Description

Book Synopsis
Scott Empson is an instructor in the Department of Information Systems Technology at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, where he has taught for over 21 years. He teaches technical courses in Cisco routing and switching, along with courses in professional development and leadership. Scott created the CCNA Command Quick Reference in 2004 as a companion guide to the Cisco Networking Academy Program, and this guide became the CCNA Portable Command Guide in 2005. Other titles in the series in the areas of CCNP, Wireless, Security, Microsoft, and Linux followed beginning in 2006.

Scott has a Master of Education degree along with three undergraduate degrees: a Bachelor of Arts, with a major in English; a Bachelor of Education, again with a major in English/language arts; and a Bachelor of Applied Information Systems Technology, with a major in network management.

Patrick Gargano has been an educator since 1

Table of Contents
Introduction xix
PART I: LAYER 2 INFRASTRUCTURE
Chapter 1 VLANs 1
Virtual LANs 1
Creating Static VLANs Using VLAN Configuration Mode 2
Assigning Ports to Data and Voice VLANs 2
Using the range Command 3
Dynamic Trunking Protocol (DTP) 3
Setting the Trunk Encapsulation and Allowed VLANs 4
VLAN Trunking Protocol (VTP) 5
Verifying VTP 6
Verifying VLAN Information 7
Saving VLAN Configurations 7
Erasing VLAN Configurations 7
Configuration Example: VLANs 8
Layer 2 Link Aggregation 11
Interface Modes in EtherChannel 12
Default EtherChannel Configuration 12
Guidelines for Configuring EtherChannel 12
Configuring Layer 2 EtherChannel 14
Configuring Layer 3 EtherChannel 14
Configuring EtherChannel Load Balancing 15
Configuring LACP Hot-Standby Ports 16
Monitoring and Verifying EtherChannel 17
Configuration Example: EtherChannel 18
Chapter 2 Spanning Tree Protocol 23
Spanning Tree Protocol Definition 24
Enabling Spanning Tree Protocol 24
Changing the Spanning-Tree Mode 25
Configuring the Root Switch 25
Configuring a Secondary Root Switch 26
Configuring Port Priority 26
Configuring the Path Cost 27
Configuring the Switch Priority of a VLAN 27
Configuring STP Timers 27
Configuring Optional Spanning-Tree Features 28
PortFast 28
BPDU Guard (2xxx/older 3xxx Series) 29
BPDU Guard (3650/9xxx Series) 29
BPDU Filter 30
UplinkFast 30
BackboneFast 31
Root Guard 31
Loop Guard 32
Unidirectional Link Detection 33
Configuring and Verifying Port Error Conditions 33
Enabling Rapid Spanning Tree 36
Rapid Spanning Tree Link Types 36
Enabling Multiple Spanning Tree 37
Verifying the Extended System ID 39
Verifying STP 39
Troubleshooting Spanning Tree Protocol 40
Configuration Example: PVST+ 40
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 43
Chapter 3 Implementing Inter-VLAN Routing 45
Inter-VLAN Communication Using an External Router: Router-on-a-Stick 45
Inter-VLAN Communication Tips 46
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface 46
Configuring Inter-VLAN Communication on an L3 Switch 47
Removing L2 Switchport Capability of an Interface on an L3 Switch 47
Configuration Example: Inter-VLAN Communication 47
Configuration Example: IPv6 Inter-VLAN Communication 55

PART II: LAYER 3 INFRASTRUCTURE
Chapter 4 EIGRP 61
Enhanced Interior Gateway Routing Protocol (EIGRP) 62
Enabling EIGRP for IPv4 Using Classic Mode Configuration 62
Enabling EIGRP for IPv6 Using Classic Mode Configuration 63
EIGRP Using Named Mode Configuration 64
EIGRP Named Mode Subconfiguration Modes 66
Upgrading Classic Mode to Named Mode Configuration 66
EIGRP Router ID 67
Authentication for EIGRP 67
Configuring Authentication in Classic Mode 67
Configuring Authentication in Named Mode 68
Verifying and Troubleshooting EIGRP Authentication 70
Auto-Summarization for EIGRP 70
IPv4 Manual Summarization for EIGRP 70
IPv6 Manual Summarization for EIGRP 71
Timers for EIGRP 71
Passive Interfaces for EIGRP 72
“Pseudo” Passive EIGRP Interfaces 72
Injecting a Default Route into EIGRP: Redistribution of a Static Route 73
Injecting a Default Route into EIGRP: ip default-network 74
Injecting a Default Route into EIGRP: Summarize to 0.0.0.0/0 74
Accepting Exterior Routing Information: default-information 75
Equal-cost Load Balancing: maximum-paths 75
Unequal-cost Load Balancing: variance 76
EIGRP Traffic Sharing 76
Bandwidth Use for EIGRP 77
Stub Routing for EIGRP 77
EIGRP Unicast Neighbors 79
EIGRP Wide Metrics 79
Adjusting the EIGRP Metric Weights 80
Verifying EIGRP 80
Troubleshooting EIGRP 82
Configuration Example: EIGRP for IPv4 and IPv6 Using Named Mode 83
Chapter 5 OSPF 87
Comparing OSPFv2 and OSPFv3 88
Configuring OSPF 89
Configuring Multiarea OSPF 89
Using Wildcard Masks with OSPF Areas 90
Configuring Traditional OSPFv3 91
Enabling OSPF for IPv6 on an Interface 91
OSPFv3 and Stub/NSSA Areas 92
Interarea OSPFv3 Route Summarization 92
Enabling an IPv4 Router ID for OSPFv3 93
Forcing an SPF Calculation 93
OSPFv3 Address Families 93
Configuring the IPv6 Address Family in OSPFv3 94
Configuring the IPv4 Address Family in OSPFv3 94
Applying Parameters in Address Family Configuration Mode 94
Authentication for OSPF 95
Configuring OSPFv2 Authentication: Simple Password 95
Configuring OSPFv2 Cryptographic Authentication: SHA-256 96
Configuring OSPFv3 Authentication and Encryption 97
Verifying OSPFv2 and OSPFv3 Authentication 98
Optimizing OSPF Parameters 98
Loopback Interfaces 98
Router ID 99
DR/BDR Elections 99
Passive Interfaces 100
Modifying Cost Metrics 100
OSPF Reference Bandwidth 101
OSPF LSDB Overload Protection 101
Timers 101
IP MTU 102
Propagating a Default Route 102
Route Summarization 103
Interarea Route Summarization 103
External Route Summarization 103
OSPF Route Filtering 104
Using the filter-list Command 104
Using the area range not-advertise Command 104
Using the distribute-list in Command 104
Using the summary-address not-advertise Command 105
OSPF Special Area Types 105
Stub Areas 105
Totally Stubby Areas 106
Not-So-Stubby Areas (NSSA) 106
Totally NSSA 107
Virtual Links 108
Configuration Example: Virtual Links 108
Verifying OSPF Configuration 109
Troubleshooting OSPF 111
Configuration Example: Single-Area OSPF 111
Configuration Example: Multiarea OSPF 114
Configuration Example: Traditional OSPFv3 117
Configuration Example: OSPFv3 with Address Families 120
Chapter 6 Redistribution and Path Control 127
Defining Seed and Default Metrics 128
Redistributing Connected Networks 129
Redistributing Static Routes 129
Redistributing Subnets into OSPF 130
Assigning E1 or E2 Routes in OSPF 130
Redistributing OSPF Internal and External Routes 131
Configuration Example: Route Redistribution for IPv4 131
Configuration Example: Route Redistribution for IPv6 132
Verifying Route Redistribution 134
Route Filtering Using the distribute-list Command 134
Configuration Example: Inbound and Outbound Distribute List Route Filters 134
Configuration Example: Controlling Redistribution with Outbound Distribute Lists 135
Verifying Route Filters 136
Route Filtering Using Prefix Lists 137
Configuration Example: Using a Distribute List That References a Prefix List to Control Redistribution 139
Verifying Prefix Lists 140
Using Route Maps with Route Redistribution 140
Configuration Example: Route Maps 141
Manipulating Redistribution Using Route Tagging 142
Changing Administrative Distance 143
Path Control with Policy-Based Routing 144
Verifying Policy-Based Routing 145
Configuration Example: PBR with Route Maps 146
Cisco IOS IP SLA 147
Configuring Authentication for IP SLA 149
Monitoring IP SLA Operations 150
PBR with Cisco IOS IP SLA 150
Step 1: Define Probe(s) 151
Step 2: Define Tracking Object(s) 152
Step 3a: Define the Action on the Tracking Object(s) 152
Step 3b: Define Policy Routing Using the Tracking Object(s) 152
Step 4: Verify IP SLA Operations 152
Chapter 7 BGP 155
Configuring BGP: Classic Configuration 156
Configuring Multiprotocol BGP (MP-BGP) 157
Configuring BGP: Address Families 158
Configuration Example: Using MP-BGP Address Families to Exchange IPv4 and IPv6 Routes 159
BGP Support for 4-Byte AS Numbers 160
BGP Timers 161
BGP and update-source 161
IBGP Next-Hop Behavior 162
EBGP Multihop 162
Attributes 164
Route Selection Decision Process–The BGP Best Path Algorithm 164
Weight Attribute 164
Using AS Path Access Lists to Manipulate the Weight Attribute 166
Using Prefix Lists and Route Maps to Manipulate the Weight Attribute 166
Local Preference Attribute 167
Using AS Path Access Lists with Route Maps to Manipulate the Local Preference Attribute 167
AS Path Attribute Prepending 169
AS Path: Removing Private Autonomous Systems 171
Multi-Exit Discriminator (MED) Attribute 171
Verifying BGP 174
Troubleshooting BGP 175
Default Routes 177
Route Aggregation 177
Route Reflectors 177
Regular Expressions 178
Regular Expressions: Examples 179
BGP Route Filtering Using Access Lists and Distribute Lists 180
Configuration Example: Using Prefix Lists and AS Path Access Lists 181
BGP Peer Groups 182
Authentication for BGP 184
Configuring Authentication Between BGP Peers 184
Verifying BGP Authentication 184

PART III: INFRASTRUCTURE SERVICES
Chapter 8 IP Services 185
Network Address Translation (NAT) 186
Private IP Addresses: RFC 1918 186
Configuring Static NAT 187
Configuring Dynamic NAT 188
Configuring Port Address Translation (PAT) 189
Configuring a NAT Virtual Interface 190
Verifying NAT and PAT Configurations 190
Troubleshooting NAT and PAT Configurations 191
Configuration Example: PAT 191
Configuration Example: NAT Virtual Interfaces and Static NAT 193
First-Hop Redundancy Protocols 194
Hot Standby Router Protocol 194
Virtual Router Redundancy Protocol 201
IPv4 Configuration Example: HSRP on L3 Switch 204
IPv4 Configuration Example: VRRPv2 on Router and L3 Switch with IP SLA Tracking 209
IPv6 Configuration Example: HSRPv2 on Router and L3 Switch 212
Dynamic Host Control Protocol (DHCP) 217
Implementing DHCP for IPv4 217
Implementing DHCP for IPv6 221
Configuration Example: DHCP for IPv4 224
Configuration Example: DHCP for IPv6 226
Chapter 9 Device Management 231
Configuring Passwords 231
Cleartext Password Encryption 232
Password Encryption Algorithm Types 233
Configuring SSH 234
Verifying SSH 235
Boot System Commands 235
The Cisco IOS File System 236
Viewing the Cisco IOS File System 236
Commonly Used URL Prefixes for Cisco Network Devices 236
Deciphering IOS Image Filenames 237
Backing Up Configurations to a TFTP Server 238
Restoring Configurations from a TFTP Server 238
Backing Up the Cisco IOS Software to a TFTP Server 239
Restoring/Upgrading the Cisco IOS Software from a TFTP Server 239
Restoring the Cisco IOS Software Using the ROM Monitor Environmental Variables and tftpdnld Command 240
Secure Copy Protocol (SCP) 241
Configuring an SCP Server 241
Verifying and Troubleshooting SCP 241
Configuration Example: SCP 241
Disabling Unneeded Services 242
Useful Device Management Options 243

PART IV: INFRASTRUCTURE SECURITY
Chapter 10 Infrastructure Security 245
IPv4 Access Control Lists (ACLs) 246
Configuring and Applying Standard IPv4 ACLs 246
Configuring and Applying Extended IPv4 ACLs 247
Configuring and Applying Time-based ACLs 248
Configuring and Applying VTY ACLs 249
IPv6 ACLs 250
Configuring and Applying IPv6 ACLs 250
Verifying IPv4 and IPv6 ACLs 251
Implementing Authentication Methods 251
Simple Local Database Authentication 252
AAA-based Local Database Authentication 252
RADIUS Authentication 253
TACACS+ Authentication 255
Configuring Authorization and Accounting 256
Troubleshooting AAA 257
Control Plane Policing (CoPP) 257
Step 1: Define ACLs to Identify Permitted CoPP Traffic Flows 258
Step 2: Define Class Maps for Matched Traffic 258
Step 3: Define a Policy Map to Police Matched Traffic 259
Step 4: Assign a Policy Map to the Control Plane 259
Verifying CoPP 260
Unicast Reverse Path Forwarding (uRPF) 260
Configuring uRPF 260
Verifying and Troubleshooting uRPF 260

PART V: NETWORK ASSURANCE
Chapter 11 Network Assurance 261
Internet Control Message Protocol Redirect Messages 262
The ping Command 262
Examples of Using the ping and the Extended ping Commands 263
The traceroute Command 265
The debug Command 265
Conditionally Triggered Debugs 266
Configuring Secure SNMP 267
Securing SNMPv1 or SNMPv2c 267
Securing SNMPv3 268
Verifying SNMP 269
Implementing Logging 269
Configuring Syslog 269
Syslog Message Format 269
Syslog Severity Levels 270
Syslog Message Example 270
Configuring NetFlow 271
Configuring Flexible NetFlow 272
Step 1: Configure a Flow Record 272
Step 2: Configure a Flow Exporter 272
Step 3: Configure a Flow Monitor 272
Step 4: Apply the Flow Monitor to an Interface 273
Verifying NetFlow 273
Implementing Port Mirroring 273
Default SPAN and RSPAN Configuration 273
Configuring Local SPAN 274
Local SPAN Guidelines for Configuration 274
Configuration Example: Local SPAN 274
Configuring Remote SPAN 277
Remote SPAN Guidelines for Configuration 278
Configuration Example: Remote SPAN 278
Configuring Encapsulated RSPAN (ERSPAN) 280
Verifying and Troubleshooting Local and Remote SPAN 281
Configuring Network Time Protocol 281
NTP Configuration 281
NTP Design 282
Securing NTP 284
Verifying and Troubleshooting NTP 286
Setting the Clock on a Router 286
Using Time Stamps 290
Configuration Example: NTP 290
Tool Command Language (Tcl) 294
Embedded Event Manager (EEM) 295
EEM Configuration Examples 296
EEM and Tcl Scripts 298
Verifying EEM 298

PART VI: WIRELESS
Chapter 12 Wireless Security and Troubleshooting 299
Authenticating Wireless Clients 299
Open Authentication 300
Authenticating with a Pre-shared Key 302
Authenticating with EAP 304
Authenticating with WebAuth 310
Troubleshooting from the Wireless LAN Controller 312
Troubleshooting Wireless Client Connectivity 318
Cisco AireOS Monitoring Dashboard GUI 318
Cisco IOS XE GUI 322

PART VII: OVERLAYS AND VIRTUALIZATION
Chapter 13 Overlay Tunnels and VRF 325
Generic Routing Encapsulation (GRE) 325
Configuring an IPv4 GRE Tunnel 326
Configuring an IPv6 GRE Tunnel 326
Verifying IPv4 and IPv6 GRE Tunnels 327
Configuration Example: IPv4 and IPv6 GRE Tunnels with OSPFv3 327
Site-to-Site GRE over IPsec 331
GRE/IPsec Using Crypto Maps 332
GRE/IPsec Using IPsec Profiles 333
Verifying GRE/IPsec 335
Site-to-Site Virtual Tunnel Interface (VTI) over IPsec 335
Cisco Dynamic Multipoint VPN (DMVPN) 336
Configuration Example: Cisco DMVPN for IPv4 337
Verifying Cisco DMVPN 342
VRF-Lite 343
Configuring VRF-Lite 343
Verifying VRF-Lite 345

Appendix A: Create Your Own Journal Here 347
 Index 361

CCNP and CCIE Enterprise Core CCNP Enterprise

Product form

£28.49

Includes FREE delivery

RRP £29.99 – you save £1.50 (5%)

Order before 4pm today for delivery by Sat 10 Jan 2026.

A Paperback / softback by Patrick Gargano, Scott Empson

Out of stock


    View other formats and editions of CCNP and CCIE Enterprise Core CCNP Enterprise by Patrick Gargano

    Publisher: Pearson Education (US)
    Publication Date: 08/07/2020
    ISBN13: 9780135768167, 978-0135768167
    ISBN10: 0135768160
    Also in:
    Computing Computer certification: Cisco Computer networking and communications

    Description

    Book Synopsis
    Scott Empson is an instructor in the Department of Information Systems Technology at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, where he has taught for over 21 years. He teaches technical courses in Cisco routing and switching, along with courses in professional development and leadership. Scott created the CCNA Command Quick Reference in 2004 as a companion guide to the Cisco Networking Academy Program, and this guide became the CCNA Portable Command Guide in 2005. Other titles in the series in the areas of CCNP, Wireless, Security, Microsoft, and Linux followed beginning in 2006.

    Scott has a Master of Education degree along with three undergraduate degrees: a Bachelor of Arts, with a major in English; a Bachelor of Education, again with a major in English/language arts; and a Bachelor of Applied Information Systems Technology, with a major in network management.

    Patrick Gargano has been an educator since 1

    Table of Contents
    Introduction xix
    PART I: LAYER 2 INFRASTRUCTURE
    Chapter 1 VLANs 1
    Virtual LANs 1
    Creating Static VLANs Using VLAN Configuration Mode 2
    Assigning Ports to Data and Voice VLANs 2
    Using the range Command 3
    Dynamic Trunking Protocol (DTP) 3
    Setting the Trunk Encapsulation and Allowed VLANs 4
    VLAN Trunking Protocol (VTP) 5
    Verifying VTP 6
    Verifying VLAN Information 7
    Saving VLAN Configurations 7
    Erasing VLAN Configurations 7
    Configuration Example: VLANs 8
    Layer 2 Link Aggregation 11
    Interface Modes in EtherChannel 12
    Default EtherChannel Configuration 12
    Guidelines for Configuring EtherChannel 12
    Configuring Layer 2 EtherChannel 14
    Configuring Layer 3 EtherChannel 14
    Configuring EtherChannel Load Balancing 15
    Configuring LACP Hot-Standby Ports 16
    Monitoring and Verifying EtherChannel 17
    Configuration Example: EtherChannel 18
    Chapter 2 Spanning Tree Protocol 23
    Spanning Tree Protocol Definition 24
    Enabling Spanning Tree Protocol 24
    Changing the Spanning-Tree Mode 25
    Configuring the Root Switch 25
    Configuring a Secondary Root Switch 26
    Configuring Port Priority 26
    Configuring the Path Cost 27
    Configuring the Switch Priority of a VLAN 27
    Configuring STP Timers 27
    Configuring Optional Spanning-Tree Features 28
    PortFast 28
    BPDU Guard (2xxx/older 3xxx Series) 29
    BPDU Guard (3650/9xxx Series) 29
    BPDU Filter 30
    UplinkFast 30
    BackboneFast 31
    Root Guard 31
    Loop Guard 32
    Unidirectional Link Detection 33
    Configuring and Verifying Port Error Conditions 33
    Enabling Rapid Spanning Tree 36
    Rapid Spanning Tree Link Types 36
    Enabling Multiple Spanning Tree 37
    Verifying the Extended System ID 39
    Verifying STP 39
    Troubleshooting Spanning Tree Protocol 40
    Configuration Example: PVST+ 40
    Spanning-Tree Migration Example: PVST+ to Rapid-PVST+ 43
    Chapter 3 Implementing Inter-VLAN Routing 45
    Inter-VLAN Communication Using an External Router: Router-on-a-Stick 45
    Inter-VLAN Communication Tips 46
    Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface 46
    Configuring Inter-VLAN Communication on an L3 Switch 47
    Removing L2 Switchport Capability of an Interface on an L3 Switch 47
    Configuration Example: Inter-VLAN Communication 47
    Configuration Example: IPv6 Inter-VLAN Communication 55

    PART II: LAYER 3 INFRASTRUCTURE
    Chapter 4 EIGRP 61
    Enhanced Interior Gateway Routing Protocol (EIGRP) 62
    Enabling EIGRP for IPv4 Using Classic Mode Configuration 62
    Enabling EIGRP for IPv6 Using Classic Mode Configuration 63
    EIGRP Using Named Mode Configuration 64
    EIGRP Named Mode Subconfiguration Modes 66
    Upgrading Classic Mode to Named Mode Configuration 66
    EIGRP Router ID 67
    Authentication for EIGRP 67
    Configuring Authentication in Classic Mode 67
    Configuring Authentication in Named Mode 68
    Verifying and Troubleshooting EIGRP Authentication 70
    Auto-Summarization for EIGRP 70
    IPv4 Manual Summarization for EIGRP 70
    IPv6 Manual Summarization for EIGRP 71
    Timers for EIGRP 71
    Passive Interfaces for EIGRP 72
    “Pseudo” Passive EIGRP Interfaces 72
    Injecting a Default Route into EIGRP: Redistribution of a Static Route 73
    Injecting a Default Route into EIGRP: ip default-network 74
    Injecting a Default Route into EIGRP: Summarize to 0.0.0.0/0 74
    Accepting Exterior Routing Information: default-information 75
    Equal-cost Load Balancing: maximum-paths 75
    Unequal-cost Load Balancing: variance 76
    EIGRP Traffic Sharing 76
    Bandwidth Use for EIGRP 77
    Stub Routing for EIGRP 77
    EIGRP Unicast Neighbors 79
    EIGRP Wide Metrics 79
    Adjusting the EIGRP Metric Weights 80
    Verifying EIGRP 80
    Troubleshooting EIGRP 82
    Configuration Example: EIGRP for IPv4 and IPv6 Using Named Mode 83
    Chapter 5 OSPF 87
    Comparing OSPFv2 and OSPFv3 88
    Configuring OSPF 89
    Configuring Multiarea OSPF 89
    Using Wildcard Masks with OSPF Areas 90
    Configuring Traditional OSPFv3 91
    Enabling OSPF for IPv6 on an Interface 91
    OSPFv3 and Stub/NSSA Areas 92
    Interarea OSPFv3 Route Summarization 92
    Enabling an IPv4 Router ID for OSPFv3 93
    Forcing an SPF Calculation 93
    OSPFv3 Address Families 93
    Configuring the IPv6 Address Family in OSPFv3 94
    Configuring the IPv4 Address Family in OSPFv3 94
    Applying Parameters in Address Family Configuration Mode 94
    Authentication for OSPF 95
    Configuring OSPFv2 Authentication: Simple Password 95
    Configuring OSPFv2 Cryptographic Authentication: SHA-256 96
    Configuring OSPFv3 Authentication and Encryption 97
    Verifying OSPFv2 and OSPFv3 Authentication 98
    Optimizing OSPF Parameters 98
    Loopback Interfaces 98
    Router ID 99
    DR/BDR Elections 99
    Passive Interfaces 100
    Modifying Cost Metrics 100
    OSPF Reference Bandwidth 101
    OSPF LSDB Overload Protection 101
    Timers 101
    IP MTU 102
    Propagating a Default Route 102
    Route Summarization 103
    Interarea Route Summarization 103
    External Route Summarization 103
    OSPF Route Filtering 104
    Using the filter-list Command 104
    Using the area range not-advertise Command 104
    Using the distribute-list in Command 104
    Using the summary-address not-advertise Command 105
    OSPF Special Area Types 105
    Stub Areas 105
    Totally Stubby Areas 106
    Not-So-Stubby Areas (NSSA) 106
    Totally NSSA 107
    Virtual Links 108
    Configuration Example: Virtual Links 108
    Verifying OSPF Configuration 109
    Troubleshooting OSPF 111
    Configuration Example: Single-Area OSPF 111
    Configuration Example: Multiarea OSPF 114
    Configuration Example: Traditional OSPFv3 117
    Configuration Example: OSPFv3 with Address Families 120
    Chapter 6 Redistribution and Path Control 127
    Defining Seed and Default Metrics 128
    Redistributing Connected Networks 129
    Redistributing Static Routes 129
    Redistributing Subnets into OSPF 130
    Assigning E1 or E2 Routes in OSPF 130
    Redistributing OSPF Internal and External Routes 131
    Configuration Example: Route Redistribution for IPv4 131
    Configuration Example: Route Redistribution for IPv6 132
    Verifying Route Redistribution 134
    Route Filtering Using the distribute-list Command 134
    Configuration Example: Inbound and Outbound Distribute List Route Filters 134
    Configuration Example: Controlling Redistribution with Outbound Distribute Lists 135
    Verifying Route Filters 136
    Route Filtering Using Prefix Lists 137
    Configuration Example: Using a Distribute List That References a Prefix List to Control Redistribution 139
    Verifying Prefix Lists 140
    Using Route Maps with Route Redistribution 140
    Configuration Example: Route Maps 141
    Manipulating Redistribution Using Route Tagging 142
    Changing Administrative Distance 143
    Path Control with Policy-Based Routing 144
    Verifying Policy-Based Routing 145
    Configuration Example: PBR with Route Maps 146
    Cisco IOS IP SLA 147
    Configuring Authentication for IP SLA 149
    Monitoring IP SLA Operations 150
    PBR with Cisco IOS IP SLA 150
    Step 1: Define Probe(s) 151
    Step 2: Define Tracking Object(s) 152
    Step 3a: Define the Action on the Tracking Object(s) 152
    Step 3b: Define Policy Routing Using the Tracking Object(s) 152
    Step 4: Verify IP SLA Operations 152
    Chapter 7 BGP 155
    Configuring BGP: Classic Configuration 156
    Configuring Multiprotocol BGP (MP-BGP) 157
    Configuring BGP: Address Families 158
    Configuration Example: Using MP-BGP Address Families to Exchange IPv4 and IPv6 Routes 159
    BGP Support for 4-Byte AS Numbers 160
    BGP Timers 161
    BGP and update-source 161
    IBGP Next-Hop Behavior 162
    EBGP Multihop 162
    Attributes 164
    Route Selection Decision Process–The BGP Best Path Algorithm 164
    Weight Attribute 164
    Using AS Path Access Lists to Manipulate the Weight Attribute 166
    Using Prefix Lists and Route Maps to Manipulate the Weight Attribute 166
    Local Preference Attribute 167
    Using AS Path Access Lists with Route Maps to Manipulate the Local Preference Attribute 167
    AS Path Attribute Prepending 169
    AS Path: Removing Private Autonomous Systems 171
    Multi-Exit Discriminator (MED) Attribute 171
    Verifying BGP 174
    Troubleshooting BGP 175
    Default Routes 177
    Route Aggregation 177
    Route Reflectors 177
    Regular Expressions 178
    Regular Expressions: Examples 179
    BGP Route Filtering Using Access Lists and Distribute Lists 180
    Configuration Example: Using Prefix Lists and AS Path Access Lists 181
    BGP Peer Groups 182
    Authentication for BGP 184
    Configuring Authentication Between BGP Peers 184
    Verifying BGP Authentication 184

    PART III: INFRASTRUCTURE SERVICES
    Chapter 8 IP Services 185
    Network Address Translation (NAT) 186
    Private IP Addresses: RFC 1918 186
    Configuring Static NAT 187
    Configuring Dynamic NAT 188
    Configuring Port Address Translation (PAT) 189
    Configuring a NAT Virtual Interface 190
    Verifying NAT and PAT Configurations 190
    Troubleshooting NAT and PAT Configurations 191
    Configuration Example: PAT 191
    Configuration Example: NAT Virtual Interfaces and Static NAT 193
    First-Hop Redundancy Protocols 194
    Hot Standby Router Protocol 194
    Virtual Router Redundancy Protocol 201
    IPv4 Configuration Example: HSRP on L3 Switch 204
    IPv4 Configuration Example: VRRPv2 on Router and L3 Switch with IP SLA Tracking 209
    IPv6 Configuration Example: HSRPv2 on Router and L3 Switch 212
    Dynamic Host Control Protocol (DHCP) 217
    Implementing DHCP for IPv4 217
    Implementing DHCP for IPv6 221
    Configuration Example: DHCP for IPv4 224
    Configuration Example: DHCP for IPv6 226
    Chapter 9 Device Management 231
    Configuring Passwords 231
    Cleartext Password Encryption 232
    Password Encryption Algorithm Types 233
    Configuring SSH 234
    Verifying SSH 235
    Boot System Commands 235
    The Cisco IOS File System 236
    Viewing the Cisco IOS File System 236
    Commonly Used URL Prefixes for Cisco Network Devices 236
    Deciphering IOS Image Filenames 237
    Backing Up Configurations to a TFTP Server 238
    Restoring Configurations from a TFTP Server 238
    Backing Up the Cisco IOS Software to a TFTP Server 239
    Restoring/Upgrading the Cisco IOS Software from a TFTP Server 239
    Restoring the Cisco IOS Software Using the ROM Monitor Environmental Variables and tftpdnld Command 240
    Secure Copy Protocol (SCP) 241
    Configuring an SCP Server 241
    Verifying and Troubleshooting SCP 241
    Configuration Example: SCP 241
    Disabling Unneeded Services 242
    Useful Device Management Options 243

    PART IV: INFRASTRUCTURE SECURITY
    Chapter 10 Infrastructure Security 245
    IPv4 Access Control Lists (ACLs) 246
    Configuring and Applying Standard IPv4 ACLs 246
    Configuring and Applying Extended IPv4 ACLs 247
    Configuring and Applying Time-based ACLs 248
    Configuring and Applying VTY ACLs 249
    IPv6 ACLs 250
    Configuring and Applying IPv6 ACLs 250
    Verifying IPv4 and IPv6 ACLs 251
    Implementing Authentication Methods 251
    Simple Local Database Authentication 252
    AAA-based Local Database Authentication 252
    RADIUS Authentication 253
    TACACS+ Authentication 255
    Configuring Authorization and Accounting 256
    Troubleshooting AAA 257
    Control Plane Policing (CoPP) 257
    Step 1: Define ACLs to Identify Permitted CoPP Traffic Flows 258
    Step 2: Define Class Maps for Matched Traffic 258
    Step 3: Define a Policy Map to Police Matched Traffic 259
    Step 4: Assign a Policy Map to the Control Plane 259
    Verifying CoPP 260
    Unicast Reverse Path Forwarding (uRPF) 260
    Configuring uRPF 260
    Verifying and Troubleshooting uRPF 260

    PART V: NETWORK ASSURANCE
    Chapter 11 Network Assurance 261
    Internet Control Message Protocol Redirect Messages 262
    The ping Command 262
    Examples of Using the ping and the Extended ping Commands 263
    The traceroute Command 265
    The debug Command 265
    Conditionally Triggered Debugs 266
    Configuring Secure SNMP 267
    Securing SNMPv1 or SNMPv2c 267
    Securing SNMPv3 268
    Verifying SNMP 269
    Implementing Logging 269
    Configuring Syslog 269
    Syslog Message Format 269
    Syslog Severity Levels 270
    Syslog Message Example 270
    Configuring NetFlow 271
    Configuring Flexible NetFlow 272
    Step 1: Configure a Flow Record 272
    Step 2: Configure a Flow Exporter 272
    Step 3: Configure a Flow Monitor 272
    Step 4: Apply the Flow Monitor to an Interface 273
    Verifying NetFlow 273
    Implementing Port Mirroring 273
    Default SPAN and RSPAN Configuration 273
    Configuring Local SPAN 274
    Local SPAN Guidelines for Configuration 274
    Configuration Example: Local SPAN 274
    Configuring Remote SPAN 277
    Remote SPAN Guidelines for Configuration 278
    Configuration Example: Remote SPAN 278
    Configuring Encapsulated RSPAN (ERSPAN) 280
    Verifying and Troubleshooting Local and Remote SPAN 281
    Configuring Network Time Protocol 281
    NTP Configuration 281
    NTP Design 282
    Securing NTP 284
    Verifying and Troubleshooting NTP 286
    Setting the Clock on a Router 286
    Using Time Stamps 290
    Configuration Example: NTP 290
    Tool Command Language (Tcl) 294
    Embedded Event Manager (EEM) 295
    EEM Configuration Examples 296
    EEM and Tcl Scripts 298
    Verifying EEM 298

    PART VI: WIRELESS
    Chapter 12 Wireless Security and Troubleshooting 299
    Authenticating Wireless Clients 299
    Open Authentication 300
    Authenticating with a Pre-shared Key 302
    Authenticating with EAP 304
    Authenticating with WebAuth 310
    Troubleshooting from the Wireless LAN Controller 312
    Troubleshooting Wireless Client Connectivity 318
    Cisco AireOS Monitoring Dashboard GUI 318
    Cisco IOS XE GUI 322

    PART VII: OVERLAYS AND VIRTUALIZATION
    Chapter 13 Overlay Tunnels and VRF 325
    Generic Routing Encapsulation (GRE) 325
    Configuring an IPv4 GRE Tunnel 326
    Configuring an IPv6 GRE Tunnel 326
    Verifying IPv4 and IPv6 GRE Tunnels 327
    Configuration Example: IPv4 and IPv6 GRE Tunnels with OSPFv3 327
    Site-to-Site GRE over IPsec 331
    GRE/IPsec Using Crypto Maps 332
    GRE/IPsec Using IPsec Profiles 333
    Verifying GRE/IPsec 335
    Site-to-Site Virtual Tunnel Interface (VTI) over IPsec 335
    Cisco Dynamic Multipoint VPN (DMVPN) 336
    Configuration Example: Cisco DMVPN for IPv4 337
    Verifying Cisco DMVPN 342
    VRF-Lite 343
    Configuring VRF-Lite 343
    Verifying VRF-Lite 345

    Appendix A: Create Your Own Journal Here 347
     Index 361

    Recently viewed products

    © 2026 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account