Cisco CCNA iOS Administration Labs | Keith Gebhardt | Skillshare

Playback Speed

  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Watch this class and thousands more

Get unlimited access to every class
Taught by industry leaders & working professionals
Topics include illustration, design, photography, and more

Lessons in This Class

27 Lessons (5h 18m)
    • 1. Welcome

    • 2. Cisco iOS Introduction

    • 3. Installing Packet Tracer

    • 4. IOS Boot Sequence

    • 5. Navigating Cisco iOS

    • 6. Navigating File Systems

    • 7. Setting Up the Lab

    • 8. Router | Base Configurations

    • 9. Router | Base Configurations - Usernames & SSH

    • 10. Router | Base Configurations - Interfaces

    • 11. Configuring All Routers

    • 12. Switch | Base Configurations

    • 13. Switch | VLANS & Interfaces

    • 14. Configuring All Switches

    • 15. BONUS | Routing Introduction

    • 16. BONUS | Understanding Core Routing

    • 17. BONUS | Default Routing

    • 18. BONUS | Static Routing

    • 19. BONUS | Dynamic Routing

    • 20. BONUS | Configuring RIPv2

    • 21. BONUS | Configuring RIPv2 Default Originate

    • 22. Implementing NTP

    • 23. Implementing DNS

    • 24. Implementing TFTP

    • 25. Implementing SYSLOG

    • 26. Implmenting DHCP

    • 27. Performing Password Recovery

  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.





About This Class

Welcome to Cisco CCNA Routing & Switching iOS Administrative Labs Course

In this course you learn all the necessary skills directly related to Cisco's CCNA Exam curriculum and for the real industry. This course is designed so you can be engaged, and follow along with the FREE WORKBOOK step-by-step so you have a complete understanding of all the topics and in a more complex network setting.

We will build a network topology together, step-by-step which then we will discuss and implement many different administrative configurations on the network.

You will learn many topics over the course of 5 hours!

  • Router Base / Administrative Configurations
  • Switch Base / Administrative Configurations
  • Basic VLAN and Interface Configurations
  • Core Routing w/ RIPv2, Static Routes, and Default Routes
  • Configuring NTP Server
  • Configuring DNS Server
  • Configuring TFTP Server
  • Configuring DHCP Router and Server
  • Configuring SYSLOG Server
  • Implementing Backup / Restore 
  • Implementing Password Recover

Join the STUDENTS that LEARN and SUCCEED (Reviews are from all of my courses)!

★★★★★   Keith has an engaging teaching style that held my attention very well. I appreciated the practice subnetting questions and the 'cheat sheet' that he provides at the end. I would definitely recommend this course and this instructor - in fact I've already bought another course from him!

★★★★★  I took this as a standalone course to better understand subnetting in general as an IT generalist, as opposed to working towards my CCNA. Really helped me wrap my head around the process, and the exercises do a great job of reinforcing the learning. Time well spent!.

★★★★★  Love the way Keith teaches. He phrases concepts in a manner that is easy to follow and understand!

★★★★★ I have really enjoyed going through this course It is a really good tutorial. I have enjoyed it so much I have already signed up to another one of Keith's courses.I have even started saying the phrase bada bing bada boom as I practice the labs.

How YOU will LEARN!

This course requires you to be engaged! I teach this course as if you were in an actual classroom environment!

I use whiteboard styled teaching, occasionally some slides, and most importantly LABS to teach this course.

The course expects you to be engaged, taking notes and writing down information as i teach it. Study the information I tell you is important for your exams and work on the labs with me! LEARN BY DOING!

This course will give you the necessary skills to take with you to continue your Cisco CCNA Studies, and for real world networking environments in the work place.

Subscribe on YouTube:

Subscribe to LearnTech Training on YouTube as we will be uploading many videos for all areas of Technology that include FREE Lectures, LABS, and Promotional Offers for future courses we create!

Meet Your Teacher

Teacher Profile Image

Keith Gebhardt

Network Engineer - Bootcamp Instructor


Hello everyone, Im Keith and I have been working in the IT industry for a little over 10 years now, working for both small companies and large fortune 500 companies. Working for a variety of companies in different industries has allowed me to gain a great insight on the important roles and responsibilities in the networking industry. Being in IT is a fun, but at times, challenging career. Technology is always evolving so it is important to stay well educated in many of IT's domains so you can grow with the technology and keep a strong, secure, and healthy network.

I began teaching in 2015 in small classroom environments, for different consulting jobs I had. That has lead me to dive into the world of online education which I only hope grows so I can help educate those who are eag... See full profile

Class Ratings

Expectations Met?
  • Exceeded!
  • Yes
  • Somewhat
  • Not really
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.


1. Welcome: everybody and welcome. My name is Keith Gambler with learned tech training dot com. In this course, you're gonna learn all of the necessary administrative configurations, not only on our devices, as faras based administrative configurations are concerned, but also, device management such as NTP servers, DNS servers, D. C P. We're gonna learn how to set up T FTP servers so we could restore him back up our IOS configurations to and from that T FTP server. We're also gonna learn how to do password recovery, which is huge not only for your exam, but for the real world itself. Now, this course is also going to include a bit of a bonus section, which is rip version two. We're gonna talk about some static routes and default rounds because the topology that we're gonna build, as you can see here in the screen here, we're gonna build this beautiful topology which will allow us to put all these different and management features in this network topology into perspective. So you could really see how they're communicating. But this course designed okay to go step by step. So you have that full 100% understanding that plus this course comes with an awesome workbook that you could follow along with every single configuration I'm actually doing that way. I'm not just providing you with a whole bunch of labs to download and things air halfway completed for you guys. You're gonna be following me along from a to Z throughout this entire course, following along with your workbook. Learning by doing that is always my model. Okay, You need to do this. Repetition, repetition. Repetition is how you learn and succeed with anything in Cisco. Seen a objectives. You know, there's a lot of objectives there. Sometimes it can seem overwhelming. So take a look at the free courses, and I hope to see you guys inside. 2. Cisco iOS Introduction: Hey, everyone and welcome. My name is Keith Gephardt with Learned tech training dot com And I will be instructive for the duration of this course. In this course, we're gonna be talking about Cisco CC and a exam objectives related to the operation and understanding of Cisco IOS and the administrative configuration that we need to implement on these devices not only for your exam but for the real world as well. This is really gonna be extremely beneficial for any of you already in the i t. Industry trying to really get a, you know, more real world perspective on how things are working. Looking here, you could see a minor list of the things we're going to covering. This isn't enlist, you know, an end all be all type list, but it just gives you an overall perspective. Okay, We're gonna learn the router and switch boots sequences, which is going to be great for understanding what's going on when our routers, you know, start booting up and they're loading up our IOS. We're gonna learn how to navigate the Iowa's. We're gonna learn about the different modes of our IOS so we could take a look at what we can do at different levels within Cisco's Iowa s right? We could also configure different permissions for user authentication. You having a specific privileges within the different levels of Cisco's Iowa's? We'll talk about the file system. Okay, now, technically, you know there's a few different types of file systems we have on our Cisco. IOS is what there's two in particular that you really need to be aware of. In fact, I might even say, you know, a little bit far stretch of saying there's three that you should be aware, especially when it comes to switching because we have the lands. Okay, so we will take a look at all those as well and how we could actually, you know, work with those different file systems. We take a look at administrative configurations. Now, this is more of a I would say, a C sent topic. Okay, this would be a lot of your base configurations, but we're gonna go into him and explain them in a little bit more detail than previously with other courses. I have simply because we're focusing on the administrative configurations. Okay, Those based configurations and some people might even call them bootstrap configurations, Okay. And we'll talk about those. And these will be the configuration that you typically want to implement on your devices, you know, right in the beginning. So as you move forward with the rest of the configuration is you don't have to go back and worry about him. We're also gonna talk about how to back up and restore Cisco's IOS, okay? And we're gonna do this implementing what we call a T F T. P server. This is huge, Okay, because we actually implement and utilize t FTP servers all the time in the rial industry. And, you know, there's a few different reasons for this, but the biggest one is as soon as we get a new Cisco device, right, So we have a nice, brand new Cisco switch right here. We're gonna want to communicate that to a T FTP server. Or maybe, I don't know. Maybe we just plug in a little USB stick on it. If it you know, a newer switch that you know allows you to plug USB sticks into it. We could now save a fresh copy of the IOS to this this t ftp server. Okay, that's what we're gonna be doing. And then as you make your configurations after you're all done and you know you get the green light to go ahead and launch your network well, we can now save a copy of that configuration over to the T FTP server. So now we have two copies, one fresh, one where we left off. And then maybe once a month, we want to actually continuously re save that file. Just you know, it doesn't matter depending how much storage you have on a T FTP server, but that's what we would use it for. That way, if something ever happened, it crashed. Or, you know, maybe there's many different variables. We'll put it that way. There's many different variables where something could potentially go wrong where the, you know the startup config may have gotten corrupted or something's changed. Networks not going down well, this almost acts like a snapshot whenever you keep doing this, OK? And this is talking about maybe some virtualization for any systems. Administrators out there are engineers. It's acting like a statue every time we send us this ah copied file. Over that way, if something's not working and we need to get up right now. Quickly. We know the last time we back this file up was working. Let's send it over now. Maybe some of the newer configurations that took down the network may not work, But now we could start going back once the networks up and start isolating and finding that root cause analysis to be able to continue with our daily networking, you know, functions or operations. Rather, another thing we're going to take a look at briefly is CIS log because you know, we'll talk about six log, and I'll maybe even go as far as pulling up a real Cisco IOS image. Just show you some more of the features within the CIS log with packet tracer, which is, you know, 90% of the time. So I'd say a good 98% of this entire course will be labs because you learn by doing. But the problem is, we're gonna be using what we call Cisco's packet tracer. Right? I spelled that wrong. Totally mess Ellen up. But packet tracer. It's a great great you know, network virtualization platform that we could really go in and learn a lot of different technologies, and it's extremely easy. And the best thing that a lot of people love seeing is it's free. But the problem with his Cisco packet tracer okay is using a slimmed down versions of Cisco's Iowa's, so it doesn't have all the bells and whistles and features that a real Cisco IOS device would typically have. One of those drawbacks is when we go to talk about CeCe log. Okay, It's very, very limited within Siskel packet tracer, because for your CC and A, it's not going to really require you to know all the different severity levels. Now I notice in some of the newer curriculum and the books that they do have out there, they do mention it. But, you know, from my years of teaching in class and online now, right and I've seen different practice exams I've seen, I've administered exams. I've seen people taking these exams. I think you might run into maybe one or two questions, if any, right on a system you don't forget. There's multiple versions of the exam, so even if you're sitting in an exam room, the person sit next to you might have exam be and you might have exam D or something equivalent to that NTP. Okay, this is our network time protocol. So we're gonna learn how to set up a clock on the routers and switches, and we could actually do it two ways. We could actually hard code it. And this is something new in the Cisco curriculum that they mentioned. So I do want to make sure I go over it typically. I mean, we really don't worry about this. Um, you can. It kind of adds a little bit of redundancy. So that's method one method to wouldn't fact be enabling an NTP server now Siskel Package racer again. It's a little bit slimmed down, but you'll be at least be able to get familiar with the the the commands in Texas and everything. So, technically, the reason why we generally would like to possibly due to is Well, it's like with anything to is better than one, right. If you have two houses and one burns down, you know, God forbid well, you have another house to go to if you have two cars and one breaks down Well, same thing here. What if the NTP server worry are pulling from dies. Well, now we have a way to manage our You know, this plays a huge role with Cece Logs. So when we're going through different things and trying to isolate when something happened , we have a better time frame. You know, we have that time stamped. Really? Isolate were in what time that issue happen. Now, NTP servers. Kim, you know, we could connect to an external publicly, you know, administered anti peace. Ever the US government here in America, I know they have a few different Uh oh, I know they have one site with. Maybe I'd say maybe 10 to 20 different and TV servers that are publicly available to everybody. Or you could host your own NTP server. So there's various things you could do with NTP. It's a pretty strong protocol that we could implement on Cisco IOS devices, and we'll dive into that is well before, too. And then down here, we also have d http. Okay. So we're gonna talk about how to implement it both as a server and on a router, because we could actually utilize our Cisco routers as the HDP service. So if I have a router here, Right? And maybe I have a server here. Well, if I have I don't know. Let's just say we have a small land device down here with multiple devices and they all want to pull from D C. P. Well, we could pull from the server, but the problem is for any of you Windows administrators. Let's see, we're talking about 2000 are too. Maybe we're talking about 2012 are too. Maybe we're talking about some Lennox, right? You have some Lennox boxes and this is where were, you know, distributing our d HCP pools to the rest of the network. Now, you and I both know these servers go down quite frequently And you know, when I say quite frequently, maybe it's, you know, once or twice a year, sometimes maybe more for some of you. But that is pretty frequent in the terms of. And speaking of the network terminology, when you lose something for, you know, any amount of time in the network, it's not good, and that is too frequent sometimes. So we could actually implement DCP right on a router, which is ah, lot more reliable. It's a lot less common for one of our Cisco IOS routing devices to actually go down opposed to maybe a Windows or Lennox server. Now, there's gonna be a few other things we do cover. Okay, Um, obviously, we're probably not going to go into the lands too much, So you should have a decent understanding of villains and things like that. We're not gonna be doing any trunk ing, so don't worry about that again. This is administrative configurations we're talking about, actually, the administration of our devices. Not really so much as creating networks, but for the lab that we're going to be building. Okay, we will need to actually start implementing some routing at one point or another. So we will talk okay about routing. We're gonna talk about rip. Version two will talk about some a default routes, and we'll also talk about, ah, static routes as well, just as a basic overview. And just so you're familiar with them that way, as we move forward through the rest of this course, you can, you know, really follow along step by step, and it all makes sense to you guys. So that is what we're gonna be covering in this course. Okay, now, one cool thing that I want to bring to your touch. Let me just clear my screen here is you will be able to download this. I'm gonna call it a workbook. I didnt really take the time to create a new e book for everybody. But this is a awesome little workbook that's gonna follow along to the lad that we're building. We'll talk about some other things. I have all the configurations we're gonna be implementing. So obviously you can see there's gonna be a lot here. And here's just another smallest of some of the things we're gonna be really diving into. Alright, guys. So I want to thank you for joining me in this course, and I will see you on the inside. 3. Installing Packet Tracer: All right, students, welcome back again. My name is Keith Gephardt, with learned tech training dot com And I will be your instructor for the rest of this course. I'm so glad that you guys decided to join me in this because you're gonna learn a lot of really, you know, revel in skills not only for your exam objectives, but for the real world, is it, You know, in its own right. So we're gonna be talking about Cisco's IOS administration, and we're gonna be building a lot of labs. So you learn by doing, obviously we'll cover a little bit of theory. So you understand why we're doing some of the things we're implementing. But for the most part, you're gonna be learning by doing. Now, don't forget, this is also related specifically to your Cisco season a routing and switching exam objectives. But this comes in extremely helpful. Okay, for the rial industry. Now, the first thing I want to do is take a few minutes here and walk through with you guys on how to set up the lab environments that we're gonna be utilizing as you see in the image air. This is Siskel Packet tracer. And the nice thing about this compact researchers, it's designed for the CC and a level minded student. Okay, it's free. It's it's a powerful tool. It uses what we call slimmed down Cisco IOS. But it does everything we need Teoh pretty much at the ccn a level again. It is free. Okay, so we're just going to navigate to their website to get it. If you don't have an account, you will need to create a free Cisco a cat account and then just simply install it. Now I have that little Africa the bottom for any of the Mac users. You'll have to follow me to my website and click the YouTube video, which I go into and depth on how to really install this on a mackerel in X box. So let's go and get started. OK, just open up your favorite Web browser. I'm using chrome and here I could just go to www dot in ah ah, Net net. There we go a cat dot com, and I'm gonna pause a video. But what you want to do is click log in. Okay. Now, for those of you that do not have an account again. Create one. It is free. So I'm gonna positivity. Why, Logan? Now, once you're logged in, this is the dashboard. You'll be prompted with if you scroll down all the way to the bottom. You see, resource is here, and it says packet, tracer, Click that just go down. You could see it only offers you to download it for Windows, okay? Or Lennox and specifically want to. Now you need to select which bit of operating system you're utilizing. It's just like insulting any other application. Guys, there's no rocket science behind it. It's really easy. Just quick install. Follow the on screen prompts and you're good. But now what about you guys sitting here watching and you're sitting on a Mac OS? Okay, well, open up a new tab, and you need to install. Well, first, we could go to www dot learned tech training dot com. And then what's this? Loads We will go to. Okay, that's weird. It's taking a while to go check out that what? You're gonna click. Free Resource is here on the right hand corner, and once this launches, you'll see all these videos inside. These are my YouTube videos or some of them. And another thing I want to bring your attention is if you have yet not subscribe to YouTube on forlorn tech training on YouTube, at least go and do so. We always put up different videos. I'd say maybe one or two a month if we you know, we try to at least, But here, you'll see the one I want you guys pay attention to is installment or packet tracer on mackerel. Lennox and this Milwaukee step by step another are a few different ways you can do it. This is the easiest way I found for most students to be able to just follow along and get it working to do this. So you need to have some kind of virtualized environment. I'm a big fan of VM Ware, okay? And specifically, I run on my Windows computer via more workstation quite often. But for you, Mac fellows out there, Okay. You need to run what's called the, um where? Fusion. Okay. And again, VM or fusion? It's awesome. You do have to pay for, but if you have a university account or college account, you could actually get a discount on this. I think it comes down to, like, 70 bucks or something. But the reason why I like via more fusion so much more Veum, where in general is because you actually utilize it in a riel environments in your workplace. A lot of times we're utilizing VM Ware virtualization within data centers and their networking environment. So it's nice to get familiar with their suite of tools, and I feel it only makes you better in the long run. Now, I am not a sales person before VM where I'm not getting endorsed for recommending them. It's just what I like to use, and I like to recommend it to my students now for a free alternative. You could also go to what we call Oracle's virtual box, and here's Ah, link right here. And when you click that you just open it up. Okay, again, it's free. Go to downloads. Here in the left corner, figure out which operating system you are utilising so that is virtual box. This is VM where this is where you find the video and again, this is where you find the downloads pretty cool, really easy to do from there. We also need to go ahead. And once you install it, open up package measure. And this is what you're gonna see. This is packet tracer. You know, we have many different router and switch options that we're going to utilize. And the reason why I want you guys getting this installed now is as I go through some of the theory and slides. So you understand some of the administration concepts and topics that we're gonna be discussing. I could go in and just drag around or switching here, every nominee and just comparing contrasts and, you know, minor things. And then we'll dive right in with that knowledge, okay? And start building our labs. So I hope to see you guys in the next one. 4. IOS Boot Sequence: All right, students. Welcome back as we continue to learn about Cisco's Iowa's administration and we're gonna be building labs because we wanna learn by doing now, there is some theory we need to cover as we move into configuring. But since we installed physical packages already will be able to kind of learn theory and make our configurations building our labs as we move forward. So let's go and get started. So the first thing I want to go over is the boot sequence. Now you'll learn that we're gonna talk about specifically to different types of boost sequences for our network devices, and that's gonna be on our routers and our switches. Okay? And the reason for this is mostly because you're only concerned with this for your Cisco ccn a routing switching exam. Now, if somebody were to ask you how's your computer start up from start to finish? Would you really be able to answer everything that's going on behind the scenes? Most likely, not. Maybe some of you, a little bit more tech savvy, would know. Okay, you turn it on, it goes through the bios, you know? Then it goes through this, or maybe someone would even say It goes to post to the BIOS and then loads up your operating system. But for the most part, we don't really care how it starts. We just wanted to start the entire credentials and go about our daily business. Well, it kind of changes a little bit when we're talking about our network devices, because within its boot sequence, it actually offers us a lot of administrative control where we could perform different administrative tasks. So But to understand those administrative tests, and we're gonna learn a lot about them as we move forward through this course, we need at least know the boot sequence for this. Now, the 1st 1 here is just like the computers. Okay, it's gonna load up post. It's gonna look for additional installed hardware. This could be anything from modules that we install on our routers. Like different serial ports or cat five. RJ 45 pours right. Different things like that and it could also mean the internal memory. Okay, where the IOS is stored, where our configurations are stored, etcetera, etcetera. That is all considered this additional installed hardware. One thing I do want to bring to attention now is you need to remember that we are using Cisco. Okay, It's just goes I o s. This is an operating system, just like a computer. So it needs to be stored somewhere on these devices for to be loaded up so we could perform our network, you know, configurations, or have our network up and running. Essentially next, it's gonna look into Rahm. Okay, Now, Rahm is essentially what we also call bootstrap in the technology world, and it's basically just say OK, now that I know of all the different things that are on this, rather whether it's modules or storage and memory and things like that. Now let's go and look for the operating system and the operating system is gonna be stored in flash. Once it notices that we do have an operating system, it's gonna go ahead and start logging us or opening up the register with into the router and switch and see what value it is currently set up. Now there is a huge list of different Cisco Register values. OK, let me just clean the screen off here. We got my mouse and in fact, if we open up our um, Internet browser of choice again. I like chrome, and I just type in Cisco Register. Ah, let's say Cisco IOS registered. There we go and just go down here and just click this one. Now this is it, says Siri's 1800 platform. It doesn't matter. They're pretty much almost identical. But you can get more specific with your search, right? You could search for maybe the 2600 Siri's platform, whatever. But just going down here, you could see all the different register values that can be used on our devices. Now, do you need to memorize all these? Absolutely not. Cisco knows that there are so many commands. I think it's over 400 some 1000 demands that these routers and switches can support right so that it's not the, you know, we're not here to learn every single one of those commands and what they do, we just need to know how to implement him and the overall understanding and concept of each one of these topics and protocols. Really. So we know where to look when we are troubleshooting and administering our devices. Cisco is very, very good at managing different documentation. Okay, if you took a class in university, I guarantee some of the lower I'd love. Of course you talk. They would say your first resource in i t is Google. And it got on this truth because they have very good documentation. Okay, keep that in mind as you before. So going back to looking at this we're seeing the first register value I have written here . Is this Xerox to 10 to This is the default register value. It loads up. Okay. And what it's saying is it's going to look for a configuration and load them so just stopping right here at this first bullet point. Right? Right here. It's going through post looks for flash finds. It goes to register. But now I need to say, OK, well, is there a configuration on it? So we go through post the bootstrap configuration found the IOS. Right. So these kind of go back and forth intermittently between each other and right here. Envy ran is essentially the same thing as flash. It goes through flash right goes into envy, ram and looks for our startup configuration. This started configuration name is important. As we move into the next lecture when you talk about file systems. But just so you could relate them to together now so it finds a configuration. So what to do? It loads It okay, loads. It finds that started configuration file and then it load us into what we call Ram Ram. OK, so we just basically flew through 45 and six. This all happens within maybe 30 40 seconds. By the way, it's super quick. And once it loads up the configuration file that it found stored in envy RAM, which is non volatile memory, right, it's gonna put us into what we call running figuration, which is ran. So what is the difference between Ram and the Ram will envy ram again. Non volatile means if we lost power to a device for whatever reason, okay. And yes, I know we have different battery backups and you know, UPS systems out there. But if we lost power for whatever reason, well, if it's stored in envy, Ram soon is that that router switched comes back online. Well, it still has its saves configuration as far as Ram. Anything just sitting in ram. If the power goes out, it's going to be lost. OK, very important. Understand its volatile. That's why when we save our configurations, we use a save or I'm sorry. A copy running config to a startup config. Okay, running config startup config Because it's taking the running config file in RAM and saving it into our started config in envy, ram and again, Well, that should be in our again. We'll take a look at this in the next election. We talked about file systems, so that's pretty cool. Okay, we know now that the register values 20 ones here to find that configuration and lows it. But what if there is no configuration? What happens then? Well, if there is no configuration, it's just gonna go ahead and continue to load the router. IOS, since it found the Iowa's now is just gonna say, Well, there's nothing in envy, Ram. Let's just bypass that and go right into ram. So no matter what, we always end up in Ram. That's why again, we always have to copy our running configuration, which is our current running file into envy RAM, which is our non volatile configuration. It's our startup configuration file. Pretty cool stuff. So let's go ahead and take a look at that real quick. I'm gonna go in clear screen, and I'm just gonna open a packet. Tracer! Now, you guys could do this with me. You don't have to. I'm gonna pull up a router here and a switch here. One important thing to understand with Cisco Devices, as far as the routers and switches are concerned, they're practically identical. There's actually only one minor difference between the two that start up. So I'm gonna go ahead, open up the router, and I'm just gonna wind this just a little bit. I'm gonna powered off power back on and click cli so you could see what's happening. So right now is going through Post is going through everything else. It's finding the IOS, and that's what it's doing here. Found the IOS. See how quick that happened. And it's going into RAM because there is no current started configuration file saved in envy Ramp. But it's always going to decompress the image and you know it's doing that by the pound signs. This is where it found the IOS and flash, and it's loading that flash file with a router. Okay, this is the difference between switches and routers. Routers jump you into a systems configuration dialog if there is no already configuration saved to envy Ram in the router. So we get this little continue with configuration dialog and we always want to say no here . Now they did implement it. I'm sure some people out there my argue say yeah, we use it, but I don't know why you'd want to Your so limited. It's basically just like a questionnaire asking. What do you want to put on this router? We don't like using this. And for your exam, you don't want to use it. So you were going to say no. Look what happens. It takes us right to what you would typically see when you go into a router. Now let's go take a switch. Now again, this is a brand new switch, right? And I'm just gonna go ahead and click, See, alive and up here. You see, it did decompress the image and went through all its boot process and down here we did not get that configuration dialog. So if I open this back up up here, ok, we have this country. You're continue with configuration dialog with a switch. We do not get that. That is pretty much the only main difference between the two boots sequences between a router and switch that you should be aware for your CC night and soon as you get in there, you just hit enter and with both room and you're right there into each of those devices. Pretty cool. Great. So I'm gonna go and strength ease and going back to this Let's talk about that second register value. Okay. 2142. You should definitely be familiar with this because this is used more frequently than none of the others to be quite honest, and it's basically bypassing any of our safe configuration files. So it's gonna go in here and say, You know what? I have the IOS just taking you right into RAM. It's going to completely skip the nd ram, which is where our configuration files say, that started configuration file that I was talking about. The reason why we want to do this is what if we forget our password so we could use this for pastor recovery? Think about it. It happens frequently. Go in. Maybe you haven't ministered this device Or maybe you got back from vacation. It's a Monday. Oh, no. Something's going on in our network. All right? We have this router, but I'm sitting over here somewhere on a different network, trying to s h into this router that's having an issue. I have lost my past, but I can't remote in So what I want to do. Well, now I gotta walk all the way over here to this network closet, right? Take my handy dandy little computer console into the device, and then when it loads and we need to take it into what we call Rahman mode and then change this register value from 21 0 to 2 what? 2142 and again, that's bypassing the start of config. Now, you should know that when you do this, you're gonna turn off the route and turn it back on. You should not be doing this during operational hours. You have to find someone else that has authentication or, you know, access into that, rather to get in. Or if you're the only one, then you need to send out an email, letting people know that we're going to go down for about 5 to 10 minutes. Okay, so you get in, you bypass it, you go and change your password and you save it. You have to switch your configuration, your register value rather back to 21 0 to, because you never want to leave it in 2142. You always want to run it. Routers for normal operations in 2102 Now we're talking about this. Rahman moved. This is basically kind of like bios. If you want to think about it like that for Windows, right? But the major difference with Rahman for a Cisco device or our bios for our Windows computers is that unless we force our device to go into Iran and mode, right kind of like how I'm showing you here where we changed the register values to be in Rahman mode. If you just started the device in it launches you in Rahman mode without you deliberately forcing it to go into round mode. Well, you better have a nice cup of coffee. Sit down, relax because you're in for some serious trouble shooting. It's never good when the Rahman mode boots up first. Typically, because that means our start of configurations on the device have been lost or the Iowa's. The Cisco operating system has not been found. So just be aware that if you see Rahman mode, it's usually usually not a good thing. So that is the boot sequence guys area go supposed Rahm looking for that? Iowa's flash goes through the register values and again, 21 year two by default looks your configuration and loads it, but it always take you right to ram. All right? Even if it does not find a configuration, it's just gonna go ahead and send us right to ram. That's the important thing to take out of this is no matter what we're doing. Okay, If I go in, just clear this real quick again, and I open up my, uh, lad here, just click this. We're being right here and we'll go through all this in a minute. So I'm in Enable config t ok, lying con lying con zero. Everything I'm doing right now. Soon Is it loaded? I am in Ram. Even if it loaded me into a configuration file already existing, it's loading me. It's gonna low that configuration file. But again, it's taking me right into Ram. It's very important to understand that we are always always in Ram when we are sitting at a device making configurations its current running file. Alright, guys. So that's boot sequence. I will see you guys in the next one. 5. Navigating Cisco iOS: All right, students. Welcome back as we continue our journey with learning, Cisco's Iowa's administration features and all the topics related to your CC May exam curriculum. Now we've already talked about the boot sequence, fire switches and routers. We got to learn a little bit about the comparisons between the two. There's not much difference, but we also learned about the different file systems, right? Started in fig running fig. And before we dive mawr into each one of those file systems, I want to go through how we navigate through Cisco Seelye. All right, so this is an image from your book, and I'm gonna talk about this a little bit differently because this isn't really correct, 100% correct, and I'll explain that now. So whenever we're talking about our Cisco IOS, whether you're on a router or switch, okay, again, this is going to be the same for both our routers and our switches. It does not change. Soon as we get into the switch, we always land in what we call user mode, all right to get from user mode into what your book says enable mode. This is not the correct term in fact, in 90% of Siskel documentation you read, it's gonna say Privileged exec mode Very important. Understand? The reason why it's been known as enable mode is because to get from user mode into privileged mode, we actually implement the command enable, which takes us into privilege mode. So it kind of gotten thrown around just by people talking about it over two years as enable moved. Just don't get those to configure confused between the two. Because honestly, on your exam, you're probably going to see it related as privileged exactly mode you're not. You're not going to see Cisco really related to enable Mode, even though the books say user mode unable mode Just know that is also called privilege more. That's the real name for it. Once they're in enable mode. Okay, this will allow us to do more things and what we can do in user mode. Um, and user motor really limited with what we could do. Maybe a couple show commands, not too many, but you really have bare minimum access at a user mode privilege level within the privileged exact mode, or again enable mode. Okay, that next mode we could do a lot more. It's a little bit more dangerous because we could actually, you know, go into the flash. You can manage directories. We could reload the device, right. So enable mode, even though it's nowhere nearest, you know, complex. Or we don't have as much authority to make different configurations, you know? Ah, permissions to make a different configurations with intruders mode as we do with global configuration moved, we could still do a lot within the able mode. So you need to be careful with that when you're actually assigning different problems levels. Two different users that have access into these devices to go from enable mode into configuration mode. Okay, you simply say configure terminal, that's it. Global Configuration Road takes us into Global Configuration Boat. This is where I would say about 90 to 95% of all configurations are made. We go into global configuration. Well, that's where we could, you know, configure interfaces for your routing protocols. RV lands on a switch for your trunk ing. We could do pretty much anything that we need to configure our networks to run from global configuration. But how to get from configuration mode back to enable mode you could simply type in end or use the shortcut Key Command control Z and I'll take you back into enable mode from here. We cannot use Control Z anymore. Okay? We cannot use end anymore once it sets us right here. Here we would have to say you disable or exit to go back into the beginning into user mode . That's very important. Understand? If we said and here or controls here, well, controls he's not gonna do anything if we typed in end is going to try to resolve as a domain name. And if you don't have a DNS server set up to this router or switch, is just gonna sit there and resolve and resolve and resolve it and we'll talk about how to break that here in second. Now pay attention to remember, enable mode Here is also privileged mode. I'm always going to say privilege. Most of that kind of embedded into your mind we say configure terminal or the shortcut would be calm. 50 to get us into global configuration. Boom. We also have what we call sub modes. Okay, we could go into an interface. We could go into a villain. Maybe we want to go into our line council, which is basically the consul when we take our consul port from our computer and plug it into a router or switch. Right. That's that little baby blue cable we plug into a port and then we can administer the device locally from our computer. That's council. That's where this is this command line con zero or lying conscious era lying VT. Why is our remote lines okay? That's our telnet and our S S H line. So we would have to configure our line Bt y lines 0 to 15 because that's how many we could have it once. I don't know why you'd want that many at once. Typically, maybe run zero through four or something like that. But that's we'd have to configure line Bt Why? Whatever implemented for us to have either of the town that rests age, um, features enabled on the device. Now, with talent, it's quite simple. Pretty much just enable line between why and then give the interface and i Paterson boom. We're good with telling that we have quite a few more configuration would actually have to implement because it's a lot more secure than telling that another thing. I want to just bring your attention are these helpful commands. Obviously, control plus Z equals exit. Or we could type in eggs as I mentioned control, plus a will take you to the beginning of a line Text control. You will take it to the end of the line. Text control. See, will break you command. Now there's a few different breaking there's actually, there's probably, I think, like, I don't know, there's quite a few different break commands. The two most common one you should be aware of are these. Okay, Control Plus C, which he goes breaking control Shift Plus six equals a break, and I mean each break. Command is used for different things. You know, Cisco. You'll notice what Cisco even between some of the switches and routers or even the routers to the essays, They're Syntex. It's funny because the Syntex isn't always the same, so you'll notice a lot of times we always use the question mark, and that's not cheating just because you have to use the question mark to figure out what you're doing. That's not cheating. That's that's that question marks. There to help you out. We'll take a look at that here in a second. But again, control plus 60 goes brake control shift plus six equals break. Those are the two, I would say more common of the types of breaking and we have that you would actually use and then tab. So if you're typing out of command and say I said Configure and I was, I said was T E. R. And I hit the tab key. It will actually finish spelling out the rest of the command for us, which is just kind of help save time, remembering whenever we're in a you know, configuration mode, whether it's the global configuration mode or a sub configuration mode like interface, movieland, etcetera, etcetera, we could use exit which will take us back one place. Okay? Or we could use end. We could say end over here instead of exit and and that will always take us back to privilege mode. Or we could use the short key which is control Z and again that I always take us back to privilege mode, remembering though when we get back to purpose mode, we have to type in exit or disable to go back into user mode. That's very important to understand. So it's going Take a look at that. All right, I'm gonna go ahead and pull up our lives. I mean, just clear the screen here. Open a package, Facer. I still have these two sitting from the last lecture. I'm just gonna open this up, so to go in, let's go and say, Let's just hit the question, Mark. So here you could see some of the different things we have available to us. Use a privileged level if I type in enable. Okay, now, here's what I'm talking about. I could say enable okay, Or I could exit this. I could also say e n for short, and it will still do the same. Or I could just say e and and hit the tab key, and it automatically fills it out from a So those are just some options you have here. I could hit the question mark. Okay, Now you can see we have more options, but a couple that I want to bring to your attention Let me just wind this So it's all combined a little better. Just a few to bring to your attention or we have a clear command. We have a delete command. We have a directory, which is all of our flash files. Right? We have a race. We have a reload. Okay, so there's a lot of things that we can do at this level, you know, locally to administer this device, which can be dangerous if there's someone that doesn't know what they're doing and they have authorization into this level. Okay, So you gotta you gotta pay attention that when you're creating different user levels for your devices. Now, if we went into director, I could say directory head enter. You see? OK, there's two flash files already existing. Here is my operating system. And I know that's the operating system because, well, on it says dot been okay. Canine will simply tell you that it has S S H capabilities. And, you know, sometimes the names, even for the same model of the router, this name might be a little bit different. Set of a T v. I P Service is okay. And I say I p security or, you know, depends what kind of version of the IOS you bought specifically for this platform of a router, So that's something to pay attention to. These these dot been files can change. Okay, you know, it's the same Cisco platform. It just depends on what features you want. But again, you could see all of the different files that we are pretty much configuration that we can make from this mode, or you couldn't really do some harm. You know? Example. If I just said reload. Okay, it's gonna ask you, Do you want to confirm with that? I could just hit enter and it's reloading. It's relating it. You know, you could see it's going through the self compress since I didn't have anything saved here . It's gonna take me right back to that that systems configuration dialog. Many kind of like that cheap menu that you see here on your screens. So I just want it. No, but again. So I type in e n, that's for sure, getting me into privileged mode and there again, the reason why this says Privilege Motors, because the command to get into this where Cisco's new books as it's an enable mode because we type in unable to get there. But again, remember this. I'm gonna make a bullet point here. This is called priv alleged mode guy. Very important. Understand? Once we're in privileged mode, you could tell were impervious mode by just this pound sign. You see, we are in user mode by the greater than sign. Right. So now that we are improvise mode and again, that's what you print out on your screen would be with that pound sign to get into the next mode where we could actually start making the configurations on our devices to configure our networks. You simply say config. Your and I just hit the tab Key terminal and you could see I just hit the tab key. Now I'm gonna exit. Okay, that's gonna take me back one level, as you can see here if I just simply said comp t hit enter, it does the same thing. It just a bit of a shorthand Syntex version of it. Okay, now one thing I want to show you if I exit here, look where it takes me. It just takes me back to privilege mode exit here. It takes me back to user mode by typing enable configure terminal. I am backing global configuration mode and I know that because now I have a parentheses. It says config and a pound sign. If I type in end, it's gonna take me right back to privilege mode by typing and here watch what happens. It's just going to sit there and translate because it's looking for a DNS server. So to break this, you use control shift. Six. I'm sorry that I have my application open. Let me go ahead and close this bum bum bum bum. Now if I hit control shift six. You see it? It aborted it. That was the commander you so again that commanders control plus six. I'm sorry, Shift plus six and and then you would hit Enter and it's going to abort that now. Later, when we start making our administrative confusion, I'll show you a little trick to avoid this. If you don't have DNS, running just makes your administration lives a little bit easier. But let's go a step further. Let's go ahead and go back into global configuration mode again. That's comedy. Here. I could hit Control Z and look at Take me right back to privilege mode so it's safe to say and and control Z will do the same thing. It will always, always, always take you back to privilege mode, whereas exit would take me back one level no matter where I'm at. Okay, To put that into more perspective, let's go and say Configure terminal and let's go say we're going to line that console so I could say Line con zero Or I could even spell it out. Lying Consul Zero. And again, I just hit the tab key. Here I am in a sub configuration when I know that by the hyphen and it's describing what I'm in. If I hit exit here, look at this. It's only take me back one level. So if I go back in the line con zero mode and I type in and instead of exit, it takes me all the way back to privilege mode. A step further. Conte and then I go into lying com zero once again and I use a control Z again. It takes me all the way back to privilege mode. So you there you could see and and control Z will always, always take you back to privilege mode. Exit will always take you back one mode prior. OK, very important to remember. And again. The only way to go from privilege mode back to user mode is if you type and exit as you could see, it just did. If I am in privilege mode and I type in end is going to sit there and try to resolve. So now we have to do control shift sex to abort that. Another thing I want to show you record is if I go into configure terminal and I want to say interface at 00 For example, if I'm trying, if I'm typing in, you know, some kind of command i p address 1 91 68 that 1.10 to 5525255.0 and I had enter. And now all of a sudden, I realized I messed up something. You could use the up arrow and down error to find previous command you've implemented. So I could just hit the up arrow. But you can see my cursor is all the way down here at the end. What if I wanted to remove this? Okay. And again, we'll go into more of this later, but I'm trying to show you some of the shortcut commands right now, as we move forward to you familiar with them? All I gotta do is it instead of using the left arrow to go over each single line, Okay, if I'm down here at the end, I could just hit control a and then I was just negate. I would say no. And then you could just hit enter here. But before I do hit enter. What if I wanted to go all the way back down here to the end? I could just Okay, I'm over here. Right. I could just hit control e, and it's gonna take me down to the very end. Control, aid, the beginning Control E to the end and hit. Enter. Okay. And what did it do? No, I p address. Okay. No, I P address. There we go. So that is a way to do it. So no. Obviously negates the command. Control. A is very useful. Just help save up times. You don't have to sit there and again, if I had this full line, I don't sit here and hold the arrow going all way back to the beginning to do whatever I'm doing so again and controls he's gonna take me back to privilege mode. But if I didn't want to go on back to purpose, mode could take T. I am an interface f a 00 and I'm typing I p address. Whatever I'm like Oh man, I I don't want to be here. I was like, I do this type of exit and it keeps me in global configuration mode. Pretty cool stuff, guys. Right? So that's how we navigate around them. The modes Let me just pull up the power point side here again. User mode to go into privilege mode, we say enable privileged mode into global configuration mode. We say configure terminal, we have to say and or control Z no matter where we're at, whether it's global configuration mode or an interface mode, it's always going to take us back to ah privilege mode or again on this, it says enable mode from here going from user or I'm sorry, privileged mode into user mode. We have to say exit or disable and exits just shorter and quicker. So I use that. And here again are some of those helpful commands. I just briefly went over with you guys. All right, so I will see you in the next one 6. Navigating File Systems: All right, everybody, welcome back as we continue our journey with understanding Cisco's Iowa's administration, we're gonna be building labs here shortly. But there's one more thing we need to briefly go over and here we could see its those files systems that have been briefly mentioning so far through the previous lectures in this course. So typically we're talking about file systems. It's, you know, we're mainly usually concerned with basically how we're saving our configurations, where we're saving them to in our devices. But more or less to is this is very important for when we start talking about implementing T FTP servers on our network because that's gonna communicate to our devices, and we need to be able to point it to where we're saving or copying different files from within our device. So here's an image in your book, and again, I don't understand why they show it this way. So I'm gonna show you how the proper way this should be, you know, shown because, as we learned in the previous lectures, when we're booting up our devices, the boot sequence it goes through, you know, goes to post. But then we're sitting over here at Rahm. OK, it's the bootstrap is looking for any additional hardware and everything configured or, you know, implemented inside internally, locally, to that rotter or switch. Then it needs what it needs to find the operating system, and that's in flash. Then it's gonna look and say, Hey, do I had a startup configuration file implemented already, which stores in envy Ram because it's non bottle. And if it does, load it and then take me to RAM, which is are running configuration file. OK, very important. Understand? If it does not find he started configuration file, it's still gonna take me into RAM. Okay, this is working memory. This is our current running file that we're always at no matter if we had a starting configuration file or not. So this is the order that they should be in again. I don't know why your books kind of thrown backwards like that, but as important, no envy. Ramus started to think that's are saved configuration files on advices. RAM is our current running and working configurations. Here's another definition. Okay, again, it's a good one from your book sores. The initial configuration to use any times which reload the IOS again and be ram non volatile. Ronning conveyed Agana stores that currently used configuration commands. Okay, if we make commands and do not save them, well then it's not going to save him and started Configure Well, you will lose them. Remember, Ram, it's volatile now when we're talking about saving our current running configurations. Okay? That working memory we're currently running, right? That currently running file, We are in Ram. We need to save it to our startup configuration file, which is always stored in envy. Rim to envy. Ram. To do that, we simply use the command Copy Running config startup config or shorthand is copy R s mind you. You need to know the full Syntex for your CCN exams. Your CCN exams are gonna ask you other questions and throw you off a lot by this. Okay, They will give you three or four different implementations of this command. You need to be able to distinguish. That is copy running Perfect Started configured, not started Configure Running perfect. That's used for something different but for practicality and in real world, we can use copy rs Now the older legacy command is right memory or short hand is WR, which is even shorter and copy Rs. The problem with this is is you will not pass the exam if you keep using WR. Okay, this is older Syntex. Your new exams want you to know the new Syntex. Okay, so do not use this for your exam. So I always trained my students saying copy running perfect started fig and now even used the copy rs shorthand more frequently that we could still relate. Okay, I'm copping running config to starting fig. You could put those two together easily now if we were to save our startup convict to our current running config and this is typically used for password recovery. We could do it backwards or says start of configuring figure copy s are But again, you need to know the full sin Texas and why and where we use these for each thing. Because your example throw these two right next to each other just to throw you off. Remember that. You know, that's why it's important to know that our star configuration is envy. Ram, that's previously saved. It reloads that if the device is power, Ram is where we're currently working so soon as we open up that rather we're configuring, you know, different things that saves it where it's not even saving. It's just storing it in our running fig, which is ram, which is volatile. So unless we tell our running config, which is this command right over here, right to store the running perfect into start up in fig, it will be lost the next time that rotter reboots. Now for talking about verification commands to view our currently saved configurations are currently running configurations within RAM show running config or show run will do it and for trying to find what is saved in envy. Ram show started config or show star is a shorthand. So let me go ahead and clear this off for us, and we're gonna go ahead and open up our labs that we've been working with so far. And let's just go ahead and delete these, okay? It doesn't really matter. Gives you guys a little bit more practice, right? And I'm just opened up a router. Doesn't matter. Open up this router and I was I got to do is click it cli and it's gonna go through the boot menu the boot sequence here. Right? So we give that a second and click that open again. I could just hit fast forward here. That usually will help. So here. Remember, we said, we always want to say no. I'm gonna ask you where are we right now? As far as memory, not modes. Memory. We are in Ram. Okay, What mode? In my And if I hit enter user mode. How do I get to privilege Mode? Enable. Or we could just say e n here. I could say show running config. Okay. And if you could see if this is this the plain Jane running think that's already pre configured on a router? If I say show startup config, which is envy Ram, you noticed there is no start up configuration present because we never saved anything into the envy ram on this router. So let's take this a step further. That's going to global configuration blood, which is com feet. I'm sorry. Com t tripping over my words hit enter and also going to do is change the host name so I could say host name, and I'm gonna say router underscore practice. Okay. Just just basically to change it, you can name it whatever you want. I like making anything named and capitals. It's easier to distinguish when we are using. Show commands are essentially verification commands. But if I hit, enter here okay, you could see it did indeed change this. Now let's go ahead and exit this. Let's go and let's say show running, configured by the way, you have to be in privilege mode to use a show running configuration command so I could hit enter. And here we see the host name is router practice, and also we know it is their fight. The tab key. It'll get me out of that, by the way. And I also know it's there because of it's the name of the router Now, right? The host name for this router is rather practice. So what if I turn this router off? If I goto physical here, just hit the power button and I had the power, But again, OK, it's gonna boot up its decompressing our IOS image and finding it's going through our flash . It finds us. It's looking through the flash, seeing if there's a startup configuration file saved and look at that, we get that configured with dialogue Hit? No. If I go into enable motor privilege mode Show Run! Look at this. Our host name is defaulting back to the standard, which is router are configuration was not saved. So how would we save that? Well, if I go into Global Configuration Boat, Okay? And I said, ah, host name, Router Router. It doesn't matter, just so you could see it is different now, right? I would have to go back to privilege mode and say copy running config because this is our memory. This are currently working area on our router, which is ram Volatile memory copy. Running configured startup config hit. Enter. It's gonna ask you, you know, destination. We could just leave a default. Enter and it built the configuration. Now, if I do a show start Okay. Show star, start. There we go. And hit. Enter. You could see our start of configuration has been saved in envy, Ram, and it matches the same thing as running config. One other thing I want to show you is if I go and exit this, okay? In fact, we could just go physical, turn this off and turn it back on and watch the STI compresses. Always going to decompress because it's got a load up. Whatever it finds Now, it's going through our envy, Ram. Okay, it's finding our currently running configuration. Look this it no longer prompts us with that system. Configuration dialog menu option. Right, Hit, enter and look, we know we are opening up a safe configuration because of a router router. Another thing I want to show you. OK, so if we go in a global configuration mode or I'm sorry, we got to say enable comfy, comfy if I wanted to save something from here. So let's say we configured a password, so let's go. Lying con zero password is just gonna be Cisco something easy. And we have to say, log in exit. Okay, now we have a password set If I want to see the recurrent running configuration right here without going back to privilege mode like this a guy. So if I am in comedy, I could say, Do show, run and I will do the same thing. So, using that show running config I could scroll down here and I could see I did implement a password of life in the line council Cisco law again. Now, if I do show a startup config which is the envy Ram, we could still see. Okay. Router name. The host name has been configured, and that was saved. But remember, I implemented now a password, Okay? And told it to log in with that password looking here. It's not safe to our envy, Ram. So what do we got to do? We have to say, uh well, here we would have to say, Do copy rs anytime you're trying to implement a command Onley recognize at a privileged level, you simply type and do before that command, and it will do it for you. The only thing here that you don't get is if I hit the tab key. It's not going to fill in the Syntex for you. And if you the question mark, typically, it's not going to allow you to get help from it. So you need to know those commands are for that toe work. Otherwise, you would just have to say exit. And here I could say copy are okay. And then you could see it's gonna automatically help you out with that configuration. If I ate say Copy. Running Fig two startup config. Again saving my ram. Okay, this is my running file. My current working memory into our startup config. Witches and V ram and I hit. Enter. Hit. Yes. And now, if I do show improvement so I could just say start, Uh, I'm sorry. Show start. Okay. And hit. Enter and I scrolled down now and we'll see our lying Consul zero was indeed saved. So if I go ahead and go to physical power, this baby off power this baby back on what should happen? Well, after D compresses the image it looks for the current running startup config file and envy Ram. It's gonna probably for that password as you'll see here momentarily by hit Enter. Look at this password. So if I type in Cisco, I am into the router as usual. So that's how we work around our you know, our file systems. Francisco router. Another thing that I briefly mentioned before is if I wanted to look at what the flash files are, there's a couple ways to do that. We could say directory and just hit, enter and showing us that, or I could say show flash and that also show us some more information regarding these flash files implemented. Now, it's important, Understand? Now we could say make directory, okay. And you could name it something, um, you know, hit. Enter trait file directory. Ah, testing. Okay. And then if I show flash again, okay, you'll see that testing has been implemented. So there are different ways we could store things locally to the system with, you know, different commands. But again, my biggest thing I want to bring that to attention, for the reason is we are in privileged mode. We're not even global configuration mode. So in privilege mode, we have all of these possibilities we could do. So you need to be. You know, keep that in mind as you're creating different users and privileges for the different users because they could potentially have access to a lot of things that you don't want them having access to. Now, Francisco packet tracer, the remember I said it is slimmed down versions of the rial IOS that you would be using on riel equipment. So you're not gonna get all the features you can within real equipment. For that reason, we're not going to spend too much time later talking about the privilege levels will introduce them and show you the context and how we can manipulate different user permissions but were mainly focused on the file systems and what we could do with them. As far as you know, administration, you know, privileges and what we could do with the administration processes in different things. You know, functionality. In other words, as far as privileged levels it's gonna be, there's gonna be a lot more you could do with privilege levels as far as an administration standpoint on riel equipment. And since we are all you guys, my students working with me in Packet Racer, we'll show you the basics to get up and running. And then you could take that knowledge and further dive into it with Cisco White papers really go through it step by step. So that is Cisco File System. Guys, I will see you in the next one 7. Setting Up the Lab: All right, everybody, welcome back. As we continue our journey with Cisco, IOS and the administration behind it. Now, we've kind of gone over a little bit of theory, okay? And I did that deliberately because I was the core foundation that you really need to have a good understanding of, as far as the boot sequence are file systems, how did even navigate around the Cisco operating system? Right. Cisco's IOS before we could even start making configurations again. This is a step by step course. So for any of those that are new work to the Cisco IOS, you know, operating system, this will really just really just kind of helped you guys out a little bit so you could stay up to speed with me. As we move through the rest of this list that we're gonna be working on here, we could see we have a lot of different things. We're gonna be implementing a lot of different protocols. And this is all highly related to the administration of our Cisco IOS devices. Now, up there in the top, you could see I said important. Not all Cisco IOS supports the same command based in administrative commands are usually the same across most of the platforms, for both for the routers and switches. But sometimes the command same text can be different. Depends on the different operating system. That's for real world equipment. Okay, so you got to be aware of that now, since you are following me and packet tracer will be ableto do everything together, you know, step by step the same way. Also, remember, you could download this workbook I have for you guys, and you get this from the course resources section on our web site, and, you know, we go through here, it just kind of walked you through some of the, um, you know, startup configurations, understanding the ah, the navigation between our different modes. Right. And then down here, we will actually start configuring these devices. But with that said, the first thing we need to do is actually get this lab up and running. Okay, so we're actually gonna build this lab together. So what I need you guys to do is actually open up a brand new Siskel packet tracer lab. Okay? And I'm just gonna go ahead and file save as and we could stay this whatever we want. I'm just gonna say it to my desktop. And let's just say it's going to be No, no, i o s admin lab And save it this way as we move forward, as you got to do is keep, you know, hitting control s and it will actually save the file for you. That way, if you close it out or something Crashes, remember, it is a virtualized system so it can get buggy from time to time. Not often, but it does happen. You won't lose everything that you're doing. So looking at that image right from our workbooks, hopefully guys downloaded it. We could see we need to set up three different routers, three dimmer switches, and multiple computers and servers as well. So let's go and do that. Now I'm gonna use the 2011 routers. These are pretty flexible routers as far as the features that they could have on. Um, so it's just easy to use. These first thing I want to do is actually turn that these babies off. I'm gonna grab each with two t module. Just drop it in that first module slot right here in the small side. and I'm just gonna go ahead and turn that on now. I could go and close this out. I'm just gonna keep this highlighted. As you see here, I'm gonna hit control C and Control V just so I don't have to go in and reconfigure each one of those to have a new module. And I'm just gonna separate them something like that. Okay, Nothing crazy. And that should be good. Now, later. Well, actually, mimic a fake service provider. So we'll add another router over here. In fact, let's go and do that again. Let's just go ahead and click paste that way we don't have to worry about setting up an entire new router, so that will work just like that. That'll be full later. I know that's not part of the workbook diagram, but again that before later. So this I'm gonna just name okay, I'm gonna say Branch dash A If I spell branch proper Branch Dash A. And this is just how you name your devices, and it helps keep them a little bit. You know, when we're talking about configuring networks, you know, the more specific with documentation you are even in the real world, the better it is gonna be for you. So this will just help you follow along with the better the middle router will be branch be . I'm an hour far right router. Okay, this will be Branch Dash C and then I'm gonna name this guy over here, and he's gonna be named service dash provider. It doesn't really matter as long as we could understand what these routers are going to be used for. So the next thing we could do is actually drop in some switches, so I'm gonna use the 29 50-20 fours. Typically, I use the 20 sixties, but these don't have the gigabit Ethernet port, so we don't really need to have those. So I'm just gonna drop him, like, you know, we're not configuring anything. Control C control V. Okay. One thing to remember. Okay. Hours. Our routers right out of the box. Okay. They have to be configured. Remember, with switches. Soon as you power them on, you could just plug in and run with him. Not that you'd want to, because they're very unsecure. But that's one thing to keep in mind, too. As we start moving through these and start connecting these different things. Another thing I want to do is grab some servers. Okay? So just grab a couple of server's gonna drop one right here. We're gonna drop. Looks like I have three over here, so that's fine. Just kun does raise. Okay, And we're gonna use these each for something different. Okay, We're gonna have one for Dina as one for teach your GP. Maybe one act is a Web server, etcetera, etcetera. So that's how I'm setting them up right now. This guy's gonna just need be named. Ah, well, name him. Ta ah, NTP for our clock server. He's gonna be named. Ah, DNs. And he'll also be a web server as well. Ah, now, probably just dina Server will use him for www dot cisco dot com for an example. And this over here we will use for our key FTP server. And what else we missing? Let me just kind of organizes a little bit, so it looks neat. I'm gonna name him our D h c P server. Beautiful. Better being better. Boom. Now we need to actually add a few computers in your right, so I'm just gonna grab a desktop. It doesn't matter if you use a desktop or laptop, and I could, in fact so just use all desktops for now because I'm gonna add a laptop here later on, As if you've browsed through the workbook, you could see So we have all of our devices, you know, implemented. Let's start connecting them. So pretty much for the switch we're not gonna be talking about, you know, implementing the lands or anything that remember, this is an administration's course. So basically, we're gonna be talking about the administration configurations and how to get some of these other administration protocols working. And pretty much everything you see here would be administration as far as villains and things like that and trunk ing as a so far as that's concerned, that's a bit outside of the scope for this specific course. I do have other courses that go into those more in detail. But again, I wanted this course to be highly focused on just the administration. So from peace easier over here. I'm just going to use faster from zero and plug that into F a zero to okay, and then the server, we could go ahead and plug him into F A 03 once again. It does not matter now when we get over here. Okay? We're gonna go ahead and plug this Dina server into port to we're gonna go in plug the cisco dot com server in to port three and we will plug in our t FTP server in to port for beautiful beautiful. And then PC one over here on the right at Branch See? Can just go into poor to and yet, again, our dhe peace ever. We could plug him right into poor three. Now I'm gonna rename the switches, so I'm just gonna click the name here, and I'm gonna say switch. Ah, Switch underscored B A for branch office A We could name him. Like I said, it really doesn't matter what you name. I'm just kind of doing it just to help keep track of it. So BB for Branch be And we could do this guy. There you go. And I'm gonna name him. Switch on a score, B c. Just something to help. Keep track of him. Now let's go and connect our switches to our routers. I'm just gonna use another straight through cable from Port One on all these switches to f A 00 on all of the routers. OK, so as you could see, 1200 And finally we have one more here. 012 f A 00 Now, what else do we need to dio? Well, we need to connect these routers because eventually we're gonna need to start communicating to multiple servers and each one of these different subsets. So to do that, we're gonna use, um, serial cables. I'm gonna connect to the sky over here on the right from cereal. 031 2031 Right here and again using that same year. Okay, I'm gonna go from 0302030 at Branch A. So it just kind of helps us keep track of these are all the same, right? The different interfaces just makes your lives a little bit easier learning this information. Now, let's go ahead and actually make some notes. I'm just gonna click this little no paper here, and I'm gonna write down some noticed so we visually could keep track of so 10 10.0 dot zero. That's zero slash 30. Okay. And if you don't know anything about stop betting you should take my sub netting course. Okay, That course will do. You wonders have a lot of good feedback on it. 0.0 dot four slash 30 for this fella. And then this network down here is going to be 19 to 16 Eat that 1.0 with a 24 mask. Our middle network here is gonna be 19 to 168 dot to 168.0.0 with 24 mask and keeping it in order. He will be when I too once exceed that. Ah, three. That zero slash 24. Beautiful. Now, we could even take this a step further. And, you know, I'm going to just to help keep track of the documentation. It makes light. It will make your life a lot easier visually seeing different interfaces right now. I know it takes a little bit of time, but it just helps, so he's gonna be the 0.1 interface. Okay, You can see I'm just just a small little reference that I have that way. It's just a little bit easier. He'll be dot to I'm gonna just type in a dot What you gonna give? About five and a 50.6. Okay. And then I could just move them after I type them, so they're a little bit neater. An organization is key to studying guys, too. So you're not constantly needing to go back and forth between routers, all three of these connections going in. We're gonna use the default gateway address of 30.1. So he'll be 0.1. In fact, soon as I type that one, I could just highlight it and control C control V Ah, there he went and put him right here. Control V, where you go over here again? Just put him there. So cool. We're pretty much done. The next thing we need to do is actually hard. Come figure like statically configure i p addresses for each one of these servers. Because even though we're gonna be implementing a d h e p server eventually through this course, it's always good to statically configure your servers. You don't want those ADDers is changing. And, you know, depending if you're setting different time, the leases and stuff on your servers. Well, that's not gonna be good. servers should always be statically configured. And I don't know why that keeps popping up. Let's go ahead and changes to a M check. Don't bother me. Okay. Ah. Tomorrow there we go. That's annoying. All right, so let's go ahead and go to Where are we Sit around the NTP server. Let's go on a desktop and we're just gonna click I p configuration. All right, so let's go ahead and do that. I'm gonna go ahead and make his I p address for 9 to 168 That one dot I don't know, we could just use to because one's gonna be saved for our default gateway and for my default gateway. Although it's not configured yet on the router, we know it's going to be one that one. So that's fine. Now for our DNS server. Let's just move this over. What am I gonna use for DNs? DNS is gonna be him. So we could just say he's gonna be 19 to 1682 dot to I know, once again, it is not yet configured. Okay, But it will be, so we could just take care of that now so we don't run into any issues. Okay, So with that said, let's go ahead. And you know what? Let's do this. Let's make him 0.3. And I'll explain why we want to this later. And also, our 192 for our DNS server is gonna be 2.3. Okay, so that's good. All you gotta do is quick the X and that's good, That'll save it. And I'm gonna go to DNS server now, OK? And I'm gonna click our what? We move up here one of three. Yeah, okay. I was just looking at our workbook. I don't even realize I already set the addresses here. So kind of going. I'm just kind of going on the fly with this everyone. So let's go to a desktop here, and we're going to figure him he's gonna be 19 to 1682.3 as we mentioned. And same classy mask. 19 to 168 that to that one. And typically you don't need to set a dina server within the server that's operating as a DNS server. Right? But just for due diligence, we can and sometimes packet tracer. It is a lad environment gets finicky, so just make sure it works. Close him out. Let's go to our Cisco Web server and we're gonna click desktop, right? And he's gonna be cute at four. So 19 to 1. Succeed at 2 to 4 and again. Classy mask. 19 to 168 That 2.192 dot 168 dot to 168.0.3. And we should be good here. Go and close him out. And t ftp server. Okay, desktop boom. He's gonna be 19 to 1 if I hit my desk. All right. When I 2.168 that to that five classy master. 9 to 1 60 dat to dat one when I do one. Succeed at two dot the Rio, I believe. And yes, So he is good. And finally, just this guy over here. We're gonna go desktop hem. He's gonna be 19 to 168 That three that to um In fact, we're gonna make him three. That 13 to 2. Yeah, let's make it 33 again. I have a specific reason for doing this as we learn later when I to I know that workbook, by the way, is different on that. Don't worry about it. Ah, but here we're just gonna do 19 to 1 68 That 2.3 Because that is gonna be our DNS Web server. Okay, so all of our servers, at least r i p address. We're not gonna worry about the computers. We will put addresses on these moving forward, but for now, we don't need to worry about it. I'm gonna grab my little pen here. I'm gonna say he's one I to 1 60.1 dot three. Right? I'm gonna go to DNS. He's gonna be 19 to 168 dot 2.3. We're gonna do in 19 to 168 dot to 168.0.4. Amaro's going to do a 192.168 that to 0.5. And over here, we're gonna do a 192.1. Succeed that 3.3. I believe I said yes. So that works beautifully. Beautifully. So I'm just gonna like I said, it's nice to keep them organized this way. Was were moving through. We have to keep, you know, distracting ourselves clicking random things just to find out what I P addresses are. So that works for May. So right now what you should do immediately is just click the save icon or Control s will do the same thing. It'll save it that way we can move forward with this now. If you wanted to go a step further, I would also suggest maybe save as that way as we start making configurations. If you mess up, you could go back to a version of the lab that you already saved that you know, wasn't already messed up. And you have to start over from scratch, since you might not know how to remove everything that we implement it. So here you could always just say save as And this is the original name we could just do underscore to save. And now we always have this here backed up in case we need to go back and go ahead and reconfigure it. Alright, guys. So we created our topology. And if we look at our workbook here, right, we created our topology. If I scroll down, we already talked about how to, you know, see what's going on with the writer boot sequence. Beautiful. We also talked about how to, you know, familiarize yourselves with Cisco IOS and again. You should be practicing this. So you're, you know, at least aware of it. Now we're gonna dive in and the next lecture on step five. Well, we already took care of five. So we're gonna dive into step six right here in the next election, We're gonna start configuring our routers in our switches, so I will see you guys there. 8. Router | Base Configurations: All right, students. Welcome back as we continue our journey with Cisco IOS administration and understanding everything about it. So in the last lecture, we actually started setting up the lab. But we need to go a few steps further now. Okay, So we're gonna start implementing our base administrative configurations on our routers and switches over the next few lectures, and then we'll slowly start incorporating the different administrative protocols and, you know, different features and, you know, tools or whatever you want to call him that we could actually utilize on our networks. So opening up the system packet, trace their lab. We have, as you can see here, nothing's changed. Its exactly where we left off. Hopefully you've been saving it. We're going to start off with Branch A. Okay, And this is gonna be our first round that we're gonna make some configurations on. It's already up and running. Okay. You can see it's on here for you to see a lie. I could see it sitting here and that Systems configuration dialog box. And remember what we like to say here. No. If I had entered here, this takes us into what user mode. So I'd say Enable or e n for short to think it's too privileged mode, a k a what? Enable move. And here we could start making some very, very basic configurations. The 1st 1 that we could do is actually start configuring our clock. And this is how we hard code our clock onto our routers. And the command is simple, as you say is clock set and again, you know, you just keep tapping it out or hit the question mark. If you're not familiar with Syntex, the reason why this question mark comes in so much, you know, use as a as an administrator is because a lot of times these values change for every command. Sometimes these could be a bit different. So it's always a good habit to get in the, you know, use their habit of using that question mark. Just so you get the Syntex right, and especially for when we're talking about you know, time outs or delays or things like that, you don't want to be setting it for 300 thinking, or maybe 30 thinking, OK, that's just three minutes, but that could be three hours again. You always need to know what Syntex you're working with. And Cisco doesn't expect you to memorize. Each one of these in Texas is just want you to know that these commands are available and that you do have this to utilize it. All right, so here we could see we're implementing hours, minutes and seconds. So, whatever. I mean, we could set whatever we want. We could say 10 hours or 10 10 minutes with 10 seconds, and then it's gonna want a date. So obviously the day first, Okay. The day of the month. Okay, so we could always say January, and then we could always say January 1st. And then it's gonna also want the year. Well, let's just say 2020. It doesn't really matter. Since this is a lab environment hit. Enter. The next thing we could do is we can control the history size of our commands for the terminal globally, both for our line, Consul. Okay. And our line between white, which is every mote sessions now. You can do that per area, which will take a look at in here in a minute. But sometimes you might just want to do it globally, so you only have to issue the command ones. That command is terminal, okay? And it's gonna be history, size, and the size that we want is going to be 20. Typically, you don't want anything over 20. In fact, I tend to just keep it around 10 because you have to remember, our routers need to operate at peak performance. The more things that we are saving on here, the larger are flash fire was getting, which is using up resources that we could be utilizing for other features on these routers . So you you don't really want it storing all these different configurations, you know, that's where you would hit the up arrow, and you have all these. So right now it's saying up to 20. But what if we don't want it? That many. You mean 10 is pretty much good? I mean, by the time scroll up, maybe even five or eight different commands you've issued by that point, it's already gonna be quicker for you just to type it back out. So from here were good. This is everything we'd want to do as far as our configurations at a privileged level. Now we still have a lot more, but we need to go in a global configuration to do that. But just to say what we already did, we could say copy. Running config. Startup config. Okay, hit, enter. And then we could also say the shorthand which is copy RSS is what I'm gonna be using during this course from here. We just need to go in the global configuration mode. All right? Now, the first thing we want to do is change the host name. Because for some features to be utilized on a router, the host name cannot be left default. So it's just a good habit to get in there and change the host name right from the get go. So I'm just gonna name and remember I like using all capital, So I'm just gonna name at Branch Underscore and through my, um, workbook here for you guys. It just says branch A actually underscore r one so we could keep that consistent. Beautiful. So that saves. Now we need to go into our consul line. And the command for that is line con zero and right. There's caps, but doesn't matter as long as you get lying con zero you'll see you taking into the council sub mode for that line, and we want to give it a password. This just adds a bit of a security measure to it. And this is for our management, our council connection. When we take that blue roll over cable, the consultation, plug it right into a physical device and we're sitting there locally at the device. That's what the line council is used to manage for. So we're also gonna give it a password. So we're just gonna use the password of Cisco to make it simple And right here if I exit this, in fact, let's do show. Ah, show, show, run. There we go. If I scroll down here, Okay, you will see. Indeed, we did implement a password here for lying Council zero. You also see that global terminal history carried on over even though we implemented that as a privileged mode, it's doing it. It's taking over globally for this entire router. So we don't have to implement this command for each line that were, you know, essentially managing. But here's what I want to pay attention to. We gave it a password. So what if I hit Control Z okay, and I click it and I just type in exit here. And if I hit Enter. Look at this. It's not prompted me with any password, so let's go back in the global configuration mode Line con zero. What we need to do is tell it to log in. Very important. Remember, you will expect to see a question like that on your exam. Now, if I exit this and I just go back to privilege mode, exit this one more time. If I hit Enter what is your password? And I just type in Cisco now. I did type Francisco, but notice you don't see anything. Be aware of that. Even though I typed in the password here, it's not showing you that I typed it in. That's how Cisco's operating system works. So let's go ahead and go back into global configuration. Also enable config tea and then line con zero for lying. Consul Zero. What else do we want? Implement? Well, ah, command. That's good. As far as an administration standpoint, it's more of ah like a command that helps you out when you're typing because we have a lot of these. What we call system log messages that always pop up on the screen more or less when we're turning on or off, different interfaces and routing protocols jump in and come into consideration. We'll get all these messages come across the screen, and without this command, logging synchronous our cursor will stay where we are. And the message was just, you know, poppin in here. And then it'll interrupt our command that we're typing in. So implementing logging synchronous will always keep us in order. That message might pop up, but it will shift our command down and leave our cursor here so we could continue typing without having ah, whole mess of different commands within the actual message that comes through. And then we have to delete everything or erase everything like backspace and re type it all out. Just It's kind of like a bit of a helper command, if you will. Now we could also do something called exact time out. Okay, Now, this is kind of like the timer on your windows computer. If you walk away from your computer after maybe three minutes to five minutes on average, it'll just lock itself. So if somebody else comes to your computer, they can just jump onto start performing work. Same thing with that's what exact time out does. Now, This is specifically for our line concert. We would still need to go in for rvp y lines that are remote, right? The course of market. You could see the syntax. OK, time out in minutes. Typically, you don't want to go anywhere over maybe 3 to 5 minutes. Okay, three minutes, five minutes. And then you would hit the course mark again. No one wants it in seconds. So maybe five minutes total. So that would be the syntax for that. For this. Since we are in a lab environment, I'm just gonna say, zero minutes and zero seconds. Now, we could also say no executive time out, which is negating the entire command regardless, and it's going to do the same thing. The problem with that shorthand, especially at you guys going into your season exam that are still learning the operating system. You should stick with this, Syntex, because as you type it out, tell yourself what you're utilizing it for, so it helps you retain the configuration for doing. And then as you're walking through is going to say OK, zero means. All right. So if I was a type this out exact time out, zero minutes, zero seconds. Like tell yourself that I think about that as you're typing these configurations out, and it will only help you out tremendously as you move forward in this course. So again, that is good for that. Now, one other thing we can do. Okay, In fact, let's just leave it at that. Everything you see here is pretty much all the base configurations that you would be required to know for your your CC and a So here I could just exit and what I want to do. I want to say this as you move forward, you know, configurations. You always want to be saving it. Now, since we are in configuration mode, global confusion mode, I could just say do copy are as for running configured startup config and it will say it for us. Remember that Do command just kind of keeps us from needing to go all the way back to privilege mode to make a configuration or verification command receiving it. Really? So now what we need to do what we need to set up our VT y lines. Okay? And to do that, we just simply say line bt y. And with an Cisco, we could do 0 to 15. All right, well, for this, let's just stick with zero through four. That same thing, kind of simple. So I get hit. Enter now we need to give it a password, so password is going to be remote. Let's just make it easy and let's go ahead. And now exit this. Let's do show run. Remember when we were talking about our line console, which is our physical connection to the device? We had to implement this log in command for it to promise with the password Well, with Telnet or ssh, well, more specifically with telnet for our remote line here. It knows it's going to want to require a password for somebody remotely trying to administer this. So this command is on by default. In fact, if I scroll all the way up, did I do a show command up here probably exited out. That's OK, but this exist. I did not implement that command. So right here, if I go up here, you can see all they said was password remote. Okay. Never told it the log in. So that's pretty cool. It exists. But here's where we want to change that a little bit. Okay? I want to say it Log in a local, which is now going to create a local database within the router itself For user um, admin names. Okay. User names and passwords. Credentials as well. Take a look moving form here. We also want to say What did it do? Ah ah, I got out of it. So we have to go back into line. DT y 034 And now we could say log in local. Now, another thing we want to do is that logging synchronous command again. And also that executive time out. So it doesn't sit there and just stay logged in remotely. That's specifically was remote sessions. You know, I even tend to go down about three minutes because you know, you couldn't really walk away from Peter for a second. Even though you're supposed to buy company policy, lock your computer every time you step away from it. People forget, You know I've done it, you know, three minutes. I mean, that's still a little bit long, but if you are sitting there, maybe you had to pull up a Google document or something. Some kind of resource or any of your own personal documentation. Three minutes is about good. And then, you know, if it does time out on you just logged back in and go about your merry way. By the way, if it does log out, it's not gonna lose your configuration. It only will lose your configuration before you save it to start up in fig if the power is lost to the device. So if I hit this right and I exit this, I did not do a do copy rs yet. Okay? And I just exit this Cisco and now I could do a sure. I need to say enable and I do a show running config If I scroll down here, those configurations you just saw are still there. They didn't go anywhere, right? Right, Because why I log in local etcetera, etcetera. But if the power got lost, anything that was not saved, as with the copy running fig startup config command, it will get lost. So that's why it's a good habit to say copy. Running big started big as you move forward. Let's go back in a global configuration. Let's go back in the line, Nikki Y zero through four. Now by default. Okay? You don't see anything listed here as faras what's allowed to be communicating as a remote session. So if I say transport, okay, input and I have a question mark, we could specify all. And if I said all that's pretty much what its default to so you won't see anything here. So it's a bit of a waste of time if I see none pretty much another waste of time, even configure anything on the line, Because why? Because it's not gonna allow any remote session. Then I get specifically tell it okay, only allow ssh more specifically allow on Lee. Tell Net. So that's something to be aware because in most situations we don't use Telnet anymore. In fact, if you go back to my website on learn tech training at the you tube page, you will indeed see how the comparison between town and ssh is a very good video watch. If you don't understand why we don't use town that watch the ssh comparing with telling a video I have on YouTube and I go through step by step and actually capture real network traffic so you could see why, for the purpose of this lab that we're going to just say all and the reason why even though I said it's a bit of a waste of time since this by default, is I want you getting familiar with this command. It's a very important command. You could expect to see this a lot, especially in the real industry. So this point both of our lines, air configured, they're done. So we could say, Do copy R s to say that again. It's good happy to do as you move form And now we want to set up a banner. Okay, Now there are three different banners. Cisco's latest factories, they're actually allows two of them Now. You used to only allow the one, but there are three different banners we could choose from for your CC and a okay. And the last exam I administered to students was back in February of 2017. This was the only one they asked you about. So it's the only one I'm gonna continue going over until I hear the exam. Revision Now includes it. This is basically just prompting you with a banner. Now, if you want to learn more about where these banners actually populate and show up Google it , Okay? You don't need to know exactly that. Just know we can put a banner. So to do that, we just a banner motd. And now we're just gonna give it a symbol. Any kind of symbol. I like using an percent because I don't use that in my banner itself. And now if I hit, enter anything now that I type in until I issue that symbol again will be included in the banner so you could get creative. Okay? I mean, you don't want to say stupid things out, you know? Obviously so authorized. Ah, users Onley. Maybe it would be a good one. And then I could do some more Asterix, right? And that may be in an percent and hit Enter. Now if I do show run, you could see if I scroll down, you will see that banner and we'll take a look at what it looks like when we log in. So let's go ahead and exit this and let's exit again. And there's my banner authorized users only Ciscos the password and I'm in Go back to global configuration mode. So one other thing to be aware of is we have to neighbor discovery protocols. I'm gonna bullet point them here so you could see them. Okay, we have Cisco Discovery Protocol, which is Cisco Proprietary propriety. Terry, I think it's about the right. And the next one we have is l l D P. Okay, this is multi vendor. Typically, you only want to stick to the one. If we are only using Cisco hardware, it just keeps things simple. And it helps prevent other people from plugging into the router. If you know, especially if you were lazy with port security and things of that nature hardening your device. And if you have this implemented and someone was able to plug into the router, well, now they could start seeing other neighbors forming with you, so just keep that in mind now. CDP Okay, Cisco Discovery protocol is on by default. If I do a do show cdp neighbor, in fact, I got to spell it out because, um, remember, you can't use Tab or help syntax when you implement do okay here, you can see it's not finding anything, and that's because this port isn't up, even though or neither of these ports on the router are up. Remember, all ports on around by default are turned off until we tell them to turn on. So right now it's not discovering anything. But if we are in the next section, you'll see when we turn this interface on, okay, we'll be able to see our switch is a neighbor device because CDP is on by default. But just so you are familiar, the syntax you simply say CDP run from global configuration mode. And then if you wanted to turn l L D. P on LDP, run that simple guys, it's that simple. So another thing that's good as far as, like, an ease, an easy configuration for you guys, is if we're not implementing any Deena's systems or domain systems within the router. At this point, we could always say, Well, here, let me put this directive from I go back here, and I say, and you know how this sits here in translation translates, we have to do a control shift six to a book. My application. Here, let me go and close that guy. I won't be needing him now if I go ahead and do a control shift, six exits it aboard. Well, if we go in a global configuration, moan and say no, I p domain dash the main dust. Look up. Okay, that will prevent that from happening now. Later, we were probably gonna need to turn this back on on riel IOS hardware. By the way, this is usually off by default. Most IOS is now. Sometimes it's on. Like I said, there's no true consistency between different versions of Iowa's. So you need to be aware of that. So once that is, you know, disabled, we could exit this. Now if I say end here is just gonna say it's an unknown command or unable to resolve that name to an address. Pretty cool. It just helps you guys out in the beginning studying this information to get that moving forward for you. Nice and easily. So what's the next thing we want to let's go back in a global configuration. But now it's gonna be a good idea. Okay. To also, um, set up our SS age, but we're running late in this video, so we're going to separate this. This basic router configuration are based configurations into a few different lectures here . And the next actually will take a look at how we actually get as his age up and running and how we could set what we call enable passwords how we could set our, um, user credentials. Okay, that's very important that we need to understand as well. And we're also gonna learn how we kind of encrypt their passwords locally to the machine a little bit. So what I want you guys to do right now is always remember copy R s. And since we did say this as a new lab were not overriding the original, just go ahead and click the save button. Alright, guys, I will see you in the next one 9. Router | Base Configurations - Usernames & SSH: All right, students, welcome back as we continue our journey with understanding Cisco IOS administration configurations. So here we're sitting at the same lab that we left off of in the last lecture. Remember? I said I kind of want to go through the step by step and really explain all the configurations were making that way. When you start configuring him and you talk out loud to yourselves, why you're implementing them, it really just makes that much more sense. So obviously the first, you know, a couple electric shaver going detail by detail with each configuration. But when we go into the next lecture or two, when we go to configure everything, it'll go a lot quicker. But for now, just bear with me because you need to understand these. So going back into rather one. As you can see, it's exactly where we left off in the last lab. All right, so if you need to go ahead and open up the lab, get yourselves back in the Branch A's router and we will continue, so you should be right around here where it's asking you for a password. So we just go ahead and Cisco on a log in or an enable. Okay. And we need to do a show running config here or again. You could always say she'll run. I'm gonna hit the enter key. So it scrolls down. We could see we have l o D P running. We know CDP is running by default, so it doesn't show you if we said no cdp run. Okay, then it will tell you right there by L ODP that there is no cdp running. But anyway, I could scored out to see everything else based configurations, right that we've already implemented. We see we have our consul and line configurations set up. We have a banner here, but one thing I want to bring to your attention. Now, as we could see in plain text, our passwords we could see here says password is Cisco. We got to see your password for a remote. Okay? It's just in plain text, and more or less. That's kind of a vulnerability for the purpose of if somebody's hovering over your shoulder and maybe you're teaching a new administrator something, and they see that information. But they're not supposed to have access to it yet. Or maybe it's ah, you know, um, or higher privilege oven access level. There's a way we could change that. So it's not plain text, and it's called a Level seven encryption. It's nothing strong. It's very, very easy to crack, actually, as I'll show you here in a second. But the first thing I want to do is go in a global configuration, which is coughed E Okay. And you notice if I said cough, it's gonna wonder what configuration you are trying to do. Terminal memory or network. But for the ccn A course you need to know about his comity. So Conte takes us in the global cooperation mode, and here we're gonna enable a pat or a command. Okay, implement a command called service password and feet tacky. It spells it all out for your service password encryption by hit, Enter, Do show, run to show that again and I fight scroll all the way down to where our passwords were. Look at this. They are no longer in plain text. They are in what we call a level seven encryption. And that's what that seven now shows up as. But this is extremely weak. If I actually copied this, okay? And I opened up my Web browser and I just Google Cisco password, crack or whatever. Okay, Cracker, this I f m. That's the 1st 1 is actually pretty good. I just quick that this is the type seven. So I was like, I do is control v crack passport and there's my password. It's very easy to crack that. So that's very important to keep in mind as we move forward, because we're gonna implement what we call an MP five hash, which is still a lot more powerful. But unless you use a strong password, you know, um, practices with different icons or syllables or symbols and letters and numbers and caps and things like that, then it's very easy that even crack a 95 password. But the more security making, the better practices you follow with passwords, the harder it is, and it won't. It won't crack it this easily, so I'm just gonna shrink that. But that's how you would change from clear tax to a number of some sort, and more or less. Like I said, it's a D tearing, because if somebody's hovering over your shoulder, they won't visually be able to see exactly what that password is. So pretty much from our line standpoint are lying council standpoint in our line, VT y, which is our remote connections. Everything is configured as far as based configurations, but we need to go a couple steps further. One thing we need to do is give this device a user name and password because as it sits, we told our remote session toe log in locally to the routers database to pull authentication right are ah, user are authorizations and accounting, etcetera. So we need to store user privileges within the route herself. And to do that is very simple. We just simply say, user name and we're gonna say I know it's just use admin. We could Sipe in privilege here. So here's where we're talking about privilege levels. Body fall. It's going to be one. Okay, 12 and 15 are just standard privileged levels. If we actually changed it to privilege level, maybe four, we could customise it a little bit. Now that is a little bit outside of the scope of your ccn A. You're not gonna be required to know that. But do you know that privileged one is by default. So if I said one here, it'll it'll basically just do the same. If I said privilege level 15 however, it's King Kong of privileges that allow you full access to the vice. In fact, it won't even require you to enter. So you log in with your counsel password of your telling that password or ssh, password. Right. But it takes you right in to privilege mode. It's not gonna require you to go in and say enable, which is required for remote session, and it will take a look at here. So for now, we're just gonna say one okay, And I'm going to say, I don't know, we could just a Cisco keep things simple. Now if I hit enter. Okay. Oops, I'm sorry. We have to say password. Cisco fight. Enter now. If I do show run. Look at this. We're going to go down. This is not encrypted. It's using the Level seven password encryption because of that service password encryption , um, configuration. We implemented notice that it doesn't tell us a privilege, though, so let's go ahead and change something else on here as well. Let's go ahead and say user name privilege. Or, let's say a user name. I'm gonna use my name. Keith. Privilege 15. And then password again will be Cisco. Now, if I do show Ah, run. You could see we have two different names user accounts within this router. But we change the privilege over 212 full blown privilege level. But it's still taking that level seven encryption basically again as a tear in because of this encryption server service, password encryption command we implemented, as I keep saying that is not secure. So what is a way we can make it even more secure? Well, if I go ahead and just hit the up arrow, okay, Control A and type and no up arrow again till it says user name admin control A and type and no again. So now if I do show Ron, we shouldn't see those there. Okay, so we no longer have our user names, So let's go and say user name admin. I'm just gonna leave it privilege level one. And now we want to say see grit. Okay. Just secret Cisco. Now, if I do, she'll run. Look at this. Look how much more secure this hash is This is what we call an MD five hash Now, since this is Cisco its basic, If I went into Google and tried to crack that, it will crack it. That's a poor suit. That's a poor password he used. But if I implemented some numbers, you know, some symbols it'll be very, very difficult for someone to crack that. And they would have to use brute force to be able to do so. Now, for any password you implement on a Cisco device, you can utilize that Secret Command. For example. We need to tell an enable password. Okay, for when we go into user mode, we need dual authentication for remote sessions for town that we're ssh. But again, instead of saying enable password where it's just gonna be that and your Level seven password encryption, which is basically again a d tear in, we could say enable secret, which is a lot more secure. So if I say an evil secret Cisco yet again and I do show run now, if we go down here, we will see that we have an enable secret. Where is it list of ah, pump pump, Mom, it's in here somewhere matter that the rare enable secret. So you see, it's still using a very powerful key. So it's gonna be a lot more secure than just saying enable password again any time, Any time there's a command where you could say, Let's just say a type of an enable and I'm gonna use a quotation here so it doesn't actually perform it. I say Enable password Cisco. OK, any time we could use this commander says, Enable password. I could substitute for saying enable secret and it's going to use that MP five hash because I use secret. So you typically want to do that. You typically want to use the secret command for any time you're implementing passwords. Now I put this exclamation point here simply so it didn't register. This is like making a note. Okay, it's excluding it from configuration, but it's just a note. So what else do we need to do? Well, we're all set up at this point for remote sessions. We have our log in local for the database forever. User name. Everything is good as far as based configurations on here, but now we need to tell it we need to You know where we want to incorporate SS each on here as well. So the command to do this, okay, is I p domain name. And I'm just gonna say, cisco dot com This doesn't have to be a riel domain. Typically in an organization like, if it's Dell, we would say I p domain name that we're del dot com or intel dot com or cisco dot com Whatever. But it doesn't have to be really this domain. Think of it as a group. Okay, so this group of different things that we want to include for this ssh belongs to the Cisco that com domain. Now, we could get more specific if we had a dina server connected to this. Right? Any time we are implementing some kind of domain within the router or switch, we could always use it through a DNS server. But for the simplicity of this course, we could just a cisco dot com hit Enter next. We need to tell it what we're encrypting. So we're gonna say crypto key, generate, generate, and then say rs say that's the encryption method you're using. If you hit, Enter is now gonna want to know how many bits or bytes really of security do we want and took we by default, we're gonna stick with 1000 and 24. Okay, 2000 24. 28 Whatever. That's more secure. But that's good. You can see it's generating on real equipment. By the way, this may take a little bit longer, because it's really software again. This is virtualized environment. So it works pretty quickly. Another thing we want to implement its i p o S h version two because there's two versions of ssh! We always want to use the latest and greatest ssh version two is more secure. There's a few more features that you know allows it to happen if you want to compare and contrast Pssh, Version 1 to 2 Google. Okay, but 90% of time just know you want to implement. I ps is a diversion to We could also do a few more things. You can also set a time or specifically for ssh um, you know, authentication. So I ps ah ah h time out. Okay, We could set maybe 120 seconds again. The Syntex is always going to change. You see, that's just seconds. It's not like our exact time out where it was minutes and seconds. So under 20 seconds, that's good enough for May. Now what? Well, how many people or how many times should we allow a user to try to log in before it says you can't? Okay, well, we could set the authentication re tries so us. Pssh! And it's, I think it's, Ah, authentication re tries and three is typically the norm. And then it just says it completely terminates there. Ssh connection. They would actually have to go back in and try to reconnect with ssh again. So it's a bit more secure. So that is how we configure, okay, our user names locally to our routers. We also went and showed you how we encrypt our usually and passwords using that what that service password encryption. So if I get this show run, so let's look at this. Using this change is plain text passwords into a Level seven encryption. If we use the Secret Command, it changes it from a Level seven encryption into what we call an MD five hash, which is a lot more secure than a Level seven encryption. We also took a look at implementing a user name. So this is this would be essentially our local database for our users and authentications. Later, when we set up, you know, get these links working and we try to remote into the device. I'll actually show you the difference between a level one and level 15 privilege level. So you could see that firsthand. Since right now we don't have any interfaces turned on on the router. We can't really put that into perspective. I want to say that for the next lecture. Let's go down. We could see. Okay, we have ssh implemented. We're using version two. We have no I. P. Domain. Look up. Which for now it's fine because we're not implementing any other services on this router. But later, we're going to be so well, actually turn that back on. And typically, that's gonna be when we start setting up our DNS server domain name is not relevant. It's just, you know, naming the group of what ssh is gonna be associated to. So we could go ahead and continue hitting. Enter, Go three years. None of our interface seven configured yet we see our banner. Okay? And looking at our line council in our line. VT wise, right? Why beauty wise? A remote. This is our actual physical council connection. We see we used a log in tow, logging locally to that device. So when you say log in here, since it's local, it's going to use whatever the password was set here. When we say log in a local, it's logging locally to the routers database. That's why we had to implement a user name and password, not just a password within line. Bt Y. Very important, remember? So with this command right here, logging local, it's bypassing this password. And it's going to use this user name admin password up here. All right, just so you guys are aware. So let's go ahead and go through this, and that's pretty much everything. Now, again, in the next lecture, we're gonna show you we're gonna turn this interface on addresses, computer and communicate to this interface with telnet and s age. We're going to show you that to tell that into this router, we must have an enable password. You could tell that into a device without a enable pastor, but it's only gonna allow you into user mode soon as you try going any further from user mode. If you if you're logging, local count was only set to privilege. It's going to say you do not have enabled password set. Then if we also set our privilege, our privilege level for this user name admin 15 Right to privilege level 15. Soon as we log in with the initial password, which is this password here, it's not gonna require us to use that. Enable password is just going to send us right in to our privilege mode. It's not gonna require that double authentication because you have full authorization at level 15. That's that privilege 15 mode. So do yourself a favor. Do hadn't go and say copy. RSC this again. I'm gonna go and save this file and I will see you guys in the next one 10. Router | Base Configurations - Interfaces: All right, everybody, welcome back as we continue our journey with Cisco IOS administrative configurations. And as you can see here, I'm opening up the lab that we've been still working on again. Hopefully you're following me step by step. I know this, You know, First section seems to be dragging on with this first router, but I'm doing it deliberately, going through each configuration, explaining them. So you have a full understanding of what we're implementing on these routers. So there's no questions left unanswered. So the only thing really left to do for this one router specifically is configuring the interfaces on it. So let's go ahead and take care of the interfaces. Now, this will be a shorter lecture. And then in the next couple lectures were gonna fly through configuring Branch B and branch . See, And then we'll dive into configuring the switches. That way we can move. I had a little bit quicker than what we did in the last couple of lectures, because now you're bit more familiar with them. But again, as we're making these configurations, think about what we're configuring. Okay? I don't want you just configuring them with me. Think about why we're configuring the configurations, think about what impact they have on our networks and talk to yourself out loud. So if I'm you know, back here were saying Enter and it's asking for a password. Why is it asking me for a password? Because be enabled Line Council zero password. And we told it to log in and the past. Francisco, what do I need? Motive. My end in a borough in user mode. So what do I need to do to get to privilege mode? Say enable what motive? My And now or why am I being prompted? A password, Rather is because we enable that enable secret password. Right? So Cisco again. Now what motive? My and privilege mode. So what I need to do to go even further to make more configurations. So you configure terminal. And what motive? My and now global configuration. So you see how I'm like thinking about it? I'm answering questions of to what we already implemented that way. I know it will really help you retain this information for your exams. You need to know a lot of these based configurations for your ccn exam. Okay? And that's why I deliberately created this lecture kind of to go over some stuff that maybe some of you already familiar with. But repetition, repetition, repetition. That's how you retain this information. So we have to interfaces on this route. Or we could see we have Interface 030 for cereal, and we also have 00 for fast Ethernet. So let's go ahead and start by configuring the fast Ethernet 00 interface. So the first thing we need to do is simply say interface. Now I could say int, or if I hit the tab, it'll say interface. I could always say f a hit tab and is going to say fast, even, and then 00 But that's a long way when the exit that What if I just want to say interface F 00 That's the shorthand version. A lot quicker. Remember when you're configuring things, Time is money, especially when it comes to your supervisors and bosses and managers, Right? Your your Level two's Level three engineers. They wanted to be performing at a quicker rate, so we type, you know, we tend to use shorthand version of these commands for your exam. It depends, okay, you have to talk to who's Prock during the exam, depending on what kind of examine is sometimes just go allows you to use shorthand for some of the commands. Sometimes it doesn't. You need to know the full command. That's why it's also good to talk through yourself, talk through the configurations as you're making them. So right now we're in interface F 00 sum interface because it does say config If, Okay, that's how we recognize we are still inside that configuration for that interface. I need to address this interface. Okay, So I'm just going to simply say I p address now. I could hit the tab fully, you know, spell it out. But I p ad works. And since this is gonna be our default gateway for this sub net over here, Okay, 1 91 6810 And we said it's gonna be we're gonna use 68100.1 for all of our default gateways for all three of these, some that's we know for Branch A, it's gonna be 19 to 168 that one, that one, and that we also got to tell it what it's quiet. Some that mask. So it's classy. You. 55252.50 Hit. Enter. Are we done yet? No, we're not. What is the one rule with routers? That is different from switches. I mentioned it briefly in the last lecture. So if you are truly following along and paying attention, you would have hopefully picked up on it. Routers right out of the box are turned off. You can not just plug into a router brand new right out of the box and have it work. It needs configurations. Switches. On the other hand, you could take it right out of the box, plug it into the wall, powered up and plug into it in. It'll work. All right, now, routers okay. Since it doesn't just work, all interfaces on a router by default are also turned off on switches. They are all turned on. Obviously, if you could just plug into a switch right out of the box, and it works that, you know, the interfaces are up and running. That's also why we see these two dream link status lights over here. This link status light is red on Lee because it doesn't detect any signal from this router . So going back into here to turn this Arnold we got to do is say no shut down or simply we could say no. Shut what this is doing and I'm gonna make a note here is negating the command. It's telling it, Turn on. Do not be in a shutdown state. That's all that saying so I could exit this. You could now see that's turned green. This is Amber simply because of spanning tree again. That's a completely new topic for a whole new lecture but insisted back tracer, You see these Amber Link lights initially for a couple seconds, maybe 30 seconds or so due to spanning tree protocol running. That's your STP instance. And by the fall, it's typically running RVs TP for Cisco rpv SD. So here we go. It's up an upright. Let's test this. Make sure that interfaces reachable in the sub net, which it should be because our desktop is address properly. We didn't address it. So what we're gonna do is we're gonna address this computer just for a few lectures until we get into the d c P section. Then we'll change it back to the HP So we're gonna address a I don't know. It doesn't really matter. Went on to 16168 out. We could do one. That 10 for example. And then we're just do one. I 2168 That one. That one. When I 2168 that to die would be address that DNS server to that three and we could just close him out. He's good. So now I could go to the command prompt. Okay? And let's just try to communicate using ICMP, which is Ping right? Ping used the ICMP Protocol when I 2168 That one. That one is the default gateway we configured on that routers interface Boom. We have communication. Pretty cool stuff, guys. Now what happens if we try to tell that? So we just said he tell net when I do want sex, eat that one. That one. And it allows us we need a user name. No, because remember, it's going through the local database we configured for our remote sessions, admin. And then the password was Cisco. Now, since it was privileged level one, this is what I'm talking about. We go right into user mode. We have to say enable. And now it wants that enable secret. Okay, so we used to say Cisco, What if Okay, so now I'm still telling that it in here, I could still make configurations in here. Let's go ahead and add another use name. So let's go on a global configuration boom. And let's talk about this. We have to say what user name? And I'm going to say, uh, remote just to make it easy. And then we want to change the privilege level. This will give us full access if we change, but not private privilege. If we gave a privilege level of 15 now to put a encrypted password the most secure password , we can assist device. What's the command? Not password. We do not want to say password because it'll default using that service password encryption to a level seven, right. We want to say secret. We always want to implement. We always wants a substitute that password configuration to a secret fight. The question mark here you can see we could specify as zero, which is unencrypted, which basically defeats the purpose of even saying seeker you could just type in the password. It does the same thing five will specify. A hidden secret will follow. Meaning you have to know the MD five hash If I open up this router and let's just do show run real quick, we would have to actually know this Full hash. Copy it and then go back here. And then we could paste it in here if we wanted to use five. So we would say five and then just paste it. But we're not gonna do that. We're just gonna say secret. And we could just say Cisco yet again. And now if I do show run here, you could see we do have now to user names. OK, two different accounts. One is by default privilege level one. That's why we had to use an enable password here. As soon as we try to get into privilege mode, we had to give it a password. So let's let's go ahead and exit this. Let's go ahead and tab outlets exit, exit. And now I'm just back in the regular command line interface for the computer. Right. So now if I tell met into, in fact, we just hit the up arrow 1 91 68 1 That one hit. Enter by typing the user name, which this use name is remote hit. Enter and I enter the password, which was Cisco. Watch this, since it is privileged level 15 it suddenly right in to privilege mode. Do you see that I no longer have to type in enable So that's something cool to keep in mind . It's how you could slowly start administering different, you know, user privileges. And again we could always say maybe we want a privilege level of four or five or whatever. And we could start, you know, kind of tweaking the privilege level a little bit. So maybe the users allowed to go into privilege mode, but only able to use a ping commander of the ICMP protocol or or what have you so we could get a little bit more specific with the user names and authentication. Just keep in mind to when it comes to use the names and authentication when you typically use what we call a triple A authentication services and this is gonna utilize a tack axe server or a ah ah, What is it called radius server? So typically we manage these from 80 separate server hosting all of these user authentications and accounts. And we could even go a step further when we are configuring these two using a triple A server to kind of incorporate it with your sister or your not Cisco, your Windows active directory and domains and things of that nature. So typically, we don't store our credentials directly on our routers, especially for a medium to larger size organization. Smaller networks. It's very simplified, you know, Maybe they don't have the budget for, you know, completely complex network. So local database storing user names and credentials is definitely, you know, an awesome features that we could utilise on our Cisco devices. Now. We typically definitely want to use a user name and password like this instead of just having a log and local simply because now we're do authenticating our user to get in. It doesn't just need to know a a password. It also needs to know what it's user name is, so it's a little bit more secure than just saying. Log in with a password. We now say log in local, which gives it the ability to use a user name and password. Pretty cool stuff. So that is PC zero. So we could just actually I want to show you one thing before we goes. If I exit this and we want to ss agent to it The command in packet traitor to S S H into a device as h dash l. Okay, this is L as in Lima. It's a lower case. L as in Lima, Not a number one because of a hits basis. And hit a one. They look almost identical. If that will drive you nuts. It is l so I'm just going to say Lima. Okay, l lower case l And then you type in the at or the user name, which is, we'll just say admin. And then the i p address two words were trying to a cessation do 19 to 168 That one, That one. And here you can see it did open. And I have to say, Cisco for that user name. And here I'm getting prompted with the banner authorized users only I could enable Since I am using this admin user name, it was only privileged over one. You could see when I go and say, enabled to go in the privilege mode, it still requires that enable password pretty cool stuff. So I just want to show you that guys, that is the Syntex for S S h ing into a router within Siskel Packet Razor. Let's go ahead and go back into this router. Okay? We could just tab out of that. Now we need to configure our serial 030 interface. So to do that, we just simply say interface s okay. Now again, if you cab that, it'll say cereal. But we could just say s 030 hit Enter. And again we just got to get my PS or so I p address will be 10 00 at 1 to 55255255.252 for that cider notation of 30 hit, enter and again we have to negate it. We have to tell it not to be shut down. So I'm gonna say no. Shut down! And about being better when we could exit this Do copy R s to make sure we save it. Now if I go and exit this just so we could say show I p interface brief. Okay, let's take a look at this. We do have it up. Okay? We didn't manually configure this to be up. Why is it down? Let's think about that. Because we only have one interface over. You. Remember how this interface was off or not off, but wasn't receiving anything because he was shut down even though he turned on right. He's shut off over here, so he's not gonna obtain anything that he doesn't know. This is existing right now because the interface is shut down. We could turn the interface on and not Addison, and it'll come up, but there would be no point to that. Keep him off if we're not using them. So in the next couple election, when we start configuring all the rest of these devices, you'll see how the slowly turn on. But for this lecture specific, I wanted to show you how to at least configure interfaces on our routers. Now, we still have a few minutes, so let's not waste the time here. Let's just do a couple. You know, verification commands one command on a lot of people get mixed up with him. I'm not sure why? I thought it was more straightforward, but, you know, it does get brought up a lot. We have to show commands for interfaces. We could do a show. Yeah, show interface. So show interfaces. And we could also say brief There were If we want to see a show in your face F 00 for example. Right. This is showing us just simply the layer one and some of layer to information. Very important. So here we're seeing our band with. We're seeing our maximum transmitted transmission units are delay value. Okay, we're seeing that the I p address in the sudden unassociated to we're seeing That's Mac address for that physical interface. We're seeing the AARP the last time. A time? Dow. You know, we're seeing a lot of physical and data link layer information sitting with that show command right here. So the other command, which I already uses, show I p interface right now here. I could say brief like I did show all of them I could just hit Enter here is gonna give us a huge list, or I could be more specific. Just that one interface, okay? And it's gonna show us more or less the layer three information. Why the layer three information? Because we're using this I p command in the configuration. Okay, so let's go. And I'm just gonna tab out of this. So if I do a show interface, we're gonna show interface right there and then, actually, I'm gonna exclamation point it so we could see both of them. So show I p or I'm sorry, show interface, whatever. And I'm just saying number since that's typically what you would do to be more specific and then the show interface or I'm sorry, show I p interface. And then we could do either a number or say brief, and I'll be it'll list all of them. So this again right here is layer What? One and some of later twos Information. Right here. Since we are telling the configuration that used the I P protocol if you think about your network stack Okay, the OS I or TCP I p architectural models. What is layer three? It's our i p layer were concerned with routers. Were concerned with the I P information with our I p addresses, right? It's our logical address ing as opposed to layer two and layer ones more dealing with the physical layer information. Pretty cool stuff, guys. So with that said, we have everything we need configured on rather one branch A rather one rather as far as based configurations. So in the next couple lectures and specifically the next next we're gonna do everything we did on this branch. A But we're not gonna break it up like we did already. We're just gonna go ahead and walk right through setting all of these up together. That way we could go more fast paced. You could kind of see him. How? All the configurations work together, but as we're configuring them, Okay, talk through him. If you know if I'm going too fast. Pas video, rewind it. Talk yourself through the configurations. Tell yourself why we're implementing them. What effect is it going to initially have on our network when we configure these? Okay, talk to yourself. What modes are we going into? What we re not going into? You know, another one that I didn't do yet. If I hit under here, you know, copy Rs which again is running config started Config. Why are we saving running config to our sort of conflict because running config running our current running file is sitting and ran. We need to say that to envy ram, which is our startup config file. Pretty cool, guys. Right. So practice this a little bit. You Some of your show commands understand? If I do a show running, configure it here. Understand that we have to have enabled password, right? We have our secret password enabled, which is an under five hash if we have a privilege level of one, like we did for admin user name, Okay. Needs to use an enable password if we have privileged 15 to take us right into privileged mode. So we don't need to worry about having that enable password. Remember, CDP by default is running, so it doesn't show up here, but we implemented LDP. If we wanted to turn cdp off, he would say no, l a or no cdp scroll down. We could see we have I pssh version to the domain and everything right there Looks good. Score down. We said we learned how to create our banner. We learned that with line concert. We have to tell a password and we have to tell it to log in or will not prompt us for our password. Essentially, this command was telling us to prompt us for a password. And we have to ask for that password. But when we're talking about logging in locally through a VT y connection, right, we now also have to implement that user name and password we stored on the router as a local database. Which is these two guys right there? Pretty cool stuff, guys. So But that said, I will see you guys in the next one. 11. Configuring All Routers: All right, everybody, welcome back as we continue with our journey with IOS configurations as far as our administrative configurations, as you can see, I'm in the lab that we've been previously working on. Hopefully you've been saving everything, so you don't have to go back and redo it. We've already configured everything we need as Faras based administrative configurations on Branch A's router. Okay, now we're gonna fly through configuring Branch B and brand see, So if I'm going fast, remember? Okay, this is a video. You can stop it. You could rewind it. Okay. You could re watch it. Make sure you are talking to yourselves through these configurations. Explain through your mind. What issue are configuring. That is how you will retain this information. Also after this course. You know, it's highly recommended that you start practicing these on your own. Try building these without the workbook. You know, the workbook is there for you to utilize, in case you get stuck, but try to do it from memory. That is how you will learn. So let's go ahead and open up. Branch router Be okay. Everything is already. Everything else is good. As far as connections Let's just start configuring what we need to. We're going to say no. Here, we're gonna go in enable, and the first thing we need to do is set the clock so we could say clock set. And I'm just gonna say 10 10 10 yet again. And just some random date. January 1st, 2020 really does not matter. And I spelled January wrong, So I just hit the up arrow and I could just said that. Ah, what is it? Let's see. Day, the month January 10th or 1st 2020 There we go. And now we could also say terminal history size. Okay. And just 20. Something simple. From here, we could go into global configuration modem. Simply. Just give this router a name we're gonna say host name, and we're gonna say branch Ah, what's the b underscore router to were basically following the same configurations on the ah workbook that you could see. Okay, so let me just pull the workbook over here for you. This workbook, ok? We're doing everything the same. The only thing that we're changing is this is gonna be obviously branch be router to We have to change this. According to this network. Now, even when we get down here to the interface, we got to make sure we address the interfaces according to what we are seeing on our topology. Just keep that in mind from here. We could go into lying Console zero. Okay, We're gonna say password will be Cisco. We're also gonna tell it to log in. So it requires us to use that password going to say logging synchronous. And remember, this is simply, more or less e helpful command for you guys. And we're also going to say, executive time out 00 Okay, We only use their zero again because this is a latte environment. Next, we could exit that, going to line VT y zero through four. And again, this is our remote sessions, OK? Or remote lines. Password. We could say remote. But since we're going to say log in local here yet again, this passport is going to be pretty much obsolete until we really set up a user name and password. Okay, here we could say logging synchronous again. Exact time out will be 00 and we're also going to do a transport input. All okay. And now we could exit this and again. I like to do a copy Rs drop my configurations just to make sure Now we also need to set up a banner we could say banner motd and percent again. You could use whatever somebody you want. You just got to make sure you end with it. I typically like using Asterix in my configurations for my, you know, authorized users only. And again this could be a security, you know, government thing. You could find him online readily available, but basically don't want to use a symbol that you want to use inside of this. So I and percent again and it ends it. The next thing we need to do is well, if you want to enable CP again, you just say cdp run. I remember it's already on by default. So if I say no cdp, it will turn it off or ah, no cdp run. Okay, now if I say cdp run, it turns on same thing with L. D. P. Run. That's on. And now we need to say no, I p a domain. Look up. Remember that again is more or less just to help you in case you are back here in privilege mode and I said, End, it's not going to sit there and try to resolve it. So back in the global configuration mode now, Right now, if I do show a run command, if I scroll down, remember, our passwords are in plain text, which is something we don't want to have implemented. To make those into a Level seven encryption, we just simply say, service, password, encryption, head enter. And now, if I do show, run okay and I scroll all the way down, you could see we are now implementing the 11th Level seven encryption. Remember, it's not very secure those air easy, easily able to be tracked. So it's just more or less a d tearing from there. We could go ahead and start setting up our naval password because we cannot telnet or anything into a router what we can. But we're only gonna be able to go into ah user mode to go any further. Even if you have a privilege level 15 you have to set up in enable password and remember, we don't want to use this. We always substitute that password command for secret. So it uses the MD five hash. And here we could just say, I don't know whatever you guys want to use. Okay, we're going. I'm just gonna use Cisco to keep it consistent and easy. And it helps if you spell enable correctly. So enable secret Cisco. And now we could start actually implementing Ssh! To do that. First we need a user name and I'm just gonna say admin we It's a privilege. So you get in the habit of using that. So you when you talk yourself through it, you know what you're doing. And remember, privilege one is the default privilege. And then instead of password yet again, we substitute that for the Secret Command. So it's the MD five hash. And again, we could just say Cisco and I'm doing this simply for the fact that it's easy and consistent. I also want to what? Give it in a domain name. So here, right here, moving forward is all the steps you need for S S h I p domain name, and I'm just gonna say cisco dot com core. Now we could say crypto key, Generate arce reducing 1024 bit security key had generated Beautiful. What else? Well, we don't want to use the suspect version once we're going to say I ps h s h not shushed. And it's gonna be version. Now. I could just type have a key out to, and we're good. Now, what else do we need? Well, let's actually set a time out for ssh like we did before. So it's his age. Time out. We could say 100 20 seconds, remember, Use your help. Command that question, mark, because all this in Texas can be different. So I'm just gonna say 1 20 I p ssh. Authentication re tries three beautiful. So right now at this age is 100% configured. Let's do a copy R s to make sure we save it. And now we need to clear our interfaces. So let's go interface F 00 And that's gonna be I p address. That's gonna be the default gateway for the 19 to 16820 sum net. So I'm just gonna say when I to 1 60 dot to 60.0.1 classy said that mask and then hit, Enter and remember, all interface on a router are what turned off mighty falls We got in the gated. Say no. Shut down, Beautiful. You see that came up. OK, now let's go ahead and Ah, we need to do interface cereal 030 And that's gonna be I p address 10 that 0.0 dot to with a class or I'm sorry, prefix of 30 which is dot to 52 in the fourth Octa, I'm going to say, you know, shut down on that as well. And there you could see the link lights between these two routers indeed, came up. Now we have one more interfaces. Do interface cereal 031 I p address will be. Let's move over here so you can see it's gonna be 10.0 dot zero that 5 to 55255255.252 And once again, no. Shut down. Let's go ahead and exit this. Let's go ahead. Do copy rs and we should be good Now, since these are already pre statically configured, we could just go to the desktop in here. Go to the command, prompt, and let's just try to pin our default Gateway Ping when into 168 dot to 168.0.1. And we have communication. We get control, See? Break that. We could also say Tell that one and, uh 192 once eggs A that to that one. And obviously admin Cisco enable Cisco and all is good. Remember, it's always good to verify your commands. Now, let's go ahead and configure branch. See, just so that is done in our of the way when you go to the CLI again, what are we gonna do? We're going to say, you know, here, enter enable We need to say what? Think about it. Clock set, right? And then it's gonna be 10. It doesn't really matter, But I'm just gonna say 10 10 10 January 1st 2020 and then we need to do history or I'm sorry. Terminal history Size 20. Now we could go on a global configuration vote and we're gonna do a host name branch See, underscore Router three. Okay. And we're good. Let's go to say, line con zero password will be Cisco log in logging synchronous and then we do an executor . Time out. 00 exit this. We need to do line B t Y zero through four. The password will be remote log in local logging sink. And we could also do a ah exact time out here and 00 And then we're also gonna do a transport input. Ss are I'm sorry. All will change that later exit. Let's do a copy RS. Make sure it saves it. Now, let's go ahead and do what we could Set up a banner banner, motd and percent again. You could use whatever simple you want authorized users. Onley, exclamation! I just like to make it look all fancy. You know, it's gotta look party boom! So a banner set Now we need to say, OK, CDP Ron, in case it's off, we could do L Rdp in case it's off and we have multi vendor equipment And we could also go a step further by saying service password encryption to triple our plain text passwords we want to do in No, I p domain look up because that will just make your lives easier. And then we could do in enable secret Cisco again. Keeping all the past was the same. So it's easy for you guys to go back through this to verify things. Set up our user names on a local database, but user name admin, privilege one and secret. Remember, we're replacing the password command with the Secret Command. So it's the empty five hash, and we're gonna say Cisco again. So all is good. Let's go ahead and start configuring. Ssh! So I p domain the name lips. I need to give it the domain cisco dot com Now we could do a crypt. Doki generate R s a 1024 i ps h version two we could do. Ah, I Pssh, time out. 120 seconds. We could do an I p s h authentication Re tries three and ssh is not configured now what we need, Teoh. First, we could do a copy rs and we also want to turn those interfaces on, so go back in a global configuration mode. Let's go ahead and say interface cereal 031 I p address will be 10 004 to 55 25525555 That 252 And again, um, well, I messed up the i p address story. I'm sorry. So this is gonna be a six. There we go to 55255255 dot to five to boom! And then we say no shutdown. Beautiful. So that guys up, Let's go ahead and exit that interface. You could say interface 00 I p address will be 192.168 at three. That one Classy, some that mask If I could type today and zero and again, we have to negate it. We have to say no. Shut down and that comes up. We could exit this. Do you can't be r s, and that should be good. We can also verify that once spanning tree comes up. In fact, I'm just gonna hit quick, fast forward. So it makes it come up quicker and this species not I p address yet, but I know the server is so I just use the command prompt here. And let's just go ahead and ping 192 1683 That one. We have communication control. See, I'm just gonna say Telenet, And when I to once exceed that three, that one we could say admin, Cisco enable Cisco and we are good absolutely awesome guys. So again, we've kind of flew through these two configurations. But I did that delivery, so we don't waste too much time. Remember, this is a video, so you could stop and rewind it. You have your workbooks, right? Keep your workbooks open. Everything that we configured on Branch a writer one over here on the left is what we configured on Branch B and brand C Keeping in mind, we have different interfaces and I p addresses for different sub nets. The host name would obviously be different and badda bing badda boom, you're configure. Now. One thing I do want to bring to your attention now. So you guys are not confused If you don't know anything about routing this network, the sun that right here will not be able to paying anything over here. Why? Because we don't have anything in the rounding table Vice show. Ah, show I p a route. OK, all that's knowing of right now is it's directly connected routes. The 10 years, their network, which would be the 100.1 and the one that zero network, which is that one again because that's directly connected to the router knows at least that much so I would open up this computer. Let's kind of talk about where, Ah, where we're going. How far can we go till we're not allowed to go anymore? So here, I'm going to go out and just say All right. Well, if I paying my default gate, anyone I 2168 that one. That one. Which I know we have access to. We proved that already we have communication. What's the next hop? Well, let's try the next I p address and the interface. Right? So to be paying. Ah, 10 that 00 that one. We have communication because it knows about it. Control. See, let's go and try a ping to the dot to interface. What's gonna happen? Well, it's gonna time out. Why? Because this router doesn't know about this network. This router doesn't know about this network, so they're not fording this information. Remember, routers only know how to Ford packets based on what is shown or what we tell it's routing table to provide or to really look at to be able to afford this information, we will take a look at this later because we're gonna actually eventually want to start configuring rip on these networks some static routes in default routes again. Just so you guys air familiar, some of this is a review and that so much related to administrative configurations. But it will help us building this entire lab so you could see it more in depth. And the next couple of lectures were actually gonna take a look at configuring are switches and then we'll go back, figure our networks to communicate to each other, and then we'll start configuring all these cool bells and whistles as faras NTP, DNS Web servers, TFT P and G A C p. I will see you guys in the next one. 12. Switch | Base Configurations: Hey, everyone, welcome back as we continue our journey with understanding Cisco's Iowa s administrative configurations on our networks. So sitting here looking at, you know, the workbook that I created for everybody in the lab or building, I kind of realized we kind of went off topic just a little bit with as far as the administration configuration side of our networks is concerned. But this is only gonna help you guys out, because now we're not only learning and going to be learning more about the administrative things that we can implement on our networks, But you're also getting practice to building the network so you could see it in action rather than just seeing some of the configurations, like most other courses, offer. I feel it's a lot better for the students to actually dive in and do this stuff to where you're building a complete network, then implementing the administrative. You know, different protocols or servers that you know, different features we can implement on the networks, that we just have a better understanding of how it really operates and works throughout our networks. So if you're here, you know you're doing great. Hopefully you're following along. If you have any questions, hopefully you're asking. And in this election, we're gonna start talking about implementing our based in administrative configurations on our switches. Now, we're gonna start over here. It's which one or switch, Be a I think I named it, which is Branch office. A switch. And essentially all the base configurations are practically the same as our router. So I'm not going to spend as long, you know as I did previously, when we went over the initial based configurations on the first rounder we did. We're gonna go through it a little bit faster, but we will slow down. We started getting into when we're configuring the V lands on the switch, and then again, we'll break it up into a couple of different lectures and then we'll go back through configuring all of the switches on our network. So to get started, let's go ahead and dive in this switch. The first thing we want to do is go and say, Enable Come figure. Well, I guess we could always go ahead and set the clock here. I mean, it's it's optional, but it's good practice, so let's go ahead and say clock set and it was 10. 10 10. And then we said January 1st 2020. Boom. Now we could also go ahead and say terminal history size, and we're just gonna say 20 now, we could go ahead and go in a global configuration mode, and we're gonna change the host name again. These configurations are practically the same, ladies and gentlemen, and I'm just gonna name it. Switch on the score, B A Since that's what we named on the lab here. And from here, we could just go ahead and, you know, go through the rest of the configurations as we did with the routers. So at this point, I mean, you guys could probably do this on your own. Feel free to go ahead and try it. You know, make you do have the lab saved. So if you get through it and you watch me do and it's not working, just closed a lot out, reopen it and then just follow the video again. But at this point, we need to do what we need to set up our line console setting. So it's going toe into line con zero going to do a password of Cisco, and we're just going to simply say, log in logging synchronous again. This is a helpful command for you guys. We're also going to say exact time out. 00 Remember, this is zero minutes zero seconds. Don't forget to use your question, Mark. If you ever have any issues trying to figure out commands all right, now, we could also just say exit this. We're gonna go in, go into our remote line, which is lying, Vicky y zero through four. But do remember, we could use zero through 15 as a review. Just remember that, Okay, that you may see something like this on your exam. In fact, in other videos and other course that you typically just have students do this just to help them remember it, and it makes no difference. In fact, we could actually say 0 to 15 if you wanted to. The reason why I was doing zero through four previously is because typically you don't want to have that many remote lines available for that many sessions to be going on at once. It's that's kind of ludicrous to have 15 or 16 different people logged in into the same sewage trying to administer it. You know something's bound to go wrong. So that's why previously I was doing 0 to 4. But if you want to do 0 to 15 just for the pure fact that it's practice for when you get asked questions like that on your exam, be my guest. We'll leave it at 0 to 15 for this for this course here. Next, we need to go and set a password. Now remember, we're gonna set as remote. But since we're doing a log in a local, that password basically does not exist, OK? Because now we have to go back and give it a user name and password for it to be recognized for somebody to remote into it. Next, we could go ahead and say, logging a synchronous. We could also do an exact ah, time out and zero minutes, zero seconds. And again, remember, we're doing this simply because we're in a lab environment. We would not want to do that in the real world, would actually want to set that to three minutes or five minutes or what have you, Whatever your organizational security policies are, you know, typically they'll run alongside kind of something similar to your active directory policies because it needs to stay consistent. And it needs to abide by those security policies your departments have in place. Next, we could go ahead and say we already do exact time out. Transport in put. Okay, Now here. We could just say SS age. We're not gonna allow Telnet into the switches. We'll just say ssh. So this is simply saying, do not allow any remote session other than as his age. It will not allow a tell matter it. And we could all go and exit. This has got into a banner, Okay? And we're gonna say motd and again, I like using an percent. You could use whatever you want. I'm just gonna do some aspects. I'd like to make it look all fancy, authorized people on Lee, you know, change it out. Who cares? Let's just go ahead and do some Asterix now again, Until I use that 10% sign I could keep going, I could hit the enter sign saying, Ah, us Gover meant property. Okay, you know, some more Asterix. And now if I use that and percent sign and hit enter, it takes me out of it. So you could make this quite long. I mean, you really wouldn't want to, but just for an example, you do not need to just make it one simple line or whatever you you know, and typically these air longer. Okay. In fact, if we ah, let me just pull up Google here just to show you guys something If you Google um Cisco switch. Ah, Danner. Template. I don't know. Maybe that'll work, but sometimes you get some cool little things that kind of help start you off and it'll tell you, let's see if I could find it. This isn't the site I want. Oh, bear with me. Banner template network management. Let's see, usually you get a list of some cool things, and sometimes there's free ones at the like their common licensed ones that you could use that the government created Ah, fancy banner. Let's see what this one says and that the will of the A S C two generators. So that's the text format of our banners. So I could go. I could always go in here, and I could actually copy all this if I wanted to or I could always say, this is Let's say this is US government equipment. Ah, you shall not log in if not permitted and subject to 50,000 fine or something. Right? So if I say do it, obviously I wouldn't want that kind of lettering or something. But you get the idea. You just trying to find something unique or whatever. And then you could just copy all this and paste it in. But the point of the story is it does not need to be that small. All right, so what? That said, let's go ahead and continue. Okay? Remember, we were also saying CDP run. We're also saying ello DP run. This is for our neighboring devices. So if I exit this real quick, okay, I just want to show you Let's show CDP neighbors. And here we could see my neighbor is my branch a rather one. It's going through fast. Ethernet 01 through me. Okay, Now we have hold down timers and other things like that that are a bit out of the scope of this course, but there you go. You know, this is a platform that we are connecting to. The r tells me it is indeed a router in case we didn't have it in the device name. So really, if you don't have any fancy tools to build different network diagrams and documentation, you could utilise a lot of different show. CDP neighbor command show I P interface brief commands. Your verification commands essentially, are what you can use to build your network diagrams. Very cool. It's actually really good. It's actually a good habit. Actually, you know, builds a nice labs and start using your CDP neighbors or LDP neighbors commands, right? And look at what is giving you. That way. You could try to draw it out on a piece of scratch paper and, you know, see if you can make sense of it trying not to look at your diagram. See if you could really start making sense of it that way. If you are in the industry, it just you. Your that, you know, one more step forward and have an advantage. And then when it comes to some of the more expensive enterprise level, you know, applications that will kind of build network diagrams for you on your real existing network . I mean, these applications are expensive their license. Right. Well, now you just have a better idea of how it's retaining in obtaining that information. So I wanted to show you guys that let's go back in the global configuration move. We now need to set up our S H connection. So the first thing I want to do again as it more of a helper command, is that No, I p domain, look up, command, Right. We also need to give our plain text passwords a encryption, so they're no longer plain text again. If I do show, run here and just scroll down on scroll down. Slow down, slow down. Slow down. And where are we? So here we could see our pastors are indeed in plain text, and we don't want that. That's not secure at all. Even though service password encryption isn't that secure, it's more of a deterrent. Any security is better than no security. Right? And security is like an onion. The more layers you have, the more security is. This is just part of the layer to our onion. With our security practices. Next thing we need to do we need to start setting up our cessation. We're gonna do an enable secret. And again we're just keeping it. Cisco. And I'm gonna ask you guys, why are we using the Secret Command? If you remember, it's because it's going to encrypt it using the MD five hash. It's a lot more secure now. We need to actually go into creating our user names, your name admin when a use or we could say privilege one again for practice. So you know about the command Syntex for your exam. We're also going to say Cisco, where I'm sorry Secret Cisco. So it's encrypted using the MD five hash. We're also going to give it a domain name, so I p domain name, movie cisco dot com and then we could start setting up our keys. Our our Saiki. So to do that, we're saying Crypto key generate R S. A. And 1024. Now we can do a 2048. Okay, it'll be that much more secure. In fact, I think it was about two years ago for the first time, and I think history the 1024 was cracked, but it took months. There's a huge document on it out. I'm not gonna even try to find it right now how they did it. And it took them months, and it was supercomputers trying to do it. So 1024 is secure. But now, best practices and newer documentations are pushing for people to start using the 2048 that keys. It's just gonna be it's gonna offer you that much more security and, you know, prevention on your network. With that said, what else do we need to do? Do you guys remember? Well, we like to use I pssh version two, So I ps h merge on to is the command. What else do you guys think we're going to do? We're going to set a time out for the ssh. Right. So it's Pssh time out. And we could just do 120 seconds. Remember, they are in second. Remember, the Syntex has always changed. You got to use your helper command. Which is that question mark? What if we wanted? No. So 60 one twenties. That's two minutes. You know, we could change it. Whatever we want, as long as it falls in within this range. Okay, so it's just say 1 20 now, we could also do our authentication re tries. I pssh, authentication re tries. And three, How many times do we want somebody the law again before it just says, You know what? Disconnect them from this connection. They'll have to establish a new connection before trying to log in again and again. It's just another layer to our onion of security practices. So right there, switch D A. Is completely configured for based configurations. We never configured our interfaces or anything on this yet, because by default, all interfaces on a switch are running their turned on. However, I do want to add some mawr security to this device, and we call this. I'm just gonna make a note here, Okay? We do this by calling it device hardening. Okay, Now, this kind of goes more into a security realm of things, but it is part of the whole administration concept. So guess what? We're going to go through it together and the next lecture we're gonna actually configure different villains on this round. We're not gonna go crazy with a whole bunch of different V lands and start trunk ing different links. Okay? We're not going to get into that in this course. But what we are going to do is change the lines around. So we could hard in the device a little bit more. Okay, We're not going to do okay. We're not not doing port security again. This is a security topic outside of the scope of administration configurations. And, uh, you know what we can implement on the network's entails. But at least it'll give you a little bit more head start on understanding how to movie lands around. Why we do it for those of you that are newer into this. All right, so with that said, do copy Rs because that saves are what? I'm asking you a question. What does the do? Copy Rs or simply copy? RS do it is copying. I'm gonna make another note. Copying running. I can't spell today running. Keep trying running config. Okay, start up. If I can type config there we go running configures. What? Let me move my cursor over. This is Ram, okay? And if you wanna take notes of this yourself, do so and then our me hit control E to go back to the end and then started configures envy ram, so you could see we're saving this file. Our current running CONFIG file, which is currently running our working memory, is in RAM. We're now saving it to our start of config. Witches flash. It's non volatile ram. So if the device loses power and it comes back online, our configurations are still there. Beautiful guys. So let's go ahead and exit this. We did. Ah, copy and save it. Hopefully you guys did to. I'm gonna exit it. Just make sure we have everything cope aesthetic. So now if I hit Enter, let's go ahead and try password, which is Cisco enable and past Francisco. Beautiful. Let's go ahead and try to remote into this. So this computer is in the same sub net, right? 1 91 to state one that zero. So I'm just kind of showing you guys something here. If I do, let's say we turn. We turn down that office. Actually, let's show that when I too once exceed that one, we didn't set up a villain on the on the switch. Okay, so you know what? We'll cover that in the next tiger. I'll see you guys there 13. Switch | VLANS & Interfaces: All right, students, Welcome back. As we continue configuring our switches for our IOS administration labs course here, I need you guys to go and open up the labs. And, you know, I left off exactly where I left off in the last lecture. So let's go ahead and exit this. And this is probably where most of you are at. Let's go log in with Cisco. Enable Cisco Now I want to do something first. Let's go ahead and do a ah show villain. Brief command. So here we're seeing the V lands that are already on our switch. Now, anything over 1002 we cannot use. Okay? And there's actually villains after 1005 they start at 1006 and go on. But that's for a completely new topic. You won't learn anything about those until you had tea CNP or C C ah e. But for now, the major thing to take out of this is that every single interface right now is inside of the land. One now, remember, villains separate broadcast domain. So if we had multiple interfaces in multiple villains, we would need a router to communicate those different devices plugged into those different ports associated to those villains between each other. But we're not gonna worry about that. The only thing we're gonna do is move all of these ports out of the land one, because that is a security vulnerability, and it is Cisco's best practice to move. Um, the reason for that is if anyone knows anything about Cisco, routers are mean switches. Rather, they're going to know out of the box that all interfaces by default are reviewing one. So you know, someone can plug into that switch and potentially started doing some harm to your network. So we always like to move them out of the line one. And then we're also gonna turn off the porch or not using and put them into what we call a miscellaneous villa and where I call it a miscellaneous villain in security world. In the security domain, we will call that a black hole villain, meaning it exists even though you don't know about it like people outside of it. Think of it as like what a real black hole is. We know they're out there in the world of space, right? For any of the astronomers out there. We know black holes exist even though we cannot see them. Same concept. But again, I usually just name a miscellaneous. Because that's what I do. You could name whatever you would like, So it's going to go into global configuration mode with coffee. Tea. Let's go ahead and create two new V land. We're gonna save the land. 10. And I'm gonna name this. I don't know admin. It doesn't really matter. You can name it. Whatever you want. I'm also going to save you and 20 and I'm gonna name that, miss. Um, I see. Just like that in the movement house. Now, we could exit the villain mode exit, and now we need to move interfaces around. So we know right here. We have interface one interface to and interface three being utilized. Since we are not breaking this switch up into multiple broadcast domains, Okay, we're gonna put those two reports into the same violent. So what I want to do is put those three ports into view and one Now, there's a couple of ways you could do this. And for those of you that understand based basic configurations already, that's probably a bit of a review. But for those of you that don't know, this is how you do it. We could always say interface right F A or F even 01 and switch poor mode access because we have three different modes. Okay, we have access, dynamic and trunk by default. It's usually sitting in dynamic where it's gonna negotiate trunks dynamically, which is never were. That's so bad. Never used dynamic. We never, ever want to leave a poor in dynamic status. Huge, huge security vulnerability. We either need to deliberately tell it to be a trunk link which is again, out of the scope of this course or delivery talk to be an access port which will never allow it to trunk. All right, very important. So what we want to do is say access, But now we also need to tell that poor to be associated to feel intense. But now you needed to say violence, which are I'm sorry. Switch for access villain 10 hit, enter and about it being better. Boom. You could see that one interfaces. It went down. It's coming back up because spanning tree, but that takes forever. What if we want to manage multiple interfaces in one villain. Well, why can't we just do something like this? We could say interface range F 01 even though it's already configured, this is just an example. Dash three, that means include the interfaces of the range from 01 throughs 03 by hit. Enter. Now I could say switch poor mode access. And then I could also say switch poor access the villain 10. And then we could exit this. I'm gonna do a copy. Rs. Now, if I do show villain brief command, you could see we did move those three interfaces to our villain. 10. Pretty cool, right? Let's take it a step further. Let's go ahead and move the rest of these poor since we know they're not gonna be used in this lab or at least in this sub net. On this switch into our miscellaneous villain are Black Hole Bill and if you will again to do that was we got to do is say, interface range after 04 through through 24. Enter switch poor mode access because we don't want them being dynamic. We don't want them ever to just dynamically form a trunk with another switch. We also want to say switch poor access. Villain 20. Since we are not using these ports, what else should we dio? Well, let's turn them off. Shut down! Or you could simply just say shut. And as you could see, there, they all want shut down its exit. This do copy R s? Let's go and do show villain brief. We could see now we have no ports within Villain one. We have the three we are using in view intent. So that is the same broadcast domain is the same sub net They could still communicate to each other If we had a device plugged in F A 04 and a device plugged in F 01 they would not be able to communicate between each other unless we incorporated a trunk with 802.1 Q encapsulation on the router so they could route between each other. Router separate broadcast remains, right, So just keep that in mind and they are turned off. So if something were to plug into any of these pores, they're not gonna be able to communicate pretty cool stuff, guys. So that is right there. Dylan's an interface management, but we need to go a step further. All right. We need to give this switch an I P address so we could manage it remotely. So how do we do that? Well, if we go ahead and do show I p interface brief, let's just take a look what we see here, OK, we see all our all of our interfaces receive. We haven't villain one here, because that's by the fall. It's going to show up, so we need to create another logical interface. Except we need to say villain 10. All right, so let's do show run, and I'm just gonna scroll down here. But what about what about, um, do that? There we go. So we only see an interface villain one, because that's their by default. So what do we want to do? Well, let's go ahead and say interface villain Ted Now it created a view in 10. We could prove that by Do show. Ah, I p interface brief if you wanted to. If I scroll down, we now see interface view, and 10 is indeed there. I want to address this. We're gonna do I p address war nine to, But I'm sorry when I do 168.1 dot to not remember when I first started at addressing these devices, I want to address this 11 dot too. Well, this is why I decided to name the NTP server. Address the NTP server 1.3 because I wanted to use 1.2 for management. So that's when I said, Well, I'll tell you guys why I did that later on. Now I'm telling you to 55 where's 255255255.0. And we need to just to tell it what now? Here. You see, It says it's up and up, but just for practice, okay, say no shutdown. I mean, it's not gonna hurt anything. And like I said, it's, you know, just so you get in the habit of saying no shut down. It will just benefit you guys that much more. So now we could go and exit this, But right now, if I go to this computer, this is what I meant to show you guys earlier. If I go to this computer and say paying or most of, say, tell net 19 to 168 That too. I'm sorry. One, not two. Okay. Ooh, look at that. It's closed by foreign host. Why? Think about it. We never told the switch to allow town that connections pretty crazy. Right. But if we do an S h dash L for Lima admin 19 to 168 That one. That too. We do have communications. Cisco is the password a Cisco enable Cisco and we are in. Now we know we have ssh communications to this device from any device within the same sub net. However, right now, we do not have any network communication between networks. But if I were to take a computer from a completely different sub net and try to communicate to the switch, it would not work. Why? What allows us to communicate to other networks on our regular computers or routers or whatever g fall gateways, Right. So what do you think we need to incorporate here and a default gateway and the command for that? A simple i p default gateway. And it's gonna be the interface of our router that we're using for a default gateway Boom. Enter how cool Is that pretty simple, Right? So let's go ahead and do copy R s. Let's go and just say Do show, uh, do show run. And we could see what are running figures. We see our enable secret I pssh version to know domain. Look up Domain and Cisco. I love the way. See, all of our interfaces are also showing us what the lines are associated with and the shutdown If I screw up here, these three say they are not shut down and their associated to be land 10. We get scroll down a little bit more and let's go to see what else we have. We have We have a interface villain 10. Okay, veal and one is shut down. So that's fine. We have a Mac address that learned we also have a hard coded I p address. We also have a default gateway. Cool. We have a nice banner of the day. That's what Motd stands for. Free scroll down here a little bit more. We have are lying con zero in our line rearview remote lines which are VT Uihlein zero through 15 and you notice even though we just said 03 15 it configured everything the same . And for some reason, someone wants explained it to me. I don't quite remember the whole understanding of it. Ah, they separate these two like this. I'm not 100% sure now I can't remember. So if you want to go, go it be my guest. It's not really relevant. Um, in fact, it's not relevant at all, but yeah, guys. So we just finished all of our base configurations on switch branch A. I took it a step further originally wasn't going to do it, but you learn how to do some V. Lanza was, you know, just for those of you that are newer into the IOS Rome, I just wanted to make sure I covered a lot of the more or less introduction topics. That way, as we go into mawr, the administrative configurations getting NTP up, getting d and S t f d p d GPU running on our networks, you kind of have a better understanding of how it's actually communicating through the network and how our devices were configured to do so. Alright, guys. So and the next lecture, we're gonna go ahead and configure these two switches We're gonna go a little bit quicker this time. And then after that, we're going to start getting our networks communicating together. Awesome stuff. I will see you in the next one. 14. Configuring All Switches: Hey, students, welcome back as we continue our journey with understanding administrative configurations with our Cisco IOS devices looking at our lab here we have all of our routers based in the mission of configurations and interfaces configured. We went ahead and did this switch in the last lecture. So all we have left really is to configure the base and administrative configurations and interfaces on these two switches. Now, we want slowly through Branch A's rotter at the base in administrative configurations so you could learn him. We went faster with the other two routers. We went a little bit slow, but kind of fast because a lot of them are very similar to the router until we got into fearing the villains and interfaces. Right? So with these two switches yet again, we're gonna kind of go faster. Remember, this is a video. I'm going to fast deposit, rewind it a little bit and go through it again. Make sure you taking notes to make sure you're using your workbooks. You should try to do these on your own. By the way. You know, the more you try on your own, the more practice you dio the better it is gonna be for you. So with that said, Let's go and jump into switch BB All right now, Obviously the names are a little bit different than what the workbook says. That doesn't matter. It's just the host name. So it's going get started. Enable. All right from here we could do what we could say Clock set 10 days or 10. 10 January 22. That's due January 1st 2020 and then we could do terminal history size 20. Now we could go on a global configuration boat and we could do a host name and will say switch, underscore BB for Branch Be whatever. And like I said, you could name whatever you want and then here we're going to line con Zero password will be Cisco Law Log in and then we do a logging synchronous and then going to an executive time out 00 and it could exit that. Now we need to do line VT y zero through 15 or again, you could use their therefore does not matter user through 15 or just help you remember. We do a password remote. We're going to stay log in local for the local database. We're gonna do a logging synchronous so our sister log messages don't interrupt our text and then we could also do an executive time out. 00 We're gonna do a transport input as his age, so we do not get telling access to it. We go and exit this so that quickly. We've already taken care of quite a lot, but there's still some more, right when you do a banner banner motd and I'm just going to say and percent and let's just say whatever this is my awesome lab Boom, boom, boom. Okay, As I said in the last lecture, we could make this really whatever we want and percent, what's next? Well, we could always enable of CDP Ron, in case it's not, we could say LDP run now. Remember I said you don't think we want to run all of these? You took me only Rodham. If you know you have multi vendor equipment, maybe have some juniper or net fire switches or something along those lines. But again. So you're familiar with the command sin Texas, in case they ask you them on your exam. You know what? They are not going to say No, I P domain A look up because that helps us not resolved domain names. If we don't need to, it just helps us in here in the beginning. And it's good to be familiar with that as well. We need to turn plain text passwords into encrypted passwords. Remember, this is a level seven encryption, and we need to say enable secret because that secret command terms the plane password into what? MD five hash password of Odysseus. Cisco Yet again. Now, when you set up a user name, admin privilege is gonna be one secret again. We could replace Secret with any password commander or any of the past plans with the Secret Command Essentially, and Cisco again, I p domain name will be cisco dot com and then we could set up our arse a key. So crypto key generate R s A. We could do 1024 this time really does not make a difference. When do I? Pssh Version two. We're also going to do I Pssh, time out 1 2120 and I PS age authentication re tries a three beautiful, beautiful, beautiful. Now, when you set up our interfaces, right? So, villain 10 Name admin. It really does not matter. Villain 20 will be named miss. Okay, exit this interface Brain judge. Now we have to change it a little bit. 01 through We have 1234 So we could say 0 to 4. Switch poor. You guys remember Switch port mode access, and then we do a switch. Poor access. Villain. Uh, v land 20. Uh right. No, I'm sorry. The line 10. There we go. And now we could go ahead and expect interface range F 05 through 24 and I'm going to a switch. Poor mode. Access, access, access. There we go, and then switch. Poor access. Villain 20. And we're gonna also say Shut down, boom exit. This is duly copy RS. We could go ahead and do show I p interface brief, and we could see everything. It looks hunky adoree there. What else do we need to do, though, when you set up our address on this device so we could at least remotely administer it. So interface Villa and 10 it's going to create that violent I P address. Remember? We could always say dhe p to if we wanted to give that the interface Any interface for that fact? DTP from a D h c p server. We could do that, but again, since this is before management, we want a hard code that I p address. So it's gonna be 19 to 1 60 dot to 60.0.2 to 552552550 and again just for due diligence. No shutdown. Exit that now We also need what? Like I said, we could remotely administer this device as it sits, but we won't be able to remotely administer from any other sub net because of that gateway . So we need to say I p default default Gateway. The default gateway will be wanting to, ah, one into 168 that to that one boom, we should be good to cap BRS. Let's go ahead and just do show run real quick and see what we got Bumper to bumper to bumper bar. Everything looks good, everything looks good. So let's go ahead and put this into practice. Let's go ahead and take any any server. Just use the Dina Server desktop command prompt, and let's just say tell that, um, when I do, uh, once eggs ate that, too dot to and it's closed, Remember? Because we only said transport I p or I'm sorry. Transport input. Ssh! Right. So now we get it s a S h dash l for Lima. Lower case. Remember, that is not a one user name address when I 21682 dot to and Cisco enable an Cisco and we are in beautiful, beautiful, beautiful, beautiful. That's just for doing it again. Try to ping our default. Gateway went on to 1682 dot to and we have communication. Awesome. So router or I'm sorry. Switch to there in the middle branch BB is going to There's all good. Essentially, let's just go and copy Rs is to make sure we close this window out. Let's go and configure this guy all the way over yonder and open him up a little bit And let's go ahead and jump right in enable and we could do clock set. We're gonna do 10 Colon 10 Colin 10 January 1st 2020. Some future stuff, right? Terminal history size will be 20 and convict e host name will be switch. Underscore. Ah, BC Francie and then line con zero password will be Cisco Log in. Logging sank. Ah, by Spela Rate Logging synchronous executive Time out. 00 And that's good for that. Let's go in the line. B T Y zero through 15. Password will be remote. Log in local logging sink and then executive time out. 00 Transport input. Ssh! Exit this. We could do it. Enable secret Cisco We could do a banner or we could do ah cdp run You do l a dp run. You do a banner motd and percent all Ah, Cuomo s staff and and percent. And then we could do what else we need Enable cr user name will be admin privilege will be , you know And then secret will be Cisco and let me see. What else am I forgetting? No, I p domain Look up. Ah, look up. And now we could say I p domain name cisco dot com And what else? We need to set up our, um service password encryption. So let's do that Boom. And we need to set up our arse a keys for arrested state. So crypto key generate r s a 1024. That's good. I p s his age. Version two. Okay, I ps Each time out will be 120 I p authentication. I'm sorry. Ssh! Authentication re tries three. Do copy RS. We could do villain 10. Name admin be land 20 Name Miss Exit. We could do interface range F 01 through one through to switch poor mode access. And then we could do a switch. Poor access. Villain 10. Now we could exit this. We could do interface range F 03 through 24. Right Switch. Poor mode. Access switch. Poor access. Villain 20 And shut those babies down. Exit Do cap er s So do show I p and brief. Let's see what we got. Everything looks good when you set up Interface villain 10 I p address will now be one. I too would succeed that 3.2 with a classy mask to 55550 and again for due diligence. No shut down. We could also say I p default Gateway 19 to 16 Eat that three. That one. And do you copy or s Okay, so let's go ahead and go to our D to be server desktop. And let's go ahead and try to Ah, 23 Who? I mean mistake. Ladies and gentlemen, why is this light Amber? Because let's go. Let's look up here. Look at this. Show I p interface brief It is down. It is manually, administratively. Shut down. I messed up the ranger. So what we could do is go back into config. T interface F 03 switch. Poor access villain 10 because it's already mode access. We don't need to repeat the mode access. We just need to reassign it to the different dealing and no shutdown. Exit this. Do copy RS spanning tree is gonna come back up. I'm just gonna quick fast forward here and make it go quicker. Now, if I go to this server and I try to Ah ah ssh because we know we didn't allow for talent. We're gonna do admin, and then we're gonna say 19 to 168 at 3.2 and it opens. Cisco enable Cisco and we are gold and was going ping our default gateway again. It's just to verify connections and communications and we have communication home. Beautiful, beautiful, beautiful. So and 12 minutes there we kind of went over a little review and we also just flew through to switch configurations again. I know that was quick, but that's the kind of the speed you guys need to get to. So if this is a video, my point is if it was too fast for you. Pas video, Go back. Please do not forget you have this handy dandy workbook. OK, follow along. We are right here. Ah, where is the step? So where it says that's already. That's branch rather one. Where says branch switch one. These are all the configurations we just implemented on all the switches. You know, mind you that the sub nets again do change gateways will change and so forth. So just pay attention to which switch you are indeed on. Alright guys. So in the next lecture we'll go ahead and start getting some routing configured so our networks communicate back and forth together again. That's been more or less of a review. It doesn't really have much to do with administrative configurations on our networks, but at least we'll get the networks up and running. So we could get anti P D. N S http t ftp and DTP We're running on our networks. I'll see you there. 15. BONUS | Routing Introduction: All right, students, welcome back as we continue our journey with understanding Cisco's IOS administrative labs , which is again directly, really, to your Cisco CC and a exam curriculum objectives. Now, this section of the course is going to be a bit of a bonus, Supposed to really the whole overall scheme of the administration side of our course here because right now, although we've been talking about getting the base and administrative configurations on our devices, there's still a lot more. But with the lab we're building and, you know, it's a bit more complex of a lab, so we could actually see a lot of these different technologies working together. We have to understand routing. Now, I understand a lot of you, okay, may not know routing right now because this is more of an introduction to, you know, medium level course for you guys. So I'm going to go ahead and include this section. It's gonna be your bonus section. Okay, so you're really getting a lot of out of this course in this course in this section of the course Rather, we're going to start understanding a little bit of about routing. Now, we're not gonna go into crazy detail. We'll talk about how our packets are routed through our networks. OK, that would be the first thing we're gonna talk about how to have Gateway of last resorts, also known as default routing. Then we'll go ahead and set up different static routes, will actually have our entire network working specifically off the static routes. And then we'll go ahead and briefly talk about some of the different means of routing. And specifically today, we like to use dynamic routing because the feasibility of it the scalability of it, right, But we're not gonna go into too much detail with it. What we will do, though by the time we're done talking about all this, we're going to implement some gateway of last resorts with our default routes, set up some static routes. We'll talk briefly about the dynamic routing, but we will indeed implement rip version two. With that said, we're also gonna talk about passive interfaces. Okay, this is part of that whole concept I talked about with the onion. Right onions have multiple layers. What else has multiple layers? Our security on our network? There's no one means of security, passive interfaces mawr less of a preventative measure. So I don't like using the term security, but it does fall under the whole, um, objective for your c seen a curriculum where we talk about device hardening. And the reason for this is because it's going to prevent other routers from sending hello packets into a routers interface that is directly connected to it. Pretty interesting stuff. Right? Then we're gonna also talk about how we could send that these gateway of last resource utilizing the rip protocol. So it's dynamically sent to all of our outer. So, for example, if I had a router here connecting to our service provider router, right, typically you could just set up a gateway of last resort or a default route going to that router. And then he sends us, You know, maybe we're going over here to Google, right? That schools. Ah, DNS. But what if I have a router up here? And what if I have a router over here? Well, these guys need to have that default route. Well, instead of configuring it mainly on each one, specifically because defaults and static routes are only one direction, we could only implement them on stub, right or edge routers. Well, instead of just having it going this way and then one direction this way and whatever we'll use rip with grips default route configuration Command to advertise it to all of our other routers. So we don't have to worry about it. And then if he says Okay, well, you know, we used the quad zeros. Okay? I don't know where to send this packet, right. Well, if I don't know where send out Ford it to this guy, give him the responsibility. If he doesn't know where to send that, give it to him. He given the responsibility. Well, I don't have this in my routing table, you know, I'm just gonna send it the service provider, and he could send it off to Google or wherever it needs to go. So that is what we're gonna be learning in this section of the course. I hope you guys are eager and ready to learn. Just so you know, most of this is not part of the workbook. There are a few configurations. If you look at, let me go ahead and pull it up here so you guys can visually see it. Right. So if we scroll down here to I believe it's in Step eight. Bumper to bumper. Pom, pom, pom, pom, pom. We really went over a lot of stuff. Oh, by the way, just so you know, when you do set up your configurations on your routers, it is good to set up a description. I noticed I didn't cover that in the lab, but I did put in your workbook the clock rate. Don't worry about we'll go over this when we set up our service provider rounder. Typically you Onley set this up off or your service provider only provides you the clock rate. So as an administrator internally to your organization, you'll never need to worry about it. But it's gonna be aware of the command. That's why included in your workbook. But where do I want to go? We are going to go here to step eight. We're going to start here with step eight. We're gonna talk about the, um, default routes. Okay, Gateway of last resorts. And then we'll go down and start talking about static routes and reversion to So I will see you guys in the next one 16. BONUS | Understanding Core Routing: All right, students, Welcome back. As we continue our journey with Cisco IOS Administrative Labs course here, my name is Keith Gaffar, and this is the bonus section of this course. Now, the first thing I want to do before we dive into static routes and default routes and rip and dynamic routing and all that is to give you a general understanding of what routing is . So here we see a core routing. Okay, Just a complete basic understanding. And, you know, you need to understand what routers do. And as simply as it gets, they just Ford are packets through our network. That's it. Routers are also the only device that separate broadcast remains on an hours. These are also considered what, Layer three devices. Now, what else is considered a layer three device? Well, we do have what we call Layer three switches. Now, this is a little bit beyond the scope of this course, But just know that if we do have a layer three switch, it can indeed also separate broadcast domains. Now, for those of you that are familiar with some security topics and security devices out there , we do have these firewalls simply not fire Wally firewalls, simply firewalls or over glorified routers. Okay, They offer us a lot more services and features that could really help filter our traffic going through our networks. Firewalls also separate broadcast mains because they are also considered a layer three device. Now they can be considered a layer four and later seven, depending on what type of firewall you have in the services and features that come with that particular firewall. It's also very important saying router store the best routes in its routing table and to visually see what those routes are in your router, you use the command show I P route. Now there's a lot of different information that is considered, you know, before it gets stored in the round table. But the four major ones are first of all, the hop count. And this is the distance okay from this router here to go over to this computer, what we have 123 hops. All right Now, the very next thing that's considered is how specific is the route. This is one that a lot of people forget. And when you start diving into more complex routing topics, it could really mess with your mind until you fully have this understanding is why I always teach core routing in this way because you need to know that how specific the specific icis ity of the route is highly considered before storing the routing table. For example, as I say here thinks some that we have a 37 that here and a 30 something here. We also have 30 over here and 30 over here. So essentially from this computer will call him A to reach computer. Be over here. He's got two routes that were equally load balance. He could have a route going this way over and he's got a route going this way over. Okay, And that's because it's taken in some more variables. Default line here would be a t one line at 1544 megabits, right? Our fast Ethernet cables would be 100 megabits per second, etcetera. So there's other variables, but just knowing the basics, Okay, the specifics is city the specific route by the sub net. If we change these two over here to 16 well, 30 is now a lot more specific. And if this does not make sense to you guys need to take my submitting course. Okay? It's highly rated. A lot of people have had great success is the same exact course I actually used to teach. My in class course is obviously I take a longer time, amount of time to go over. But these are videos, so you're able to stop, rewind him and watch him. But I highly recommend taking this course. If you do not understand, submitting its will be huge, huge. You know, value added value for when you take your exam. Because you need to be able to know how to sub net not only for submitting questions, but for the routing protocols as well. The very next thing that it considers before storing the roundtable is the administrative distance. Now, this is comparing routing protocols to other routing protocols. Think about it like this. If we have ah, rip version two, which is what we're going to be talking about. Okay, this is an administrative distance of 120 we that have O S P f, which is an administrative distance of 110. We also have e i g R P, which is an administrative distance of 90 internally 90. Now these are the three major ones you need to know for your exam. They do also talk about B GP, but at the very basic level. For Ccnet, BTP is more or less a CCMP NCC ie topic. So it's comparing the administrative distances, comparing the routing protocol to other routing protocols. Whatever has a lower administrative distance will be more believable than something like rip. Okay, 120. Next. What's considered is the metric okay, Now, for certain protocols such as rip Okay, it is definitely considered by the the hop count and with rip Okay, it's very important to understand that you cannot have a hop count over 15. Otherwise, it turns into what we call an infinity loop in. Our networks don't work. Typically, you don't see rip or rippers and two or rip next generation. They do have what we call rip Next Generation and G, which is specifically made for our I p v six protocols. Okay, And again, routers being layer three are concerned with the I P Protocol. That's why we have I p v four and I p the six addresses. Okay, Rip next generation is specifically concerned with Ivy six. So we're not going over this. You don't need to really concern yourself with 56 for your exams. You might see only maybe at most three or four questions related to maybe five. You know, I am just telling you, if you're having trouble understanding on TV sex, put it off. Make sure you definitely. Ah. What is that? That that is not supposed to happen? Well, that was way to big. Yeah, but really, what you want to know is I p before okay, submitting. If you cannot some that quickly and efficiently, you will have a lot of difficulty on your exam. Not only again for yourself. Many questions, but for routing. Something comes into a huge role within routing. So again, I do have that course for you guys. All right, so with that said, rip is not typically utilised in our network today because it's very limited with that 15 Max Hopp count. You may see it in smaller branch. Localized officers may be, for example, a small little insurance office that, you know, it's a satellite office and they don't have any, um, idea or you know foreseeable future growth. So they're really content. Just make it quick, simple and easy, because again, rip is the easiest routing protocol to implement on an hour. That's why it's the first protocol you learn when you're studying for your CCN exam. It just sets the foundation for learning some or the more difficult ones, such as O S, P F and E I. G R P. Not that they're difficult. Just a lot more comes into play. When he's riding, protocols are implemented there more, Um, I would say enterprise to medium size organization level of protocols. These protocols, on the other hand, are going to use what we call algorithms to determine the metric. All right now these will take into different considerations. We have what we call algorithms, the dual algorithm, the Dykstra algorithm, and there's a lot of different small variables that come into play to determine this metric . But the easiest way to go think about between the administrative distance and the metric is administrative distances again comparing routing protocols to other routing protocols, lower being the better right and then the metric is comparing different route to that specific routing protocol. We are implementing. So if we are implementing Rip Version two and we have an administrative around Syria metric of maybe three based on hot counting, we have another metric of maybe six based on hop count. Well, it's gonna be more believable with this three. It's a shorter route. It's a quicker route, so you could see how it's comparing the metric values here to its own routing protocol. So let's go and take a look briefly at the rest of those, um, administrative distance values. OK, so here we see a lot now to that you need to definitely be aware of, and we'll talk about these. Maura's we've afford is are connected interfaces and static routes and look at the administrative distance values for these. Okay, you need to be aware of these and we'll talk about him or moving forward. But just remember, with administrative distance, we are comparing routing protocol to routing protocol. Lower is better. Keep that in the back of your mind. As we move forward, the next one we need to be aware about is 90. Okay, that is internally. I GRP. Now, you don't need to worry about internal or external because we do have 1 70 which is externally, I jeffy and we'll talk about this more when you start hitting CCMP levels or if you want to take my e i g r p Complete understanding course, I go into more of a higher level understanding of the Eid therapy. It's kind of a mixed between C, C and A and C, C and P study. So those of you at sea seen a or going into CCMP just really have a good head star and full understanding of it. But we don't worry about this for ah Cisco ccn a okay at all just No. Yeah, Drippy is 90 0 SPF okay, Is one time you need to know that one and you will also need to know a little bit about BG p and a little bit about Well ah, lot about rip. Now over here, you can see some of the metric concept here for rip. We are again using that hop count for a SPF were using costs and for ei jumpy were using a mix between band with N delay, which is similar to what SPF uses. It just uses ah bunch of different values to determine this. Okay? And again, there's also the dual and Dykstra algorithm for these two routing protocols to utilize to determine what that metric value is. So we'll, at its basic level, guys, that is core routing. That is just a general, basic understanding of routing what it's doing. And, more importantly, how are routing tables are learning. The routes that it's going to utilize to Ford are packets through our networks. I'll see you guys in the next. 17. BONUS | Default Routing: Alrighty, students. Welcome back, as we continue this bonus section of this course, our Cisco IOS Administration Labs course here again, My name is Keith Gephardt, your instructor, and as a turn, the page you can see we're gonna be talking about default routes. Okay, Now, we're actually gonna start configuring and implementing these on our networks. But first thing I want to do is actually go over some of the basics of default routes. So we have a good understanding of them as well before now, for those of you following us in our workbooks. Okay, this will be, Ah, step a step A in our workbooks. But again, just bear with me here for a minute so we could understand these now it's important. Understand a few things, right? When we configure default routes, we could Onley configure them on what we consider edge or stub routers. Essentially, that means it's going to be the router at the edge or end of our network, if you will write a stub, right. So if you think of about a tree trunk and you have this little stubs sticking off the end, I mean, it's outside of the realm of the whole tree trunk. It's not. And it's not a full branch, right? Because then there'd be other branches. It's just a little stub. It's at the edge of our network. They could be related, you know, set, you know, anonymously, anonymously. Rather, you know, you could use either term anonymously but for our topology. And this is an hour exact apology. But it's very similar. This router here and this right over here could be considered an edge or stub, Browder, because there's no other network coming off of this yet. Yes, I know. We do have that service provider rather sit up there. But we didn't do anything with it. So so far, just this network here. What I haven't brackets is what we're looking at. When we talk about these default routes on ah Regista Browder's, we could Onley configure them to allow for one way fording of our network traffic. What that means is, if I set up a default route in this router, it could only go this way if I set up a default route going this way. Okay, It could only go that way. Cannot go both. Which means essentially, is if I were to take this middle writer and try to set up a default route. Going back to say this is rather a he's be in this. See? Well, I cannot implement a default route going to router, See, because this is, you know, breaking this rule up here. This is now having to way, and it will not work. We cannot have it going to weigh. It only allows for that one way fording of traffic to configure default routes as well. Take a look at here in a second. Like I said, we configure what we call the quad zero. Okay, We're gonna say I p route quad zero, and then we could either use the interface number. So, for example, quad zeros, maybe f a zero slash zero, or we could use the i p. Address. Okay, so I'm just right. I p address here off that interface. Now, Quad Zeros represents an unknown destination address, and it means it's going to send, you know, to whatever interface or address of the interface by default. Okay, It's gonna give the responsibility to another router. Well, okay. What's that mean? I understand the terminology and definitions, Keith, but what does that really overall mean? Well, it means if I have this nice little half drawn packet over here, and it goes into this router from this computer down here, right? So I'm sending my pack it up this way into this router, and this router does not have the destination I p address inside of this packet. And this goes back to date encapsulation. It does not know how to route this packet based on its source or destination I p information, instead of just dropping it, which is the default, Norman. It doesn't already send that back. It's just going to drop its not gonna do anything with it. So when we implement this quad zero Okay, we're basically telling it to send it just to whatever interface or i p address we are telling it to go to. So in this situation, we tell it to go to this guy on router B, which means don't drop the packet, but give this responsibility to router, be once rather be obtains, receives this packet. It's then gonna look in its routing table, see if it knows what to do with it. If it doesn't, okay, it'll just drop it. Unless again it has a default route to tell it where to send it to give again that responsibility of that packet to another router. Here's the brief definition. Okay. Stop indicates that there is only one way to reach out to all of the networks. Okay, We can create a default route, which is used by the I P two Ford. Any packet with a destination that is not found in the routing table. Just basically what I just, you know, summarized for you guys. When we configure these default routes on our routers, you'll see them listed as gateways of last resort. So let's go ahead and clear the screen here and open up your labs if you have not done so yet. And by the way again, we are sitting up here at step eight. Very simple configurations. But I want you guys to see this. So opening up our packet, trace their lab here. Let's go ahead and start. Ah, our first rider here Branch A rod. I'm just gonna click it. I'm going to expand it and ah, where to go? There we go click the cli, and if I just go in here remember password. Cisco enable Cisco. And if I do a show I p route, this is the verification command. We used to see what our routing table on that router has learned. The route it has learned, right? Head enter, and here we could see it on. Lee knows of the connected networks or some that's attached okay, Physically plugged into this router, you could also see here we have something called Gateway of Last Resort, but it says it is not set, so you'll notice soon as we configure a Quad zero default route, which again just tells the packet to get or tells the router to give another router the responsibility of knowing where to send that packet. It's not just going to drop that packet, so to configure that's also got to do is go into global configuration. But by saying config t. And we're just going to say I p Route 00000000 And for this situation, we could just use 030 the interface. I'm just gonna say serial 030 I'm sorry we have to put the slash 03 slash zero and hit. Enter If I now do show I P route and hit Enter. You can see we now. Indeed. Okay. Have a gateway of last resort configured. So if I were to take this computer and Ping Branch be will the packet go there? Well, let's go ahead and take a look. Let me go ahead and grab this computer. I'm gonna click desktop. I'm gonna go to command prompt. And let's just ping the i p address for this router, which is 10 00 dot Ah two. Okay, so now if I hit enter. Ah, well, we just talked about how we said that if the packet did not know where to go, it's not going to drop it. It's just gonna ford it to the next round and give that router its responsibility. So why are we getting a request time out here? Well, I'm gonna show you in a minute, but first I want to compare and contrast a couple things. Let me open up this router here. I'm gonna click, Boom! I'm gonna move him over and I'm gonna click Boom! Let me open him up Let me click cli And if I click enter Okay, We need to go. Cisco enable Cisco and show I P route. Look at our writing table here, okay? It's not aware of any other network with ones it's directly connected to. It does not know of any route to go back to Branch A. Remember, let me grab my pen here so I could draw this out. Okay, so so far, we took this packet right here. We send it to this router with the gateway of last resort here. It's not gonna drop. It's just going to send the packet to this router and give him responsibility. Since his routing table here does not know how to ford this packet back, remember rodders only four packets if they know how to do it based on the route it needs to take. So it's getting here, Okay. And we'll prove this in a second. This packet is indeed coming into this router on this interface, but the router is now looking at that and saying, Well, I don't have anything in my routing table. I don't know where to send it. So now he's just gonna take this packet right and drop it. So essentially we would have to configure another gateway of last resort on this router pointed back to brand Jay for that toe work. But we're not gonna go ahead and do that because, you know, that's gonna take a little bit too long, and we're gonna set something else up on this, rather in the next lecture. But what I want to do is click the stopwatch here and we're gonna pack it or capture this packet going through the network so you could see it does indeed reach here. Because remember, a paying is an echo request Echo reply. So the request is going to go here. It's gonna go here the ICMP message, but it's gonna get dropped. It's not gonna know how to reply that back. Let's go and take a look at that. I'm just gonna go ahead and open up this computer. Hit the up arrow again. Hit, enter and you could see a generated our packet right there. I'm just gonna speed this up so we don't waste too much time. And if it goes, there we go. And auto capture our pack. It goes through, the switch goes to the router, goes through the router to this router. Now watch okay, It's going to just get dropped. It doesn't know where to send it. It's sending out spanning tree. It just doesn't know what to do. It doesn't. That packet no longer knows how to get back to our router. Pretty crazy stuff, guys. Right, So there you visually got to see how that packet is again going to the router. And I just want to emphasize this because I've had students in the past get a little confused on I know it's not difficult for those of you that you understand bear with me. We're sending a packet here, Okay? Because we implemented those quad zeros. This packets going into this router he's looking in his routing table are key. For sure, he's looking at all these routes and saying, Well, I don't know where to send this, but I do have a gateway of last resort, so I'll just send it to whatever interface, which was 030 So we'll give the responsibility to the router that that interface belongs on . This packet does not get dropped. It gets sent over this router. He looks in his routing table and says, Well, I don't know what to do with this? I don't have a gateway of last resort set, so I'm just gonna take this packet and ultimately do what with it. I'm just going to drop it. That's as easy as it gets, ladies and gentlemen. So let's go ahead and clear the screen. Here, grab my mouth. I'm gonna go back to really live environment here, and I want to set up a default route on this router. Now, we're not gonna play with Branch B and get this communicating just yet because we're going to take a look at static routing in the next lecture. But we do indeed want to set up a default route on branches. So let's go ahead and open up the terminal here. When is a Cisco enable Cisco? And if I do a show I p route again? This you should be doing these with me. So you get familiar with the syntax of the commands and you could see you Nothing is good. It just knows about its locally connected networks to its interfaces. Here. We're gonna say config tea, and then we're gonna go and say I p Route quad zero, OK? 1234 and then cereal 031 And that's gonna be the interface to this router here. Hit. Enter. Now, if I do show I p around to look at that routing table, you can see we now do have a gateway of last resource that we have that static route. By the way, something I'm briefly neglected to mention was this s if you look up the code up here stands for what? Ah, the it's up here somewhere. U E o rare s stand for static, right? So the static is a static route, and when we configure them as soon as we say I p route this is how we're gonna configure static routes in the next lecture. So that's why it says s for static. But you could see the ass trick means it's the candidate for default route, so it's gonna be the default route. In a sense, the default route is also seen honestly used as known as the gateway of last resort. The reason why I wanted to point this out is because later, when we start implementing our dynamic routing protocol, rip version two and we use that command toe advertise thes default routes to all the routers. Dynamically, this is going to change. Tour are And you need to be able to visually see that taking place, especially for your ccn exam. So let's go ahead and take this computer here, OK? And I'm gonna capture I want to make sure that packets get into that branch be router. So me, I'm sorry. We got open up the server. We never address that PC desktop command prompt. And we could just say paying. And he's going to be 10. That 0.5 I believe if I'm looking about 65 Just five. I'm looking at that, right? Yes. So if I hit Ping here, generates are packed. I'm gonna keep this on top just so we could see what's happening out of capture. So that pack it goes into the router goes to Branch B, which it did not do. Oh, would it do it? Had to send out AARP resolution first. Now it's gonna go through. There we go. That's what I was expecting to see. But they're I mean, continue it. Notice that it's not going through any more. We have some, uh, L o d p for neighbouring devices going on, but we're not getting any replies. And if I actually reset the simulation, go back to live time. You see, it is indeed timing out. But the important thing to notice is how are packet is reaching that router. So until we tell this branch be router, what to do with that packet? There is just gonna drop him all day long. OK? Remember, routers four packets based on what is learned or provided to them based on their routing tables. So make sure you go ahead and let's go ahead and go back into these. That's cop or here because they do copy rs. Make sure you save this and we're going to save router. See over here. Do copy Rs. And once again, just click the save icon on your system packet tracer. And we're good. I will see you guys in the next lecture. 18. BONUS | Static Routing: All right, students, welcome back as we continue our journey with Cisco's IOS administrative labs here again, my name is Keith Gephardt, your instructor, and in this section of the course, we're talking about that bonus section which is routing in this lecture. Specifically, it looks like we're gonna be talking about some static routes. Okay, Now, static routes are very similar to the last lecture. When we learn a default routes, however, they're slightly different when we configure the static routes Essentially. Okay, they are manually being configured to tell routers where 24 packets think of your Ah, I p address ing when you set your, uh, computers or any device to run d h e p, it's dynamically learning them. Well, when we statically configure those addresses, we mainly have to put those in cause of that situation. We must configure each router to know of each network connected to every router. So we would have to configure this router to know of all these networks would have to configure this rather know of all these networks. So it would be this network here, this this right, and then this guy, knowing that he could reach over here, etcetera, etcetera. We have to go to every router and do that. So it's not very scalable. And typically you'd only want to do this for small environments because it's not good for large environments. Because again, you wouldn't wanna have anything. Really. I would probably suggest anything over 15 0 that's not a legitimate number, Okay, But typically you don't want t mean. It's pointless to start getting into that many routers within a single network and needing to set static routes when because the implement very good and very quick response of dynamic routing protocols that just do this work for us, it's going to use consistent route determination, meaning Since it is static, it doesn't change. Okay, Without dynamic routing protocols, things can happen. You know, any network is prone to go down or have a small outage of some sort, and sometimes it could be due to the routing protocol of, you know, for whatever reason, what were static routes Since we are manually configure him, they don't change. If the link goes down, routing is disrupted. All right. Unless we deliberately have multiple links. Maybe I have a router here in a router. Here with no backup links and one link goes out. It's got away over to this router, right? Well, if it's a single connection, it's going to go down in. The routing is disrupted as far as with dynamic routing. There's other alternatives when we configure static routes. Okay, it looks almost identical to when we were configuring our default route in the last lecture . Except, you could see now were actually telling it the router to be aware of which networks it needs to be aware of. Right, We have to take that rounding table and add all these different routes inside of it, because the routing table is what the router essentially uses to determine where to Ford. All of these different packets, too. Okay, when we configure these, we're gonna use that command again. I p route used the address or destination of where we're going, the interface or address again. The network I D. Is what we're trying to communicate to the sun. That mask will obviously be for that network and then the interface or address, which we need to access to reach that network. Now we also have something called a floating static route and Typically, this is what we use, and I'll explain this in a second. When we configure a static route that is considered a floating, static route, All they're doing is configuring a static route. But at the end, we're setting this value. This value is our administrative distance values. Remember, I said, it's very important. Understand it? Configured interface or a static interface would be a administrative distance of zero or one. Well, this is why? Because if we are running a dynamic OK, protocol, maybe something like Rip, for example, that is, Ah, a reversion to 120. All right, well, if we have a static route and its administrative distances zero or a one, remember administrative distances. The lower the administrative distance number, the better around it is, the more believable of around it is. It's the route that will be storing the routing table and chosen to Ford routes out of so rip, even though it would be, you know, configured on the router. It's not gonna be put into the routing table because of its higher administrative distance . So this is a bit of a bad example. I should have used a different routing protocol. So say we in fact, Yeah, let's just say we have the i g R p within an administrative distance number of 90. Okay, so if we implemented a floating a static route and told it to have the administrative distance of 1 20 it's greater than the administrative distance of the Eid therapy, meaning it will come second. The reason why we do this and typically we do this for, you know, extremely important links up to specific applications. So we have a bit of a backup, you know, scenario here because if e I GRP went out for whatever reason, so this no longer exists Well, it's still gonna notice, you know, stayed on the router. We'll have a static route. OK, so it will choose this now and use this to Ford the package through the network. But we have to tell it to have a higher administrative distance over the routing or the dynamic routing protocol were implementing rather that way. This has always chosen first and again. It's dynamic, so it's a lot. It's a lot more scalable. We could use it a lot larger and environments right. So even if we were implementing reversion to honor networks, which in this course we are for our apology, right. We would have to set this something over 1 20 Could be 11 31 40. Whatever. I just out of habit, you know, not dollar sign. I typically out of habit, right? The administrative distance as floating static route anything over 1 50 Because as an internal routing protocol. Okay, remember, we do have external and internal routing protocols as an internal rounding protocol. Very rarely will you have anything over 1 50 In fact, most like, I'd say, 90.9% of the time. You will not have anything over 1 50 So it's just kind of like a decent number to use, at least to start off with. Now, remember, every network environment is a bit different. So, you know, you take that into consideration. No two networks are ever configured the same. You gotta be aware of these configurations on your network. You got to do some show commands and become familiar with your networks before you start going at and figuring them. So let's go ahead and open up our labs, guys. Okay. So everything is just like we left off within the last lecture, and now we're gonna go ahead and move to step nine. All right. You could see we're gonna configure Router to which is our middle router branch be router to have I p routes and that's it. It's gonna be that simple. Remembering when he got my pen real quick so I could show you guys is just as a review reminder. Right? We have our default routes configured on our stub or rather, edge routers. So if this rotter does not know where before that packet, it's getting sent to this router, he's getting the responsibility. This guy's also sending it to this router, giving him the responsibility. So now when we configure our d r. I'm sorry, our static routes, we're going to figure a static route to go to this guy and go to this guy. But since they're static routes not get way of last resorts, we could go two ways. We could now have that two way communication opposed to with default routes. It was Onley one way. Okay, so think about thinking about that. If we did have that packet coming in from this computer into this router, he doesn't know where to send it. Say we're sending a I si M p packet, right? It's setting a request and then he's this router. When it receives its going to send a reply, he will be able to reply back to this branch a router because we now put it into his routing table, right, this router, even though, you know we didn't configure anything else in its rotting cable. Since this network is directly connected to this interface, you know the router smart enough to know tha go ahead for that packet back through here. Then the switch will obviously check. It's can table, which is content address, memory table. Or you could also think of that as it's a Mac address table. OK, they're used anonymously to in the same thing. We do not have our tables on the switches, By the way, our table's only exist on, uh, routers and computers themselves. So with that said, just as a little reminder and you know, some helpful information there lets go to a router, be or branch be router here. I'm just going to expand this a bit. Looks like I'm already in, so if you guys, just open it up. You'll be here. Cisco is the password. Just go by type of right and able Cisco again. And if we show I p route Look at this. All we have is connected route. So let's go into global configuration mode by saying configure terminal and what do we want to do? Well, just like before we configured our i p default route, we say I p route. That is the startup. Ah, syntax of the command to initiate any static route of any sores I briefly mentioned in the last lecture. So now we want to tell it to go to 19 to 1 state, one that zero, which is this network. So we're saying if to reach this network 19 to 168 that one that zero Remember, we're using the network I d for this sub net right to reach this network. Okay, where do we need to go? Well, we need to go through the 10 001 interface. Let me just pull my pent up. I'll draw that out for all of you. In fact, let me type out the command. So to reach this network with its sub net because it needs to know what kind of a sudden that or network it resides. And if its sum that it needs to be aware of that and to use the i p interface address of 10 years or one. So what? This is saying? Just drop my pen. They're with me. All right? Got it. Got it. All right, So now if I got my pen, Okay, let's use, um, tank here. When this branch be router receives a packet or needs a four to pack it over here, it's going to say to reach this network. Okay, so I'm coming over here. This is step one. I need to reach this network with this sub net mask. Okay, so it knows of this prefix sub net. Because if this is some that it right, it needs to be aware of that. It needs, remember some that's or different networks. So it he said we would have to implement a new static ralph for every son that if we were to do that. So if it's trying to reach this and it knows it's some that what interface isn't need to reach to be able to access this well. 10 00 at one or 030 we could use the interface. But typically, when you're configuring static routes, we want to be a little bit more specific. OK, so I'm going to be more specific by saying 10 years or one right here, which is the I P address going back into Branch A's router hit. Enter now. Let's go ahead and do show I p a route. OK, look what happened. All right, here is our static route configured This is everything going on. The first value here is our administrative distance. The second value here is the metric all right now, since it is just, you know, it's mainly configured this metric is going to be zero. But since this is an address configured going into branches router Okay, the administrative distance is one. So the problem with that is is later I'm gonna make a note here later when we implement rip version two, it's going toe. Have the administrative distance off 120. Remember, the lower the administrative distances, the more believable of a route is so essentially this will stay there and the dynamically learned routes from rip will never be known. So to change that, I'm just gonna hit the up arrow. Until I see this command. I'm just gonna simply type in 1 50 All right? I know our workbooks. A 1 20 where? I didn't even put them in the workbook just yet. I think I save that for later on. Ah, yeah, I did. So, you know, let's just leave it here so I could put it into more perspective later. Like I said, I created that workbook on the fly and I'm going through this on the fly. So for now, let's just leave it like this that we could compare and contrast that when we put rip up because you'll visually see it and it'll just help you guys out that much better. So that's good. Now I could just hit the up arrow, move the you know my cursor back to reach. What what network do we need to reach? Well, now we need to reach the 19 to 1683.0 network. So I could just backspace three that zero and control E to go back to the end this time. I need to go through the 10.0 dot 0.6 interface boom. Do copy R s. Do you think I am done? Will I be able to communicate back and forth between these guys? Well, let's go. Let's go ahead and find out. So if I go and now, Ping, let's say 19 to 168 dot to that three. I need a type in the number 1 91 Succeed that to that three. Which is the DNS servers I p. Address that we statically configured, hit enter. Okay, one or two might drop out because of the AARP resolution protocol. All right, but we should get communication as you see there. Pretty cool guys. Right now, Let's go ahead and check the other side of that work. Always keeping in mind. It's very good habit to test your network as you configure it, because if you go and just establish or implement a whole, you know, monstrosity amounts of different configurations on your network and you you'd make it live . I mean, this is another reason why we always bench test and sandbox environments first before we put them live. But if you're troubleshooting environment or add adding onto environment, and you're doing all these configurations all of a sudden, you don't have something working. Well, where is your point of failure? Right, Where's your root cause analysis happening from? So as you configure and as you test different features and things that you're configuring, you know, then obviously later you will show you how to save snapshots of the configurations on a T FTP server backing everything up as you move forward. That's excellent practice. Because now, if you make another configuration is not working, you could kind of isolate what you recently did to make that make it not work and start trouble shooting from that point on. So you're not wasting time going all way back from beginning seeing what happened? Just a little helpful real world. Ah, tip There. Right. So 19 to 1 68 to 4. Okay, now again to doubt. For it might have to send out another AARP requests because that's a different host on that side. Right? So we're picking that, and it should reply Beautiful. So we have full communication as it sits through this network, but in the next couple of lectures were actually gonna talk about how to implement dynamic routing Before we do that, let's just review, Okay? This is the last couple minutes here I want to use as a review for what we've already learned, Remember? Okay, when we set up our default route with quad zeros, if we have this packet and we're sending it through this router, this router in its routing table does not know where any or nowhere to four that packet. Okay, it's gonna use the default route or the gateway of last resort and say, You know what? I don't want to just drop this packet, but I don't know where to send it. So I will afford the responsibility over to this guy. That's what we pointed it to. Same thing with this guy. He's sending the responsibility over this guy utilizing that default route. If it is not stored in his routing table. This router we'd never set any default routes because remember, it is that one way communication. So we we set what? Those static routes were able to set a static route with the chipping color going to this network through this interface right here we set a static route going to this network going through this interface here. So when the packet will be ping from this computer or the server, this packet essentially OK is going through this rally saying, Well, I don't know where to send it, but I will send it to him. He's getting in to reply back. You're gonna say, Oh, well, I have a static route that says to send it to this guy. And since this is directly connected, that's what those that code of C was in the routing table. Oh, I know it's directly connected. This network, I d. Is part of this interface, so I'll send it in. And then when the switch gets that he knows about the Mac address and bottom better boom. That's also why we have the AARP resolution on our local area networks. Pretty cool stuff, guys. You guys are really gaining a lot of the scores. I didn't realize how much of ah how much topics is really gonna cover. But you know what? I'm an instructor. I'm here to help you guys study and learn. So I hope you're really benefiting from this again. I mentioned that static floating route. Just pretend I didn't even talk about it because it will make more sense when we implement rip and you see it in action. Okay, Sometimes things really just start making more sense when you visually can see it take place. So that's what I want to do. Alright, guys. So that's our static routes. I will see you in the next one. 19. BONUS | Dynamic Routing: All right, guys, welcome back. And we are just flying right through this bonus section. Hopefully, you guys are learning a lot of information. This is some good stuff. Juicy stuff. We're still sitting here in the bonus section four core routing. And here we see, we landed right at dynamic routing. So essentially dynamic routing allows us to tell routers which networks to be aware of. And then it will tell all the other routers the information they need to automatically or dynamically communicate to them. Which means we are now dynamically or automatically advertising different routes to all of our neighboring routers, not statically configuring each and every single router to know about the networks that needs to be aware of. You know how these routers four packets utilizing their routing tables. You could think of it almost like, you know, a good comparison would be, ah, your computers or your servers or whatever right? You have static I p addresses or dynamic or with D h e p dynamic I p. Address ing. Same principle applies instead of, you know, statically configuring that I p address is not gonna learn automatically. So routers automatically know about the numbers they are connected to because obviously they're smart enough to know. OK, well, these are connected right in. I'm gonna be aware of those. Cool. Well, now we need to tell the router which routing protocol we want to implement. So let's just say, for example, since we are using rip version two, we're gonna use reversion to weaken, figure that to work on this router. But then we also need to tell the router with its routing protocol being rep version two, which networks to be aware of. So if I have a network of a over here and maybe a network of be over here, we need to tell this router to also be aware of these two networks. This is just an example. Okay, I know this isn't our real topology. Once it knows this information, the router is going to advertise that information to all the other routers in the know he's gonna advertise it to him if he's running, rip and he's also gonna advertise it to him. If he is running rip routers now dynamically learn each other's information about the other router. So this routers, networks say this is, you know, network sea or whatever this rotter is gonna learn about that and he's gonna advertise it to him. So now they could Ford in, you know, transmit and receive packets together be based on what is, you know, inputted into the round table, dynamically utilizing the rip Version two routing protocol. Now it's important. Understand that we have two different types of rounding protocols. Okay, we have the interior Gateway protocol and exterior Gateway Protocol. Pretty much straightforward, but we'll review him real quick. Briefly, Okay. And the interior gateway protocol is essentially the internal protocol you're using within your organization. They have to utilize the same autonomous system number. The exterior Gateway protocol is external to organization. It's going to use a different autonomous system number from your internal autonomous system number using that protocol. Some more comparisons over here are good idea, you know should write these down, but more specifically again, all routers that must use the same routing protocol or autonomous system number rather within the same organization on that protocol. And these are some of the common ah IGP protocols we have Rip, obviously is like I said, is a true or false statement. Whether you see it or not out there because it's not scalable. It's very small. I g p is pretty much all the obsolete. It's been replaced with Cisco's baby ei GRP always pf is extremely common and we'll talk about why that is here soon. And I s I s okay now. With I size, you need to be aware of it. It does still exist, but typically you're not going to see it too often. Now there are some scenarios. Like I said, it still doesn't exist. In fact, if you girl through different job postings on monster or indeed or what have you A lot of companies, you know, we're not a lot, but every now and then you across a job posting this says, Ah, they want some experience with I s I s It is still out there now with the GP. Okay, there are exterior gary protocols, okay, And again, they need to utilize the different autonomous system number from our internal network border Gateway protocols are extensively used as e g p's okay. Meaning what is any GP routing protocol? Well, let's think of it this way. Let's write it out as b g p border Gateway Protocol. Okay, Border Gateway Protocol. What's that? Tell you, B gp. It's one of the new protocols that are assigned to the new system of Ccnet curriculum. All right, if I have a router over here connecting over here to my service provider, what is my service provider? Well, the service provider is the cloud A k a. The Internet. OK, essentially a my pen. Essentially, our internet is nothing but a whole bunch of different service providers connected together . Okay, they connect us. You know, this is a little messy, but you get the idea is just a whole bunch. It could be 1000 different service fighters all over the country all over the world connecting to each other to form the Internet. And then maybe Cisco Ah, that that's bad. Cisco dot com is over here. That's their server, right? We could access that through the internet. So the BDP protocol for your Cisco Studies is our Internet. We use the BDP protocol for our internet 98% of the time. There are situations where some service fighters may want a, you know, implement externally, I g r p or always PF or I s I s but very rarely. You see that anymore. It's typically be GP, so just know that especially for you're see CNN or any other Cisco studies for this actually happened since we're using a different town, um, system number over here and a different autonomous system number over here, we actually would have to implement a border here, okay. And maybe another router. And this would actually have to incorporate something called redistribution. Now, this is way beyond the scope of your ah ccn a. So don't mind it right now. But just so you know, if you're reading this and and you're making sense of these autonomous system numbers, you know, if they have to be the same to route, why how are we route in between two different ones? Because we're implementing redistribution router redistribution in our networks along with the types of protocols we have. We also have three different classifications of rounding protocols. Two are the common ones. We have a link. Stay in distance. Vector will cover three in a minute. Link state. Okay, it's gray. It's been around for a long time. It's been multi vendor. So, you know, it's grown in a lot of networks. You'll see this very, very often out in the real world. Always PF being the number one that stands out here. Okay, The problem with feeling state protocols, though, is it's gonna maintain a map of the entire network. Known as you know, It's a firsthand option for this protocol. With that entire map of the network, it's storing all this information in its routing table. OK, it's also got a neighbouring table and a couple others but is forming all this overhead. Remember, the more storage on this device to more resource is using its a lot of overhead. The good thing about, like state protocols, always it doesn't require a loop prevention system. Now, I do have this little ass trick here, but again, this is related to CCMP as I use the slide for another core. So if you want to know about it, okay, you can you know, you might need implement loop prevention mechanisms if you're using other Devi protocols. But again, it's CCMP topic. Our next classification of around protocol is a distance vector protocol. Couple of ones that stand out here are Rippers and two and B GP. Okay, now for this course for obviously not concerned with Version one. We are concerned with reversion to We're not even concerned with BP, but I wanted to put it there. So you're aware of it. It's only gonna learn what the neighboring devices tell it, meaning it's gonna have less overhead. It's gonna operate at a higher performance, and it also has a very, very quick convergence rate, meaning if something goes down to the time something comes back up. However, it does require a loop prevention mechanism, whether it's a split horizon mechanism or about poisoning mechanism. Now, this third McKay advanced distance Vector is R E i g R p. This is Cisco's baby. Up until I believe it was 2000 and 13. E i g r P used to be vendor proprietary to Cisco Onley Cisco devices were capable of utilizing e J R. P is a rounding protocol since now it has become multi vendor. It's more open source, if you will. It's coming up the ranks as far as the most utilized internal rounding critical we have, I would say Yeah, GRP is the number two most utilized internal rounding protocol on our networks today and it's, you know, it's slowly climbing up because it is such a beautiful and great protocol to implement. Oh, SPF, on the other hand, still remains number one because it's been around for years and years, and it's always been multi vendor. Meaning it did not matter if you were running Cisco or Juniper or what have you. It would work. The reason why that was popular is because, Okay, so say you have an organization here. This is a headquarters for some building, and we have multiple routers within this organization. Okay, Maybe they're all running E i g r p on Cisco devices, but, you know, companies grow. We have a small branch office over here, and now we have a few routers. But our budget was a lot smaller than the initial budget we had, so they didn't go with Cisco. They want with maybe, and I mean junipers pretty much, you know, good comparison to Cisco, but maybe at a no Netgear something cheap from Best Buy now, they're not bad, but, you know, just roll with the example here Something other than Cisco, right? Well, now they can't utilize Yeah, GRP. So they're gonna have to use something different and that would be oh, SPF. So it's very common CEO SPF. But again, Yeah, Jeffy is climbing up the ranks because it's beautiful. It's a great it's an outstanding protocol. It's quick. Okay? In fact, the convergence rate for, uh yeah GRP per Cisco's documentations is its non measurable. Okay, it's so quick, it's even pointless for them. They're fully tryto measure it, you know, obviously they do, but they don't even listed because it's that quick. Just like with rip version two, it is still pretty simple to configure. There's some other things that fall into play on how this protocol works that you need to be aware of. That's why I created an entirely separate E i g r p and O S P. F. Course. So you guys should take a look at those. If you want to know more about these routing protocols, I go into extreme detail with them, so you fully understand them. But, um, overall, it is pretty simple to configure Now this right here is probably the biggest benefit of all for this protocol allows unequal load balancing. It is the Onley routing protocol that we could implement okay, that allows for unequal load balancing. Very important, remember? And here's a couple more, you know, things that you could also write down and jot down. You should I should be writing notes of these. If you guys already familiar with some dynamic routing terms, you know, that's fine, but should be taken notes. So that is the core, you know, basics of dynamic routing. We covered everything that you need to be aware of. Obviously we're not. This isn't a routing focused core, so I don't want to spend too much time on it. But since we did included as a bonus of the section, I did want to go over enough detail for some of these concepts and, you know, fundamentals to make sense. So this is setting a good foundation for as well when we move forward and the next next, we will go over, rip and discuss that a little bit more in detail and then eventually will actually start configuring rip on our lab apologies. I will see you guys there 20. BONUS | Configuring RIPv2: Alrighty, students. Welcome. Welcome back. As we continue this bonus section of routing within our Cisco IOS Administrative Labs course again, I am Keith Gephardt. You're instructor. We're looking at the page here. We can see we fall right here at Rip. Okay, now it's important. Understand? Um, one thing is that some of these slides I used from a ah, in class environment Ah, boot camp that I taught not long ago. So some of this is an overkill for this course, but it's good for review. And for you guys know, essentially, we're only gonna go over a few things here, rip version one okay. And rivers into the same. So everything in these bullet points, these are the same for this protocol. Hello and upbeat timers. Or hold down to keep alive timers. Hello. Times air every 30 seconds by default. Keep alive or hold down. Okay. 180 seconds by default. Maxim hot cars he's is explained earlier is only 15. I think over 15 is unreachable, which creates that infinity loop. Administrative distances. We talk about someone 20 metric can be a hot count between one and 15. If you see a zero, it's because of static implemented roads. The difference is OK, this is the major thing that you need to be aware of. Besides Thea Hello and dead timers. Okay, is version one version to the differences is rivers and one Why we don't use that anymore is one. It's class full. So it's limited already and it uses broadcast which is not good, because broadcasts are what one. So one to all Meaning anything connected to that rotter will see these broadcasts advertisements. It will use our typical broadcast layer three address rip version two, However, and this is why we use this is classless gives us a little bit more flexibility. Not much, but it's also a little bit more secure utilizing these multicast address of 2 to 4 years or nine. Pretty cool guys. Right. So let me clear screen here. One more thing to bring to your attention is quick is ah couple features we could dio now reversion to for a default route. OK, we get advertised our default routes using the reversion to protocol. So remember we have a default route going this way, We'll we'll remove that and then we'll set a default route to our service provider. When we get to this, I just want to bring your attention now and then he'll advertise it to this router and then to this rounder. Pretty cool, passive interface. Okay, So the easiest way to think about this is if this is our router, we're kind of Well, let's say we have interface. Here. Here, here, here, here, here, here. But I only have a router here connecting to this. Rather have a router here connecting this router. Anybody essentially could plug into this router, okay? And if the running reversion to, they could start forming neighbor relationships with it where they're going to start obtaining the routing tables. And that's not good. You could really do some harm to a network if a devices unauthorized can connect to a router like that. Right. So passive interface kind of creates a, you know, an invisible border shield. This is another Ah, what I call a preventative measures part of the onion layers of security we could implement . Putting them into a passive state will not send hellos out those interfaces again, preventing them from forming neighbors. All right, so what we have to do is to say default, which is the best practice to make him all passive. And then we go back and say, Well, we don't want a passive interface on, say, this interface, which would be on the cover Different pen clear, which maybe would be this interface. We don't want past interface on and this center face because we want these routers to know around. And Kate wasn't We want to know they're rounding tables, but the rest of the device coming in this direction for any of these other interfaces will be secure. So just something to be aware of now you're also going to see a configuration I didn't write down here is called no auto summary. Okay, now this is again. This is not a rounding course, but you'll see this command. I'm not gonna spend any time go really going over it. Just know that we typically want to use no out of summary unless a specific application calls for it. But to utilize this, you have to have a very good network hierarchical design as faras address ing and ah, layout was concerned. Really? So that's ah, that's a topic for a completely new course. Take my ei GOP roasty. Of course, we want to learn more about it, and I'll teach how to actually manually summarize. But for this course, we're just trying to get our networks up and running. So with that said, Let's go ahead and open up our handy dandy labs. We're gonna go ahead and just open up Branch a rather one going to get into it. Okay, Cisco is our password. Enable Cisco here. We could just go ahead and say config t now to implement any routing protocol on a Cisco router. We simply start off by saying router. And if I had the question mark here you see four. Remember? I said Cisco Package Racer is a slimmed down version of riel Cisco IOS. So on riel equipment or real Cisco Iowa's images, you would see a list quite a bit longer than this, but these are the ones simple. You need to be aware for your CC May studies, but we're talking about rip boom right now as a sit rip is configured on this router, but it's not gonna do anything because we didn't tell it what networks to advertise for. But before do we do that we need to tell Rip which version we want to use. We're gonna say version two. I'm gonna say no. A lot of summer. You typically want to implement that before you implement any other configurations because it'll actually take down your ah routing table and bring it back up your ah, relationships. Rather, now rip really doesn't have any relationship table. But it knows about other routers that have ripping able through its hello messages. So it's just good practice to implement no out of summary right there in the gecko in the beginning saved you some trouble, especially if it's already in a live environment. So the next thing we want to implement is passive interface. Ah, if I spell it right, passive interface default, which turns all interfaces to a passive state. Now I need to go back and tell interface 0030 not to be passed because I do want to communicating to my neighbor router there. So what we'll do is simply say, no passive interface cereal 030 boom. And we also need to advertise the networks. We could say 10 000 and we could also say network 19 to 168.10 k The network I DS. And guess what, ladies and gentlemen, rip is configured to copy R S C nice and easy. Let's go ahead and move over to Branch router. Be okay. And again, I'm in global configuration mode right now, So go ahead and get there and we're just gonna say again, rotter rip version two And we're also going to say no auto summary passive interface default. We're gonna say no passive interface. Now we have to say, I got a hyphen. It no passive interface cereal 030 And then we're also going to say no passive interface. Ah, cereal 03 one, Because again, he's got to connections to two different routers. So he needs to communicate to both of those. Also notice. I'm not turning passive interface off for the local area networks because we're not putting a router here. We don't need that to be in a novel passive state. We want that to be passive. Now we just need to tell it Wittenauer. So here we have to say, Network, we have three networks. 10 0 the 00 Now I do not need to tell it both of these because it's class classless ago. It's saying, just recognize this and it's gonna default the to class A again. This is not around. In course. I don't want to spend too much time explaining the whole principle behind this. Just know this is by default. This first octet falls in a class A range. So if we, for example, I'll just give you a small example If I said 10.10 00 and I also said network Ah, 172 that 16 4.0 and I go ahead and do show I p um, A stew show. I just do show, run. I just want to show you guys this. You don't need to follow this that way. It makes sense. Now. You could see how. Okay, both of those just kind of defaulted to a Class A even though I implemented 10 about 10 and then my one son to 16 that four defaulted to a Class B address because these fall into the Class B I p address range. Just be aware of that. So if you did follow along to remove those, I could say no network 17 to 16.0 dot zero, and it will remove that. We could do show Ron to prove it. And to set the space bar a few times and scroll up. You could see here we only have them. One network. But we also want to include the network of what? Our local area. That we're connected here, which is 19 to 168 That 20 hit. Enter and exit this. We are good. Do copy R s. Now we know we have communication. Okay, so let's go ahead and just briefly, you know, let's do this. Ah, Well, wait for the next. Um let me think. I'm sorry, guys. I'm just trying to think about something here. We'll take care of that after we configure this third daughter. Okay, so let's go Toe branch. See? And again, I'm already in global configuration of it. So we're going to state route er rip version to know, auto summary passive interface default and no passive interface. Now, this time we only need it on that one. Serial 031 interface and network will be 10 000 and then network again will be wanting to 16830 and we're go. We have ripped configure Do copy rs. So what I wanted to show you originally is re still have communication between these networks. In fact, let's just take the NTP server. Doesn't really matter. I'm gonna go ahead and paying 19 to 168 at three dot What do we use over here? Three. And you'll see we have communication. All right, let me go to branch. Be because remember, we had those statically configured routes. And remember, I said it's important to pay attention to the ah administrative distance. So let me show I p route here. Look at this. We are not seeing any rip protocol in our rotting table. If I go to a broader a real quick let's do show I p route, you could see here. We know we have rip advertisements coming in because of that Are if you look appear the code wherever it may be our means, rip. Okay, The routing protocol rip right here. So over here we could automatically assume that What? We're not learning anything through rip, right? We're not populating this. Why? Look at the administrative distance book of the administrative distance. Why? Because the routing table will take the administrative distance. The lower value is going to be more believable. Very important. Remember that. So how do we fix that? Well, let's go in a global configuration. But let's simply say no. I p route. And it was 192 and 168 that 1.0 2552552552550 And that was a 10. That 00 That one. Okay, now, if I just hit the up arrow control A I'm gonna remove the, uh, the know they're okay. Now. I'm gonna hit control E, and I'm gonna say 1 50 Boom. I'm also gonna hit the up arrow until I see you know, I peer out again. I'm just gonna use my arrows. Delete this guy, okay? And control lead back to the end, and I'm gonna Ah, I could erase this whole thing here. Okay, So he raced this six and I forget the No, no, there we go. So, no, I peer out that it wasn't even in their um Oh, I forgot something. So let's go ahead and changes to three C. Everyone makes mistakes for human. Now, I could just hit the up arrow. Remove that. No, there. And I'm doing it this way. Just you guys get familiar with our shortcuts, control you to go back to the end. And 1 50 with that is saying is force and manually or mainly forced the administrative distance for the static route to be over. What are dynamic? Routing protocol is by default. So now that that's done, if I go ahead and exit this back to privilege produce or we could just say show I p a route . Now we have routing updates. We no longer see the static updates in here. Okay, if we show ah, what is a I p rip database? I think database. Ah, no, um rep database. There we go. If I spell it right, you could see all the different things that are actually put in here, right? But since the administrative distance number is now greater than what our dynamic routing protocol is telling us, it will be stored elsewhere on the router, not in the routing table and the routers on Lee going to look at the routing table to four these packets, and we could also say show, run if you scroll down here. It was just a couple where areas that you could actually visually see where these static routes are configured. Pretty cool stuff, guys. 21. BONUS | Configuring RIPv2 Default Originate: All right, students, Welcome back. As we continue with our journey in this course, we are still in this bonus section. This will be the last lecture for routing, I promise. Since we've already talked about default route, let's talk about implementing that default route within rip version to using the default information originate command. So let's go and open up our labs here, okay? And the first thing we want to do is connect this cable from service provider to branch. See? And I used the serial 030 interfaces on both routers, but you go ahead and open up this router, right? And I'm going to just expand this so you guys could see it and we can go ahead and type Francisco enable Cisco and config. T interface cereal 030 We want to say I P address would be 10 009 to 55252.5 That 252 no shutdown. You could exit this. Now we want to go ahead and start removing our original default routes. So to do that, we could say No. I pierre l 00000000 and What do we do? Before we said serial 031 I believe, um, you know, I gotta I gotta verify. I don't remember what we used to show. Ah, I p interface. Actually, that's do she'll run. Make it easy. I'm but a bomb bomb, bomb, bomb, bomb, cereal. Okay, so, no, I p In fact, we could just copy and paste. It may get a little bit quicker. Copy, and we're just gonna click paste here and had enter. Cool. Do copy Rs. Now, we could got to go to branch A All right? We're gonna say And which ones? That Let's just do a show. Run Scroll down. Just make it a little quicker for us here. Right? I'm just gonna go and copy this. Ah, Copy and tab Control V. I'm sorry. Pace control A No. Okay, good. Do copy R s. So now if we do show I p route, we no longer have that gateway of last resort. It is no longer set. You guys see that? Good. So what we're gonna do is go back to this router, okay? And we're gonna create a default gateway or default route to our service provider So the first thing we could really do is say, Ah, we just hit the up arrow, actually, and I'm gonna get control. A We're just gonna delete the no in front of this control E to go to the end and 030 Pretty cool, right? Good hit. Enter now we're gonna exit this, okay? Actually, I'm sorry. Router Rip Version two Information Nation Nation Uh, I'm sorry. Default information originate. Forget my own command sometimes. Do you copy? Rs and we could exit this. Okay, now, if we go to the service provider Ratter Alright, we're gonna click cli. We're not gonna worry about the base configurations on this just to save time, I encourage you guys to go back and configure this with all the base configurations for practice. But for here, we could say enable config t We're also gonna go ahead and say interface. Um, cereal 030 I p address will be 10. That 00 at 10 2552 for 52 for five. That 2.2 and now we need to say no. Shut down, Beautiful. That since this is coming from our search of lottery, the commandos. Something about that we didn't implement earlier is clock rate. And we could just say 64 thousands and simple. But usually you don't need to worry about this on an internal network, okay? Because our service providers take care of it for us. Clean applies told me de ce and you know what? So this took over as, um What you might call a serial link. Let's go ahead and just on connect this. And if I grab the clock cable from this router over, here's your 30030 Now it's got clock speed. So if I go down, hit the up arrow, it's going to work. Beautiful. So it's exit this exit. Do you copy R. S? We need to say I p route. OK, if it if this router doesn't know of anything, we could just go ahead and send it back to this right now. That's not something you would typically have going on in a real environment. This is pretty much a mock, um, service vital network. So we could say quad zero and then quads era. And then obviously you'd be serial 030 yet again. You can't be rs. We could also create an interface loop back. Ah, we got to say one. It doesn't matter. I p address will be 17 to 16. That for 10 we could do to 55255.0 dot zero. Doesn't matter, Luke. Back in our faces are always end up in upstate. So just do Cappy Rs. You don't need to worry about turning it on. Close this out Now. Over here. If I glen do show i p a route. OK? We noticed before we have the s with gastric, but we still do. If I go to branch be Let's see what we have now. So if I go ahead and do a show, I peer out here. Look what changed. The R is now getting advertised through rip. And this is now our candidate for default. Pretty crazy, right? And if I go over here all right, and I do the same thing Do show I peer out. You see, we are obtaining that default route. Gateway of last resort yet again. Pretty cool makes life a lot easier. So none of these routers know of the 17 to 16 4 that whatever network over here, that's a loop back. So essentially that's acting as if it's a local area network. It's just quicker than adding a switch and then another host, right? So if I try to paying all the way to that 17 to 16 that well, I don't remember what I understood. I guess that'll help. So 1 17 16 4.10 Let's do that 17 to 16 4 That 10 is our look back and face all the way over here that just again access. If it's a local area device plugged in over here and I go back to this computer, I try to ping it. Let's watch what happens, right? So I'm gonna go ahead and say, paying 17 to 16. Ford at 10. Hit Enter. We have reply. The reason why we have replied is because even though none of these networks know about that 17 to address, right, if you're looking at the routing people here, we don't see 172 in here, but it has a gateway of last resort. So essentially, what's happening here is let me grab my pen so I could draw this out for you guys is re just sent that ICMP packet, right? That's our ping packet to this router. The router looked in its routing table, so I went through all the routing table, said it. Well, I don't know where to send this, but I'm not just gonna drop it because I have that Ah, default route. That gateway of last resort. So afforded to this router, this router again looks in its routing cable goes through all the lion says, Well, I don't have this amount routing table, but I'm not just gonna drop out, send it to this guy. He's going to get it. He's gonna look in his routing table. He's gonna say, Well, it's not in my network, okay? It's not my roundtable. I have a gateway of last resort sending at to my service provider interface. So when this router gets it, he's going to say, Well, I do have this connected. Send it right to him. Then when he goes to send the packet back, Okay, so he forms that new packet, he goes here, and well, now he's saying this is the destination I p address. Right? Well, he doesn't know, you know where to send that, too, Because his routing table is just known with him, right? So But we also set up that default route on this router, which means he's sending it to this interface. He now knows where to send this. So now through the routing table through the routing cable. Okay, this packet from here is going through all these routers and then to the host which had originated from so that is pretty cool. Guys, you got to see a lot during this bonus section, and you really gotta learn the fundamentals of routing. Got to implement rounding some passive interface, which is preventive measures, its device hardening on our routers. Essentially, you gotta learn about the default, um, information originate command, even though I tripped over it when I was trying to type it out, you know, you can't remember everything, but again, these are all really important things that you need to understand for your Cisco ccn a. And it only benefitted you being able to do this now, while we're going through this administration lab so we could build our, you know, complete network here moving form. And it was a bit of a review for those of you not knowing routing. And it was a good introduction for those of you that are still going in to learn routing with that said, I will see you guys in the next section where we start implementing different administrative technologies like NTP. Http. D and S, T f T P and G HDP. I will see you there. 22. Implementing NTP: Alright, students, welcome back as we continue to dive into Cisco IOS administrative labs throughout the rest of the scores, we just finished up with the bonus section where you learn how to communicate our networks together utilizing rip. We haven't talked a lot about different routing concepts to really just, you know, solidify this topic and make sense of it. Looking at the page. Now you can see we're gonna dive more into the device management side of our administration side of our network configurations. You see here, we're gonna be implementing NTP Server. We'll be implementing a DNS server key FTP, dhe P sys log. And we're not really going to go over the verification commands more or less because we've been going through the verification commands as we've been configuring our lab so far. These verification bands are also known as all of those show commands that we've been utilizing to see not only what we've already configured on ours, but what are networks are feeding back to us. This is how we could see what's going on on our rotering are routing and switching at devices. So just a brief overview of what NTP is. Since This will be the number One thing we start off with here in this lecture, right is NTP is a network time protocol. So early, early on in the course of said there's really two ways we could implement time management on our devices the first way being we have a hearted or hard coded, rather hard code it, um clock and we were using the clock set command to implement that now and implementing the NTP server. Okay, It's going to actually pull from the time dynamically from a t A and T P server, which is pretty handy now as I was. So you guys here in a minute there are publicly available and keep e servers. But that doesn't say we have to use those if I have a, you know, a router over here connected to around over here, maybe a small local area network over here with an NTP server sitting on a completely different network. And you know, I have a server over here. Maybe even just this router itself. I want to pull from this server right. Something that you have implemented on your own network. What we could do that this is one reason why we created the apology. We did. So you could really see how these different servers and protocols that were used utilizing for our administrative management devices and configurations don't necessarily always have to be within the same network. If you set him up properly, you could use them across other networks. So let me go and clear the screen here and let's go and open up our lab. So our labs, we are exactly where we left off. In the previous section of the course. Nothing has changed. Everything should still be communicating. And we could just prove that by if we pull a computer here again, it's always good to verify. So we know we're at least starting with right soaping. Let's just go ahead and ping this little network all the way over here. Right? So 17 to 16 for 10. And as you can see, we definitely have communication. Beautiful. So we want to set up this NTP server now if we click on the server, okay. If I go to services and go down to anti P, you could see it is disabled for authentication. However, the NTP server, in its own self is on now this is using, you know, kind of a plug in with the A P I within packet tracer to sync with your computer. If you look at your computers clock to this clock, you'll notice it's not 100% accurate. That's okay. Again, This is a virtual light virtual networking simulator. So even though it's close to being live real time, we're not gonna be too worried about it. At least you'll be able to see the clock difference from what we mainly configured earlier on in this course when he did the hard code method of implementing our time management on our devices. So I'm gonna go and close out this router number server rather, And let's just go ahead and go to our branch A router, Okay. And to do this, we could just go ahead and go into cli. I'm gonna expand this for you guys. Let's get into our router. And again Cisco is our password enable Cisco, And right now, if I show and tp status, okay, you know, we're not gonna have anything that says clock is on a synchronized. Well, I mean, that's not good, right? We want some kind of time management on here dynamically. And you know what? If we have the light savings time or something like that, Well, that only help our routers keep track of time a lot more, you know? Precisely. And that way, if we ever have any issues on our network, we could go in and check the system logs and things like that and really start isolating exactly when or where. Something if it has occurred by those CIS log messages. So to implement this NTP server on this device has got to do is go in the global configuration boat. And it's extremely easy for those of you following along in your workbooks. Also got to do is say, NTP server. Okay. And then we just address the, uh to be server command to the address of our actual NTP server. It's that easy. So what's our address? 19 to 168 that warn that three. Boom, Enter. Let's go ahead and go back to privilege mode and just show and tp status. Okay. And here you can see it's now synchronized. That's pretty cool, right? And I'm running military time. I'm not sure. Siskel packet trees. Air typically runs military time by default, but you could see 1800 is six o'clock right now. My computer says it is 18 34 so it's a minute off for so that's not too bad. And I'm also in. I'm definitely minus four UTC, so that is pretty cool. All right, so now we're getting dynamic time management to our device pulling from the server over here. So let's go ahead and go to Branch Bees Router cli. And again, it's It's very simple to implement this so this lecture will go pretty quick. It's going, say, Cisco, enable come This is Cisco yet again going to Global Configuration Mode and TP server and then the address of the servers 19 to 168 That one that three. And Boom! Let's go ahead and go back to purpose mode show and keep e status. And there we go. We could see it is indeed now synchronized. Pretty cool guys, right? And once again, we'll go to our last router here. Cli let me open this up again. Cisco is our password. Enable Cisco and Configure Terminal and TV Server 19 to 16 Eat that one. That three. Let's go ahead and go back to privilege mode. Show on TV status and we could see our clock is indeed synchronized. So there you guys go NTP services on our rotter pulling dynamically from a dedicated and TP server. It doesn't get much easier in that. Now, with what I was telling you where we kid in, you know, the real life if we do not have actual NTP servers within our network and you wanted an NTP server, If you Google public and TP servers, something will come out. Now, you have this list here. We could just quit this first link any of these you could use. Okay, Now you can see if they're available if they're OK or busy, so I mean, obviously it's shared amongst, however, many people are using this service, but it is an option for those of you, maybe some of the smaller environments that can't afford you know, all the bells and whistles on their on their network. This is an option. One reason this is actually really helpful in fact is if you're using a, um, whatchamacallit ah, lad environment like GM history, where it's using real Cisco Iowa's images while when we're testing out different features and stuff and learning. And you would actually see me do this in my e i g r p and O SPF courses some more. My higher level education courses and CCMP courses actually used gene history for our live environments. We will utilize this quite often because it's just very verse. It's very handy. Okay, Really helps put things into perspective. Alright, guys. So make sure we go ahead and save our configurations. Copy Rs. And I'm just gonna go back through all these routers just to make sure. Okay, it doesn't hurt. Copy Rs and let's go ahead and do this one as well. Copy rs. Make sure you do save the actual file to, and I will see you guys in the next one 23. Implementing DNS: All right, students, Welcome back. As we continue our journey with Cisco's Iowa's Administrative Labs course, here we are sitting at device management and more or less this is the administrative management that we can implement. Honor networks, right? We've already taken a look at configuring the NTP server. We've seen it synchronized, which was awesome. Are dynamically pulling that network time from the server. Next, we're gonna go ahead and take a look at implementing DNS. OK, now this again, just like NTP, is very, very simple to communicate. So what we're gonna do is actually set up a Well, there's already a website set up by Cisco by default, but we're gonna set up our DNS server, okay? And you notice we have two different servers. So we do have a DNS server and in http server, right? And then we'll just say we have what, a router over here with a host, which is no big deal. So we're gonna actually set up the DNS server. So when that packet gets here and tries to resolve it, right, so it sends the packet into the DNS server, it's going to use the destination i p address of the DNS is going to use the poor 53 for DNS. And then it's gonna flip that information around it will now send that packet back to our computer. And then once the computer notices okay to reach a domain name of whatever I'm going to use this cisco dot com right, then it's gonna then resend that Pack it all the way back to the http server http server would then send information back. That's when the three way handshake takes place. Okay, you're gonna get the http get and etcetera, etcetera. Now all of this, what I'm talking about is related to data encapsulation. So if you want to learn more about that, I do have my date encapsulation course freely available. Go ahead and take a look at that. So with that said, let's go and clear this off. Let's go ahead and open up our labs. So here, let's go ahead and just click our DNS server. All right, now, we did configure everything else on this network to have the address of the DNS server, but we know for a fact that we do not have a dina server actually implemented yet. So do that within the Cisco packages, we just click services here on the router, go down to DNS. And you could see it is turned off. So we're just gonna click that little radio button on and we want to type in the name. So it's gonna be www dot Just go. That, uh, where's just go dot com. Okay, a record is fine. And for the address, we want to give it the address of the actual server that the website's gonna be hosted on right here. 192 Okay, so it's gonna be 19 to 1682.4 and simply click add Beautiful. Now, if we wanted to take it a step further because I mean, really, you could type in the address to any one of these and you're gonna get the same exact website within physical packet traits that it allows you to be a little creative. We could actually click thea HD to be here. Go down to the index dot html because that is, by default, the home page or landing page for any website. Unless it's running a database language like PHP Rick, we could just click the edit button and I typically just remove a few things. I'm just going to move that stuff and then I'll just change this. I'd be like, Ah, welcome to cisco dot com or whatever. Write something different. We could always say font size plus four and change the color to red if we want. Okay, so say that. Yes, mainly overwrite it. Now if I goto any one of these, the PC is still address straight. We never change that back. We do see we have DNs over here. If I go to my closest out, let's go to the Web browser. In fact, let's go and ping at first just to make sure we do have communication to us. So let's go and say Ping 19 to 1 68 that to that four, which was our actual, um, website. Right. So once it sends out that AARP resolution that should come back through, there goes. It scared me for a minute and then aboard that, and I'm also gonna paying my 19 to 168 dot to 168.0.3. And that's my Dina server. We should make sure we have communication, right? And the reason why I'm doing this is because sometimes with impact tracer, it lags a little bit. So it might be it might get stuck. So typically within packages. Er I mean, it's nice to actually pink things get Those are tables buildup, making things a little quicker first. So now if I go to the Web page here, I type in. Www dot cisco dot com There it is. Welcome to cisco dot com. Pretty cool. So that is Deena's. As far as a services on a server, there is a lot of things we could do with DNS on a router. So let's just talk about that a little bit. We're setting up different domains and things of that nature within our actual routers or switches what we need to set up our router to know about that DNS server. Okay, and another reason why we actually want to set up the Dina server is if we're trying to paying. Maybe you were tried to paying Google that calm from the Web server, right? We're administering the router locally, sitting at the rat. Or maybe we don't have Internet connections, so we want to test at the router. If we have communication out to, like google dot com. But right now, we don't have cisco dot com. So if I actually did, um I don't know, for you just said www dot google or we could even just say ping Google or I'm sorry. Www dot cisco dot com Unrecognized host or address? Okay, So what we want to do is go into global configuration. We're gonna say I p domain look up this time. Remember we turned that off. Typically, it is off by default. So now we just turned it back on. Now, the only thing we really need to do is tell this router that it should be aware of what, a DNS server. So I p name server 19 to 168 dot to 168.0.3. Boom. Now, if I exit, you know I'm gonna do a copy. Are just a regular copy. Copy rs just to make sure it saves. Now, if I try to paying Debbie, Debbie, Debbie that cisco dot com it reaches it now within a router. Okay. Exclamation points, by the way, means it's 100% success rate if you got a whole bunch of dots. For example, if I Ah, Hopefully this doesn't go crazy on me. Let's go ahead and try to Ping. Ah, Debbie, Debbie, Debbie that Google back home trying not gonna work, but all right, so sudden recognized. Ah, for example, if it did not reach this for whatever reason, Always you would get is a bunch of dots. All right, so let's maybe even try. Ah, a daddy. Daddy! Daddy, it's probably gonna resolve it here. We should get just a whole bunch of dots for unreachable just like that. Perfect. So that's what you would see if nothing was successful. Kind of just the same way as saying it's, you know, time out or not timed up. So that is how we could figure Deena's on a router. Now, the cool thing about that is we could give these routers actual names as a domain and adverse, um, and assign the actual names to an I P address as a management i p address. Then we could just kind of navigate to different routers and switches via their i p EDT or their domain names. And typically we do that in larger environment, especially when we start getting in two different higher end routing protocols like you had your heroes pf and we have a massive, massive network. It just makes your lives a lot easier as administrators. But for practice, let's go ahead and incorporate some more Dian eso again config t from global configuration , But turn I p domain Look up on And we need to say I p a name server and the address to that server were 9 to 168 what was it? 2.3? Let me just move this over to verify. Boom. Yep, 2 to 3. So we could hit that exit. We could do a copy, just a regular copy. Copy rs and we could try to ping one. I do want 682 that three. We good. We could try to paying. I meant to do this wbtv that cisco dot com And we have success beautiful and finally router . See? So we just open this up and let me just put us over. We could go ahead and take a 50 i p domain. Look up. And now we're also going to say I p name server one. I do. Once you say that to that three exit copy Rs and Ping. Debbie, Debbie, Debbie that cisco dot com Bloom Now, remember before returned off this No, or we turned off. I p domain Look up early on in this course by saying no. Because before if we typed in a word here, it would just sit there and resolve and resolved. We used a break. Commander, get rid of it. Watch this. Okay, Since we do have now a name server configured on this router, it's going to try to translate it. But it knows it's gonna notice that it is not able to be found because it's not listed within the DNS server. So you really could leave I p domain and look up on Well, obviously you have to if you have a name server implemented. But if you don't have any names ever implemented, you want to turn this off by saying No, I P domain look up that way. If you do, you know, mess of your configurations or something. It's not sitting there sitting there and saying there's just, you know, it's just more of a nuisance than anything. So that is DNS and all of its glory. Now let's see you guys in the next one 24. Implementing TFTP: Ladies and gentlemen, welcome back as we continue our journey with Cisco IOS administrative labs And as we've been seeing so far, we're talking about this device management. As far as our administration is concerned, we have talked about implementing NTP server We've talked about and configured our Dina servers and that leaves us here at New Meadows Trace at Key FTP Server, which I told you guys is extremely important not only for those of you pursuing your CCN exams, but also for those of you in the real world. You can expect to see this Ah, lot in the real world because we do a lot with the tea FTP servers and it's on and P servers. But that's the mail server. You don't really get asked that on your exams were not going over that. But you will see it a lot for your sister log. Okay, now, let's go ahead and open up those labs that we've been working on for the past four hours of this course and you could see here OK, we air. Our lab has not changed from the last lecture. We still have communication. In fact, let's go ahead and verify communication on going to the route or Cisco is our password enable Cisco and Ping 19 to 1. Succeed that to that five, which is our T FTP server. It's going to send up that AARP resolution map the I p address to the Mac address and war a lot. We could do it again. See, 100% connect connectivity if you want a gorgeous All right, So t ftp server. If I go to services and click TF DP Here, you see all of the default images that are saved, you know, through Cisco's application, your packet tracer by default stored on this server. So when we save our file over, we're gonna name on a couple things different. So we could really just differentiate the ones from what we're saving them as now. The one thing that I really need you guys to, you know, pay mind to is what is our running configuration file. Okay, config duration file are running. Configuration file is indeed our ram. Okay, that is our working memory. And it is also volatile. Ah, ball A tile. I think it's whether it what is our start up config. Okay, start up config. I can't type today. Ladies and gentlemen, configuration That is our and V Ram. Okay. And that is also our, uh, stored. Or maybe you want to say saved file. Okay. It's non volatile, volatile tile. I don't know. So there we go. So that is just something you guys need to be aware of. Especially when you're communicating different files or transferring different files utilizing t ftp. So right here. Let's put that into perspective. This is a bit of a review, but it's been a bit since we talked about file system. So it's good. It's good to review. All right, the more you do repetition, repetition, repetition. I teach by doing, you learn by doing okay. So here, if I go in a global configuration out and just change the host name to what do we want? A name? Whatever. Something whatever. But we see that the host name for this router did change, right? We had Branch a are Juan. Now we're sitting here. Whatever. If I were to go back to privilege, move and say show star Hey, we could see that the host name still does say branch a ted that out If I chased your run, we could see it says whatever. So you need to be aware of that. In fact, if I were to restart this computer or router rather, since it is what it is, our running configuration where that exists, that new configuration of the host name whatever sits in volatile memory. If we lost power to this router and we got power back, we go back to the CLI. It's going to decompress the file it's going through and looking at the start of configuration file that was part of the boot sequence we went over. So it's not looking at ran right? That's the volatile. It's gonna lose that. It's looking at the start of conflict. As soon as I get back into this baby Cisco. Before we even go any further, you could see it did indeed revert back to our saved file that was in, um, Envy Ram are started. Config. So now that we know about that, let's go in and start getting our T FTP configurations implemented. The first thing we want to do is actually find the flash file that already exists on our router so we could go ahead and say show flash or you could also say directory. Okay. Either one works. I typically you show flash because it's more common. Okay, More common than none on your exams. If you were to ask, be asked something like that. So I'm gonna just copy this, okay? Just to save us some time. What I want to do is copy this flash file to rt ftp server. What is the source? File name. Oh, now we could just sit pace because this is the source file that we're gonna be transferring to rt ftp file. Boom. What is the address of that server 19 to 1 68 dot to 68.0.5. Boom. What is the destination? Found him gonna be so I could hit enter here if I wanted Teoh. But you see, in brackets here, this will be the name that it's going to be saved as and we already saw that this IOS You know, this dot been file is already stored on our TV server, so we want to change it up a bit. We're gonna differentiate. We're gonna say back up or something simple. And I'm going to just simply put an underscore there we can't have spaces, and then I'm gonna click pace so the whole file name exists within that. Okay, Now, I could just simply hit enter, And this is gonna take a few minutes. Mind you, that on riel equipment, this would actually take a lot longer because the files could be 512 megabytes or 1024 megabytes. Okay, not whatever megabytes sizes file is. And siskel packet tracer. Just be aware of that when you're doing these file transfers in the real industry. Um, OK, this is important to remember. Don't do it during live working environments. All right, you someone's gonna tell you, send out a broadcast email saying we're gonna have a maintenance period. Internet will be down for you. Allow yourself some playtime in case something goes wrong. Nothing ever. 100% go smooth, especially on riel equipment. Okay, There's a lot of variables that have to come back up online. Say, 20 minutes, 30 minutes, maybe. Ok, go. Obviously, you gotta follow your company corporate policies and user policies and whatever to this network being down. But you don't want to be doing it down without letting people know we're doing it down. You know, you should do it during non working hours, because if you did run into an issue, but now you're kind of in a pickle. You know, the network being down for just five minutes could lose, you know, and and medium size enterprise, company or corporation. Hundreds of thousands, if not millions of dollars. Because everything runs off the Internet these days. Especially when you have, like, e commerce. Okay, so that's just ah, little side note that should, you know, you should be aware of. So right now we have changed this. Okay, So what else can we dio? Well, let's go and save a different configuration to that tea FTP server as well. So to do that, we could just, you know, so we could differentiate the difference. We could just say, Ah, host name. And we'll name it whatever. Yet again. Okay, just to keep something simple, and what I want to do is actually go back to privilege bullets. Copy, run, start. Okay. And just say that same place, because now that's saving it locally to the router. We have a backup of our previously configured Iowa's image or configurations on the t ftp server already. And if I pull this up, go to T ftp. There it is. So saving it to the router now does not make a difference, because we you know, we already have a backup copy of it. So we say that Good. Uh, let's go down here. We say that beautiful. Now, what should we dio? Well, let's copy this current startup configure If we show start, you could see the host name does say whatever. I just tapped out it out. Let's go and copy the startup configuration file to rt FTP Server. What's the address of their teeth To be several 19 to 1 68 That to death five. What's the destination file name gonna be? You know, we could just click Enter here and boom, it's done. I'm just gonna keep this in top here and click this if I scroll this over here, click t ftp yet again. There it is. Whatever dash config now notice It's comp g. It's not spelled out. Configure or config. Okay, it's c o n f g. Make sure you pay attention to the file of names, right? And also another thing to keep in mind is these are case sensitive when you're pulling him back. But before we get to that, let's go ahead and erase this router. So to you race a startup flash configuration file, we just simply say, right, you raise notice. I am doing this in privilege level. Okay? This is why when you set your administrative privilege levels for different user names and you know, user authentications, you need to be wary of what you could really do to this rally could really wipe it out. So if I click whitey rate or write erase, you could see I could go ahead and continue. It worked. So now let's just go ahead and reload this so well, First I could show you. OK, show, start, there's nothing there. But we could just go ahead and reload this router so it loads up from nothing and proceed with reload. Confirm its decompressing that image. If I scroll this over, you could see everything went down. But let's pay attention to this router for second even while this is decompressing. Yeah, that the data that the data that that uh yeah, about that mm, no system configuration, because we get this dialogue, right? This is our typical boot sequence process. Look at a rather there's nothing configured on the strategies. So lost communication to our key FTP server. Would you look at that? Why is this important? I deliberately created this lab topology the way I did. So you guys could see that if you are not administering something locally on the same sub net that you will now need to go back and re configure the router to be able to communicate at least to the sub net or network that that T FTP server resides on, which is most common in the workplace. Typically, we don't keep our t FTP servers all the time directly located to the same some that are network, which are routers residing on. So that's why we had that bonus section for routing. Just so you guys could really piece all of this together. So I'm gonna say no here. That's going to enable We're gonna go ahead and config t always we really need to do Okay, we don't need to go crazy. Also got to do is at least get this interface up and at least tell it how to route to this network so we could use a static route if we wanted to. But I want to use rips. You could. So you guys could really see that we do not need to actually make all of the rip or router rip configurations on that router to access that t ftp server. So starting with the interface, we could say interface cereal 030 I p address is when I do. I'm sorry. Not when I do. It's gonna be 10 that year. That year that one, 25255525 to sound like an auction year. When I do that, it's fun. Try it. No shutdown. So that interface is up, but the router doesn't know how to row. If I do show i p route, it doesn't know how to access. That's got nothing in his table rate the second right. So let's go ahead and say router rip. Okay. Who? Good example. I'm glad this finally happened before we go into Router Rip. You notice how when I was typing out Router rip okay, it interrupted me with a cece log message. So and now my Texas Down here, I looked like I was able to hit enter previously, but typically, if interrupts you like that Now you have a whole Miska Bagua is probably, say, command unrecognized if I exit this and go into line con zero. Remember this command we implemented earlier? That's what that command prevents. Okay, so I just wanted to really show you guys that. And finally it happened where I could show you that, Uh, I'm not worried about this right now, okay? Because we're gonna pull back our original configurations. But now you could see why we use that logging secret, is it? It's really just a benefit towards you when you're making configurations as an administrator. All right, Back into router rip version dose. Also got to do is tell it about the one network right network. 10 000 We don't need to say no auto summer. We don't need say, passive interface. We don't need a We don't need to go into any of that. All we need to do is tell it the networked advertised on If I go in exit this right? Do show I P route. We have all of our routes back in here, So if I were to actually take this a step further and paying our 19 to 168 dot to 168.0.5 ftp server. We have communication, but there's nothing else configured on this router. So let's go ahead and pull back all of our old configurations. So how do you think we're gonna do that now? We'll previously, right? We were copying from something locally on the router. Well, this time we need to copy from the tea FTP server. And what do we want to copy it to? Okay, at this point, the syntax is what are we copying it to remember? Copy from a copy to before we're saying flash to t ftp or running or started config to t ftp. Now we're saying copy it from T ftp to Well, we could just store it right in our running configuration. Boom was the address of that T ftp server when I 2168 that to that five. What is the source? File name. So now we need to be more specific. We need to actually use the real name that the stored us and it's got to be what case sensitive. Whatever Dash C o N f G Make sure you pay attention to this. OK? It is not c o N f i g. Like you would think when you say config. If you read that loud, you might forget the I. Okay, this will drive you crazy if you do not pay attention to this, I promise you. I get questions on this all the time, so I'm stressing it. Pay attention to your file name now, as we got to do is click enter. Ah, what is the destination file name? So we can save it and running To think that's no issue. Just click Enter configured from consul. And look, we know it works because we went from having a host name of router to whatever. Awesome. So if I show run here, we could see all of our naval secrets. A user names, all of our, um, interface configurations are back up on Lee Now. You need to pay attention to that. They are shut down. Okay, because remember by default, all interfaces shut down even though we pulled over the administrative file from rt ftp server. Okay, since we rebooted the router and have yet to save anything to it. It's saying, Well, all interfaces by default are off. We mainly turn this one on, so it's like, OK, well, you turn that one on your force, that one to be on that school. But now we just got to go back in turn f a 00 on, so just be aware of that. But I mean, guys, we just learned out of Send and receive file transfers from RT FTP Server. What do we got to do? Well, let's go ahead and go in a global configuration mode. Let's say interface at 00 and let's go and say no, shut down and let's go back to privilege mode. Copy R s. You know what? Before we do that, let's go back to convict E. Let's change our host name. OK, I don't like that. Whatever. Let's say host name is going to be Ah, Branch. A underscore are one I think it was. And if it's not, that's fine. It it makes more sense now, right? And now we could say Do copy. Ah rs Boom. Let's exit this. Let's go ahead and show start right and v Ram And there we go. That is pretty cool, guys. You just learned how to, um, you know, Ford and receive, transfer and receive files to your T FTP server. Like I said, every command that we just implemented is crucial, absolutely crucial for understanding how to manipulate or manage and administer your network devices. Storing the Iowa s on different devices in your network. All right, this is extremely important. This lecture, you know, is probably one of them or important ones out of this entire course. If you want me toe point out an important lecture. This lecture really holds a lot of merit. Moving forward, I get not only for your ccn exam, but for the real world in its own. Right. So with that said, I will see you guys in the next one. 25. Implementing SYSLOG: Hello? Hello. Hello, students. Welcome back as we continue learning about Cisco's IOS administration and the device management, right. So as we see here looking at our to do list, we've knocked 12 and three off of our list. Now we're gonna skip our dhe P for a moment. We'll go back to it. We're gonna come all the way down here to implement cysts. Log. Now, one thing to be aware of okay is we are in Siskel packet tracers. So we are working with a slimmed down version of Cisco's IOS version or software. Really? With that said, we cannot really go into a lot of the features that you could implement with CeCe logs. This log has what we call different severity levels, right? Well, with Cisco packet razor, it doesn't allow you to really get into a lot of the severity level, so Well, actually, look at a real router and take a look at some of the rial Syntex that will be prompted for you guys. That where you can at least visually see what it looks like with that said, let's go ahead and dive into our lab. So here is our lab now we're gonna work on Branch A yet again. Okay? And I keep saying I encourage you guys to go back through all these other routers and play with them yourselves. I'm deliberately not going through all the other routers now, because you guys have the workbook, you should be able to follow along and do this on your own. So we are sitting at step 14 in our workbooks Configure sis log. And you could read through all this and everything if you want. But really, if we go to the T FTP server here Alright, we get clicks this log here and we have nothing. It is turned on. But we have nothing. And you notice I didn't use any other server in here as a system looks ever so typically, I mean that I mean, there are different situations. Remember? No two networks of the same right but mighty ftp server in my smaller too, you know, smaller medium size environments. I typically keep my sister log and t ftp server running on the same server because they kind of go hand in hand with certain things. Okay, so But that said, let's go ahead and say In fact, let me just show you what I mean by that might make a little bit more sense here if I open up the, uh, the, um ftp server I actually use when I'm just troubleshooting quickly and different networks, right? I'm a consultant. So I use this free one by you know, whatever, June, you could search the FTP PD 64 or 32 if you're on a 32 bit system and Google. And I guess I'll show you that too, if we go into Google. And I just say v ftp Dr okay or something like that, it comes up. Ah, where is that? Maybe it's Dr T ftp Dr T ftp and just said enter. And that didn't work either. My figure. This maybe I say Jordan in something like that. There we go. So you have the 32 bit download, and obviously the 64 bit download. You just say 64 whatever, but it's free, okay? And it does we need to do. And the reason why I like doing this is if I and the mystery multiple devices I get enable us. You know, the system logs server on my computer. My well, while I'm going administering different devices as I walked to another network closet or whatever, so I could see what's running on that other rather what message were coming up as a making federations on a different router so it could really help you out. But as you can see here, the city FTP server is also a D. C. P server. It could act as a systolic server log viewer, etcetera, etcetera. Now this is a simple I mean, this is a basic basic of, ah, systolic server, right or key FTP server, even some of them or expensive foreign. Some of the, you know, mawr gooey interface design, beautiful applications that they have out there. You know, solar winds makes a pretty good one. They bought it off somebody a few years back. I forget who they bought it off of now, but they have different. You know that it's color coordinated so you could see difference. Very levels. You could have monitoring stations. It's just this is plain and Jane just simply it's great for administering different devices . But as I said, you could see on that one application, though, right? It's all in the state. It's gonna be working off my computer, so it doesn't really make a difference. So we'll use our TFT or are I'm sorry? Our sister log server right here on our key FTP server. It is on. Okay, so let's go to branch a router. I'm just gonna click that. And you could see you here. We left off from where we were last lecture. I'm just going to say, paying the 19 to 1 68 that to that five. Just due diligence. Make sure we have full communication. So if I go in here and I say logging, Okay, Trap and I had the question Mark, I need to be in global configuration, but I Politics convict e logging. Okay. And if I hit the question mark here, you can see the different things we could say. Consul trap. If I say consul here, question Mark okay. Doesn't really tell us much. We could We couldn't log the council activity if we wanted to. In fact, let's let's just do it. We can all say logging. Okay, lets say trap. OK, this is where it's going to set a cyst. Locks over the log different severity levels. Fight the question mark. You see the Onley severity level? It allows us seven. Okay, which is debugging, which is still not bad. We're not going to see any sis log messages unless we were to run a debug on this device. So it's kind of, you know, a little bit pointless that, you know, to really understand the full concept of CIS logs will force something to make some debug situations on here, but four real equipment. Let me put my real router here, okay? And now I have, um, secure CR key. Opened. Appears is a 30 to 50 router I believe on Ah, yeah, 37 37 25 router. So if I go into global config motion mode here and I just say Ah, logging, Okay. Logging question mark, you see automatically. I have so many more things I could automatically just start, you know, making a log statement. Four pretty crazy. We could set up monitoring. We could set up CNS events, buffered events. I mean, there's a lot more things we could really control within a really Iowa s. That's why I'm telling you, the IOS on a real router is a lot more advanced than the slimmed down version within Cisco back Treasure. Well, let's just use that trap command again, okay? And I hit it. I hit the question mark. Here's where we could set multiple severity levels, and obviously it goes from 0 to 7. So if we wanted different, you know, emergencies or heirs or just regular information notifications, warnings. Okay, alerts. You know, just some very basic or relevant information you could set this, you know, toe have all severity levels if you want to do. But it's very important at least see how, um you know what logs? Can I actually communicate to it? A cyst log server on a real equipment. And you're seeing him right here. This is a real router again. 37 25. But as a as you can see here in Packet Tracer, it's only allowing us to Ron severity level seven, which is debug. So I'll just say debugging and hit. Enter now. We also need to tell it where we logging this too. So the command for that is very simple. Viet, The question mark here. Okay, what is the I p address of where we're sending it to. All right, well, that's easy. We know that TFT peace. Everyone 91 succeed that 2 to 5 enter. Now, if I go back to the sea FTP server, we're probably not going to see any sis log actions right now because it's only doing debugging. So let's exit this. Let's see if we could do a uh oh, it is. It is registering. Okay, that's cool. Very well. So there you go. You could see any thing that pops up in here on our screen. Locally. Door council will also show up on our systolic server. So when I was talking about using this freely downloadable to 50 piece over here, why is that so good? Well, if I pull up that router again, right, let me put this back up and let me pull up the other one as well. Okay, so here we could see. Okay, even though we're getting these consul messages right in our cli on our router as we're making configurations or changes, or if an interface goes down or what have you write? Well, what if we're at a different route or what If I walked all the way over to say Branch bees router. But I want to keep logging this well. I'm not logged into this router, right? I don't have communication to it from all the way over here, May or whatever you know, there's variables that you could do it. It's just handy. Well, instead of opening up a bunch of different realize, or maybe not having access to that, for whatever reason, because we'll keep this logging on our computer when we put back in the network, it'll show up here instead of in a cli. Or in a sense, you know, the ah T FTP server. I am actually running, so it comes in very handy, all right. It's just it's it's a tool that you should, you know, any administrator that's actually configuring and make configurations on your network should have in your toolbox. But, guys, that is it all right, since Log is extremely simple to set up and configure. The biggest thing I wanted you guys to get at is looking at this really routers. Ah, and what you call IOS year losing my mind. Looking at the rial Cisco router IOS, you could see that we have many, many more options for our CIS log events. All right, just know for your exam that we could go from zero through seven. And depending on. You know, the severity level of what we need is what we would implement on ercis log servers. Now, like I said on mawr, nicely developed buoys or applications that support the CIS log, um, events. Right. When it logs in these different severity levels, they'll be color coordinated. So you could really differentiate what's going on. You could even set like with some of them some or the expensive sis log server applications out there. You could set different alarms to a different severity level. So it's an action, a triggered event. So you set in action to trigger in the event. So say critical comes up severity level to comes up. Well, maybe your computer just starts ringing, or you could hook it up even a step further. You bring in a little microprocessor board, you know, you could set up almost like your access control systems in a building where it sets off an alarm. Okay, like, do, do, do do do whatever. Within the i T department, someone runs back to the monitoring station says, Whoa, we got a critical event here. Ah, let's go check that out or something. Right. So be aware of that. Know it, but quite frankly, ladies and gentlemen, it is easy to set up. Sis log. I'll see you guys in the next one. 26. Implmenting DHCP: All right, students, Welcome back as we continue our journey with Cisco CCN A's objectives as faras I west administration and looking here the device management So we've completed kun does trays Quattro and we sit here at Cinco implementing a d h e p. This is our dynamic, um, way or form. Okay, Dynamic host control protocol is that we dynamically obtain i p addresses on our networks. There's two ways to do this. We could set up our routers to act as a. D C P server and then this router will actually dish out the dynamic or D h e p I p addresses or okay, we could have a server sitting off on a local area network okay, in this server. And this is kind of how it's, you know, you see it more commonly, we could set the server to Ron DCP services, then all right, the services from this are sent to the router and then we use what's called a DCP relay command, which will then ford these over to another router which will then for them again to the local area network. So if we have a device sitting down here for example. Maybe a small little host computer. It'll obtain Estate CP address from the STI H C P server over here. Pretty cool stuff. So we're gonna take a look at both of them. Just so you guys are 100% familiar with those. Let's go ahead and open up our labs that we've been working on and sitting here. You know, just where we left off. Nothing has changed. So let's get started. Now. The first thing we're gonna do is we're gonna go ahead and configure again. The branch A router. All right, We're going to go and configure this to run as a D h c p server. We're not going to configure the DEETs D H c p server just yet, so let's go and open this, okay? And again if ah, you are just now coming back into this if you come in and password to steal Cisco enable Cisco and we are good. All right. So the first thing we need to do is go to Global configuration mode, as always, and we're gonna go ahead and type in I p d HCP. We're going to say excluded addresses. So this is why I deliberately hard coded some of the addresses on these local area network so we could see why we want to exclude specific addresses again for management type purposes Are since we have and management I p address on the switch or, you know, the NTP server. We don't want them obtaining dynamically learn I p addresses. Also, we need to tell it to exclude those hard coded address is that we are, you know, statically configuring on our network. The router needs to know to exclude those addresses so it doesn't dish them out through dhe P. If it does OK, if it were to start dishing out one that 11.21 dot three or whatever well, then we could possibly end up having an i p address overlap, which will cause a mismatch on our networks. And that's not what we want. So we need to make sure we exclude those addresses. So I'm going to exclude 192.168 dot 1.1 and then space. It's going to exclude it to the next higher address that you want to exclude. I'm gonna say 19 to 1 succeed that warned that five. I know. We stopped that three. It doesn't matter. We could just say five because, you know, maybe we want to add it. Address another static device here later on or whatever. I'm just gonna go 1 to 5. You guys could follow along. 123 Whatever you want to do now, we need to give the D c. P on this router. Since now we're turning this router into a D h c P server a name, Okay. And we're gonna name the pool that the D H I P addresses are gonna be pulling from. So to do that, we're just gonna say I p d HCP and we're gonna say pool, All right, and then just name it. We could just simply say branch a underscore router One. Okay. And maybe dhc p underscore pool or whatever you want to name. It really doesn't matter or, you know, let's just say network Okay, that way we know that's the pool that is pulling from, and we could just hit Enter here. Now the next thing we need to do is tell it the network I d. All right. Remember, this comes back to something you should know this network I d for this sub, that is, when I do 168 that one that zero with a classy mastiff. A five by five that it's fun to say like that. Now we need to tell it a default router. Essentially, you could think of the default router as your default gateway. So we just say, Default router. And what's our default Gateway I P. Address? Well, it's one I do. 16168 that one that one for that summit and just hit. Enter. Now, since we do have a dina server here, we could take a step further. We could say DNS right dash server, and we could tell it that as well. So it dishes out that information to our devices to and that's 2.3 and hit. Enter. Now we could just click exit and we are good. OK, we could just go out and say, Do copy Rs, save that configuration file. Let's go back to our PC zero and I'm just gonna drag it over here a little bit so we could see it. Desktop. We are statically configured here from earlier on when we're using this computer just to verify different communications through our network. Well, let's just select the HDP, and it's going to sit there and request that. And look at that. It is successful. Gave us the next I P address in line from the excluded I P addresses we gave it. Gave it the default gateway. Remember? That was the default router command and the DNS server Command over here also populated right there. Beautiful. And if you want to just verify remember, it's always good to verify we could go and say paying on 172.16 that Ford at 10. And we have communication all through the a C p. So that is how you set up BTP as a router acting as a D h C P server, if you will. Now we're gonna go ahead and my great on over to this branch see device here. Okay. With that, we're gonna go ahead and configure it to Ron DCP using this server here, and then we're gonna advertise it out So this network branch be can pull from this DTP server. So what we're gonna do is first, we're gonna click this server over here. We're gonna go to services and then click dhe P so we could lead as server pool by, you know, standard default. But we're gonna address this name this per the specific pool name here for our brand she network. So the default gateway for him is 19 to 168 That 3.1 our DNS server is still gonna be the same 19 to 168 dot to 168.0.3. And then what do we want to use as a start? I p address? Well, I'm going to do three. That five again. And then the sudden match now we could set the number of users. Okay, so how many I p addresses? Do we actually want to dish out? Well, we could always just say maybe 10 for example, And then if you always you know, if you wanted to take it a step further, we can always set up the tea FTP server, which we do have some 19 to 168 dot to 168.0.5. And also got to do is click save. Now. We also need to configure a pool for the branch, be some that because it's a different sub net. So what we're gonna do is just create a new name here. We could just a branch be B and the I. The default gateway is 19 to 168 That 2.1 dina server still to that three. We're gonna leave this at 2.5, and then we could leave it at 10. And, um, I'm sorry. We need to make this to 0.6 because two fives already used. So now we could just click, add. So now we have two different. What? We have two different server pools in here. Pretty cool, right? So if I go and just close the server out, let me just make sure services on right? All right. Ah, DTP on. Okay, so if I go to this pc here, we never adversity. If I click configure and D C p, it should obtain an I p address, which is you could see here it did for the 3.0 network, which is what this computer is in. What about these devices here? Well, none of these can obtain a dcp hours because what they are by default, um, hard coded were statically configuring the So let's just go and drop in a laptop or something. It doesn't really matter or desktop, since that's what I my mouse grabbed. I'm just gonna use a straight through cable AAA 00 to fasting them 05 on the switch. Now, remember, with our switches, we turn those off and switch the V, Lance. So let's go ahead and backtrack a little bit, okay? This is a little practice. Cisco is our password. Enable Cisco. Now we need to show I p interface brief. Okay. So we could see interface F 05 is turned off. What's going to say show I, uh, interface? Oh, no. Let's say show villain brief. We could see f You're five. Isn't the land 20? So let's go ahead and go into global configuration mood. I'm going to say, um interface F 05 switch Poor mode. Oh, it's already in access. So we could say switch poor access. Villain 10. And then we got to say no shutdown. So now that link status comes up, and if I do show villain brief again, you could see that this fifth port now went into the villain 10 So it's in the same broadcast A main. So it'll be able to communicate to the rest of these devices once it's got an I P address. So let's go. And actually just do a do copy. You can't be r s. Save that right. Close this out. Let's go to this computer. And I mean, we don't have anything right here yet. So to get a d. C P address, we need to tell these routers to pull from this DTP server. So how are we going to do this? Well, let's go and do Branch Bees router. Okay, We'll start here. Cli let's log in. So Cisco enable okay, and then we need to go into, ah, Cisco and Configure Terminal and we're going to simply say, Let's see what interfaces that the interface coming into our network is ab 00 So we're gonna say interface F 00 and we're gonna simply say I p helper help her address and then the a h c p server. I just one I 2168 that 3.3 boom was going exit this. Now are we getting any DTP server I p address yet? That's full, Let's verify. And sometimes it takes a minute. So if it doesn't go through, we'll try it again. Bomb, bomb, Bomb, Bomb! Bomb! Bomb failed. All right. Now, by the way, if you ever see this address, it's not good if you're running DTP, so I'm gonna click status again. More static again at D H P. Again. Sometimes it gets stuck, so we'll have to wait. Verify and see. There it goes. HTP requests successful, beautiful guys. Right? So now if I take this computer, go to my command, prompt and I try to ping our ah virtual server over here. Right? 172172.16. That Ford at 10. We have communication, so that's pretty cool. Ladies and gentlemen, you just got to witness, all right? Two versions of DTP. We used this router here as a what? A D h c p server. Okay, this active as a d c. P server on the router, he was able to afford this information to this network or essentially, this network is pulling from that router. Now. We kind of just said, you know, forget about that router for a minute and we configured this DTP server to run DTP services created the pool excluded addresses by using that I, p Helper Command, which is the relay agent command. It was able to say OK, well, if I'm trying to pull DTP, okay, I need to access the server. Since the routers routing table OK knows how to get to the server. All of that needs to knows One. Okay, so the pack comes in requesting a DTP server. It knows the address of that server. It sends it to hear. He sends it to hear he pulls that information and back to this computer, it goes pretty awesome. Guys, that is D H C P server and router. Alright. Or seven up. I'll see you guys in the next. 27. Performing Password Recovery: All right, students, Welcome back. As we start wrapping up this entire course Francisco see, seen a IOS Administrations labs. And as you can see, here are device management with those administrative configurations. Now, here's a list of everything we've already covered. Okay, in this section of the course alone. Now, I did say I do not want to spend an entire lecture going over these because essentially, these verification commands are the same thing as our show commands. And we've been utilizing those throughout the entire course. However, there is one more thing that I do not put on this list I just realized, and that is a password recovery. Okay? And we must cover this because as this is an administration course, this is probably the number one utilized thing that you will be seeing in the network. As you know, for any of you taking your ccn a or in the real world Okay, you will use password recovery. Ah, lot that way. If we have a layer two or later, three switch or maybe a later. Three router. Right. It's not. This process will work on either of those devices. Just so you know. Now, early on in the course. I told you there was two values that you need to be aware of. OK, this there was a zero x 2102 And then there was also a what? A zero x 2140 to make sure you know these These are those register values. Okay, this is saying load and the Ram or also our startup config. This is saying bypass. Okay, bypass that And the ramp. So what this means is we got to actually go into a mode that is called Rahman. Okay, Rahman mode. And to get into this and just as a side note, this is essentially kind of like your bios on your windows computer. Okay, To get into this Rahman mode on a Cisco device, we actually have to reload the device. OK, so you need to be aware of that since you're gonna be taken down that network segment now, for anyone connected or needs to communicate through that router or switch or whatever they need to know that the network will be down for 10 or 15 minutes. Advertising. Essentially, what I'm saying is, you do not want to do this during normal operational hours or, you know, heads will start popping up out of cubicles and you'll probably get lectured by your boss. So here's our lab. Now. The only thing I changed here was I added a little note here. This is gonna be a break command. So when we get into our router, Okay, we actually, you know, nothing's changed. We actually have to turn this off. So you go in Monday calms all, man. I forgot my password. Turn it back on. Go to the cli and what you want to do is control shift, See? And you see, it broke that boot process. It went OK, Went and aborted the boot process. But I didn't hit the question mark here. You could see different things that we could do within this Rahman mode, but the one that we're interested in this come frag. Okay, Notice how it's spelled and this is how we configure the register. All right, so what we're gonna do is taken frag and we know we are by default zero x 2142 or I'm sorry to ones here too. So we want to say zero acts 21 for two. Boom and what that's gonna do. It's a bypass that envy. Ram bypassed my start of configuration file, but it's not going to delete it. So to reload this now you could see the command here, says Reset. Not reload. Reset. So we're just going to reset and hit. Enter that's gonna reload the device. But again, it's not the leading our envy, Ram. It's not the leading that initial start configuration we had implemented on this device. All of its doing is bypassing it, taking us into our regular Ramez if there was no configurations ever on here. So let's go ahead and say no. Here. What we need to do is configure or I'm sorry. Enable config t. What we need to do is actually save our started configuration now to our running configuration. So let's go ahead and say copy, Star run That way it pulls in our envy RAM file to our running config. In fact, let's just show something here. Let's go back to prove it mode show starts okay still exist. There's all of our old passwords in all of our old configurations. If I say show run, you can see it's just the default So we're bringing. If I say copy Star, which is, you know, backwards typically were saying start, run or copy. Run! Start. Now we're saying copy, Start, run! We're pulling that and be ran. File the startup config file over to RAM, which is a running configuration file. Boom. Now, if I say show run, we could see all of our original stuff is there? But we are in the device. OK, so what we need to do now is going to global configuration mode and just change our password. Stay lying con zero. And it's just a password will be Cisco to exit. Now we just need to save this, right? Well, actually, before we do that, we need to change our register value back to 2102 which is default. You never really want to leave your router or switch groaning and zero x 2142 Because again , that's a bypass command. So if something would happen and it lost power or whatever, right, and it goes to boot back up, Well, you're not gonna have any of the new configuration. So you want to be in the config, so we say config register I'm going to say zero acts 214 to arm. Sorry. 02 is the default. And now when it reloads alright, it's going to actually boot from RNB Ram, which is not where we're going to save our new figure password. So if I say copy R s, which is our current running configuration to our start, I'm sure you do copy RSP from Global Configuration mode and now boot from that. So what we need to do is go back to prose moaning to simply say reload, proceed with the reload option and as a decompressing the file Now that is loading back up that zero x 210 to which says to load my envy rim load that started configuration file. If I hit enter here. You can see I now have my original stuff. But Cisco is not gonna work here. Cisco to sis go to, uh oh. Cisco to just go to All right, so I messed up something so well, let's just do it again. Practice never hurt. Let's go back here. Turn this off and we're gonna go ahead and turn him back on. Go to the CLI control shift. C and a se con frag zero x 214 or to enter, reset, enter and let that go through. I must have misspelled my password or something, right? So hey, this happens, guys. You mean I'm I do this on a daily business daily basis for a living. Even I mess up once in a while, they're gonna say no here. Enable config t All right, we need Ah, do copy startup. Are we going to say s are? Okay, Boom. So now we're back in. Let's go ahead and say line con zero password will be Cisco and we could say log in whatever exit. Now we need to say config register will now be zero x 210 to enter. We need to do copy R s back to envy, Ram. And now we need to go back and say Reload. Boom procedures reload! Enter. This should work now. So once this reloads, let's go ahead and take a look Like I said, you know, you're you're never gonna remember every little thing. That's one thing. Why? The question mark is definitely helpful, But you need to be aware of a lot of this stuff for your exam and for the world. So passwords down Cisco and we are in Cisco and we're good. There you go, guys. All right, so that is how you perform passive recovery. And again, you do not want to leave your router or switch sitting in what? The 2140 to register value? Because that is a bypass register value. You always want to make sure you revert the router or switch back to your 21 year two by default, which will indeed boot from a start up configure that finds one. So that's why it's important again. I keep saying I don't mean to be redundant, but it's very important to go and make sure you understand the file systems on these devices. You know, not just for pastor recovery, not just forgive to pee Foot, for everything you do is administrators super super important. So, guys, ladies and gentlemen, students of all ages and kinds, and no matter where you're at in the world, I really just want to say thank you for, you know, taking this journey with me. If you guys take this information continuously, practice it all right, build your own labs and take all the skills you've learned through this course with me. Hopefully you've been following along taking notes. You've been working with your workbooks with labs, and you've been, you know, practicing, practicing, practicing repetition, repetition and more. Repetition is how you learn. We learn by doing all right. There's a lot of configurations on for ah, your Cisco exam, even though 90% of the exam is running show commands. But you're not gonna understand the pronounce that your exams give you. If you can at least understand how to configure him. That's something important to keep in mind. But again, I do want to thank you guys for, you know, taking this journey with me. Hopefully, it's been informative again. If you do want to learn more about something, I haven't awesome course available that you could take. Just go to my course resources page, and you could see it if you guys are looking form or, you know, fundamentals of Cisco's Iowa's. I have two courses one Cisco Network Fundamentals course, which goes over more details about a lot of the fundamentals and that gun that goes more into V Lance, an interview and rounding Cisco see sent. I seen the 1 125 labs course will do the same thing for you and then for you guys that want to jump into routing. I have an awesome E i g r p course and always pf course that's been getting great reviews. A lot of people love it. It's in fact, is the same courses that I used typically in the same lab environment. They used to teach my in classroom boot camps that students signed up for so on again. I just have to say, Thank you. This was fun. We really gotta learn a lot here. So, until next time, ladies and gentlemen, I will see you later.