CCNA exam skills lab: build a small business network

Let's learn how to change device host names, and also how to create a Message of the Day using the banner command.

We begin creating VLANs on our devices. There are two ways to do this: 1. Using actual sub-network addresses. Or 2. The simple way by making up virtual addresses for our sub-interfaces. I chose to use the former as a best practice, but it's totally okay to do it the other way.

Note: It is a CCNA recommendation to use cross-over cables between like-devices, but you really don't need to do that if you are connecting two gigabit interfaces. Modern gigabit-ethernet ports use a protocol called auto-MDIX (automatic medium-dependent interface crossover) that recognizes what kind of cable is being used, and then automatically configures the network interfaces at each end.

Note: Although many people and even some official CCNA study guides mix the two terms together, the Native VLAN and the Default VLAN are not the same thing. We do not have to use the Native VLAN, and any VLAN can have the Native role assigned to it; but the Default VLAN is always on and cannot be shut off or changed in any way. This is because while the Native VLAN relates to VLAN tagging, the Default VLAN is responsible for transporting data related to control-plane duties.

We configure a DHCP server and learn a brief overview of how DHCP works.

We configure a DNS server, so we can finally use the 8.8.8.8 address we have been entering all through this course. I also briefly explain how to import your own images into Packet-Tracer so you can create your own mock internet pages.

Note: We are using static routes in this lab to simulate how our ISPs know how to reach everywhere on the internet.

We reconfigure router #2 and add a new network.

Note: We copy/paste our gateway router to save time. So, all we need to do is change the addresses on the sub-interfaces. The encapsulations are already there.

In this video we finish by configuring RIP version 2 on both of our routers, and learning about the importance of the "no auto-summary" command to make sure that subnetwork masks are included on routing tables. We also discover a mistake I made, and I show you how to correct it. Then we finish by testing to see if RIPv2 is functioning.

NOTE: In real life, RIP is a slow converging protocol. So, be patient. Sometimes in Packet-Tracer you must shut the interfaces and then no-shut them to initialize the protocol.

Bonus info: Split-horizon is another useful protocol to use in tandem with various routing protocols. We don't need it here however, because we are using only one routing protocol, and we do not have a lot of routes populating our routing tables.

In this lesson we learn about QoS, and DSCP (the update to ToS) which stands for Differentiated Services Code Point; and how to configure them.

In this lesson we configure our Ether-Channel, using Router #2 as the originating device to ease the duty cycle load on our Main Switch. Then, choosing LACP as our protocol, we configure our Ether-Channel with the active side on Switch #2 and the passive side on the Main Switch. EXAM TIP: Remember that LACP is a vendor-neutral protocol, and PAgP is a Cisco proprietary protocol. 

After finishing the configuration of our trunks, we will shut and no-shut our Port Channel so that our Ether-Channel converges fully. Then we will test connectivity. Remember that it sometimes takes a few minutes for multiple protocols to converge.

In this first section of lesson 9 we learn about privilege levels, local login via the console port (and configuring LINE CON 0), and password setting. Then we configure both plain text and secret passwords, starting with a simple Java-based hash, and then finishing with a more secure MD5 encryption.

In this section (part 2 of 2 of lesson 9) we begin by expanding our simulated internet to include a remote user. Then we learn how to configure an SSH connection with a 1024-bit crypto key, so that we can log into our network remotely and securely. We finish by executing a successful remote session to our network via SSH. 

Intra-network login

You can also remote between network devices (within the same network) via SSH. To do this you must first configure SSH on each of the other devices, and then (on each device) configure one or more of Line VTY ports as "input" and the others as "output".      

Note: The aaa new-model is configured on routers only, because (layer-2) switches do not route. But each switch will need at least one interface with an IP address.

We configure a new network and set up an IT department PC and a Systems Log server; and then we configure the Logging Host command to allow participating network devices to send ('log') reports to the server every time any change is made to them. Be aware however, that after configuring your Syslog server, you may find that it takes time for logs to show up, or that they don't show up at all. This is a result of the Packet-Tracer environment sometimes lagging, or not initiating the settings. To correct this problem, save your configuration and then simply "shut" and then "no-shut" the source interface to get it to converge.   

Note: To avoid repeating configurations that you have already learned, Main-Switch and SW2 will not be participating in this lesson. However, if you want to include them, simply add a new LAN and default-gateway to that half of your network. 

In this second half of lesson 10 we learn how to configure the Timestamp command so that our message logs now also include the time a change is made to our network devices. Then we learn how to manually configure a device clock; and finally, how to configure NTP to synchronize device clocks by making one or more of our devices into a time server (known as the NTP Master).

Note: Even in a real production environment NTP can take minutes to converge. So, if you want to try to force a quick converge, here are two solutions you might try: First make sure to save your lab and then reload it. Sometimes reloading will restart all protocols faster. The second method is to click the power on/off button (above the lightning bolt cable symbol).

In this third lecture of lesson 10 we learn how to set a device clock, and how to configure NTP (the Network Time Protocol). We also learn about UTC (the Universal Time Coordinate) which replaced Greenwich Mean Time or 'GMT'. 

We finish by configuring NTP on our IT department LAN, and we also learn three new commands to monitor network and NTP status. You have done a lot of good work.

Do not forget to download your certificate of completion and your free copy of On the Command Line.