Praticas ccna security
Páginas: 49 (12157 palabras)
Publicado: 17 de mayo de 2011
CCNA Security 1.0
Student Packet Tracer Manual
This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNA Security course as part of an official Cisco Networking Academy Program.
PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH OperationsTopology Diagram
Addressing Table
Device R1 R2 R3 PC-A PC-B PC-C Interface FA0/1 S0/0/0 (DCE) S0/0/0 S0/0/1 (DCE) FA0/1 S0/0/1 NIC NIC NIC IP Address 192.168.1.1 10.1.1.1 10.1.1.2 10.2.2.2 192.168.3.1 10.2.2.1 192.168.1.5 192.168.1.6 192.168.3.5 Subnet Mask 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.0 255.255.255.0 255.255.255.0 DefaultGateway N/A N/A N/A N/A N/A N/A 192.168.1.1 192.168.1.1 192.168.3.1 Switch Port S1 FA0/5 N/A N/A N/A S3 FA0/5 N/A S1 FA0/6 S2 FA0/18 S3 FA0/6
All contents are Copyright © 1992–2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 4
CCNA Security
Learning Objectives
Configure routers as NTP clients. Configure routers to update the hardwareclock using NTP. Configure routers to log messages to the syslog server. Configure routers to timestamp log messages. Configure local users. Configure VTY lines to accept SSH connections only. Configure RSA key pair on SSH server. Verify SSH connectivity from PC client and router client.
Introduction
The network topology shows three routers. You will configure NTP and Syslog on all routers. Youwill configure SSH on R3. Network Time Protocol (NTP) allows routers on the network to synchronize their time settings with an NTP server. A group of NTP clients that obtain time and date information from a single source have more consistent time settings and Syslog messages generated can be analyzed more easily. This can help when troubleshooting issues with network problems and attacks. When NTPis implemented in the network, it can be set up to synchronize to a private master clock, or to a publicly available NTP server on the Internet. The NTP Server is the master NTP server in this lab. You will configure the routers to allow the software clock to be synchronized by NTP to the time server. Also, you will configure the routers to periodically update the hardware clock with the timelearned from NTP. Otherwise, the hardware clock will tend to gradually lose or gain time (drift) and the software clock and hardware clock may become out of synchronization with each other. The Syslog Server will provide message logging in this lab. You will configure the routers to identify the remote host (Syslog server) that will receive logging messages. You will need to configure timestampservice for logging on the routers. Displaying the correct time and date in Syslog messages is vital when using Syslog to monitor a network. If the correct time and date of a message is not known, it can be difficult to determine what network event caused the message. R2 is an ISP connected to two remote networks: R1 and R3. The local administrator at R3 can perform most router configurations andtroubleshooting; however, since R3 is a managed router, the ISP needs access to R3 for occasional troubleshooting or updates. To provide this access in a secure manner, the administrators have agreed to use Secure Shell (SSH). You use the CLI to configure the router to be managed securely using SSH instead of Telnet. SSH is a network protocol that establishes a secure terminal emulation connection to arouter or other networking device. SSH encrypts all information that passes over the network link and provides authentication of the remote computer. SSH is rapidly replacing Telnet as the remote login tool of choice for network professionals. The servers have been pre-configured for NTP and Syslog services respectively. NTP will not require authentication. The routers have been pre-configured...
Student Packet Tracer Manual
This document is exclusive property of Cisco Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNA Security course as part of an official Cisco Networking Academy Program.
PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH OperationsTopology Diagram
Addressing Table
Device R1 R2 R3 PC-A PC-B PC-C Interface FA0/1 S0/0/0 (DCE) S0/0/0 S0/0/1 (DCE) FA0/1 S0/0/1 NIC NIC NIC IP Address 192.168.1.1 10.1.1.1 10.1.1.2 10.2.2.2 192.168.3.1 10.2.2.1 192.168.1.5 192.168.1.6 192.168.3.5 Subnet Mask 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.0 255.255.255.0 255.255.255.0 DefaultGateway N/A N/A N/A N/A N/A N/A 192.168.1.1 192.168.1.1 192.168.3.1 Switch Port S1 FA0/5 N/A N/A N/A S3 FA0/5 N/A S1 FA0/6 S2 FA0/18 S3 FA0/6
All contents are Copyright © 1992–2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 4
CCNA Security
Learning Objectives
Configure routers as NTP clients. Configure routers to update the hardwareclock using NTP. Configure routers to log messages to the syslog server. Configure routers to timestamp log messages. Configure local users. Configure VTY lines to accept SSH connections only. Configure RSA key pair on SSH server. Verify SSH connectivity from PC client and router client.
Introduction
The network topology shows three routers. You will configure NTP and Syslog on all routers. Youwill configure SSH on R3. Network Time Protocol (NTP) allows routers on the network to synchronize their time settings with an NTP server. A group of NTP clients that obtain time and date information from a single source have more consistent time settings and Syslog messages generated can be analyzed more easily. This can help when troubleshooting issues with network problems and attacks. When NTPis implemented in the network, it can be set up to synchronize to a private master clock, or to a publicly available NTP server on the Internet. The NTP Server is the master NTP server in this lab. You will configure the routers to allow the software clock to be synchronized by NTP to the time server. Also, you will configure the routers to periodically update the hardware clock with the timelearned from NTP. Otherwise, the hardware clock will tend to gradually lose or gain time (drift) and the software clock and hardware clock may become out of synchronization with each other. The Syslog Server will provide message logging in this lab. You will configure the routers to identify the remote host (Syslog server) that will receive logging messages. You will need to configure timestampservice for logging on the routers. Displaying the correct time and date in Syslog messages is vital when using Syslog to monitor a network. If the correct time and date of a message is not known, it can be difficult to determine what network event caused the message. R2 is an ISP connected to two remote networks: R1 and R3. The local administrator at R3 can perform most router configurations andtroubleshooting; however, since R3 is a managed router, the ISP needs access to R3 for occasional troubleshooting or updates. To provide this access in a secure manner, the administrators have agreed to use Secure Shell (SSH). You use the CLI to configure the router to be managed securely using SSH instead of Telnet. SSH is a network protocol that establishes a secure terminal emulation connection to arouter or other networking device. SSH encrypts all information that passes over the network link and provides authentication of the remote computer. SSH is rapidly replacing Telnet as the remote login tool of choice for network professionals. The servers have been pre-configured for NTP and Syslog services respectively. NTP will not require authentication. The routers have been pre-configured...
Leer documento completo
Regístrate para leer el documento completo.