Centralized Server-Based AAA Authentication (2 of 2)

PART 2:

Now that SRV is set up and running WinRadius we can configure DLS1 & DLS2 to use RADIUS on SRV for login authentication (telnet).

The configurations are straight forward and if you’d like to know more I’d suggest searching Cisco’s site.

Some of the key information we needed to take note of in Part 1 was the following:

Radius IP: 10.1.50.1
Radius Password (a.k.a NAS Secret): WinRadius
Radius auth-port: 2812
Radius acct-port: 2813
Our User: User1
& Password: CCnP

Centralized Server-Based AAA Authentication (1 of 2)

Part 1: Configuring the Radius Server

In this post we want to secure access to our devices and do so with a single authentication server. There are many reasons to do this; for example we can easily manage users and passwords without having to micromanage each device.

The topology is similar to the RSPAN post:

DLS1 VLAN 5 (MGT): 10.1.5.252
DLS2 VLAN 5 (MGT): 10.1.5.253

RSPAN

For this post we want to focus on capturing and analyzing traffic on DLS2 fa0/18 VLAN 10 that connects to PCC. In essence, we want to monitor the traffic to and from PCC using RSPAN (Remote Switched Port Analyzer). SRV will monitor the traffic using Wireshark. For the end test we will send a ping from PCB to PCC and see the ICMP packets on SRV running Wireshark.

Topology

BGP RIB-failure

So, you’re following along in a lab configuring BGP and your “show ip bgp” reveals a RIB-failure…

Squeeze Your Flash…

Can’t get rid of a file in flash?

Copying Multiple Config Files onto a Router

Topology

I have several config files (about 30) for each of 6 devices – that’s 180 configs files that I don’t want to manually move over. Not only would it be exhausting and error prone, I know it would take some time to do. I want to move these to the devices so I can quickly move through some TShoot labs without having to tftp each config file for each lab individually. Doing the later would also require each device to have connectivity to the tftp server at all times – it’s just not functional. So, instead, I’d rather have all the config files for each lab already installed in flash so I can quickly “configure replace” as I move through each lab.

HSRP Troubleshooting

From: GNS3 Vault (1) Thanks to Rene Molenaar for taking the time to post these practice labs on his site.

• Router New York, New Jersey and LA are configured for HSRP so router Host has a virtual gateway IP address.
• Fix HSRP so router NewYork, NewJersey and LA are in the same HSRP Group and form a single virtual gateway.
• Each HSRP router should be able to become the active router and forward IP packets from the host to the ISP.

DHCP Troubleshooting

DHCP Troubleshooting

From: GNS3 Vault (1) Thanks to Rene Molenaar for taking the time to post these practice labs on his site.

• Router DHCPClient1 needs to obtain an IP address through DHCPServer on its fa0/0 interface
• Router DHCPClient2 needs to obtain an IP address through DHCPServer on its fa0/0 interface
• Only Router DHCPServer can hand out IP’s