© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.01 Development Topology rlclass swclass RMT RBB RTS SBB – Backbone switch Super Server Multi-VLAN Pod Router Pod Switch Student laptop Tunnels 10.0.P.0 Remote Site Classroom P.2 VLAN 10P 10.0.P.2 VLAN 30P Trunk 10.0.P.3 VLAN 30P Fa0/24 Fa0/23 Fa0/22 Fa0/21
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.02 SNRS v2.0 Lab Topology.51 VPNCA CA Server Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.03 Cisco Easy VPN Remote Access Topolgy P.0 Student PC VPN Client P 10.0.P.0 RTS.2 Pod Router.150 Web FTP RBB Peer Router Q Q.0
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.04 Visual Objective for Lab 1-1: Configure Layer 2 Security P.0.2 Router 10.0.P.0 Interface VLAN 1P =.3 Switch FA0/0FA0/1 User Attacker Downstream Switch
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.05 Visual Objective for Lab 1-2: Configure DHCP Snooping Switch DHCP Server Attacker DHCP Clients
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.06 Visual Objective for Lab 2-1: Configure Cisco Secure ACS as a AAA server Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server Client.3 Switch Client Switch
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.07 Visual Objective for Lab 2-2: Configure 802.1x Port-Based Authentication Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server Client.3 Switch Client Switch
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.08 Visual Objective for Lab 3-1: Configure Network Foundation Protection Fa0/0 Fa0/1 Security Management Incoming packets Cisco Express Forwarding FIB Lookup Output Packet Buffer Classify Aggregate CoPP Cisco Express Forwarding Input Packet buffer CoPP PFQTCoPP Control Feature Path BGP HTTP SNMP OSPF Port-Filter Policy Queue-thresholding Control Pane Host Subinterface Control Pane Transit Subinterface Control Pane Cef- exception Subinterface Cisco Express Forwarding input Feature
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.09 Visual Objective for Lab 4-1: Configure a Site-to-Site VPN Using Pre-Shared Keys Fa0/1: P.2 Student PC 10.0.P.12 Fa0/1: Q.2 Student PC 10.0.Q.12 Router Fa0/0:10.0.Q Common Web/FTP Server (Super Server) IPsec Encrypted Tunnel Fa0/0:10.0.P.2 Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS Pods 1–5Pods 6–10
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.010 Visual Objective for Lab 4-2: Configure a Site-to-Site VPN Using Certificates IPsec Encrypted Tunnel Q P.2 Student PC 10.0.P.12 Student PC 10.0.Q.12 Router VPNCA CA Server Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS Pods 1–5Pods 6–10
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.011 Visual Objective for Lab 4-3: Configure a GRE Tunnel to a Remote Site Fa0/1: P.2 Student PC 10.0.P.12 Fa0/1: Q.2 Student PC 10.0.Q.12 Router Fa0/0:10.0.Q Common Web/FTP Server (Super Server) Fa0/0:10.0.P.2 GRE Tunnel Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS Pods 1–5Pods 6–10
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.012 Visual Objective for Lab 4-4: Configure a DMVPN Hub Router Fa0/1: P.2 Tunnel 0: P Spoke Routers Fa0/1: Q.2 Tunnel 0: Q Fa0/1: Q+1.2 Tunnel 0: Q+1 Fa0/0: 10.0.Q+1.2Fa0/0: 10.0.Q.2 Fa0/0: 10.0.P.2 Student PC 10.0.P.12 Student PC 10.0.Q.12 Student PC 10.0.Q+1.12
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.013 Visual Objective for Lab 4-5: Configure a Cisco IOS SSL VPN (Web VPN) Fa0/1: P.2 Fa0/0:10.0.P.2 Pod Router Web FTP.10 Student PC 10.0.P Common Web/FTP Server (Super Server)
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.014 Visual Objective for Lab 4-6: Configure Cisco Easy VPN Remote Access P.0 Student PC VPN Client P 10.0.P.0 RTS.2 Pod Router.150 Web FTP RBB Peer Router Q Q.0
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.015 Visual Objective for Lab 5-1: Configure Cisco IOS Firewall Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.016 Visual Objective for Lab 5-2: Configure Cisco IOS Application Policy Firewall Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.017 Visual Objective for Lab 5-3: Configure a Cisco IOS Zone-Based Policy Firewall Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.018 Visual Objective for Lab 5-4: Configure Cisco IOS Firewall Authentication Proxy on an Cisco Router Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.019 Visual Objective for Lab 5-5: Configure a Cisco Router with Cisco IOS IPS Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.020 SNRS v2.0 Lab Topology.51 VPNCA CA Server Q P.0 Student PC.2 Student PC Router Web/FTP Cisco Secure ACS Web/FTP Cisco Secure ACS.1.2 Router P Q P Q.0 Pods 1–5Pods 6–10.10 Web FTP Common Web/FTP Server (Super Server) RBB.100 Terminal Server.100 Terminal Server.3 Switch.3
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.021 SNRS v2.0 Lab Topology: Cisco Easy VPN Client P.0 Student PC VPN Client P 10.0.P.0 RTS.2 Perimeter router.150 Web FTP RBB
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.022 Cisco Icons and Symbols IOS Router with Firewall PIX Firewall VPN Concentrator IDS SensorIOS Firewall Policy Manager CA Server PCLaptopServer Web, FTP, etc. Ethernet Link VPN Tunnel Switch Network Cloud Authentication Server Access Point NAS Serial Link
© 2007 Cisco Systems, Inc. All rights reserved.SNRS v2.023