Scribd
Upload
27 views11 pages

CCNA

The document provides an overview of various networking concepts and technologies relevant to CCNA, including the OSI and TCP/IP models, secure network connectivity via IPSec VPN and GRE tunnels, wireless networking, automation in networking, and Access Control Lists (ACLs). It includes practical examples and configuration steps for enabling Telnet and SSH on Cisco routers, as well as explanations of ARP, ICMP, EtherChannel, NAT, and PAT. Additionally, the document features YouTube tutorial links for further learning.

Uploaded by

DANIEL
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views11 pages

CCNA

The document provides an overview of various networking concepts and technologies relevant to CCNA, including the OSI and TCP/IP models, secure network connectivity via IPSec VPN and GRE tunnels, wireless networking, automation in networking, and Access Control Lists (ACLs). It includes practical examples and configuration steps for enabling Telnet and SSH on Cisco routers, as well as explanations of ARP, ICMP, EtherChannel, NAT, and PAT. Additionally, the document features YouTube tutorial links for further learning.

Uploaded by

DANIEL
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

CCNA Use-case with YouTube Tutorial Link \ Sagar Dhawan \ +91 9739521088

CCNA Case-studies with


YouTube Tutorials

Contents
1. OSI Model & TCP/IP Architecture (2-Tier vs. 3-Tier) ..................................................... 2
1. OSI Model – 7 Layers ................................................................................................ 2
2. TCP/IP Model – 4 Layers ........................................................................................... 2
3. 2-Tier vs. 3-Tier Network Architecture ........................................................................ 2
2. IPSec VPN vs. GRE Tunnel – Secure Network Connectivity ........................................ 3
3. Wireless Concepts & Wireless LAN Controller (WLC).................................................. 4
4. Automation & Programmability in Networking ............................................................. 5
5. Access Control List (ACL) in Networking...................................................................... 5
6. How to Enable Telnet and SSH on a Cisco Router ....................................................... 7
7. ARP, ICMP & MAC Address Learning in Switches ....................................................... 8
8. EtherChannel, NAT, and PAT Explained........................................................................ 9

pg. 1 | [email protected] \ For Admission, Call|Whatsapp: +91 9739521088 \ Trainer Sagar Dhawan
1. OSI Model & TCP/IP Architecture (2-Tier vs.
3-Tier)
1. OSI Model – 7 Layers

The OSI (Open Systems Interconnection) model standardizes network


communication into 7 layers:

1. Physical Layer – Cables, switches, signals.


2. Data Link Layer – MAC addressing, Ethernet, VLANs.
3. Network Layer – IP addressing, routing (Routers, OSPF, BGP).
4. Transport Layer – TCP/UDP, flow control, segmentation.
5. Session Layer – Manages sessions & connections.
6. Presentation Layer – Data encryption, compression.
7. Application Layer – HTTP, DNS, FTP, email protocols.

2. TCP/IP Model – 4 Layers

The TCP/IP model simplifies OSI into 4 layers:

1. Network Interface (Link) – Maps to OSI Layer 1 & 2.


2. Internet – IP addressing, routing (OSI Layer 3).
3. Transport – TCP/UDP (OSI Layer 4).
4. Application – HTTP, DNS, FTP (OSI Layer 5-7).

✅ TCP/IP is practical for real-world networking, while OSI is conceptual.

3. 2-Tier vs. 3-Tier Network Architecture

🔹 2-Tier (Collapsed Core Architecture)

 Layers: Access + Distribution (Collapsed Core)


 Used in: Small to medium networks.
 Pros: Cost-effective, simple.
 Cons: Scalability issues in large networks.

🔹 3-Tier (Enterprise Network Architecture)

 Layers: Access + Distribution + Core


 Used in: Large enterprise & data center networks.
 Pros: Scalable, efficient, better traffic management.
 Cons: More complexity & higher cost.

🔗 YouTube Link

2. IPSec VPN vs. GRE Tunnel – Secure


Network Connectivity
🔹 IPSec VPN (IP Security Virtual Private Network)

 Purpose: Secure encryption and authentication for data over public


networks.
 Encryption: Uses AES, 3DES, SHA-256 for secure communication.
 Protocols: Uses IKE (Internet Key Exchange), ESP (Encapsulation
Security Payload), and AH (Authentication Header).
 Modes: Tunnel Mode (encrypts entire packet) & Transport Mode
(encrypts payload only).
 Use Case: Secure Site-to-Site VPN, Remote Access VPN (SSL/IPSec).
 Pros: Strong security, confidentiality, integrity.
 Cons: No support for multicast/broadcast traffic.

🔹 GRE Tunnel (Generic Routing Encapsulation)

 Purpose: Encapsulates Layer 3 packets for transport across networks.


 Encryption: ❌ No encryption (can be combined with IPSec for
security).
 Protocols: Supports multicast, broadcast, IPv4, IPv6.
 Use Case: Routing over non-native networks (e.g., OSPF over the
internet).
 Pros: Supports dynamic routing protocols.
 Cons: No built-in security, overhead due to extra GRE headers.

🔹 IPSec VPN + GRE = Secure Tunnels with Routing

 Solution: Use GRE for routing + IPSec for encryption.


 Use Case: MPLS over IPSec, Dynamic Routing over VPNs.
 Example: Cisco DMVPN (Dynamic Multipoint VPN) uses GRE over
IPSec for secure, scalable WAN.

🔗 YouTube Link
3. Wireless Concepts & Wireless LAN
Controller (WLC)
🔹 Wireless Networking Basics

 SSID (Service Set Identifier): Network name for Wi-Fi.


 BSSID (Basic Service Set Identifier): MAC address of an AP (Access
Point).
 Frequency Bands: 2.4 GHz (longer range, slower) & 5 GHz (shorter
range, faster).
 802.11 Standards: Wi-Fi standards like 802.11a/b/g/n/ac/ax (Wi-Fi 6).
 Security: WPA2, WPA3, 802.1X, EAP for encryption & authentication.

🔹 Wireless LAN Controller (WLC)

A WLC centralizes control of multiple Access Points (APs) in enterprise


networks.

✅ Functions of WLC:

 AP Management: Auto-discovery, configuration, firmware updates.


 RF Management: Channel selection, power adjustment, interference
mitigation.
 Security: Supports 802.1X, RADIUS, and rogue AP detection.
 Roaming: Manages seamless Layer 2 & Layer 3 roaming.
 QoS (Quality of Service): Prioritizes voice/video traffic.

🔗 YouTube Link
4. Automation & Programmability in
Networking
🔹 What is Network Automation?

Network automation uses scripts, APIs, and orchestration tools to manage


and configure devices, reducing manual intervention. It improves efficiency,
scalability, and reliability in modern networks.

🔹 Key Technologies in Network Automation

✅ Python & Ansible: Automate network tasks, configurations.


✅ REST APIs & NETCONF/YANG: Programmatically interact with network
devices.
✅ Cisco DNA Center & SDN Controllers: Centralized network automation &
analytics.
✅ Terraform & Infrastructure as Code (IaC): Automate cloud and network
provisioning.
✅ CI/CD Pipelines: Automate deployment & testing in DevOps networking.

🔹 Benefits of Automation & Programmability

🔹 Consistency: Eliminates human errors in network configurations.


🔹 Speed: Rapid deployment and troubleshooting.
🔹 Scalability: Efficiently manage thousands of devices.
🔹 Security: Standardized policies and automated compliance checks.

🔗 YouTube Link

5. Access Control List (ACL) in Networking


🔹 What is an ACL?

An Access Control List (ACL) is a set of rules used to control network traffic
and restrict access to resources based on IP addresses, protocols, and ports. It
is applied to routers, firewalls, and switches to enhance security and traffic
management.

🔹 Types of ACLs

✅ Standard ACL (1-99, 1300-1999):

 Filters only source IP.


 Example: access-list 10 deny 192.168.1.0 0.0.0.255

✅ Extended ACL (100-199, 2000-2699):

 Filters by source & destination IP, protocol, and port.


 Example: access-list 110 permit tcp 192.168.1.0 0.0.0.255 any eq 80

✅ Named ACLs:

 Uses descriptive names instead of numbers.


 Example:
 ip access-list extended Web-Filter
 permit tcp any any eq 80

✅ IPv6 ACLs:

 Works similarly to IPv4 ACLs but supports IPv6.

🔹 Where to Apply ACLs?

🔹 Inbound: Filters traffic before routing.


🔹 Outbound: Filters traffic after routing.

🔗 YouTube Link
6. How to Enable Telnet and SSH on a Cisco
Router
🔹 Enable Telnet on a Cisco Router

1. Enter global configuration mode:


configure terminal

2️.Set a password for VTY (Virtual Terminal) lines:

line vty 0 4
password cisco
login

3️.Enable Telnet access:

transport input telnet

4️.Exit and save:

end
write memory

✅ Telnet is insecure since it sends credentials in plain text. Use SSH instead!

🔹 Enable SSH on a Cisco Router

1️.Enter configuration mode:

configure terminal

2️.Set a hostname and domain name:

hostname Router1
ip domain-name example.com

3️.Generate RSA keys for SSH encryption:

crypto key generate rsa

🔹 When prompted, enter key size (1024 or 2048 bits).


4️.Enable SSH on VTY lines:
line vty 0 4
transport input ssh
login local

5️.Create a local username & password:

username admin privilege 15 secret StrongPassword

6️.Enable SSH version 2 (more secure):

ip ssh version 2

7️.Exit and save:

end
write memory

✅ Now, you can connect via SSH using:

ssh admin@<router-ip>

🔗 YouTube Link

7. ARP, ICMP & MAC Address Learning in


Switches
🔹 ARP (Address Resolution Protocol)

 ARP resolves IP addresses to MAC addresses in a network.


 If a device doesn't know the MAC of a destination IP, it sends an ARP
request (broadcast).
 The destination replies with an ARP reply (unicast) containing its MAC.
 ARP table caches IP-to-MAC mappings for efficient communication.
 Command to view ARP table:
 show arp

🔹 ICMP (Internet Control Message Protocol)

 ICMP is used for network diagnostics and error reporting.


 Ping (ICMP Echo Request/Reply): Checks connectivity.
 Traceroute (ICMP Time Exceeded): Tracks the path to a destination.
 ICMP Destination Unreachable: Informs when a route is unreachable.
 Common command:
 ping <destination-ip>

🔹 How a Switch Learns MAC Addresses

1️.Receives a frame on a port.


2️.Reads the source MAC address and stores it in the MAC address table
(CAM table).
3️.Forwards the frame using the destination MAC:

 If MAC is known, forwards via the correct port.


 If MAC is unknown, floods it to all ports except the source.
show mac address-table

4. Updates MAC table dynamically based on traffic.

🔗 YouTube Link

8. EtherChannel, NAT, and PAT Explained


EtherChannel is a technology that bundles multiple physical links into a single
logical link, increasing bandwidth and redundancy.

✅ Types of EtherChannel:

 Static Mode: Manually configured (on).


 PAgP (Port Aggregation Protocol): Cisco proprietary (auto / desirable).
 LACP (Link Aggregation Control Protocol): Open standard (passive /
active).

📌 Configuration Example (LACP):

interface Port-channel1
channel-group 1 mode active

🔹 Benefit: Load balancing, fault tolerance, increased bandwidth.


🔹 NAT (Network Address Translation)

NAT allows private IP addresses to communicate with the internet by


mapping them to a public IP address.

✅ Types of NAT:

 Static NAT: One-to-one mapping of private to public IP.


 Dynamic NAT: Uses a pool of public IPs for mapping.
 PAT (Port Address Translation): Maps multiple private IPs to a single
public IP using port numbers.

📌 Basic NAT Configuration:

ip nat inside source static 192.168.1.10 203.0.113.10

🔹 PAT (Port Address Translation)

PAT is a type of NAT that allows multiple private IPs to share one public IP
by assigning unique port numbers.

📌 PAT Configuration Example:

ip nat inside source list 1 interface GigabitEthernet0/0 overload

🔗 YouTube Link

You might also like