Tag Archives: CCNP

OSPFv3 with IPsec Authentication

Here comes a small lab consisting of three Cisco routers in which I used OSPFv3 for IPv6 with IPsec authentication. I am listing the configuration commands and some show commands. Furthermore, I am publishing a pcapng file so that you can have a look at it with Wireshark by yourself.

Continue reading OSPFv3 with IPsec Authentication

OSPFv2 Capture

I already had an OSPFv2 for IPv4 lab on my blog. However, I missed capturing a pcap file in order to publish it. So, here it is. Feel free to have a look at another small lab with three Cisco routers and OSPFv2. Just another pcapng file to practise some protocol and Wireshark skills.

Continue reading OSPFv2 Capture

MP-BGP Capture

For those who are interested in analyzing basic BGP messages: I have a trace file for you. ;) It consists of two session establishments as I cleared the complete BGP session on two involved routers for it. Refer to my previous blogpost for details about the lab, that is: MP-BGP with IPv6 and legacy IP, neighboring via both protocols as well, with and without password. The involved routers were 2x Cisco routers, one Palo Alto Networks firewall, and one Fortinet FortiGate firewall.

Continue reading MP-BGP Capture

Basic MP-BGP Lab: Cisco Router, Palo Alto, Fortinet

While playing around in my lab learning BGP I configured iBGP with Multiprotocol Extensions (exchanging routing information for IPv6 and legacy IP) between two Cisco routers, a Palo Alto Networks firewall, and a Fortinet FortiGate firewall. Following are all configuration steps from their GUI (Palo) as well as their CLIs (Cisco, Fortinet). It’s just a “basic” lab because I did not configure any possible parameter such as local preference or MED but left almost all to its defaults, except neighboring from loopbacks, password authentication and next-hop-self.

Continue reading Basic MP-BGP Lab: Cisco Router, Palo Alto, Fortinet

Wireshark Layer 2-3 pcap Challenge Answers

A few weeks ago I published a pcap file along with many challenges in order to invite anyone to download and to solve it. Though there are not that many answers posted in the comment section I hope that the trace file will help many people understanding the layer 2/3 protocols or to work with it during CCNP exam preparation.

Following are my answers to the 46 challenges I posted back then. I’ll not only give you the mere results but many Wireshark screenshots with some notes on how to get them. Here we go:

Continue reading Wireshark Layer 2-3 pcap Challenge Answers

Basic Cisco Configuration

Following is a list of the most common Cisco device configuration commands that I am using when setting up a router or switch from scratch, such as hostname, username, logging, vty access, ntp, snmp, syslog. For a router I am also listing some basic layer 3 interface commands, while for a switch I am listing STP and VTP examples as well as the interface settings for access and trunk ports.

This is not a detailed best practice list which can be used completely without thinking about it, but a list with the most common configurations from which to pick out the once required for the current scenario. Kind of a template. Of course with IPv6 and legacy IP.

Continue reading Basic Cisco Configuration

CCNP SWITCH Lab show commands

Second post of this little series. While I was using my CCNP SWITCH lab for testing many different protocols, I “showed” and saved the output of those protocols as well. Refer to the lab overview of my last post in order to understand those outputs.

I basically saved them as a reference for myself in case I am interested in the information revealed by them. I won’t explain any details of the protocols nor the outputs here. Just many listings. Fly over them and reflect yourself whether you would understand anything. ;) Here we go:

Continue reading CCNP SWITCH Lab show commands

Wireshark Layer 2-3 pcap Analysis w/ Challenges (CCNP SWITCH)

While preparing for my CCNP SWITCH exam I built a laboratory with 4 switches, 3 routers and 2 workstations in order to test almost all layer 2/3 protocols that are related to network management traffic. And because “PCAP or it didn’t happen” I captured 22 of these protocols to further investigate them with Wireshark. Oh oh, I remember the good old times where I merely used unmanaged layer 2 switches. ;)

In this blogpost I am publishing the captured pcap file with all of these 22 protocols. I am further listing 46 CHALLENGES as an exercise for the reader. Feel free to download the pcap and to test your protocol skills with Wireshark! Use the comment section below for posting your answers.

Of course I am running my lab fully dual-stacked, i.e., with IPv6 and legacy IP. On some switches the SDM template must be changed to be IPv6 capable such as sdm prefer dual-ipv4-and-ipv6 default .

Continue reading Wireshark Layer 2-3 pcap Analysis w/ Challenges (CCNP SWITCH)

OSPFv3 for IPv6 Lab: Cisco, Fortinet, Juniper, Palo Alto, Quagga

Similar to my test lab for OSPFv2, I am testing OSPFv3 for IPv6 with the following devices: Cisco ASA, Cisco Router, Fortinet FortiGate, Juniper SSG, Palo Alto, and Quagga Router. I am showing my lab network diagram and the configuration commands/screenshots for all devices. Furthermore, I am listing some basic troubleshooting commands. In the last section, I provide a Tcpdump/Wireshark capture of an initial OSPFv3 run.

I am not going into deep details of OSPFv3 at all. But this lab should give basic hints/examples for configuring OSPFv3 for all of the listed devices.

Continue reading OSPFv3 for IPv6 Lab: Cisco, Fortinet, Juniper, Palo Alto, Quagga

OSPF Visualizer

While reading the OSPF chapter in the Cisco CCNP ROUTE learning guide, I was interested in how to visualize an OSPF area. Since every router in the same area has a complete view of all routers and networks, it should be easy to draw a map. So, I searched through the web for this kind of OSPF plotter and found two different approaches. While none of them worked out of the box, I was able to run one of them with an additional software router (Quagga) inside my OSPF area which finally drew a map. Yeah. Here we go:

Continue reading OSPF Visualizer

OSPF for IPv4 Test Lab: Cisco Router & ASA, Juniper SSG & Palo Alto

I tested OSPF for IPv4 in my lab: I configured OSPF inside a single broadcast domain with five devices: 2x Cisco Router, Cisco ASA, Juniper SSG, and Palo Alto PA. It works perfectly though these are a few different vendors.

I will show my lab and will list all the configuration commands/screenshots I used on the devices. I won’t go into detail but maybe these listings help for a basic understanding of the OSPF processes on these devices.

Continue reading OSPF for IPv4 Test Lab: Cisco Router & ASA, Juniper SSG & Palo Alto