layer are mainly:
HDLC (High-level Data Link control)
PPP (Point-to-point Protocol-to-dot protocol)
Frame-relay (Frame Relay)
ATM (asynchronous Transfer mode Asynchronous transfer model)
configuration of the serial port ( Serial Interface )
R1 (config) #interface serial 0/1
R1 (config-if) #ip Add 1.1.1.1 255.255.255.0
R1 (config-if) #clock rate 128000//dce end needs configuration; The DTE side does not need to be configured.
R1 (config-if) #no sh
R1 (config-if) #end
To see if the serial port is a DCE command: Show Controller serial1/0
R1 (config-if) #encapsulation? What format is the serial port encapsulated into?
Frame-relay Frame Relay Networks
HDLC Serial HDLC Synchronous
PPP Point-to-Point Protocol
PPP Configuration:
PPP Basic configuration:
R1:
int s0/0//Enter serial interface (PPP can only be configured under serial port)
Encapsulation PPP//Two Layer protocol encapsulated as PPP
IP Add 1.1.1.1 255.255.255.0
No sh
R2
int s0/0
Encapsulation PPP
IP Add 1.1.1.2 255.255.255.0
Clock rate 2000000////The DCE end of the serial interface needs to provide the clocking (which will actually affect the data forwarding rate), "The following configuration is considered to be the DCE side of the R2"
No sh
PPP pap One-way certification:
R1:
Username AA password AA//locally established username database to provide the correct user name and password sent by the other party.
int s0/0
Encapsulation PPP
IP Add 1.1.1.1 255.255.255.0
PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password
No sh
R2:
int s0/0
Encapsulation PPP
IP Add 1.1.1.2 255.255.255.0
Clock rate 2000000
PPP pap sent-username AA password AA//Because the other party requires PAP authentication, so send username and password past authentication
No sh
PPP pap Two-way authentication:
R1:
Username AA password AA//locally established username database to provide the correct user name and password sent by the other party.
int s0/0
Encapsulation PPP
IP Add 1.1.1.1 255.255.255.0
PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password
PPP pap sent-username bb password bb//Because the other party requires authentication, so send username and password past authentication
No sh
R2:
username bb Password bb
int s0/0
Encapsulation PPP
IP Add 1.1.1.2 255.255.255.0
Clock rate 2000000
PPP authentication PAP//Open PAP authentication, requiring the other party to provide a username and password
PPP pap sent-username AA password AA//Because the other requires authentication, so send user name and password past authentication
No sh
PPP Chap One-way certification:
R1:
Username R2 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password
int s0/0
Encapsulation PPP
IP Add 1.1.1.1 255.255.255.0
PPP Authentication CHAP//Open CHAP authentication
No sh
R2:
Username R1 Password Ccxx
int s0/0
Encapsulation PPP
IP add 1.1.1.2 255.255.255.0//local user name password database, the user name must be the other hostname, the same password
Clock rate 200000
No sh
PPP Chap Two-way authentication:
R1:
Username R2 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password
int s0/0
Encapsulation PPP
IP Add 1.1.1.1 255.255.255.0
PPP Authentication CHAP//Open CHAP authentication
No sh
R2
Username R1 password Ccxx//local user name password database, the user name must be the other side of the hostname, the same password
int s0/0
Encapsulation PPP
IP Add 1.1.1.2 255.255.255.0
Clock rate 200000
PPP Authentication CHAP//Open CHAP authentication
No sh
NAT: ( network address translation )
Role:
Resolves a private address transition to a public address transmitted over the Internet, combined with a private address to resolve the IPV4 address exhaustion issue.
Shields the private network topology, providing some security.
Concept:
Internal: The portion of an IP address that can be arbitrarily assigned, usually inside the enterprise
External: You cannot manage the portion of the assigned IP address, usually the ISP section
Internal local address: the IP address assigned to the internal PC by the administrator
Internal Global Address: Internal PC wants to go out to the address that the extranet needs to be turned into
Configuration:
Configure static NAT
R1 (config) #int s0/0
R1 (config-if) #ip nat inside//define internal interface
R1 (config-if) #exit
R1 (config) #int S0/1
R1 (config-if) #ip NAT outside//define external interface
R1 (config-if) #exit
R1 (config) #ip nat inside source static 192.168.1.1 10.1.1.1
R1 (config) #ip nat inside source static 192.168.1.2 10.1.1.2
Establish a static address mapping relationship and turn 192.168.1.1 into 10.1.1.1
Establish a static address mapping relationship and turn 192.168.1.2 into 10.1.1.2
Configure Dynamic NAT
R1 (config) #int s0/0
R1 (config-if) #ip nat inside//define internal interface
R1 (config-if) #exit
R1 (config) #int S0/1
R1 (config-if) #ip NAT outside//define external interface
R1 (config-if) #exit
R1 (config) #access-list 1 Permit 192.168.1.0 0.0.0.255//define which addresses are allowed internally for NAT
R1 (config) #ip nat pool VLAN2 10.1.1.1 10.1.1.9 netmask 255.255.255.0//define which addresses to convert to, with an address pool called "VLAN2"
R1 (config) #ip nat inside source list 1 pool VLAN2 [overload]//associate the internal and address pools together. The Add overload keyword implements overloading (multiplexing) purposes.
CCNA Course VII