2016 goals review | 2017 goals

Trying to sneak this in under the radar, this post is a little late! Happy New Year!

Last year, for the first time on this blog, I set myself some goals.  Admittedly some of these didn’t go to plan – not all goals go according to plan. Here is a summary of my 2016 goals and then my goals for 2017.

2016 goals:

Read More


640-911: Introducing Cisco Data Center Networking DCICN – Exam Resources

A little over a week ago I took and passed the 640-911: Introducing Cisco Data Center Networking DCICN by Cisco. I had a month to study and achieve this as my CCNA Routing and Switching was set to expire.

After much discussion and thought, I felt the CCNA Data Center was more relevant to the job I currently do. I can confirm once passed the 640-911 does extend the life of the CCNA Routing and Switching by a further 3 years.

Read More


Happy New Year! My goals in 2016

2016 goals

Firstly, Happy New Year everyone! I was lucky enough to watch the fireworks in London with my partner and it was so cool! For anyone that has not been before. I would highly recommend!

I did not blog last year on goals and I thought I would take this as an opportunity to do so. I do not believe in resolutions, as these tend to be short lived. Therefore I have a list of goals that I want to achieve in 2016. This will enable me to reflect on my progress at the end of the year, making a commitment to myself. Its written down, set in stone!

My Goals in 2016 are:

Read More


Cisco ICND2 – Passed – Now a CCNA

This morning I took and passed the Cisco ICND2 on the second attempt. I felt it was a little harder than ICND1 and in some ways I was a little unprepared the first time due to changing jobs / Open University commitments. Having previously done the course via the Open University a few years ago and got a little complacent, despite the blog posts.

Any tips for taking the exam? read the question and re-read. I think i made this mistake on the first attempt, though I doubt that would’ve made much of a difference, however it could make the difference between a pass and a fail.

All the resources I used can be found here.

If your taking the exam before the end of next month, best of luck! 🙂

What’s next for me? I’m thinking either Server 2012 or Citrix… though favoring Citrix at the moment.

PPP_PAP_CHAP

Cisco ICND2 – Configure and verify PPP connection between Cisco routers

PPP stands for Point-to-Point and is a protocol operating at Layer 2 of the OSI model.

HDLC is Cisco proprietary and is the default encapsulation on serial links great if you have all Cisco devices, otherwise you will need PPP configured.

There are two types of authentication that can be used with PPP. These are PAP and CHAP.

PAP (Password Authentication Protocol) – Passwords are sent in plain text. No periodic checks.

CHAP (Challenge Handshake Authentication Protocol) – Password is encrypted. Sends periodic checks to ensure the router is talking to the same router.

PPP_PAP_CHAP

Configuring PPP is rather simple:

configure terminal
int s2/0
encapsulation ppp

Configure PPP with PAP authentication

RouterA:

configure terminal
hostname RouterA
username RouterB password Cisco

int s2/0
ip address 10.0.0.1 255.255.255.0
encapsulation ppp
ppp authentication pap
ppp pap sent-username RouterA password Cisco

RouterB:

configure terminal
hostname RouterB
username RouterA password Cisco

int s2/0
ip address 10.0.0.2 255.255.255.0
encapsulation ppp
ppp pap sent-username RouterB password Cisco
ppp authentication pap

Configure PPP with CHAP authentication

RouterA:

configure terminal
hostname RouterA
username RouterB password Cisco

int s2/0
ip address 10.0.0.1 255.255.255.0
encapsulation ppp
ppp authentication chap

RouterB:

configure terminal
hostname RouterB
username RouterA password Cisco

int s2/0
ip address 10.0.0.2 255.255.255.0
encapsulation ppp
ppp authentication chap

Show commands:

show interface s0/0 – Look for encapsulation ppp and LCP is open. Check interface is up and line protocol is up. Password/Username or encapsulation mismatch will bring the line protocol down.

Debug:

debug ppp authentication – Look for any failures of the three-way handshake.


Cisco ICND2 – Describe VPN technology (including: importance, benefits, role, impact, components)

VPN stands for Virtual Private Network and extends network access to that beyond its current network. There are different types of VPN, these are:

  • Site-to-site VPN – Connects a company remote sites over the Internet together
  • Remote access VPN – Allow users to connect in from any remote location outside of the company over the Internet.

IPSec operates at layer 3 of the OSI model. IPSec is an industry standard created by IETF that provides security at the network layer.

Authentication Header (AH)  – Sender and receiver generate the same one-way hash. If packet has been changed it will be dropped.

Encapsulation Security Payload (ESP) – Provides data confidentiality, data integrity and replay service.

Symmetric encryption uses a shared secret to encrypt and decrypt. DES, 3DES and AES are different types of encryption.

Assymmetric encryption uses private and public keys. Public key is shared but private key is only know to the host. RSA is common encryption.

Benefits:

  • Cheaper – No need to get a second line to link sites, can use VPN and use existing connections to the Internet
  • Encrypted making the connection secure
  • Can have more than one VPN connection – Can connect to mutliple sites and allow remote users

Disadvantages:

  • Requires more overhead on the Router for encryption/decryption

Cisco ICND2 – Troubleshoot WAN implementation issues

Somethings to look out for when troubleshooting WAN implementation issues:

  • Mismatched IPs
  • debug ppp authentication – Will show if any authentication issues (password mismatch)
  • Encapsulation mismatch – ppp and HDLC for example
  • show cdp neighbors detail
  • show frame-relay lmi
  • show frame-relay map
  • show frame-relay pvc
  • show running-config
  • show interface s0
  • Frame relay encapsulation mismatch
  • debug frame-relay lmi