Cisco Packet Tracer 8.x labs
What is Cisco Context-Based Access Control ?
Cisco's Context-Based Access Control (CBAC) is a security component similar to reflexive ACL available in ISR routers. This feature has been implemented in Packet Tracer since version 5.3
CBAC enables dynamic modification of inbound access lists to allow some incoming flows even if a "deny any any" ACL has been implemented by first inspecting and recording flows initiated from the protected internal network. The main difference with reflexive ACLs is that whereas reflexive ACLs act solely on L2-L4 protocol attributes, CBAC is able to inspect all the way to the application layer (layer 7), taking into consideration characteristics of a flow on a per-protocol (or context) basis.
Lab Topology
Lab instructions
This lab will show you how to configure site-to-site IPSEC VPN using the Packet Tracer 8.2 ASA 5505 firewall. By default, the Cisco ASA 5505 firewall denies the traffic entering the outside interface if no explicit ACL has been defined to allow the traffic. This default behaviour helps protecting the enterprise network from the internet during the VPN configuration.
Packet Tracer 8.2 also features the newest Cisco ASA 5506-X firewall.
In this lab, a small branch office will be securely connected to the enterprise campus over the internet using a broadband DSL connection to demonstrate ASA 5505 site-to-site VPN capabilities. Not dynamic routing protocol will be configured between the two sites.
Campus addressing scheme :
- Campus IP addresses : 172.16.0.0/17
- DC : 172.16.0.0/18
- Users : 172.16.64.0/20
- DMZ : 172.16.96.0/21
- Network devices : 172.16.252.0/23
- L3 P2p links : 172.16.254.0/24
Branch office 1 IP subnet : 172.16.129.0/24
Enterprise internet IP addresses : 134.95.56.16/28
IPSEC VPN configuration to apply :
- ESP Encryption : AES-256
- AH hash algorithm : SHA
- Pre shared key : SHAREDSECRET
Network diagram
This lab will test your ability to configure speed, duplex, and vlan settings on the network interfaces of a Catalyst 2960 switch using Cisco Packet Tracer 8.1.1 .
Introduction
A new switch just purchased from Cisco contains no default configuration. You need to configure the switch with setup mode or from scratch using the command line interface (CLI) before connecting it in your network environment.
As a Cisco CCNA certified professional, it is very important to know the basic Cisco switch configuration commands to improve the performances and the security of the enterprise network.
Network diagram
Introduction
HDLC is a data link protocol used on synchronous serial data links. Because the standardized HDLC cannot support multiple protocols on a single link (lack of a mechanism to indicate which protocol is carried), Cisco developped a proprietary version of HDLC, called cHDLC, with a proprietary field acting as a protocol field. This field makes it possible for a single serial link to accommodate multiple network-layer protocols.
Cisco’s HDLC is a point-to-point protocol that can only be used on serial links or leased lines between two Cisco devices. PPP has to be used when communicating with non-Cisco devices. HDLC is the default encapsulation on serial links in a Cisco router. However, to change the encapsulation back to HDLC from PPP, use the following command from interface configuration mode:
Router(config-if)#encapsulation hdlc
With a back-to-back serial connection, the ISR router connected to the DCE end of the serial cable provides the clock signal for the serial link. This clock is received by the DTE device. The clock rate command in the interface configuration mode enables the router at the DCE end of the cable to provide the clock signal for the serial link. The default clock rate is 64000.