Content

Implementing Secure Converged Wide Area Networks v1.0

This set of lab exercises (lab bundle) contains all the exercises associated with the Implementing Secure Converged Wide Area Networks (ISCW) 1.0 course. The lab exercises address both basic and advanced aspects of DSL, MPLS, MPLS VPN, IDS/IPS, IKE, IPsec, and NAT.

Content

This set of lab exercises contains the following exercises:

Objectives

Upon finishing this set of exercises, you will be able to:
Perform a simulated install procedure

  • Perform a simulated configuration of a Cisco 827 router for NAT with PPPoE
  • Enable IP CEF
  • Enable MPLS on a Frame Mode interface
  • Configure the MTU size
  • Launch the Site-to-Site VPN wizard and accept the default IKE policy, transform set, and IPsec rules
  • Use the VPN Connection Information window to identify the IP address or host name of the remote site that will terminate the VPN tunnel that you are configuring, to specify the router interface to use, and to enter the pre-shared key that both routers will use to authenticate each other
  • Use the VPN Connection Information window to examine and select the IKE policy, priority, and encryption type
  • Use the Transform Set window to examine and select the transform set for your VPN
  • Use the Traffic to Protect window to define the traffic this VPN will protect per the given requirements
  • Use the Summary window to confirm your VPN values match those provided in the exercise
  • Launch SDM v2.2a and establish a secure GRE tunnel using SDM
  • Configure IKE parameters
  • Create and apply traffic protection (IPsec) rules
  • Establish the backup IPsec tunnel
  • Configure Cisco Easy VPN server using SDM per given requirements
  • Configure Cisco VPN client
  • Verify RA VPN operations using SDM
  • Configure one-step lockdown
  • Configure IOS login enhancement
  • Configure a role-based CLI view
  • Configure a Cisco router as an NTP server
  • Configure a Cisco router as an NTP client
  • Configure local database authentication using AAA for the enable, line, and local methods so you can experience the differences between the methods
  • Configure exec authorization against the local user database
  • Test authentication and authorization using debug
  • Configure the router to authenticate to the Cisco Secure ACS database
  • Select and configure the basic firewall option
  • Select and configure the advanced firewall option
  • Configure advanced inspection rules
  • Confirm your configuration
  • Verify the firewall for proper operations
  • Review the firewall log
  • Enable Cisco IOS IPS on the router
  • Configure IPS to scan all traffic
  • Configure IPS to use default signatures
  • Verify default global settings
  • Deliver the configuration to the router
  • Monitor IPS events using the SDEE view
  • Troubleshoot secure management
  • Mitigate system vulnerabilities
  • Troubleshoot IPsec VPN
  • Troubleshoot availability

Importance

This lab bundle is highly recommended for candidates for Cisco CCNP®, CCDP®, CCIP®, CCIE® Routing and Switching, and CCIE® Communications and Services certifications. The lab bundle is also recommended to students who have attended the ISCW course in the past and would like to improve or refresh their configuration and troubleshooting skills.

Target Audience

This lab bundle is targeted at network administrators responsible for implementing and managing medium-to-large MPLS-enabled business networks.

Prerequisite Knowledge

To successfully complete this exercise, you need basic knowledge of routing, concepts linked to routing protocols, and standard WAN technologies. This knowledge is best gained by attending the Implementing Secure Converged Wide Area Networks (ISCW) v1.0 course.

Right sidebar

Associated Products

ISCW

Remote Lab Bundle

 

Details

ISCW

E-Course

 

Details
  •  

Get More Info

More To Discover