Cisco Hands on Help... Pics included

[ScreamingBroccoli]

Hey guys,

I have a problem, today was my hands on cisco final, for CCNA2, and I messed it up, because I haven't even touched a router for 2 months... Here is what I had to do:

1. Draw a topology of 5 routers w/ 2 hosts per router with network address 195.12.5.0
2. He picked 2 routers from the diagram and we had to simulate them and have a computer on one router ping the other router, vice versa.
3. Create an ACL that blocked one router from the other, its in the picture circled in red.

Here is the subnetting work I did:

Here is the topology I drew, what he circled in red is the 2 routers that have to connect, and the arrow is which one should be able to contact the other, but not the other way:

Here is what I typed (from what I remember):

On Computer 192.12.5.81 (underlined under router 3) -
enable
config terminal
interface fastethernet 0/0
ip address 192.12.5.83 255.255.255.240
no shutdown
exit
interface serial 0/0
ip address 192.12.5.97
clockrate 56000
no shutdown
exit
exit

On Computer 192.12.5.113 (underlined under router 4) -
enable
config terminal
interface fastethernet 0/0
ip address 192.12.5.115 255.255.255.240
no shutdown
exit
interface serial 0/1
ip address 192.12.5.98 255.255.255.240
no shutdown
exit
exit

Now, when I tried to ping, I could get everything up to the other router's fast ethernet. When I set it up in hyperterminal I selected the thing that said connect to com1 and changed flow control to none and changed timer or rate thing to 9600. I'm not sure what I did wrong. And does anyone know how to do that ACL thing? Help, I have to do this again 2morrow!

Thanks
-Matt

 

[ScreamingBroccoli]

oh yea, I forgot that everything on the physical connection was correct...

 

[bealzz]

dont forget to add the networks, and router rip. you cant just get the two interfaces to talk to each other unless you specify a protocol to do it.

also here a good page for basic ACLs
http://www.networkclue.com/routing/Cisco/access-lists/index.php

 

[ScreamingBroccoli]

We never really did a lot of work on the routers, so how would I 'add the networks' and do the router rip? Thanks for the ACL link

-Matt

 

[ScreamingBroccoli]

anyone?

 

[ScreamingBroccoli]

anyone?

 

[QwertyJuan]

I think the problem getting replies here is that noone feels 'right' talking to a piece of broccoli.... these have padded rooms for people like that.

QJ

 

[Fint]

I don't intend to be a jerk, but if you don't know how to enable the most basic thing that makes a router route, you really haven't learned enough to be a CCNA.

You could cheat, and setup static routes, but that's certainly not a good way; you need a routing protocol.

Google for "router rip" and see what you find.

 

[Blitzrommel]

I don't intend to be a jerk, but if you don't know how to enable the most basic thing that makes a router route, you really haven't learned enough to be a CCNA.

You could cheat, and setup static routes, but that's certainly not a good way; you need a routing protocol.

Google for "router rip" and see what you find.

That's harsh -- I plan on going for my CCNA (Taking classes in October with a very reputable school that was recommended by a few of my CCIE friends) and not only do I plan on taking advantage of equipment rentals, but I also planned on getting as much hands on experience as possible.

Sounds like you got hosed.

 

[Fint]

Sounds like you'll have what the original poster is missing; hands-on experience. Heck, saying "does anyone know how to do that ACL thing" proves the original poster is not ready for the CCNA test.

The CCNA book that I read had an entire chapter (81 pages) on "Routing and Routing Protocols" and another entire chapter (44 pages) on Access Lists; if you skip half the book, don't be surprise when you fail the test.

 

[StratocasterMaster]

Well I can openly say I am lost when it comes to most of this -- I understand the concepts of it but implementation and function I have not learned yet. Although I have no training or research into Cisco managable appliances yet anyhow so... I plan to take a class this summer as I dont think I'd have enough motivation alone with a book. :/

~Kris

 

[ScreamingBroccoli]

Well I can openly say I am lost when it comes to most of this -- I understand the concepts of it but implementation and function I have not learned yet. Although I have no training or research into Cisco managable appliances yet anyhow so... I plan to take a class this summer as I dont think I'd have enough motivation alone with a book. :/

~Kris

That's really my problem, it was basically a teach your self class while in school (WTF... I wish I would have known that before) I don't think that the instructor was too knowledgeble about the the equipment or IOS either. I understand all of the different concepts, I got a B+ on the written part, it's just that doing on a router is difficult due to the lack of labs and instruction. I couldn't get it to work again today either. I had everything set up correctly, and I know this for a fact. I studied a lot and figured out how do do the ACLs and router rip, not very hard once you know how. The thing was something was messed up w/ the hyperterminal program running on win98... I'd go set it up and when you get the command prompt the enter key wouldn't work, and the instructor didn't know why so how the heck should I know? Then I had to use some preconfigured thing that I bet was wrong... and I don't feel like explaining anymore. He said he'd look at it later but Id doubt I'll get an answer to what was wrong. Also, on the other set of routers they couldn't set an ACL, and he couldn't tell why, so I'm very confused what to think about that class, especially when all the stuff we do is all ready out dated.

Oh well

 

[ScreamingBroccoli]

Sounds like you'll have what the original poster is missing; hands-on experience. Heck, saying "does anyone know how to do that ACL thing" proves the original poster is not ready for the CCNA test.

The CCNA book that I read had an entire chapter (81 pages) on "Routing and Routing Protocols" and another entire chapter (44 pages) on Access Lists; if you skip half the book, don't be surprise when you fail the test.

You got a book?

 

[Fint]

This was a few years ago; it is a 1000 page book straight from Cisco. They've since broken the test into two parts, so you may need two books. Cisco Press CCNA Bookstore or the book I used

They even included a PDF version of the book for free.

 

[osbjmg]

We never really did a lot of work on the routers, so how would I 'add the networks' and do the router rip? Thanks for the ACL link

-Matt

Well CCNA has to do a lot with routers, so maybe that's the problem Just kidding, but what bealzz was referring to was just network statements under router rip:
router rip
version 2
network 195.12.5.96

 

[osbjmg]

Oh yea and the ACL thing, you probably should have covered this in class before the exercise too but typically:
R4(config)#access-list 101 deny ip 192.12.5.97 0.0.0.0 192.12.5.98 0.0.0.0
R4(config)#access-list 101 permit ip any any

int s1
ip access-group 101 in

This will stop anything generated from the router (not traffic routed by the router) going to the other router. You can do this and/or the opposite direction but that would need to be inbound on the other side or outbound on this side but you break communication anyway when you stop just one side.

 

[IceWindus]

This is why Im having trouble getting motivated learning CISCO stuff.....

 

[omega-x]

yeah
i took, and did very well in a CCNA focused class, i did not however, get enough out of it to do well as graded by cisco.
thats what you get by doing it at a shitty technical college with a foreign teacher with a day job doing cisco. (no offense to the guy)

 

[deadm3at]

add all the directly connected networks to the router, example: you have 2 interfaces on a router, s0/1 is 192.168.0.1 and s0/2 is 192.168.1.1 you would do this

router rip
network 192.168.0.1 255.255.255.0
network 192.168.1.1 255.255.255.0

the mask only matters if you have no auto summary turned on, otherwise the router will know what subnet it is holding

 

[Glyphic]

Yeah I already finished ccna 1 and 2, it kinda sucks, and alot of the stuff is a pain, but at the same time I want to do it. I can't believe you didn't learn routing/routed protocols, we covered almost everything very throughly, although we completed skipped mod 10 in sem 2, because we ran out of time. I'm still a bit iffy on subnetting and acls, I have books though so I'll have to study :/

 

[osbjmg]

This is why Im having trouble getting motivated learning CISCO stuff.....

Which part is discouraging you?

 

[osbjmg]

add all the directly connected networks to the router, example: you have 2 interfaces on a router, s0/1 is 192.168.0.1 and s0/2 is 192.168.1.1 you would do this

router rip
network 192.168.0.1 255.255.255.0
network 192.168.1.1 255.255.255.0

the mask only matters if you have no auto summary turned on, otherwise the router will know what subnet it is holding

(RIP doesn't use masks )

 

[IceWindus]

Which part is discouraging you?

Just the huge learning curve of how this stuff works for one thing. Im so used to GUI interfaces command lines just scares and fustrates me. But then im afraid if I don't learn it I won't go anywhere in this industry.

I seriously lack the motivation, I start reading a Cisco book and I actually fall asleep from boredom. I'd much rather talk/work with clients and talk about stuff. Helping people is what I do best, especially the little people.

 

[Darkstar850]

When I started out, I had only configured SOHO routers through a web interface, and I wondered why anyone would want to use a CLI. Now I understand. It gets to a point where you don't really see it as just plain text anymore, and problems sort of pop out at you. It sort of reminds me of the part in the matrix where the guy who ends up becoming a traitor says "All I see now is blonde, brunette, redhead."
Despite that, I think part of the reason that Cisco is so command line centric is that it keeps their sales model in place, and pleases all the people that have invested so much time in learning their CLI. Having done so myself, I understand that mentality, as powerful and easily web configurable network devices would render most of my skills unnecessary, and I only just got started in the industry.

 

[Fint]

Some things are just too difficult to express in graphical terms, with too many options.

Go into 'conf t' mode and hit a ? mark.. look at all the options, each one would have to be fully mapped out and visable, and then people would complain that the GUI is too hard to use.

Besides, the lack of a GUI frees up resources to allow the device (such as a router) to route, instead of running a webserver/etc.

 

[osbjmg]

When I started out, I had only configured SOHO routers through a web interface, and I wondered why anyone would want to use a CLI. Now I understand. It gets to a point where you don't really see it as just plain text anymore, and problems sort of pop out at you. It sort of reminds me of the part in the matrix where the guy who ends up becoming a traitor says "All I see now is blonde, brunette, redhead."
Despite that, I think part of the reason that Cisco is so command line centric is that it keeps their sales model in place, and pleases all the people that have invested so much time in learning their CLI. Having done so myself, I understand that mentality, as powerful and easily web configurable network devices would render most of my skills unnecessary, and I only just got started in the industry.

The main reason is that there is an enormous amount of code cisco has to deal with, and every bug would have to be fixed in the code and then in the GUI, very tedious and there is no time for that. Besides, when your network is down, no GUI is going to help you... console connection at 9600baud running what, html? It's just the way it is and while there are GUI's out there to help, they can never be complete. What's more complete is SNMP as they can be edited even more rapidly than CLI.. just another layer of abstraction that doesn't need to be dealt with.

 

[osbjmg]

Just the huge learning curve of how this stuff works for one thing. Im so used to GUI interfaces command lines just scares and fustrates me. But then im afraid if I don't learn it I won't go anywhere in this industry.

I seriously lack the motivation, I start reading a Cisco book and I actually fall asleep from boredom. I'd much rather talk/work with clients and talk about stuff. Helping people is what I do best, especially the little people.

I hear you there IceWind, some people aren't all about just managing network gear.. there is much more to IT than this. Words of advice: get a security clearance and learn active directory or something similarly in demand and GUI related. Honestly, some GUI's are harder to learn and be efficient at... actually most of them are. If you can be good at a few and make them work for you, you're money

 

[kyl]

I'm about the take the CCNA exam, is there a hands on portion like the one above? Or do they give you a routersim and you have one objective? i.e. make ACL's to block blah blah and allow blah blah on interface s0

 

[necrophobic]

Yes there are 2 simulators in the exam. The exam is also adaptive so there is no going back to change your answers once you move on to the next question. If you dont know basic subnetting I wouldnt even plan on passing the test. Half the test is subnetting. Cisco likes to make sure you have a good concept of subnetting because with the BSCI(CCNP) and beyond you'll be getting into VLSM/supernetting which is advanced subnetting but I believe with the new curriculum they intro that in Cisco3/4.....Anyway good luck.

 

[Kaos]

dont forget to set the bandwidth on your serial interfaces after you set the clockrate...i usually use bandwidth 64

 

[kyl]

Subnetting is freakn easy. The techie at my school doesn't understand how it works, pretty sad. =/

Is half the New test subnetting? If so, why is everyone so worried about it? And why do they think the ccna is a hard exam. I keep hearing stoires about how hard this new test is, and how it really tests your ability.