1. Networking Technologies Unit 1
By M Indraja
Connecting to a LAN& WAN; implementing network security; network types; network media;
routing and switching fundamentals.
LAN and WAN
History of Computer Network’s:
In 1950s - 1960s: The Terminal-Oriented Computer Networks
In 1960s - 1970s: The Computer-to-Computer Networks (ARPANET-first Wide Area Network
(WAN))
In 1980s: The Local Area Networks (LANs)
1980s: The Internet – most superior telecommunication network
What is Terminal Oriented Computer Networks?
Terminal-Oriented Computer Networks are started implantation the year of 1960s and 1970s.
In early computer existed extremely expensive, so time-sharing techniques were developed
to allow them to be shared by many users.
Through this use of video terminals multiple users were able to simultaneously input
instruction and obtain results from the host computer.
In *modem* devices further enabled that terminals reach the host computer via telephone
network, over a greater distance.
(*) modem – device for sending digital data over phone line / analog network.
Example: [modulation / demodulation]
2. Networking Technologies Unit 1
By M Indraja
In Terminal-Oriented Computer networks there is some line sharing challenges:
So, the Line Sharing Challenges are in a mainframe system, a large number of terminals
had to be connected to a central computer.
There is cost for providing individual lines to each terminal was prohibitive.
In line sharing was more practical, but – how to *chare* a common medium in manner
that is: fair, orderly and error-free.
Fair: The each machine gets a chance to send, long waits prevented.
Orderly: Packets from each machine can be properly assembled and reassembled.
Error-free: Recognize erroneous packets/data
(*) Line-sharing challenges:
Medium access control, framing, addressing, error control.
Medium Access Control:
In medium access control methods allowed a number of terminals to communicate with
central computer using a shared common line.
Ex: Polling Protocol
Framing:
In line sharing required that messages be partitioned into frames (header + data).
Addressing:
In frames/headers had to carry ‘address’ to identify receiving terminal.
The communication lines and analog switching equipment introduced errors in
transmission.
Error Control Techniques:
In error-control techniques was developed to ensure error-free communication.
Ex: Cyclic Redundancy check (CRC) algorithm an error-detection scheme
CRC is calculated based on frame header and payload.
CRC is appended to frame
If receiver detects error, retransmission is requested,
Some error-control techniques attempt to send enough redundant information to enable both error-
detection and error-correction.
3. Networking Technologies Unit 1
By M Indraja
Computer-to-Computer Networks: (The ARPANET – first Wide Area Network (WAN))
Early the cost of computers dropped and new applications emerged, it became necessary to enable
mainframe computers (not terminals) to interconnect and communicate over long geographic
distances
So the applications examples are:
File transfer between computers
Multi process operation over multiple computers.
ARPANET (1960s):
The 1st major effort at developing a network to interconnect computers over a wide
geographic area – first major WAN.
Here, internet (1970s)-emerged from ARPANET-network of interconnected networks.
4. Networking Technologies Unit 1
By M Indraja
About ARPANET Architecture:
In network the main core consists of packet switches
(dedicated minicomputers) to avoid costly full mesh topology.
So, the each packet switch connects to at least two other switches to provide alternative paths in
cases of failure.
Generally a network transfer message by breaking them into packets of fixed size.
1. Those like long message (then long delays and higher problems of error).
2. Basically each packet has a header with destination address – (packets are transmitted
independently…)
In the network transfers a packets using the away of “store and forward” principle.
By observing the diagram we should know about how the packets are store and forward.
Some other challenges of ARPANET:
In ARPANET there was some challenges like error control, congestion control, flow
control.
Error Control:
In error control between adjacent packet switches enables faster error recovery.
(Partial responsibility of IP Protocol).
Congestion Control:
In congestion control inside the network prevents buffer overflow at core packet switches.
Flow Control:
In this there was an end-to-end (flow control) prevents buffer overflow at receiver/sender.
(responsibility of TCP protocol)
5. Networking Technologies Unit 1
By M Indraja
Applications of ARPANET:
Some of “dumb core and intelligent edges” are enabled development of many interesting
and useful applications:
E-mail
File Transfer Protocol (FTP)
Remote login (Telnet)
Dumb core: In packet switches are only required / capable of packet forwarding.
Intelligent Edges: The end devices have considerable CPU and memory capabilities.
LOCALAREA NETWORKS: (LAN)
“History of LAN”
In 1980s affordable computers become available. Then need for low-cost, high-speed, and low
error-rate networks arose.
To interconnect local workstations over small radius < 1km
To enable sharing of local resources like printers, servers, etc.)
So the complex packet switching, congestion and flow control were unnecessary.
There are variety of LAN topologies emerged, including: Bus, Ring
6. Networking Technologies Unit 1
By M Indraja
Bus Topology (Ethernet):
In bus topology there was an one long cable, so-called backbone, links all devices in the network
– (similar to single-line mainframe architecture)
Every each workstation connects to backbone through “Network Interface Card” (NIC); each has
globally unique address.
So, the data frames are broadcast into coaxial cable.
Receive : In receive side the NIC listens to medium for frames with its address.
Send : In sender side the NIC listens to medium for presence of ongoing transmission – if no
transmission is found, send frame.
Collision: In collision 💥 it the frame collides with somebody else’s frame, abort transmission and
retry later.
Advantages and disadvantages of bus topology:
Advantages: It was simple and inexpensive to installation.
Disadvantages: The backbone is equal to single point of failure.
If two or more devices transmit simultaneously their signals will interfere.
7. Networking Technologies Unit 1
By M Indraja
Ring Topology:
In ring topology each device has a dedicated point-to-point connection only with the two
devices on either side of it.
If any small frame-token-circulates around the ring; only the station that possesses the
token is allowed to transmit at any given time.
The signal is passed along the ring in one direction, from device to device, until it reaches
its destination.
8. Networking Technologies Unit 1
By M Indraja
The Internet: (Internet=Internetwork)
The two or more interconnected networks – network of networks.
Past Internet:
In past internet the LANs that emerged 1970s were different in terms of their underlying
technology and operation.
And a protocol that would enable communication across multiple dissimilar networks was
needed.
“A higher level of abstraction” protocol.
The Internet protocol/Addressing were soon developed and enabled creation of a single
global internetwork.
Present Internet:
The present internet was spread over 200 countries. By made up of 100,000s of
interconnected networks, 10,000,000s of interconnected hosts, and 100,000,000s of users. It was
still grows exponentially…
IP Network (the internet):
The each component network must contain special packet switch, gateway/router, through
which it interconnects with rest of the internet.
So, every computers place data in IP packets (data + IP header) and deliver them to nearest
router.
In router, with help of other routers, attempts to forward packet across the internet.
Then the “best effort service” – IP provides no mechanism to deal with packet loss,
corruption, reordering.
IPAddressing:
The IP addressing is a scheme that fits (inter)network structure: IP address = Net ID + Host ID.
So, packets are routed only based on NET ID in destination IP address.
Then routers have to know only major networks, not every single host => less
memory/network update requirements.
It was smaller routing tables => faster routing
9. Networking Technologies Unit 1
By M Indraja
What is NIC?
A network interface card (NIC) is a hardware component without which a computer cannot be connected
over a network. It is a circuit board installed in a computer that provides a dedicated network connection to
the computer. It is also called network interface controller, network adapter or LAN adapter.
A network interface controller (NIC, also known as
a network interface card, network adapter, LAN
adapter or physical network interface, and by simi-
lar terms) is a computer hardware component that
connects a computer to a computer network.
Early network interface controllers were commonly
implemented on expansion cards that plugged into
a computer bus. The low cost and ubiquity of
the Ethernet standard means that most newer com-
puters have a network interface built into the moth-
erboard.
Modern network interface controllers offer ad-
vanced features such as interrupt and DMA inter-
faces to the host processors, support for multiple re-
ceive and transmit queues, partitioning into multi-
ple logical interfaces, and on-controller network
traffic processing such as the TCP offload engine.
10. Networking Technologies Unit 1
By M Indraja
About Circuit vs packet switching:
Circuit Switched Networks:
In past days networks progress starts from circuit switched network.
If any packet(message) reach there source to destination versa then it was communicating
through the telephone switched networks only. By using this communication some
problems was detected.
Those are like advantages and disadvantages.
Advantage:
There was guaranteed Quality of Service – data is transmitted at fixed (guaranteed) rate; delay at
nodes is negligible.
Disadvantages:
The circuit establishment delay is like circuit establishment introduces ‘initial delay’.
There was inefficient use of capacity – channel capacity is dedicated for the duration of a
connection, even if no data is being transferred (e.g. silent periods in speech).
And the network complexity – end-to-end circuit establishment and bandwidth allocation
requires complex signaling software to coordinate operation of switches.
11. Networking Technologies Unit 1
By M Indraja
Packet Switched Networks:
At present packet switched networks was changed a lot by comparing the circuit switched network
(telephone networks).
Advantages:
It was greater line efficiency – network links are dynamically shared by many packets /
connections.
There is no blocked traffic – packets are accepted even under heavy traffic, but delivery
delay may increase.
Disadvantages:
In this variable delay – each node introduces additional variable delay due to processing
and queueing
And over head – to route packets through a packet-switching network, overhead infor-
mation including the address of destination and/or sequence information must be added to
each packet.
Basic example for LAN and WAN in CISCO packet tracer.
1. Select the server and switch (choose a switch with many Fast Ethernet ports)
2. Select the routers (choose router with fast Ethernet ports and serial ports)
3. And last select the pc’s to communicate to other networks. (so select more pc’s).
12. Networking Technologies Unit 1
By M Indraja
Designed a network topology and place the all devices like switch, routers and server. And select
the pc’s.
In above network topology is define about the connecting to different area networks (LAN
and WAN) highlighted with colors.
The server and the pc’s are following the IP address series is 192.168.10.1 and default
gateway is 192.168.10.2.
By connecting router 0 and pc4 is following the IP address series is 192.168.20.3 and de-
fault gateway is 192.168.20.1.
And the last network was router 1 and pc5 is following Ip address series is 192.168.30.3
and default gateway is 192.168.30.1
1. Select the server and open – goto desktop
option.
2. Assign the IP address, subnet mask and
default gateway.
3. IP address is 192.168.10.1
4. Subnet Mask is 255.255.255.0
5. Default Gateway is 192.168.10.2
13. Networking Technologies Unit 1
By M Indraja
Here open the server – select
services option and choose the
DHCP services.
By selecting the DHCP services,
After ‘on’ the service option and the set the DHCP
pool options like
(Default Gateway: 192.168.10.2
DNS Server 192.168.10.1
Start IP Address: 192.168.10.5)
Then select the option save.
1. Now open the PC0 and select
the options in desktop.
2. Request the DHCP and
continue all the pc’s.
3. If DHCP request successful
means, as we assigned in server
of followed IP address was
executed successful.
4. If DHCP request was failed,
then check the server DHCP
settings.
14. Networking Technologies Unit 1
By M Indraja
After successful executed DHCP
connections.
Then try to communicate the PC’s
(PC0.PC1.PC2,PC3) only (and we
requested DHCP services only
those PC’s)
So, drag and drop the PDU packet
are give a ping command in PC.
Result: the PDU packet reached
successful to PC0 to PC1, PC1 to
PC2, PC2 to PC3.
Now select the router and choose
the config setting and select the
option interface (fastetherenet
f0/0) on the port status and select
the ip configuration : 192.168.10.2
Subnet mask 255.255.255.0
Here, select the FastEthernet 1/0 and
configure the IP address.
And On the port status.
IP: 192.168.20.1
Subnet Mask: 255.255.255.0
15. Networking Technologies Unit 1
By M Indraja
Now select the Router1.
Goto config settings – select the
FastEtherenet0/0 – on the port
status and assign IP address.
IP: 192.168.30.1
Subnet Mask: 255.255.255.0
Here select the PC4 and configure
IP address.
Now assign IP address:
192.168.20.3
255.255.255.0 Subnet Mask
192.168.20.1 Default Gateway
192.168.10.1 DNS server
Here select the PC5 and
configure IP address.
Now assign IP address:
192.168.30.3
255.255.255.0 Subnet Mask
192.168.30.1 Default Gateway
192.168.10.1 DNS server
16. Networking Technologies Unit 1
By M Indraja
Assign serial configure to
Router 0:
Then select the router0- entre
the config settings and choose
Serial2/0 and ‘on’ port status-
Assign ip: 10.0.0.1 Ip address
255.0.0.0 subnet mask
Assign serial configure to
Router 1:
Then select the router1- entre
the config settings and choose
Serial2/0 and ‘on’ port status-
Assign ip: 10.0.0.2 Ip address
255.0.0.0 subnet mask
After completion of serial configuration in
both routers.
Then choose the router0 CLI (Command line
Interface) given the commands
#exit
#ip route 0.0.0.0 0.0.0.0 10.0.0.1
#exit
Now choose the router1 CLI –
#exit
#ip route 0.0.0.0 0.0.0.0 10.0.0.2
#exit
17. Networking Technologies Unit 1
By M Indraja
After successful serial communication and commands execution in router CLI.The PDU packets
are executed successfully.
At final just check the server excess also in PC4 and PC5 and also PC0, PC1, PC2, PC3.
18. Networking Technologies Unit 1
By M Indraja
Now try give ping request for all pc’s or drag and drop PDU packet.
Finally check in simulation method, how the communication was executed successfully (by LAN
and WAN communicating using switch and router’s). So, this was the simple LAN and WAN
communication.
19. Networking Technologies Unit 1
By M Indraja
Implementing network security:
Network security is a broad term that covers a multitude of technologies, devices and processes.
In its simplest term, it is a set of rules and configurations designed to protect the integrity, confi-
dentiality and accessibility of computer networks and data using both software and hardware tech-
nologies.
Every organization, regardless of size, industry or infrastructure, requires a degree of net-
work security solutions in place to protect it from the ever-growing landscape of cyber
threats in the wild today.
Today's network architecture is complex and is faced with a threat environment that is
always changing and attackers that are always trying to find and exploit vulnerabilities.
These vulnerabilities can exist in a broad number of areas, including devices, data, appli-
cations, users and locations.
For this reason, there are many network security management tools and applications in use
today that address individual threats and exploits and also regulatory non-compliance.
When just a few minutes of downtime can cause widespread disruption and massive dam-
age to an organization's bottom line and reputation, it is essential that these protection
measures are in place.
How does network security work?
There are many layers to consider when addressing network security across an organization.
Attacks can happen at any layer in the network security layers model.
So your network security hardware, software and policies must be designed to address each area.
Network security typically consists of three different controls:
Physical,
Technical and
Administrative.
Here is a brief description of the different types of network security and how each control works.
Physical Network Security:
Physical security controls are designed to prevent unauthorized personnel from gaining
physical access to network components such as routers, cabling cupboards and so on.
Controlled access, such as locks, biometric authentication and other devices, is essential in
any organization.
Technical Network Security:
Security controls protect data that is stored on the network or which is in transit across,
into or out of the network.
Protection is twofold; it needs to protect data and systems from unauthorized personnel,
and it also needs to protect against malicious activities from employees.
Administrative Network Security:
Administrative security controls consist of security policies and processes that control user
behavior, including how users are authenticated, their level of access and also how IT staff mem-
bers implement changes to the infrastructure.
20. Networking Technologies Unit 1
By M Indraja
Types of network security:
We have talked about the different types of network security controls. Now let's take a look at
some of the different ways you can secure your network.
Network Access Control:
To ensure that potential attackers cannot infiltrate your network, comprehensive access
control policies need to be in place for both users and devices.
Network access control (NAC) can be set at the most granular level.
For example, you could grant administrators full access to the network but deny access to
specific confidential folders or prevent their personal devices from joining the network.
Antivirus and Antimalware Software:
Antivirus and antimalware software protect an organization from a range of malicious soft-
ware, including Viruses, Ransomware, Worms and Trojans.
The best software not only scans files upon entry to the network but continuously scans
and tracks files.
Firewall Protection:
Firewalls, as their name suggests, act as a barrier between the untrusted external networks
and your trusted internal network.
Administrators typically configure a set of defined rules that blocks or permits traffic onto
the network.
Virtual Private Networks:
Virtual private networks (VPNs) create a connection to the network from another endpoint
or site.
For example, users working from home would typically connect to the organization's net-
work over a VPN.
Data between the two points is encrypted and the user would need to authenticate to allow
communication between their device and the network.
Network security for businesses and consumers:
Network security should be a high priority for any organization that works with networked
data and systems.
In addition to protecting assets and the integrity of data from external exploits, network
security can also manage network traffic more efficiently, enhance network performance
and ensure secure data sharing between employees and data sources.
There are many tools, applications and utilities available that can help you to secure your
networks from attack and unnecessary downtime.
21. Networking Technologies Unit 1
By M Indraja
Implementing Security:
What is security? (Network)
Network security is any activity designed to protect the usability and integrity of your net-
work and data.
It includes both hardware and software technologies
It targets a variety of threats
It stops them from entering or spreading on your network.
Effective network security manages access to the network.
https://www.cisco.com/c/en_in/products/security/what-is-network-security.html
(Watch the video)
What is Firewall?
A firewall is a network security device that monitors incoming and outgoing network traffic
and decides whether to allow or block specific traffic based on a defined set of security rules.
Firewalls have been a first line of defense in network security for over 25 years.
They establish a barrier between secured and controlled internal networks that can be
trusted and untrusted outside networks, such as the Internet.
A firewall can be hardware, software, or both.
https://www.cisco.com/c/en_in/products/security/firewalls/what-is-a-firewall.html
(Watch the video) If you watch the video you get more details about the firewall and types of
firewall in network and also you can know about upcoming firewall details.
Proxy firewall: (Default Gateway)
An early type of firewall device, a proxy firewall serves as the gateway from one network
to another for a specific application.
Proxy servers can provide additional functionality such as content caching and security by
preventing direct connections from outside the network.
However, this also may impact throughput capabilities and the applications they can sup-
port.
What is ASA(Adaptive Security Appliance)?
The Cisco ASA Firewall uses so called “security levels” that indicate how trusted an inter-
face is compared to another interface.
The higher the security level, the more trusted the interface. The each interface on the ASA
is a security zone so by using these security levels we have different trust levels for our
security zones.
An interface with a high security level can access an interface with a low security level but
the other way around is not possible unless we configure an access-list that permits this
traffic.
22. Networking Technologies Unit 1
By M Indraja
Here are a couple of examples of security levels:
Security level 0:
This is the lowest security level there is on the ASA and by default it is assigned to the
“outside” interface. Since there is no lower security level this means that traffic from the outside
is unable to reach any of our interfaces unless we permit it within an access-list.
Security level 100:
This is the highest security level on our ASA and by default this is assigned to the “inside”
interface. Normally we use this for our “LAN”. Since this is the highest security level, by default
it can reach all the other interfaces.
Security level 1 – 99:
We can create any other security levels that we want, for example we can use security level
50 for our DMZ.
This means that traffic is allowed from our inside network to the DMZ (security level 100
-> 50) and also from the DMZ to the outside (security level 50 -> 0).
Traffic from the DMZ however can’t go to the inside (without an access-list) because traf-
fic from security level 50 is not allowed to reach security level 100.
You can create as many security levels as you want…
About OSPF (Open Shortest path first)
It is 1st a routing protocol for internet protocol networks. It uses a link state routing algorithm and
falls into the group of interior gateway protocols, operating within a single autonomous system.
Mainly it is a link state routing protocol that is used to find the best path b/w the source
and destination router using its own shortest path first.
OSPF is developed by (IETF) "Internet Engineering Task Force" as one of the "interior
gateway protocol" (IGP), i.e., the protocol which aims at moving the packet within a large
autonomous system or routing domain.
What is link state routing?
LSR is the 2nd family of routing protocols (while DVR use a distributed algorithm to com-
pute their routing tables); LSR use link state routers to exchange message that allows each router
to learn the entire network topology.
23. Networking Technologies Unit 1
By M Indraja
Now, here an example on ASA firewall in cisco packet tracer
>en
>click ent (password) there is no password so then again click entre
>sh running (to know about the previous default config in our current working device asa)
>conf t
>no (paste dhcpd address)
24. Networking Technologies Unit 1
By M Indraja
>sh run
>ciscoasa#conf t
ciscoasa(config)#no dhcpd address 192.168.1.5-192.168.1.36 inside
>ciscoasa(config)#!^Z (here control z or u can use exit)
>ciscoasa#sh run
(vlan 1)
>conf t
>int vlan 1
>ip address 10.1.1.1 255.0.0.0
>no shut
Security level's of ASA (it have two level's of security)1.Low level and 2.high level.
100-inside (low level security)(interface connected to private n/w's)
0-outside(high level security)(interface connected to public n/w's.)
1-99 DMZ (any device like server, router connected in dmz)we can put the security level b/w 1 to
99.
>nameif inside (we can set the security for firewall.)
>security-level 100
>exit
>int e0/1
>switchport access vlan 1
>exit
(vlan2)
>int vlan 2
>ip address 50.1.1.2 255.0.0.0
>no shutdown
>nameif outside
>security-level 0
>exit
>int e0/0
>switchport access vlan 2
Now go to router (to config)
>en
>conf t
>int f0/0
>ip address 50.1.1.1 255.0.0.0
>no shutdown
>int f0/1
>ip address 8.8.8.1 255.0.0.0
>no shutdown
25. Networking Technologies Unit 1
By M Indraja
now give the dynamic address to pc's
ASA firewall
>exit
>dhcpd address 10.1.1.10-10.1.1.40 inside
>dhcpd dns 8.8.8.8 interface inside
now we should assign a default route on ASA
>route outside 0.0.0.0 0.0.0.0 50.1.1.1
Now go to router(set ospf)
exit
router ospf 1
net 50.0.0.0 0.255.255.255 area 0
net 8.0.0.0 0.255.255.255 area 0
Now go to ASA (pc)
>object network ? (it specifying what kind of network)
>object network LAN
>subnet 10.0.0.0 255.0.0.0
>nat (inside,outside) dynamic interface
>exit
now again in asa firewall(give some access to pcs and server )
>conf t
>access-list ?
>access-list mynetwork extended permit tcp any any
>access-list mynetwork extended permit icmp any any
>access-group mynetwork in interface outside
>access-group mynetwork in interface outside
If want know the network flow of data use the command
>#show nat
>#show xlate
26. Networking Technologies Unit 1
By M Indraja
Here the step wise process for complete ASA security firewall for the above image network
topology.
Place the devices for a network topology, so select the software (Cisco Packet Tracer “CPT”) in
your PC.
Open the CPT, select the devices like switch, router, ASA firewall, server and PC’s.
Make sure by selecting the switch with more FastEthernet ports and router have at least
two FastEthernet ports.
Next connect the devices by using the copper cross wires and straight wires for connecting
one device to another device’s FastEthernet and Ethernet ports. (Connect the wires by
following above image)
Connect the PC0 and ASA
firewall using the console
wire (select the console wire
and drag the wire PC RS 232
and connect to ASA console.
After open the pc desktop –
select the terminal
configuration – click ‘ok’
without any change in
terminal
27. Networking Technologies Unit 1
By M Indraja
Basic methods of configuration modes:
Everyone know about the basic configuration mode. So, the main configurations are ‘Global and
Privileged modes’.
Global Configuration mode:
In ‘global configuration mode’it allows user’s 👤👧👦 to modify the running system configuration.
Privileged Configuration mode:
In ‘privileged configuration mode’ it allows user’s 👤👧👦 can movie to configuration mode by
running the “configure terminal” command from privileged mode.
After ‘click’ ok to enter the terminal.
By entered to terminal mode give a command
‘en’ enable.
System give the response like password: (but
there is no password), but if user want the
password (user may create the password).
After enter the command ‘sh run’ (it means
show running – it shows about the default
configuration settings like vlan details ip
address details).
User check the details by clicking enter and
check the default configuration settings.
User should remove the default settings, user
may observe the dhcpd address details.
28. Networking Technologies Unit 1
By M Indraja
☞ When user found the dhcpd address
like (dhcpd address 192.168.1.5-
192.168.1.36 inside)
☞ Then user can remove those default
configuration settings by using the
dhcpd address.
☞ So the user should select all the dhcpd
address copy it and paste the data.
☞ For these method, user should enter to
the configure to terminal mode (by
using the command conf t).
☞ Then user entered into the config mode
– use the command “ no dhcp address
192.168.1.5-192.168.1.36 inside) and
click enter.
☞ After the command work will start (its
like removing the default
configuration settings in the ASA
firewall)
29. Networking Technologies Unit 1
By M Indraja
In this image user should observe the dhcpd
address removed. (it shows like dhcpd
auto_config outside and dhcpd enable inside).
Then now user may start or configure by own
itself.
So, the steps to create the 2 vlans for connecting
the different areas.
Then user may create 2 vlans by using the
commands.
If user want to create vlans then user should ent
into the configure terminal mode (conf t).
After that user create a 1st
vlan by using the
command “int vlan1” – it means interface to vlan
(virtual local area network)
#nameif inside (inside of the vlan 1
interface of ASA firewall – it is for fixing
the security level of the inside of the
network).
#security-level 100 (security level 100
means representing the low level security of
inside asa firewall)
#switchport access vlan 1 (assign the switch
access to vlan 1 in the Ethernet port 0/1)
Continue the steps for vlan 2 using the
security level 0 for high level security.
30. Networking Technologies Unit 1
By M Indraja
By creation of 2 vlans. Now configure the router.
By successful configuration of router.
Goto the PC0 terminal then assign the dhcpd pool address (for pc to pc communication).
Assign dhcpd ip address and dns, route outside in the asa firewall.
31. Networking Technologies Unit 1
By M Indraja
The above image – to route the networks, configure the routing protocol.
So in this router user 👤 was following the OSPF link state routing protocol.
By complete routing protocol.
Enter into the ASA PC0 terminal – create an object network for local Area Network and
Nat (Network Address Translation) – It is for creating the dynamic interface for both inside
and outside the network.
Then after create access-list for tcp and icmp protocols for communication of entire
network.
32. Networking Technologies Unit 1
By M Indraja
By successful creation of access list and other configurations setting in ASA firewall.Now,
configure the server like ip address, subnet mask, default gateway and dns server.
Then request the dhcp for each pc’s PC1, PC2, PC3, PC4, PC5 – if dhcp request successful – user
configured all the commands successfully.
So, check the ping request for normal communication from pc to pc and also server.
33. Networking Technologies Unit 1
By M Indraja
And request the server address to excess the web page in each pc’s for checking purpose
(the server address excess was successful or not.
If page opens successfully or if page request time out means some problem was in the
commands executions are the way user may configure the ip address was not exactly in the
ASA firewall.
So user make sure the ip address configuration in both ASA firewall and server ip
configuration.
The above image user 👤 given a ping request in PC1 to target server (ping –t ip address)
– the ping –t is a continuous ping request – it may create a problem in router and server –
sometimes ping –t behave like an attack in the network.
34. Networking Technologies Unit 1
By M Indraja
To check this kind of situation, user may use the nat (network address translation) in the
ASA firewall.
To check this kind of situation, user may use the nat (network address translation) in the
ASA firewall use the command ‘show nat’ – it shows the total translation done in inside
and outside of the network.
If user 👤 use the command show xlate – it show the tcp packet details other inside and
outside network address packet details and it can give a report complete details of user and
user targeted network details in ASA firewall.
Students Remaining topics follow your own assignments or can follow below links for reference
1. Network types;
https://www.freeccnastudyguide.com/study-guides/ccna/ch1/1-2-networking-types/
2. Network media;
https://www.ciscopress.com/articles/printerfriendly/169686
3. Routing and switching fundamentals.