Basic EIGRP configuration lab

1. Prepare network
2. Perform Basic Router configuration
3. Configure and activate serial and ethernet address
4. Configure EIGRP on the R1 router
5. Configure EIGRP on the R2 and R3 router
6. Verify EIGRP operation
7. Examine EIGRP Routes in the Routing tables
8. Configure EIGRP metrics
9. Examine Successors and Feasible Distances
10. Determine if R1 is a Feasible Sucessor for the Route from R2 to the 192.168.1.0 network
11. Examine the EIGRP topology table
12. Disable EIGRP Automatic Summarization
13. Configure Manual summarization


Challenge EIGRP configuration lab
1. Subnet the address space
2. Determine Interface address
3. Prepare the network
4. Perform basic router configurations
5. Configure and activate serial and ethernet address
6. Verify connectivity to Next-hop device
7. Configure EIGRP routing on the Branch1 Router
8. Configure EIGRP and static routing on the HQ router
9. Configure EIGRP routing on the BRANCH2 Router
10. Verify the configurations
11. Reflection

EIGRP troubleshooting lab

Eigrp lab #2
Kamu akan pernah melakukan:
1. Pemeriksaan routing tabel dari setiap router dan memastikan bahwa ada jalur ke setiap network di dalam topologi
2. Pendokumentasian nilai-nilai K default yang digunakan EIGRP
3. Pendokumentasian metrik EIGRP untuk setiap network pada setiap router

Daftar Projek Raspberry Pi yang bisa dicoba

http://pimylifeup.com/raspberry-pi-mumble-server/
http://www.itworld.com/article/2901051/create-a-home-server-with-raspberry-pi-2.html

Contents

....................................................................................

Introduction

5

Using the Configuration Guide

5

Prerequisites

6

Scenario

6

Terminology

7

................................................

My VPN Gateway Configuration

8

.......................................

Task 1 – VPN Gateway Configuration

9

Step 1 – Outside Interface (WAN) Settings

9

Step 2 – Enable VPN

9

Step 3 – Add an IP Address Pool

10

Step 4 – Add a Group Policy

11

Step 5 – Add a User

14

Step 6 – Add an IPsec Connection Profile

15

Step 7 – Exempt VPN Clients from NAT

16

........................................

Task 2 – VPN Tracker Configuration

18

Step 1 – Add a Connection

18

Step 2 – Configure the VPN Connection

18

Task 3 –

..........................................

Test the VPN Connection

19

..........................................................................

Troubleshooting

21

VPN Connection Fails to Establish

21

No Access to the Remote Network

21

Further Questions?

22

..

Tunnel All Networks / Host to Everywhere Connections

23

.......................................................

Command Line (CLI) Setup

24

3

VPN

1. Remote access

aaa new-model

!

aaa authentication login rtr-remote local

aaa authorization network rtr-remote local

aaa session-id common

!

username Cisco password 0 Cisco

!

crypto isakmp policy 1

encryption 3des

authentication pre-share

group 2

lifetime 480

!

crypto isakmp client configuration group rtr-remote

key secret-password

dns 10.50.10.1 10.60.10.1

domain company.com

pool dynpool

!

crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac

!

crypto ipsec security-association lifetime seconds 86400

!

crypto dynamic-map dynmap 1

set transform-set vpn1

reverse-route

!

crypto map static-map 1 ipsec-isakmp dynamic dynmap

crypto map dynmap isakmp authorization list rtr-remote

crypto map dynmap client configuration address respond

crypto ipsec client ezvpn ezvpnclient

connect auto

group 2 key secret-password

mode client

peer 192.168.100.1

!

interface fastethernet 4

crypto ipsec client ezvpn ezvpnclient outside

crypto map static-map

!

interface vlan 1

crypto ipsec client ezvpn ezvpnclient inside

!

2. Site-to-site

Figure 3-8 Site-to-Site VPN Scenario Physical Elements

Headquarters Router Configuration

hq-sanjose# show running-config

Building configuration...

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname hq-sanjose

!

boot system flash bootflash:

boot bootldr bootflash:c7200-jk9o3s-mz.123-3

boot config slot0:hq-sanjose-cfg-small

no logging buffered

!

crypto isakmp policy 1

 authentication pre-share

 lifetime 84600

crypto isakmp key test12345 address 172.24.2.5

!

crypto ipsec transform-set proposal1 ah-sha-hmac esp-des esp-sha-hmac 

mode transport

!

 !

 crypto map s1first local-address Serial1/0

 crypto map s1first 1 ipsec-isakmp  

 set peer 172.24.2.5

 set transform-set proposal1 

 match address 101

!

interface Tunnel0

 bandwidth 180

 ip address 172.17.3.3 255.255.255.0

 no ip directed-broadcast

 tunnel source 172.17.2.4

 tunnel destination 172.24.2.5

 crypto map s1first

!

interface FastEthernet0/0

 ip address 10.1.3.3 255.255.255.0

 no ip directed-broadcast

 no keepalive

 full-duplex

 no cdp enable

!

interface FastEthernet0/1

 ip address 10.1.6.4 255.255.255.0

 no ip directed-broadcast

 no keepalive

 full-duplex

 no cdp enable

!

interface Serial1/0

 ip address 172.17.2.4 255.255.255.0

 no ip directed-broadcast

 no ip mroute-cache

 no keepalive

 fair-queue 64 256 0    

 framing c-bit

 cablelength 10

 dsu bandwidth 44210

 clock source internal

 no cdp enable

 crypto map s1first

!

ip route 10.1.4.0 255.255.255.0 Tunnel0

!

access-list 101 permit gre host 172.17.2.4 host 172.24.2.5

!

line con 0

 transport input none

line aux 0

line vty 0 4

 login

!

end

Remote Office Router Configuration

ro-rtp# show running-config

Building configuration...

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname ro-rtp

!

boot system flash bootflash:

boot bootldr bootflash:c7200-jk9o3s-mz.123-3

boot config slot0:ro-rtp-cfg-small

no logging buffered

!

crypto isakmp policy 1

 authentication pre-share

 lifetime 84600

crypto isakmp key test12345 address 172.17.2.4

!

crypto ipsec transform-set proposal1 ah-sha-hmac esp-des esp-sha-hmac 

mode transport

!

 !

 crypto map s1first local-address Serial1/0

 crypto map s1first 1 ipsec-isakmp  

 set peer 172.17.2.4

 set transform-set proposal1 

 match address 101

!

interface Tunnel1

 bandwidth 180

 ip address 172.24.3.6 255.255.255.0

 no ip directed-broadcast

 tunnel source 172.24.2.5

 tunnel destination 172.17.2.4

 crypto map s1first

!

interface FastEthernet0/0

 ip address 10.1.4.2 255.255.255.0

 no ip directed-broadcast

 no keepalive

 full-duplex

 no cdp enable

!

interface Serial1/0

 ip address 172.24.2.5 255.255.255.0

 no ip directed-broadcast

 no ip mroute-cache

 no keepalive

 fair-queue 64 256 0    

 framing c-bit

 cablelength 10

 dsu bandwidth 44210

 clock source internal

 no cdp enable

 crypto map s1first

!

ip route 10.1.3.0 255.255.255.0 Tunnel1

ip route 10.1.6.0 255.255.255.0 Tunnel1

!

access-list 101 permit gre host 172.24.2.5 host 172.17.2.4

!

line con 0

 transport input none

line aux 0

line vty 0 4

 login

!

end

Jauhilah hal-hal berikut

sia-sia		vain, useless, fruitless, futile, ill-starred, waste
	besar kepala		stubborn, chesty, swell-headed, vainglorious, vain
	percuma		useless, vain, gratuitous, gratis
	cuma-cuma		vain, free, gratuitous
	sombong		arrogant, overbearing, proud, cocky, pompous, vain
	angkuh		arrogant, proud, haughty, imperious, cavalier, vain
	besar mulut		insolent, bombastic, chesty, swell-headed, vainglorious, vain

1. Partai (party): a group gathered for a special purpose or task:

a fishing party; a search party.

2. Paripurna (plenary):

attended by all qualified members; fully constituted:

a plenary session of Congress.

3. Fraksi (fraction):

a part as distinct from the whole of anything; portion or section:

The meeting started with a fraction of us present.

4. Konstitusi (Constitution)

the system of fundamental principles according to which a nation, state, corporation, or the like, is governed.