chapter 8
TRANSCRIPT
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1Version 4.0
Prototyping the WAN
Designing and Supporting Computer Networks – Chapter 8
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2
Objectives Describe the methods to prototype remote
connectivity support
Prototype the WAN Connectivity
Prototype the VPN connectivity for remote workers
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 3
Describe the Methods to Prototype Remote Connectivity Support
Simulation software
Prototype testing using simulated links
Pilot testing in the actual environment
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 4
Describe the Methods to Prototype Remote Connectivity Support
Benefits of using simulation software to test remote connectivity:
Lower overall cost
Flexibility
Scalability
Control
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 5
Limitations of using simulation software to test the design:
Limited functionality
Unrealistic performance
Describe the Methods to Prototype Remote Connectivity Support
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 6
Describe the Methods to Prototype Remote Connectivity Support
Simulate WAN connectivity in a prototype lab:
Use Ethernet connection to simulate DSL or cable
Use CSU/DSU, serial modems, or V.35 cables to simulate serial connectivity
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 7
Prototype the WAN Connectivity
Identify business goals and technical requirements from the case study and determine which of these goals and requirements can be tested in the prototype
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 8
Prototype the WAN Connectivity
Create a success criteria checklist to support business goals and technical requirements
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 9
Determine the elements of the simulated WAN connection:
Simulate the Frame Relay connection using a Cisco router acting as a Frame Relay switch
Simulate a crossover function using V.35 cables
Provide the DCE function with a clock rate
Prototype the WAN Connectivity
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 10
Prototype the WAN Connectivity
Validate the choice of WAN devices and topologies:
Local point-to-point circuit
Packet-switched network
Remote point-to-point circuit
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 11
Prototype the WAN Connectivity
Configure the router to act as the Frame Relay switch
Configure serial interfaces as DCE devices
Configure Layer 3 addresses and encapsulation type
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 12
Prototype the WAN Connectivity
Verify that the Frame Relay WAN operates as expected:
Display the status of the interfaces
Verify the exchange of LMI messages
Display the status of PVCs and the Frame Relay maps
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 13
Provide and test backup capabilities:
Set up Ethernet connections
Create floating static routes
Prototype the WAN Connectivity
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 14
Prototype the WAN Connectivity
Troubleshoot Layer 1 using the show interface serial command
Troubleshoot Layer 2 using the show frame-relay lmi command
Check Layer 3 functionality
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 15
Prototype the WAN Connectivity
Identify areas of risk and weakness in the design
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 16
Prototype the VPN Connectivity for Remote Workers
Determine which business goals and technical requirements can be tested in the prototype:
VPN security
VPN server location
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 17
Prototype the VPN Connectivity for Remote Workers
Create a success criteria checklist to support business goals and technical requirements
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 18
Prototype the VPN Connectivity for Remote Workers
Verify the use of Cisco EasyVPN to configure a VPN server and set up the client software
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 19
Prototype the VPN Connectivity for Remote Workers
Validate the choice of VPN technology, devices, and topologies
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 20
Prototype the VPN Connectivity for Remote Workers
Prototype the Remote Worker Support:
IPSec
Split tunnels
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 21
Prototype the VPN Connectivity for Remote Workers
Validate the placement of the VPN server and access list filtering in the prototype network
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 22
Prototype the VPN Connectivity for Remote Workers
Identify risks or weaknesses in the VPN design
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 23
Summary Every Frame Relay link has three components: a local
point-to-point circuit, the packet-switched network, and a remote point-to-point circuit.
Frame Relay is a nonbroadcast multi-access protocol.
One way to configure routers to use a backup link when a primary link fails is to create floating static routes.
VPNs have two important components: tunneling and encryption.
Encryption algorithms such as DES require a symmetric, shared secret key.
IPSec provides data confidentiality, integrity, and authentication at Layer 3.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 24