Objectives
Let’s build on what we have learned so far and start adding more devices to our lab. Let’s add 2 more switches and connect the R1 router to our topology.
Configuring S2 and S3
Objectives
Configure the additional switches to create a functional multi-component environment.
Preparation
Connect R1’s FastEthernet 0/0 interface to FastEthernet port 0/1 of S1.
Connect S2’s FastEthernet port 0/1 to FastEthernet port 0/2 of S1
Connect S3’s FastEthernet port 0/1 to FastEthernet port 0/3 of S1
Connect the PC to FastEthernet port 0/4 of S1.
Tasks
Using what you have practiced so far, configure the new S2 and S3 switches like you did in Lab 1 – Enabling connectivity. Alternatively, you can use the script in the walkthrough section to automate the configuration.
Disable SSH on S1 and remove the local user ‘Admin’ account. This will make connectivity easier for future labs.
Attempt to perform all the tasks listed above before going through the walkthrough.
www.subnet192.com 36
Ci sco C CENT L a b Gu ide
Walkthrough
Connect via the console cable using a terminal emulator (Putty, Tera-term, Hyper-Terminal …).
S2 and S3 configuration script
Start by resetting the switches to the factory default, and reload. Once restarted, when back at the Switch> prompt, copy and paste the following script to configure it. Items in bold vary from device to device.
enable
configure terminal hostname S2
service password-encryption alias exec save copy run start ip default-gateway 192.168.1.1
enable secret 5 $1$h81C$6qczYbE/ul7.g.VH/jV7p.
enable password 7 094F471A1A0A120A0E0F ip domain-name subnet192.com
interface range fa0/1 – 24 speed 100
duplex full exit
interface vlan 1
ip address 192.168.1.6 255.255.255.0 exit
banner login ^C ACCESS RESTRICTED ^C banner motd ^C AUTHORIZED PERSONEL ONLY ^C line con 0
Disable SSH on S1, remove the admin account.
S1#configure terminal S1(config)#line vty 0 15
S1(config-line)#transport input telnet S1(config-line)#login
S1(config-line)#exit
S1(config)#no username admin password cisco
L a b Gu ide
Session Management
Objectives
Experiment with remote sessions between devices.
Tasks
Session management
o From S1, open a telnet connection to S2 (192.168.1.6)
o Return to the S1 prompt without closing the connection to S2.
o From S1, open a telnet connection to S3 (192.168.1.7)
o Return to the S1 prompt without closing the connection to S3.
o Display the list of opened sessions (notice which one has a *) o Resume the S2 session (192.168.1.6)
o Display the users connected to S2.
o Close the session to S2 permanently.
o Verify that the session is closed.
o From the S1 prompt, close the session to S3.
Attempt to perform all the tasks listed above before going through the walkthrough.
www.subnet192.com 38
Ci sco C CENT L a b Gu ide
Walkthrough
Connect via the console cable using a terminal emulator (Putty, Tera-term, Hyper-Terminal …).
From S1, open a telnet connection to S2 (192.168.1.6)
S1>telnet 192.168.1.6 Trying 192.168.1.6 ... Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED
User Access Verification Password:
Return to the S1 prompt without closing the connection to S2.
CTRL-SHIFT-6 then X
From S1, open a telnet connection to S3 (192.168.1.7)
S1>telnet 192.168.1.7 Trying 192.168.1.7 ... Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED
User Access Verification Password:
Return to the S1 prompt without closing the connection to S3.
CTRL-SHIFT-6 then X
Display the list of opened sessions (notice which one has a *)
S1>show sessions
Conn Host Address Byte Idle Conn Name 1 192.168.1.6 192.168.1.6 0 0 192.168.1.6
* 2 192.168.1.7 192.168.1.7 0 0 192.168.1.7
Resume the S2 session (192.168.1.6)
S1>resume 1
or simply
S1>1
Display the users connected to S2.
S2>show users
Line User Host(s) Idle Location
* 1 vty 0 idle 00:00:00 192.168.1.5
Interface User Mode Idle Peer Address
L a b Gu ide
Close the session to S2 permanently.
S2>exit
[Connection to 192.168.1.6 closed by foreign host]
Verify that the session is closed.
S1>show sessions
Conn Host Address Byte Idle Conn Name
* 2 192.168.1.7 192.168.1.7 0 3 192.168.1.7
From the S1 prompt, close the session to S3 (192.168.1.7)
S1>disconnect 2
www.subnet192.com 40
Ci sco C CENT L a b Gu ide
Network identification
Objectives
Discover connected devices and document the topology of an unknown environment.
Tasks
Assume you don’t know the topology of the network and you need to document it. You connect to switch S1 thru the console port and from there; you must use various commands to help you create the diagram with port and IP information:
Device ID S1.subnet192.com S2.subnet192.com S3.subnet192.com R1.subnet192.com IP address/mask
Platform Capabilities IOS version
Incoming port to S1 n/a Outgoing port from device n/a
Start by getting the information about the device you’re connected to. Remember, this is an unknown network to you, so find out as much as you can from this device! Do this without looking at the running or startup configuration.
Display a summary list of all the devices known to S1.
Display detailed information about each of these devices, from the S1 prompt.
Use telnet to go to the other devices to complete the missing information.
o Display a summary list of all the mac-addresses known to S1.
o Display a summary list of all the devices known to S2.
o Display a summary list of all the devices known to S3.
o Display a summary list of all the devices known to R1.
Using all these steps should allow you to document your network and even draw out your diagram from scratch, identifying which devices are visible and which interface to use to get to them.
Once you have completed the table, configure R1 to not advertise its presence to others.
Display a summary list of all the devices known to S1. R1 should no longer be listed (it might take a few minutes to disappear)
Attempt to perform all the tasks listed above before going through the walkthrough.
L a b Gu ide
Walkthrough
Connect via the console cable using a terminal emulator (Putty, Tera-term, Hyper-Terminal …).
Show information about the local device
S1>show version
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA13 IOS Version Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
Compiled Fri 27-Feb-09 22:20 by amvarma
Image text-base: 0x80010000, data-base: 0x80680000 ROM: Bootstrap program is C2950 boot loader
S1 uptime is 1 hour, 51 minutes System returned to ROM by power-on
System image file is "flash:c2950-i6k2l2q4-mz.121-22.EA13.bin"
cisco WS-C2950-24 (RC32300) processor (revision E0) with 19912K bytes of memory.
Processor board ID FHK0626X0H9 Last reset from system-reset Running Standard Image
24 FastEthernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:0A:41:17:53:00 Motherboard assembly number: 73-5781-10 Power supply part number: 34-0965-01 Motherboard serial number: FOC0625077S Power supply serial number: DAB0625576E Model revision number: E0
Motherboard revision number: B0 Model number: WS-C2950-24 Platform System serial number: FHK0626X0H9 Configuration register is 0xF
S1>show ip interface
Vlan1 is up, line protocol is up
Internet address is 192.168.1.5/24 IP address/mask Broadcast address is 255.255.255.255
Address determined by non-volatile memory MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled Outgoing access list is not set
Inbound access list is not set Proxy ARP is enabled
Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled
IP fast switching on the same interface is disabled IP Null turbo vector
IP multicast fast switching is disabled
www.subnet192.com 42
Ci sco C CENT L a b Gu ide
Display a summary list of all the devices known to S1
S1>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID S3.subnet192.com Fas 0/3 176 S I WS-C2950G-Fas 0/1 S2.subnet192.com Fas 0/2 175 S I WS-C2950G-Fas 0/1 R1.subnet192.com Fas 0/1 144 R 2620 Fas 0/0
Display detailed information about each of these devices, from the S1 prompt
S1>show cdp neighbors detail ---
Device ID: S3.subnet192.com Device ID Entry address(es):
IP address: 192.168.1.7
Platform: cisco WS-C2950G-24-EI, Capabilities: Switch IGMP Platform & capabilities Interface: FastEthernet0/3, Port ID (outgoing port): FastEthernet0/1 I/O Ports Holdtime : 157 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22) EA13 IOS Version Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
Compiled Fri 27-Feb-09 22:20 by amvarma advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF00000000000000131A2C2700FF0000
Platform: cisco WS-C2950G-12-EI, Capabilities: Switch IGMP
Interface: FastEthernet0/2, Port ID (outgoing port): FastEthernet0/1 Holdtime : 91 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
Compiled Fri 27-Feb-09 22:20 by amvarma advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF00000000000000152B1C9A40FF0000 Native VLAN: 1
Duplex: full
Management address(es):
IP address: 192.168.1.6
L a b Gu ide
--- Device ID: R1.subnet192.com Entry address(es):
IP address: 192.168.1.1
Platform: cisco 2620, Capabilities: Router
Interface: FastEthernet0/1, Port ID (outgoing port): FastEthernet0/0 Holdtime : 39 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-D-M), Version 12.2(5a), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Thu 04-Oct-01 19:45 by pwade advertisement version: 2
Duplex: full
Management address(es):
Display a summary list of all the mac-addresses known to S1
S1>show mac address-table Total Mac Addresses for this criterion: 7
Display a summary list of all the devices known to S2
S1#telnet 192.168.1.6 Trying 192.168.1.6 ... Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED
User Access Verification Password:
S2>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID S1.subnet192.com Fas 0/1 144 S I WS-C2950-2Fas 0/2 S2>exit
www.subnet192.com 44
Ci sco C CENT L a b Gu ide
Display a summary list of all the devices known to S3
S1#telnet 192.168.1.7 Trying 192.168.1.7 ... Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED
User Access Verification Password:
S3>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID S1.subnet192.com Fas 0/1 144 S I WS-C2950-2Fas 0/3 S3>exit
Display a summary list of all the devices known to R1
S1#telnet 192.168.1.1 Trying 192.168.1.1 ... Open AUTHORIZED PERSONEL ONLY ACCESS RESTRICTED
User Access Verification Password:
R1>show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID S1.subnet192.com Fas 0/0 167 S I WS-C2950-2Fas 0/1 R1>exit