-1-@@ C C N A 2012 || 2008





‫ﴍح ﻣﻨﻬﺞ ﺷﺒﻜﺎت ﺳﻴﺴﻜﻮ‬

CCNA
Cisco Certified Network Associate

2012

‫ﻣﺬﻛﺮة‬
4 : ‫رﻗﻢ‬

‫اﻟـﻤــﺪرب‬

  .

‫إﻋـ ـ ــﺪاد‬
@ @
ALFAHAID@GMAIL.COM

 2008 /  1429 :  
 

 2012 /  1433 :   

:: %!"
# "$
%&'(  ::
-2-@@ C C N A 2012 || 2008


  

:   

"#$

%&' "()* +, "-' ./#' ./     ! 
."#
' ",' 012'

:   34

56' 6%) .78 69' * 1 1# :; 6-< =>?  
. " 2 )

: ,#@$> 0%


,,7 37' -! BC DE#F G H I J K
5 = L6@7 &M " 
(T7 ) " *?%& NM +2' ( 0'O
' I - PQ' I -5 0R6 />8 6<,

  
 


  !  "#$% &

@ALFahaid
https://twitter.com/AlFahaid

% 3  -. 18 : '( )! *+

3   Dropbox / 0 1 2

https://www.dropbox.com/sh/s9xdu87q5r73q2r/MjqYNGCl7N?%20m

a
-3-@@ C C N A 2012 || 2008


  


The Contents

Ch1: Introduction To Network 4

Ch2/3: IP Subnetting 7

Ch4: Cisco Router 9

Ch5/6: IP Routing 12

Ch7: Access Lists [ ACL] 18

Ch8: Managing Cisco IOS Software 21

Ch9: Switching [ Layer 2] 24

Ch10: Virtual LANs [ VLAN] 26

Network Address Translation

Ch11: 29
[ NAT]

Ch12: Wireless LAN [ WLAN] 31

Internet Protocol Version 6

Ch13: 33
[ IPv6]

Ch14: Wide Area Networking [ WAN] 37

‫  ا  

ل اا‬-‫ "ت اورة ار  –ا‬#$% &'(#
http://www.mediafire.com/?3maerm7vmi0x4x7
 -4-@@ C C N A 2012 || 2008


  

Chapter: 1
Introduction To Network

What’s Network ?
 ‫ ا‬
Network is a group of computers connected with others to share data.
‫ رآ ا  ت‬#$% & '() ‫  ا ا‬
Types of Network: ‫أ اع ا 
ت‬
1. (LAN) Local Area Network ‫أآ) أوا‬ : WAN ‫ و‬LAN % ‫ق‬. ‫ا‬
1‫ا‬2 ‫ ا‬34 ‫ ا‬-1
2. (WAN) Wide Area Network leas line/frame relay/ATM :6> ..‫ ا  ت‬678 9: ‫ وه; ا‬Service ‫ ال‬-2
3. (MAN) Metropolitan Area network (( ‫د‬4 ‫; ا‬1 7? A‫ ))و‬89 ;?2
4. (SAN) Storage Area network ( LAN 6E‫ دا‬9G)‫ات‬14' DE
F
: 9%  
 ;1 LAN )
F % 6D‫ ا )ا‬7H
5. (VPN)Virtual Private Network Security >‫ أآ‬# ‫ & أ‬I'A‫ أ‬Dial up -2 VPN -1
6. Intranets and Extranets. ‫وا‬L J%‫ روا‬I' J2K‫ أ‬LAN  #M1 G‫ر‬E N ) ‫ ا‬Extranets‫' و‬E‫ دا‬N ) ‫ه ا‬8Intranets

SAN 6 ;1K‫ح إ‬F

:1) ‫ات
  أن‬14 ‫ ا‬J%‫ ه ر‬#).R‫و‬ :‫ـ‬% ‫م‬7 ‫ي‬X ‫ وا‬Disaster Recovery ‫ ه‬SAN  ‫ة‬9T. ‫ا‬
Cluster service -1 Backup H)3‫ ا‬:4 6 -1
High speed internet -2 Load Balance ‫ل‬3Y‫ ز& ا‬-2

VPN 6 ;1K‫ح إ‬F

'DY‫ ا‬LAN ‫ل‬% ‫ )('ن‬

LAN Dialup VPN LAN

‫(ل‬h ‫ )ج‬8‫ه‬ -1-
1-modem Network
Remote site
2-NIC Access ‫أو‬
Service
3- Tel line -2-
‫ن‬.' JE Remote user

VPN ‫ام‬9:)%
‫)اق‬E_‫ ا  ت  ا‬I' ^1 ;
Tunnel [‫;ء ا‬F ‫م‬9:)4 ‫ راح‬N ) ]‫; ا‬1

NIC = Network Interface Card

DNS
IP‫م‬M‫ أر‬I ‫& إ‬M ‫ ا‬a‫ ا‬6 [).R‫و‬
ARP = Address Resolution protocol
ARP
MAC I ‫ إ‬IP 6
RARP
IP I ‫ إ‬MAC 6

Logical ;7?8 × Physical ‫دي‬

Virtual ;K‫)ا‬1‫ × ا‬real ;773

‫م‬ ‫ ا وآل‬a‫ا‬ [).R‫و‬ [M‫ر‬

1 HTTPS ‫ ' ت‬. + c.( 343
2 HTTP ‫ ' ت‬. ‫ون‬9% + c.( 80
3 FTP ‫ت‬.' ‫ ا‬6 / &1‫ر‬ 20/21
4 SMTP 9' ‫إرل‬ 25
5 DNS ‫م‬M‫ أر‬I ‫& إ‬M ‫ ا‬a‫ ا‬6 53
6 TELNET 9%  ‫ا]دارة‬ 23
 -5-@@ C C N A 2012 || 2008


  

# OSI-RM [ Open System Interconnection – Reference Model ] :

98 ‫ا‬9 ‫أء ا‬
‫م‬ OSI-RM ‫ل‬7) _‫ا‬ Protocol Device .R ‫ا‬ TCP/IP
Interface between
7 Application data -
app & protocol
-compressionJ2K
HTTP-FTP-SMTP
6 Presentation data - -conversion6 (1)
DNS-TELNET Application
-encryption.
HTTPs-POP3
-monitor M‫ا‬
5 Session data - open session on
the host
TCP UDP Delivery method
(2)
4 Transport Segments HTTP-FTP TFTP-DNS - '  ‫ل‬j4 Transport
DNS- TELNET DHCP
6D) ‫ا‬
Provide logical
1-Router address [address (3)
3 Network Packets IP – ARP Internet
2-Switch[L3] for delivery on
network]
1-Bridge
Provide physical
2 DataLink Frames 2-NIC
address [MAC] (4)
LAN & WAN 3-Switch[L2]
1-Hub Network
TECHNOLGY Access
‫ة‬k#GY‫ ا‬6D) ‫م‬9:)4 000011011
1 Physical Bits
2-Repeater 000111111
‫رة‬F]‫م )
 ا‬9:)4

1-TCP/IP 2-IPX/SPX 3-Apple Talk : [)'>‫[ وأ‬7? ‫ ذج م و‬OSI-RM ‫ال‬ -
TCP= Transmission Control Protocol [Reliable method] UDP= User Datagram Protocol [Unreliable method] -
.J71 #8 6.Y‫ ا‬7? ‫ وا‬#8 I'Y‫ ا‬7? ‫ ا_(ل & ا‬DE [ 7H 6‫آ‬ -
‫ي _زم‬k' ‫ ا‬a'
) ; > ‫; وا‬% a'
) 93‫ وا‬6> ) ‫ل‬7)_‫?ات ا ); ف ; ' ا]رل وا‬: ‫ وا‬9‫ا‬7 ‫ا وآل ه   ا‬ -
. ( ‫ة‬93 2 ‫ك‬8‫
ن ه‬
[Start->run->\\ ‫ز‬# ‫ ا‬a‫ ]ا‬OR [Start->run->\\IP address] Eo‫ز ا‬#' ‫وا‬Y‫ ا‬pH  ‫ل‬E9 ‫ا‬ -
Protocol ‫)ج‬3‫ ا 
أ‬6E‫)ج أ'[ دا‬3‫;ء ا‬F 6‫آ‬ -
.500M [)14 Repeater 6‫ن آ‬Y (4Reapater) I ‫)ج إ‬3‫ ا‬q8‫( و‬2.5K) ‫ ه‬Repeater ‫ز‬# 14 I(M‫أ‬ -
r‫و‬9 % 1 ‫ي‬X ‫ ا‬mac table ‫د‬G‫ ه و‬Hub Switch ‫ة‬k -
( CAM= Content address memory ) MAC table = CAM table = Bridging table : ‫ ا ;ء‬s. -
.‫ة‬k#GY‫ ا‬% 6D) ‫; ا‬1 s ‫ ا 
ت و‬6D ;1 ‫م‬9:)4 ‫ا او‬ -

(‫ف‬.‫ ا‬/‫ إ‬1 %‫ر اا‬2) Network Topology (+‫( ا‬,

Logical topology 7?8 Physical topology ‫د‬

# Network Topologies [Physical]: ‫

ل ا 
ا د‬F‫أ‬
‫ع‬8 ‫ا‬ ‫ة‬k ‫ا‬  ‫ا‬
1- Bus p?) ‫; ا‬1 # '‫; ا 
آ‬1 '
 ‫; راح 
ن‬4T ‫ ا‬J: ‫; ا‬1 '
 6(3 
2- Star p?) ‫; ا‬1 # '‫; ا 
آ‬1 '
 ‫ راح 
ن‬center point ;1 '
 6(3 
3- Extended
4- Ring No collision ‫ا‬9' ‫ (دم‬6( 
5- Mesh
 -6-@@ C C N A 2012 || 2008


  

# Network Media : 678 ‫; ا‬1 JT ‫أ اع ا‬

1- Copper ; 2- Fiber 3- Wireless
Coaxial cable Twisted Pair cable [TP] ‫ف‬.' ‫زوج‬ Optical 3(45
Thick Thin STP ScTP UTP T$ ‫ ف ا‬Y‫ا‬
37"‫ح ا‬+ *
)500=‫(ى‬7 ‫ ا‬14 ‫ا‬ )185=‫(ى‬7 ‫ ا‬14 ‫ا‬ Shielded TP Screened TP UnShielded TP : 9:‫ ر‬$" ‫ه‬,
1000/100/10=‫ت‬4 ‫ا‬ mbps100/10=‫ت‬4 ‫ا‬ ‫ إذا‬6
‫ا ا‬X‫م ه‬9:)‫ا‬
;1 ‫م‬9:)4 ‫ا ا‬X‫ه‬
9  7?8%  ‫آن‬
# ‫ت‬G ‫ وا آت‬6 ‫ا‬
(32)

100 Base T
BW r‫و‬9  ‫ا‬ Baseband;K‫أر‬ 14 ‫ا‬
#4
‫و‬
Broadband‫ء‬$. ‫ا‬

# Ethernet Cabling :
1- Straight-through cable .'): ‫ة ا‬k#GL ‫م‬9:)4‫و‬
2- Crossover cable #%) ‫ة ا‬k#GL ‫م‬9:)4‫و‬
3- Rolled cable (Router=>Host) (‫)ب‬%_ ‫ )د
)ب أو‬N# ‫ & ا‬J71 ‫ 'او‬Config 6 ‫م‬9:)4‫و‬

‫ة‬9M
Host & Router #%) ‫ة‬k#G‫أ‬
Switch & Hub #%) ‫ة‬k#G‫أ‬

Console cable ‫أ اع‬

1-Rollover 2-adapter
(
F X.8 <=
F X.8 ) (
F X.8 <= FF X.8 )
RG45 RG45 RG45 DB9

.6
‫ ا‬a% Mh [ s ( console port ) [‫ ا‬X.8 9G [ x1 a'' ‫ و‬-
 -7-@@ C C N A 2012 || 2008


  

Chapter: 2/3
IP Subnetting
* What Is a Subnet?
A subnet is a physical segment of a network that is separated from the rest of the network by a router or routers.
p8)  I4 93‫ء ا ا‬k ‫ن ا‬x1 ‫اء‬kG‫ أ‬I ‫ ا 
إ‬a47 a) 98 ‫)(ر‬E% ;‫ه‬

* The benefit from subnet : 92>‫ا"=ة 

ا‬
1- r‫و‬9  ‫ ا‬I' y1 ‫ا‬
2- #4% '
 ‫ ا‬I' ‫ا )ف‬
* IPv4 :
1- 32 bits.
2- Decimal number representation 10.10.1.0 :‫ >ل‬6#4)' ‫م‬9:)4
3- Dotted decimal -.-.-.- 4 octets and every octet consist of 8 bits

# Rules : 5 ‫@ أو‬7 IP ‫ ر‬5 A‫ا‬1>‫ا‬

1- 0 <= octet <= 255
2- 1 <= octet 1 <= 126 or
128 <= octet 1 <= 191 or
192 <= octet 1 <= 223
3- all host bits must not = 0
broadcast = ‫)
ن‬% ‫ر‬.D‫ أ‬#'‫ آ‬N ‫  آ‬
all host bits must not = 1
network address = ‫)
ن‬% ‫ات‬93‫ وا‬#'‫ آ‬N ‫  آ‬

**** number 127
Trouble shooting ' ‫ز‬

IP Class A 1 - 126 Used for network

10.10.1.0 TkG [1 Class B 128 - 191 ;1 [ 6) ;' ‫ا ا‬X‫ه‬
Network ID Host ID Class C 192 - 223 ‫ا 
ت‬
host‫; ال‬8 IP ‫ف ال‬8%
 ‫;  ا‬81% Multicast
Subnet
F ‫; أي‬1 ‫د‬G capacity of network Class D 224 - 239 Video – Audio

Class E 240 - 254 Future

Subnet Mask
% ; ‫ق‬.)% ;' ‫ه; ا‬
network ID & Host ID
‫س‬h
‫د ع ا‬9 X ‫ول ه ا‬Y‫ ا‬octet ‫* ال‬
;' ‫ا‬
Network a#8% Broad
Valid
address range cast
-
Subnet Mask (SM)
| N 4 ‫ ا‬I' ‫>ل‬
192.168.0.1/24
255.255.255.0
# Rules : _ ‫ أو‬c'( subnet mask ‫)ر أي‬E_
1- ‫ر‬.D‫; أ‬M ‫  أن 
ن ا‬.D 93‫ ا ا‬9% #y 
;‫ | ه‬N 4 ‫; ا‬1 8
 ‫م ا‬M‫ر‬Y‫ ا‬6‫; راح 
ن آ‬8
class Default SM
0 or 255 or this number only
Class A 255.0.0.0 /8
0000 0000 0
Class B 255.255.0.0 / 16
1000 0000 128
Class C 255.255.255.0 / 24
1100 0000 192
1110 0000 224
1111 0000 240 IP
1111 1000 248 Network ID Host ID
1111 1100 252 IP ;1 ‫ء‬k ‫ه ا‬ IP ;1 ‫ء‬k ‫ه ا‬
1111 1110 254 ‫ات‬93‫ 'ا‬6%7 ‫ا‬ ‫ر‬.DL 6%7 ‫ا‬
1111 1111 255 SM ;1 SM ;1
-8-@@ C C N A 2012 || 2008


  

‫ا‬1>‫ا‬
IP ;1 9:)4 ‫ا‬
---------------------------------1---------------------------------
‫ة‬k#GY‫د ا‬9

& 6) [) ‫ ا‬8‫ه‬

/28 ‫ات‬93‫د ا ا‬9 ‫ا‬X‫ه‬
:'H ‫[ إذا‬9:)‫ر ا‬9M‫أ‬ Number of Host = 2n - 2 2n = Number of Host + 2

‫ر‬.DY‫ا‬

 ‫  ا‬-1 n = number of host bits

( 8
 ‫ة ا‬k#GY‫د ا‬9 ‫) أي‬ or 28 27 26 25 24 23 22 21 20
256 128 64 32 16 8 4 2 1
SM | N 4 ‫ ا‬-2 = number of zero bits
‫)ر‬E_‫; ا‬1 [)‫اآ‬
SM 3B ‫دة‬1D1#‫د ا"ر ا‬A 3'E

---------------------------------2---------------------------------
( . ‫د ا 
ت )ا‬9

6) [) ‫ ا‬8‫ه‬
‫ات‬93‫& ا ا‬
:'H ‫[ إذا‬9:)‫ر ا‬9M‫أ‬ Number of Subnets = 2y ‫)رات‬E_‫; ا‬1 ; ? 
Subnet Mask
SM ‫ ال‬-1 (default)
['M ‫ي‬X ‫ ن وا‬7 ‫ا ا‬X‫م ه‬9:)‫ا‬
‫د ا 
ت‬9 -2 Y = new SM (‫ات‬93‫د ا ا‬9) - old SM (‫ات‬93‫د ا ا‬9) ‫}ال‬4 ‫; ا‬1 )' |? ‫* _زم‬
new SM = Y + old SM
---------------------------------3---------------------------------
'H ‫[ إذا‬9:)‫ر ا‬9M‫أ‬ ‫ ن‬7 ‫ا ا‬X‫م ه‬9:)‫_درس ا‬% ‫ص‬E ‫;ء‬F ‫أي‬ 255.255.255.142
&%‫ ا ا‬XE ‫; ا_درس‬1 ;8
1-IP valid or not Block size (BS) = 256 – [255‫ و‬0 A | N  ;1 ‫د‬G ‫د‬9 ‫]أي‬ 192.7.8.70
2- valid rang ‫ آ‬IP.address ;1 octet aM‫ة و‬2D BS M N ‫  آ‬: 6#4)'
‫)رات‬E_‫; ا‬1 ; ? 
BS M I' [4M‫; ا_درس وأ‬1 octet M XE‫أ‬
3-network address ‫ وورك ادرس‬N8 ‫د ; ا‬9 ‫ وه ا '; راح‬c( ‫د ا‬9 ‫ ا‬XE€ ‫ه‬9%‫ و‬BS M ;1 [%K‫ أ‬8 ‫ا‬ Address
4-broadcast point-to-point #=‫
دا‬/30 ‫ ن‬7 ‫ا ا‬X‫م ه‬9:)‫ا‬

0 & 255  A aM‫[ ر‬1  SM ‫إذا آن‬

‫ة‬F ‫ول‬9 ‫ ا‬qX‫م ه‬9:)4 6% BS ‫ة‬9M ‫م‬9:)4  8#1
Network address Broadcast Valid rang
X.0.0.1
/8
X.0.0.0 X.255.255.255
X.255.255.254
X.Y.0.1
/16
X.Y.0.0 X.Y.255.255
X.Y.255.254
X.Y.Z.1
/24
X.Y.Z.0 X.Y.Z.255
X.Y.Z.254

: I4 (‫ ا او‬I' )

 ‫; ا‬1 subnet mask  >‫ أآ‬9G ‫إذا آن‬
VLSM
Variable Length Subnet Nask
: I4 (‫ ا او‬I' )
 ‫; ا‬1 J71 subnet mask q93‫ و‬9G ‫إذا آن‬
Non VLSM
DisContigous <== I4 class  >‫ وأآ‬subnet mask  >‫ أآ‬9G ‫* وإذا آن‬
Contigous <== I4 class 93‫ ووا‬subnet mask  >‫ أآ‬9G ‫* وإذا آن‬

Summarization
Larger Network address – smaller Network address = ……
IP  >‫ أآ‬#1‫
و‬F ; ? : ‫>ل‬
172.16.1.0/24 - 172.16.2.0/24 - 172.16.3.0/24

‫  ا‬2( ‫ح ا‬H‫أ‬
172.16.3.0
172.16.1.0 28 27 26 25 24 23 22 21 20
----------------- 256 128 64 32 16 8 4 2 1
0 0 2 0
1bit+8bit=9bits
sm=24-9=15 : ; ) ‫ آ‬99 ‫ | ا‬N 4 ‫وراح 
ن ا‬
. &7 ‫ز أ‬# ‫ا ا‬X‫د ; ه‬9 NET ID ‫ | وال‬N 4 ‫ل ا‬hE  Net ID ‫ و‬Host ID ‫ ال‬99 
 *
'): 
‫ و‬N  6‫; آ‬1 | N 4 ‫[ ا‬%) ‫* 
 أن‬
.( ‫ول‬Y‫ ا‬octet ‫ل‬hE  H ) ‫س‬h‫[ أي آ‬8 &'H‫ وأ‬IP ‫درس‬Y‫; ا‬1 R ‫ أ‬97 ‫ | ا‬N 4 ‫* إذا ? ; ا‬
 -9-@@ C C N A 2012 || 2008


  

Chapter: 4
Cisco Router
Router
External component Internal component
Interface 1- mother board
2- Rom – Ram
LAN WAN Config port 3- Flash memory
E F G 10G -serial -console 4- NVRAM
10 100 1000 10000
(lease line/frame relay) - auxiliy 5-Non Volition RAM
- ISDN(BRI/PRI) 6- CPU
-ATM(ATM) 7-power supply
Subnet subnet LAN LAN
WAN WAN

# Internal component  ‫ت اا‬1(#‫ا‬

1- ROM ( q4 ‫ي  أ‬4 ‫ ا‬aM ‫ )ا‬6‫ ا آ‬63‫أ‬
a) store boot strap protocol & post
b) Rommon ( Ram monitor ) for trouble shooting
c) mini IOS

2- Flash memory #' ‫ن‬kE‫ أ‬: #9T1

- store IOS Image

3- RAM   ‫ادات ا‬9]‫ ا‬k: -2 ‫

ك‬. ‫ ا‬IOSk: -1 : #9T1
- store decompressed version of IOS Image
- store running config

4- NVRAM ?) _ ‫ذاآة‬

- store startup config

# Tow type from config :

1- Running config ‫ل‬2F ‫ا او‬
2- start up ‫ 'وا‬boot up‫ ' ال‬NM‫; و‬1

Router
Interface Routing table
LAN WAN Config port Static Dynamic
Routing Protocol
Interior Exterior
Distance Link Hybrid
Victor state
Ex: Ex: Ex: Ex:
-RIP -OSPF -EIGRP -BGP
-IGRP

: IOS [Internetwork Operating System] ‫ات‬%‫م او‬H2#‫ ا‬+‫م ا‬G *

IOS image OR image : I4  3‫وأ‬
Reinstall – upgrade [' 
 ‫و‬
*.bin : 62) ‫م ا‬y ' ‫اد‬9)‫* ا‬

: %‫ ااو‬+% ‫ق‬K #

1K‫إ‬ 7? ‫ا‬ ‫م‬
[' 6 :F‫ز ا
 و‬# F ‫)ج ا(ل‬ 99G ‫م  
ن ا او‬9:)4 ( ‫  [ أزرق‬6‫ ) آ‬Console Session ‫ام‬9:)% 1
(F ‫رج ا 
) )ج ا(ل‬E config 6 ‫ ا '; راح‬: ‫[  آن ا‬9:)‫ا‬

F X.8  FF X.8 console [‫ ا‬6‫ | آ‬Aux )1 ;1 99G ‫م  
ن ا او‬9:)4 ( ‫  [ أد‬6‫ ) آ‬Auxiliary Session ‫ام‬9:)% 2
J71 p%Config [ ‫ أي ل‬IP [ ‫م  
ن ا او‬9:)4 ) Telnet Session ‫ام‬9:)% 3
 -10-@@ C C N A 2012 || 2008


  

Method for config router

CLI SDM
Command Line Interface Security Device Manger
Command GUI

Boot up Router %‫ ااو‬+% ‫ات‬1L

‫ا ا وآل‬X‫ ه‬6 1 Boot strap ROM‫; ال‬1 ‫د‬G ‫ا‬X‫وه‬ 6' ‫م ا او‬7 ‫ا ا وآل‬X‫ه‬
62 2 Run post [Power on self test] ‫' 'او‬E‫ا‬9 ‫ ا 
 ت ا‬h  9‫)‚آ‬

62) ‫م ا‬y 6 3 Load Image [IOS] flash #'

‫; ا ام‬1 ‫ن‬k:‫ و‬J2$ ‫| ا‬. 4 Decompress Image & store decompressed IOS into Ram
‫ض 'ت‬ 5 Display information from post program
config‫ ال‬6 6 Load configuration content from NVRAM start up #‫ا‬

setup mode  62) ‫ه راح‬981 ( 99G ‫ي (  

ن ا او‬X‫ )وه‬NVRAM ;1 ‫;ء‬F I7  

: setup mode ‫ام‬H4‫' ا‬A

‫*& ر‬
Basic management -1
Extended setup -2

( ‫'| دي‬4 1 ) p8‫ي ' راو‬4 [8

„) ‫ ه‬DSL ‫* دم‬

Any [pc] on the network and has IP

Host [ client // server ]
End user ‫م‬9:)4 ‫ ا‬s.
End system ‫ز‬# ‫ ا‬s.
93 ‫ أو‬# Edge or interface port or router or hub [terminal]

Commands
Router> User Mode
Router>enable OR en %‫ ااو‬E"%
Router# Privileged Mode
Router#disable %‫ ااو‬LE% You can go back from privileged mode into user mode
Router> by using the disable command.
Router#config t ‫م‬A-M=7H ‫ل‬1 ‫ا‬ Terminal (any changes save in DRAM )
Memory (any changes save in NVRAM )
Router(config)# Network (any changes save in TFTP or FTP Server)
Router(config)#int f0/0 ‫ ص‬-M=7H ‫ل‬1 ‫ا‬ Int = interface , f= fastethernet
Router(config-if)#
Router(config-if)#exit ‫ ص‬-M=7H‫وج 
ا‬H
Router(config)#end OR ^Z ‫م‬A-M=7H‫وج 
ا‬H
Router#
Router#? ‫م‬."45‫ ا‬A ‫م‬H2%
(# ‫ ا‬#(% QBA  ‫إذا‬ Editing and Help Features
Router#conf ? L4 L4 ‫ ا(ت‬.G (Enter ) QLT ‫إذا‬
#( ‫ وراح‬TAB ‫ب‬% ‫ زر‬/A T‫ ا‬9U
E ‫وف 
أ‬V W‫ أر‬X‫اآ‬ $" $" ‫ ا(ت‬.G ( Space ) QLT ‫إذا‬
Router#config t "Hostname"
Router(config)#host yaser
yaser(config)#
Router(config)#banner motd $ (( motd= Message of the day)) W\‫ و‬..
E %‫ روا‬#A
A  #‫آ 
ا‬Z‫ و‬BE# > K 3‫ ه‬Banners
Hello. This router for center control $ Enter T‫ ا‬9U WD‫ ار‬. ‫ ؤ‬$] ‫ء‬.  .'‫ ا‬3B  _ A
 -11-@@ C C N A 2012 || 2008


  

Router#show run static route‫ إد ل‬$ ‫ر د أو‬14 WT‫] و‬-5 ‫ اوا أو‬bK ‫اض ه‬E4‫ؤ  وا‬ Privileged Mode 3B ‫ن‬1( ‫زم‬5 SHOW ‫أي أ‬
Router(config)#do sh run Privileged Mode config WT‫ و‬3B f>L% 9% ‫ض اوا و‬A > K
Router#show history ‫ أوا‬10  g ‫ض‬E ‫ا ا‬Z‫ه‬
Router#sh start Config ‫ت ال‬1E ‫ض‬E
Router1#copy run satart NV-RAM 3B %‫ او‬config ‫ اـ‬j"$ ‫ا ا‬Z‫ه‬
Router2#copy run satart
Router1#erase start Delete the startup-config ‫زا‬l ‫ا ا‬Z‫ه‬
Router2#erase start
Routr(config)#enable password RRRRR "+ _ ‫رد‬14 User Mode V
 ‫ل‬1  ‫ي‬2‫ ا‬9:‫ا ا‬Z‫ ه‬-1
Routr(config)#enable secret RRRRR "+ ‫رد‬14 ‫"ة‬+ _ ‫"ة أو‬+ > L Privileged Mode /‫إ‬
Routr(config)#NO enable password
Routr(config)#NO enable secret f2" ‫ ا‬: NO m\ ‫ي‬2‫ ا‬9:‫زا ا‬
Routr(config)#line cons 0 // aux 0 // vty 0 4 (telnet‫'ه‬E ‫ )ا ة‬%‫ع ااو‬1 X2V
 ‫>ل‬5‫ ا‬: ‫ا‬Z(‫ و‬telnet‫ و‬Auxiliary ‫ و‬console /A  #V #E -2
Routr(config-line)#pass RRRRR ‫ي‬4 9:‫ ر‬XL ‫ راح‬Privilege Mode /‫ إ‬User Mode V
Routr(config-line)#login ‫ي‬2‫ ا‬9:‫ اد ل ا‬Q:‫ و‬3.' ‫
و‬E Q:‫ و‬p'E L4  g
Routr(config-line)#exec-timeout 5 7 (‫ أا‬Q:1‫ ا‬3.' ‫راح‬#B 0 0 V 1) 3‫ا‬1U=7 ‫ و‬b=:‫= د‬5
Routr(config)#enable password RRRRR "+ _ ‫رد‬14 User Mode V
 ‫ل‬1  ‫ي‬2‫ ا‬9:‫ا ا‬Z‫ه‬
Routr(config)#enable secret RRRRR "+ ‫رد‬14 ‫"ة‬+ _ ‫"ة أو‬+ > L Privilege Mode /‫إ‬
Routr(config)#NO enable password ( Privilege password /#2  WT‫) ه' و‬
Routr(config)#NO enable secret f2" ‫ ا‬: NO m\ ‫ي‬2‫ ا‬9:‫زا ا‬
Router#sh run . ‫ اد‬9% 3‫  ا‬2‫م ا‬:‫" ار‬+  ‫ > و‬K
Router(config)#service password-encryption Encrypting Your Passwords
Router(config)#no service password-encryption (To cancel previous command)
Router(config)#int f0/0 ‫رت‬1‫ ا‬BE  # .2 t$ ‫رت‬1‫ ا‬u" m1 > K ‫ي‬Z‫ه‬
Router(config-if)#desc Sales Lan Descriptions1.4‫ و‬A2 f#A‫و‬
[1] Router>en To config any router interface you must do this steps:
Router#conf t Interface configuration
Router(config)#int f0/0 AND f0/1 Add = address
Router(config-if)#no shut %‫ ااو‬$B +%‫ و‬E"% ‫ات‬1L '‫ه‬
[2]Router(config-if)#ip add 10.10.10.100 255.255.255.0
[3]Router(config)#int s0/0 Serial Interface Commands
Router(config-if)#no shut (3T‫ا‬B5‫ا ا‬Z‫ ا )ه‬L2‫ ا‬X(  DTE  2‫ آن ا‬1
Router(config-if)#ip address 10.10.20.1 255.255.255.0 (‫ت‬A2‫ اوا آ )ا‬X( DCE  2‫ آن ا‬1
Router(config-if)#clock rate 64000 Data circuit equipment //// Data terminal equipment
Router#ping 10.10.10.1 Verifying Your Configuration‫ ؟‬5‫ أو‬#E% 3‫( ه ه‬+‫ ر ا‬5
Router#sh int f0/0 b"1(‫
ا‬A ‫ت‬1E ‫ض‬E Up=#E% = "‫ء ا‬,‫ا( وا‬
Router#sh ip int ‫ ؟‬5 ‫ أو‬ip . ‫ وه‬#E% ‫ وه‬interface ‫ض آ ال‬E
Router#sh ip int brief ‫ ؟‬5 ‫ أو‬ip . ‫ وه‬#E% ‫ ه‬M7H interface ‫ض‬E
Router#sh controllers serial 0/0 DCE or DTE 1‫  ه ه‬2‫اض ا‬E45
Router#sh ip route routing table ‫ض ال‬E
Router(config)#int f0/0 SDM you must configure
Router(config-if)#ip address 10.10.1.100 255.255.255.0
Router(config-if)#no shut
Router(config)#ip domain-name xp
Router(config)#crypto key generate rsa general-keys modulus 1024 +% ‫> إذا أردت‬B pE ‫ي‬Z‫ا وا‬Z‫ ه‬L2‫ا‬
Router(config)# ip http server http OR https
Router(config)# ip http secure-server
Router(config)# ip http authentication local "+ #E% 0‫ ور و‬#‫م وآ‬H2 94‫ أي ا‬1‫ ه‬A‫ف‬V
Router(config)# username a privilege 15 password 0 a
 -12-@@ C C N A 2012 || 2008


  

Chapter: 5/6
IP Routing
|‫ أ‬IP ;? DHCP
WINS a97 ‫ وا‬DNS 99 ‫ا‬

Routing Routed Route Router

‫ول‬9 ‫; ا‬8 N‫; ا آ‬8 ‫ر‬4 ‫ا‬ ‫ز‬# ‫ ا‬s.

1- Static 2- Dynamic : route types fD1

> K *

Static -1
:‫ات‬k
‫ ا او‬% r‫و‬9  ‫ ا‬I' y1 ‫ ا‬-3 Security >‫ أآ‬-2 'T‫  )ج راو ذو إ
 ت ه‬-1
:‫ب‬
‫?ء أآ‬E‫(ل أ‬3 -3 admin I' 9# 6 ‫
ن‬1 2 6(3 ‫ إذا‬-2 J71 ‫ة‬2( ‫ '
ت ا‬-1

tow LAN
(, /A %‫
وآ راو‬%‫ > ا 
راو‬K
3]‫ ا‬%‫ ااو‬3B ‫دة‬1D1#‫ ا‬Subnet 3 and 4 ‫ف‬E ‫ اول‬%‫ ااو‬3B Config #A : 5‫أو‬
R1(config) #IP^route^10.10.3.0^255.255.255.0^10.10.5.2
R1(config) #IP^route^10.10.4.0^255.255.255.0^10.10.5.2
‫ اول‬%‫ ااو‬3B ‫دة‬1D1#‫ ا‬Subnet 1 and 2 ‫ف‬E 3]‫ ا‬%‫ ااو‬3B Config #A : ً U
R1(config) #IP^route^10.10.1.0^255.255.255.0^10.10.5.1
R1(config) #IP^route^10.10.2.0^255.255.255.0^10.10.5.1
a‫ه‬Y‫ وه; ا‬C | #y R1&2#sh^ip^route 9‫و ')‚آ‬ .. Y‫ ا‬6M NO &K‫ء أ‬2 … ‫و‬
Stub network = network has one exit interface
‫ى‬EY‫ ا‬#' IP ‫ و  أ   أف ال‬Default Route ‫م‬9:)‫
 ا‬
R1(config)#IP^route^0.0.0.0^0.0.0.0^10.10.5.1 ; > ‫; ا او ا‬1 ‫ ا ;ء‬s. ‫و‬

Router#traceroute 10.10.3.1 %‫ى ااو‬12 /A ‫ا‬Z‫ه‬ Q7V 1 (+#‫ف (ن ا‬E%‫ل و‬11‫ (ن ا‬/V‫ر و‬7#‫ 
ا‬Q(‫ر ا‬2 W%
From recourse to destination
Router#tracert 10.10.3.1 Q41.‫ى ا‬12 /A ‫ا‬Z‫ه‬
Ping fB 1 (+#‫  (ن ا‬$% ‫ ون‬5 ‫ل أو‬7%‫د ا‬1D‫
و‬A H ‫ أ‬1‫ه‬

Dynamic -2
‫م   ا وآ_ت‬9:)‫ ا‬q8 8‫ه‬

% ‫ق‬. ‫ا‬

Routing protocol Routed protocol
- ptotocol used for building routing protocol .. - protocol used for building packet hat need
ex:RIP-EIGRP-OSPF to be routed .. ex:TCP/IP-IPX/SPX-Apple talk
Forwarding table ‫ ال‬6% hD‫ أ‬N
 ‫ ا‬6% ‫ه‬

“autonomous systems” (AS) '7)4 ‫ ا‬y Y‫ا‬

y1 ‫ ا‬I ‫ف إ‬9# ‫ آ‬subneting ‫ و[ ' ال‬r‫و‬9  ‫ ا‬I' ^13Y ‫ة‬2D ‫اء‬kG‫ أ‬I ‫; ا اوات إ‬1 ‫رات‬4 ‫ وز& ا‬a47 ‫ ه‬-
qA‫ ا ام و‬6> ‫; ا او‬1 resource I'
65000 I ‫ إ‬1  AS aM‫& ر‬$ 
 -
#(Interior) Intra-AS = AS 6E‫دا‬ #(Exterior)Inter-AS = AS‫رج‬E -

Gateway router : Direct link to router in another AS

 -13-@@ C C N A 2012 || 2008


  

Routing table
Static Dynamic
Routing Protocol
Interior Exterior
Distance Link Hybrid
Victor state
Ex: Ex: Ex: Ex:
-RIP -OSPF -EIGRP -BGP (for
-IGRP (for Cisco)
Cisco)

Interior protocol [details] 'E‫وآ_ت دا‬%

Routing Protocol kind *AD I' 6 **Num ***Algorithm ‫ت‬R'
RIP 120 Open 15 BellManford Small network
Distance Vector Large network
IGRP 100 Cisco Only 255 BellManford ‫د‬G A cD‫ا أ‬X‫وه‬
Large network
Hybrid EIGRP 90 Cisco Only 255 Dual Protocol RTP
Link State OSPF 110 Open No limit Dijkstra Large network
; > ‫ول وا‬Y‫ ا‬% ‫'ط‬:
IS-IS

*AD= administrative distance **Max hop count *** Algorithm ‫)ر‬E‫[ ه ا‬9T1
‫ ا ?ق‬% 'K. ‫; ا‬1 ‫ ا او‬#9:)4 [ ‫ إ‬6( ‫ راو 
 أن‬I(M‫ أ‬a‫آ‬ Best path selection
cost‫وي ف ال‬4) ‫ وإذا آن‬6MY‫ ا‬XE‚‫و‬
hop count  ‫وه رة‬

Protocol RTP: ‫ | ا او‬X unicast [ 6 ‫  راو  راح‬ack ‫ء‬G   [9T1

* Distance Vector Routing[RIP/IGRP]:

1. Max hop count
2. split horizon ' ‫ر ا‬9( I ‫ إرل ا ' إ‬9  r% ‫& ا 'ب‬8 87
3. Route poisoning 1+ ;? 8
F c? ‫ أو‬p'2  r% 87
4. holddown timers r a‡ 8‫)ة ز‬. y)8

Convergence time ‫ز
ا>رب‬
Routing table ‫ء‬8 ‫ ا او‬qXE‚ ‫ي‬X ‫ ا‬NM ‫ا‬

[1] Routing Information Protocol (RIP) [Distance Vector]

RIP v1 RIP v2
Classful Routing Classless Routing
SM ‫ون‬9% net add r q8
No support for VLSM .'): ‫ | ا‬N84 ‫ ا‬a9 _ ‫أي‬ Support for VLSM
No support for discontiguous networks( .'): ‫' )ا‬4'4) ‫ ا‬A N 4 ‫ ا‬a9 _ ‫أي‬ Support for discontiguous networks
Use broadcast Use broadcast or multicast-D‫س‬h‫; آ‬1 ‫م‬9:)4

contiguous discontiguous
VLSM FIXED LENGTH SM VLSM Non VLSM
 -14-@@ C C N A 2012 || 2008


  

* RIP Timers types :

1. update timer: (30 seconds) q‫>ت ر‬9 r 8‫)ة ز‬1 6‫ آ‬q8
2. invalid timer: (180 seconds) ' ‫; ا‬2' ‫ة راح‬9 ‫ل ه‬hE 9‫ ; ‚آ‬G 
3. flush timer: (240 seconds) Routing table  #4 ‫ راح‬9‫ء ‚آ‬G ‫ ‡  و‬240 N#) ‫ا إذا ا‬X‫'[
 ه‬M ;' ‫ ا‬s.
4. Holddown timer: (180 seconds) ...... ‫ـ‬% DE

Configuring RIP Routing

R1#config t 3]‫ ا‬%‫ ااو‬3B .#E \ > L‫ ا‬u"‫و‬
R1(config)#router rip ( '‫ ه‬.A \#‫ ا‬3‫ ) وه‬Q'2‫ ا‬9:‫> ر‬B % W
R1(config-router)#net^10.10.1.0 >#‫ ا‬.‫ ا‬3B 3‫ ا‬Q2‫ و‬%‫ ااو‬/A 3‫(ت ا‬+‫ ا‬X(% : #. GV -
R1(config-router)# net^10.10.2.0
R1(config-router)# net^10.10.5.0
R1(config-router)#ver^2 3T‫ا‬B‫ وا‬.> 3‫اص ا‬1H‫"دة 
ا‬4 V2 /‫ إ‬.>'
R1(config-router)#^z ==> '‫'ه ه‬E [control + z] V1+
R1# sh^IP^route
R1#debug^IP^RIP
.>2 ‫ و‬.4 3‫ ا‬Q‫ اآ‬3'#E%

passive-interface
Router#config t
Router(config)#router rip
Router(config-router)#network 192.168.10.0
Router(config-router)#passive-interface s0/0

[2] Interior Gateway Routing Protocol [IGRP] [Distance Vector]

ً V ‫د‬1D1 _ @‫ا أ‬Z‫ وه‬IGRP ‫ و‬EIGRP 1(22  ‫ت‬51‫آ‬1%

IGRP
Classful Routing
No support VLSM
No support discontiguous networks
Uses an autonomous system number #$% ‫ 'ن ا 
ف‬ASaM‫ ر‬s. ‫_زم 
ن‬

Use broadcast
Cisco

* IGRP Timers types :

5. update timer: (90 seconds)
6. invalid timer: (270 seconds)
7. flush timer: (630 seconds)
8. Holddown timer: (280 seconds)

Configuring IGRP Routing

R1#config t same RIP with one important difference:
R1(config)#router igrp 10 you use an autonomous system(AS) number
R1(config-router)#net 10.10.1.0 (Here10) .
; > ‫ ا او ا‬I' ‫?ات‬: ‫ ا‬s. p?)% ‫م‬7 ‫ و‬-
R1(config-router)#net 10.10.2.0
R1(config-router)#net 10.10.5.0
R1(config)# no router igrp 10 To Delete routing table built by IGRP
show ip protocols %‫ل دا  ااو‬, ‫ل‬1‫آ‬1%‫ض أي و‬E
debug ip igrp events .4‫ وأر‬.>4‫ أ‬3‫ ا‬Q‫اآ‬
debug ip igrp transactions 3$‫ ا‬Q:1‫ ا‬3B ‫ن‬z‫ث ا‬$% 3‫اث ا‬V‫ا‬
 -15-@@ C C N A 2012 || 2008


  

[3] Enhanced Interior Gateway Routing Protocol [EIGRP][ Hybrid]

>B EIGRP .E E‫ ا‬WL2 ( TCP/IP - IPX/SPX - APPLE TALK ) ‫" ا‬H#‫ت ا‬51‫آ‬1%‫* او‬

EIGRP
Classless Routing
support VLSM
support discontiguous networks
Uses an autonomous system number
Cisco

Communication via Reliable Transport Protocol (RTP)

* Build three table :

1- Neighbor table ‫ا [  ا اوات‬G ;‫وه; أن ا او ف  ه‬
2- Topology table 8‫ ه‬62) ;' ‫ ا‬a‫ر‬A' ‫ 'ت  ا ان وا‬9G 8‫ه‬
3- Routing table ‫رات 'او‬4 ‫ ا‬43‫[ أ‬1‫;ء و‬F E€ 8‫ه‬
Feasible successor I4 ‫ر‬4 43‫ و‡ ; أ‬successor route I4 ‫ر‬4 43‫وأ‬

Load Balance: T"‫رات ا‬2# ‫ل و ات‬#V‫ ا‬W ‫ز‬1% 

Configuring EIGRP Routing

• Configuring Discontiguous Networks 94 j"V‫ و‬j"V ‫ي‬12
E‫و‬
R1(config)#router eigrp 100 255 9 aM‫& أي ر‬K‫| و‬8
‫ و‬AS aM‫ ر‬q8 8‫ ه‬aM ‫ا‬
9:‫ ر‬% W 3]‫ ا‬%‫ ااو‬/A >L ‫ء‬3+‫ ا‬u"‫و‬
R1(config-router)#net 10.10.1.0 Q X2‫ا‬
R1(config-router)#net 10.10.2.0
R1(config-router)#net 10.10.5.0 f|B discontiguous ‫ و‬EIGRP (+‫ ا‬Q‫ آ‬1
R1 (config-router)#no auto-summary WD f%=B‫ و‬Auto summarization ‫م‬H2 ‫راح‬
• To make manual summarization IP X2V /A .‫ أ‬/‫& إ‬4 Q X2‫ا‬
/8 &4 Q X2‫ا‬10.10.1.0 ==

: ]
Router(config)#int s0/0 172.16.0.0 ==

/24 &4 Q X2‫ا‬
Router(config-if)#ip summary-address eigrp 10 192.168.10.64 255.255.255.224 ...no X‫ن أ أآ‬+A‫و‬
show ip route Shows the entire routing table
show ip route eigrp EIGRP‫ض ا ?ق ا  ب‬ Shows only EIGRP entries in the routing table
show ip eigrp neighbors neighbor ‫ض‬% Shows all EIGRP neighbors
show ip eigrp topology Topology table ‫ض‬% Shows entries in the EIGRP topology table

subnetmask ‫ ا ف‬1‫ وه‬discontiguos X4 ‫ن‬1(% Auto summary ‫* ال‬

[4] Open Shortest Path First [OSPF] [Link State]

OSPF
Classless Routing
support VLSM
support discontiguous networks
Uses an autonomous system number Area I4 ‫ة‬2D ‫ات‬93‫م وو‬4M‫ أ‬I ‫ إ‬#47‫و‬
Convergence time 6'7 q9T‫ا‬1 a‫ي و أه‬7. ‫ ا د ا‬-Area 0 ;‫ وه‬Back bone I4 c'?( # ‫و‬
Support IP only.
Manual Summarization.
Use Wild mask [inverse sm] [Wild card mask]
‫ات‬93‫ وا‬I ‫ر إ‬.DY‫' ا‬M‫ر و‬.D‫ أ‬I ‫ات إ‬93‫' ا ا‬M ‫وه‬
 -16-@@ C C N A 2012 || 2008


  

Subnet mask ‫م‬H2 5‫ و‬Wild Mask ‫م‬H2 OSPF ‫ ال‬: #. GV *

Backbone /#2%‫ و‬area 0 3B ‫ن‬1( ‫زم‬5 config OSPF *
S3 [AD/cost] *

: ] ... ‫ة‬, Wild Mask ‫ب‬2V > K

/28
255.255.255.240
255.255.255.255
--------------------
0 . 0 . 0 . 15
* Build three table :
1- Neighbor table
2- Topology table
3- Routing table

100,000
Cost (metric) = ‫ـــــــــــــــــــــــــــــ‬
BW [kilo]

Router ID (RID): is the highest IP address used to identify the router. [Identification] IP I'‫أ‬
Link is an interface on a router.
Link-State: the status of link between two routers |8' ‫ ا‬3
Link-state database (topological database).
Area: ˆ ‫ ا‬a#$% % ‫ دل‬6(‫ و‬AS  ‫ء‬kG

Routing table: %‫ ااو‬3B 2 ‫رات‬2#‫

ا‬2V‫ أ‬3'E
Adjacencies router : DR and BDR [T ‫ و‬sT ‫ 'اوات ا‬J71 r ‫; ا او‬8neighbor router ‫ ال‬6>
Designated router (DR) : sT ‫ ا‬6> )
backup designated router (BDR): sT ‫ ا‬T 6> )

# DR election based on: BDR ‫ و‬DR ‫ب‬H‫ق ا‬K ( t ‫> او‬% 1‫ده ه‬1D‫ف 
و‬.‫ ا‬EK )
1- Priority [highest] ( 255 = ‫ أه‬I'‫ ا او ) أ‬I' 1 ‫; 
ن‬K‫)ا‬1_%
2- RID [highest] ‫ ا او‬qXE IP I'‫أ‬

DRouter I4 (  ‫; ا‬M% ) ‫; ا اوات‬M%‫و‬

BDR ‫و‬DR ‫ب‬H‫ ا‬D1 5 Point-to-Point V 3B

DR & BDR ‫ب‬H‫' ا‬A ‫ن‬1(

- Multiaccess Broadcast Net [ Ethernet :# > ]
- Multiaccess NonBroadcast Net [ Frame Relay :# > ]

Configuring OSPF Routing

R1#config t
R1(config)#router ospf 1 2 V‫ أ‬3]‫ا‬%‫ ااو‬3B‫ و‬Process ID [local] %‫ ااو‬/A= p'E V‫ وا‬9:‫ر‬
R1(config-router)#net 10.10.1.0^0.0.0.255 area 0 config
 ]‫ أآ‬/A ospf ,‫ر أ‬:‫ إن أ‬p'E‫ و‬fB wild Mask WT‫ه' و‬
R1(config-router)#net 10.10.2.0^0.0.0.255 area 0 3]‫ ا‬%‫ ااو‬/A ‫ادات‬A‫ ا‬u" ‫ي‬12 -
R1(config-router)#net 10.10.5.0^0.0.0.255 area 0
* To change priority
DR ‫ اول‬1‫ى ه‬1:‫ ا‬%‫ ااو‬E' Priority  
Router(config)#int s0/0
Router(config-if)#ip ospf priority 2
 -17-@@ C C N A 2012 || 2008


  

show ip route Shows the entire routing table

%‫ ( ااو‬b"1‫ آ‬Q#A ‫ إذا‬5‫ إ‬.B1,‫ر أ‬:‫ أ‬5‫ل و‬1‫آ‬1%‫ا او‬Z. 1#E#‫ق ا‬L‫ف ا‬1,‫ن أ‬+A
Display OSPF information for one or all OSPF processes running
show ip ospf on the router.
show ip ospf database the number of links and the neighboring router’s ID
show ip ospf interface Displays all interface-related OSPF information.

Loop back Interfaces

IP /A‫ أ‬Z € RID ‫* ال‬
3B (‫ ر‬3 X2 ‫ا راح‬Z‫ وه‬config   ‫ه راح‬E‫ راح  و‬IP  shot down 7V 1
( *
. = "‫ء ا‬,‫
ا‬A G'‫ ‚ ا‬logical IP b K
A IP QU‫ أ‬/€B ، (+‫ا‬
Loopback interfaces are logical interfaces

Physical IP f#4‫ء ا‬3, /2‫ أ‬Logical IP />‫ أ‬#

Physical IP /A‫ أ‬Z g f>  ‫ وإذا‬Logical IP /A‫ أ‬Z ‫أ‬

Configuring Loop back Interfaces

R1(config)#int loopback 0
R1(config-if)#ip address 172.16.10.1 255.255.255.255
R1(config-if)#no shut
 -18-@@ C C N A 2012 || 2008


  

Chapter: 7
Managing Traffic with
Access Control Lists [ACL]
R ACL
C1 permit HTTP
C2 permit SMTP
C3 deny FTP
:h
ً >
A R1 [OK] HTTP
action ‫آ‬Y‫اء ا‬G]‫ا‬
C R2 [NO] FTP
action ‫آ‬Y‫أ اع ا‬
L
permit ‫ح‬ deny &8

‫ وف‬A ‫;ء‬F ‫ء‬G 

implicit deny ;8K &8
;8$ ‫& ا‬8 ‫; ا‬1 ‫
ن‬% TELNET: h
ً >

. ‫وج‬: ‫ل وا‬E9 ‫; ا‬1 

‫وج و‬: ‫ ا‬3 ;1 ‫ل أو‬E9 ‫ ا‬3 ;1 #?%‫ أر‬a‡ #8%‫_ أ‬
ً ‫ أو‬-
.J71 q93‫ و‬E€ p? ‫ ف‬ACL  >‫ءت أآ‬G  : ‫ة‬9M -

Types of access lists [ACL]

Named
Standard Extended aM‫ ر‬s ‫ و‬a‫ ا‬J3‫ق أ‬. ‫ ا‬8‫ه‬
BlockSales 6>
-choose from rang aM‫ ر‬#?‫_زم أ‬ -choose from rang aM‫ ر‬#?‫_زم أ‬
1-99 or 1900-1999 100-199 or 2000-2699
- Conditions based on: - Conditions based on:
1) Action ( deny or permit) 1) Action ( deny or permit)
2) Source address of packet: 2) Transport protocol(TCP or UDP)
0Host(single IP) (if any packet made by app protocol
0Subnet(many IP)  
'%Y‫; ا‬1 ‫ل‬2F ‫وآل‬% ;8) Standard Extended
0Any 3)Source address
(Host-Subnet-Any)
4)destination address
(Host-Subnet-Any)
5)Application protocol that built
packet

[1] Standard access lists [ACL]

Conditions(‫ ه‬J71 ‫ن‬jF 99 ‫ ه‬a#‫ا‬9:)_ ‫)ا وط‬:

- source address
- action ( permit or deny )

Source
Host Subnet Any
 -19-@@ C C N A 2012 || 2008


  

Configuring Standard [ACL]

[1] Create conditions , Determine specific IP Any ==> 0.0.0.0 255.255.255.255
Router(config)#access-list 10 deny host 172.16.30.2 J71 93‫ز وا‬#G &8 Host
0.0.0.0
OR ‫ا‬X‫  ه‬N‫آ‬% ‫& أي‬8 ‫ ه‬8‫ ه‬J71 93‫ط وا‬F [1
Router(config)#access-list 10 deny 0.0.0.0 172.16.30.2 172.16.30.2 N# ‫ا‬
Determine any packet
Lab_A(config)#access-list 10 permit any ‫ق‬1 ‫; ا وط‬1 [)8 ;' ‫ ا‬A N
% ‫ي‬Y c‫ا‬
OR
Lab_A(config)#access-list 10 permit 0.0.0.0 255.255.255.255
Lab_A(config)#access-list 10 deny 172.16.30.2 0.0.0.255 '‫ آ‬N  &8 wide mask 8‫ه‬
[2] Assign ACL on interface Dest ‫ل‬D ‫; 
ن ا‬1 ACLs4‫آ‬Y‫& ا‬K‫ً أ‬T‫دا‬ make the dest OUT
Router(config)#int f0/0 out ‫ ه‬8‫ ه‬6DY‫ا‬
Router(config-if)#ip access-group 10 out '4 ‫  ا‬% ;1
* Controlling VTY (Telnet) Access R (config-if)#ip access-group 10 IN
Lab_A(config)#access-list 50 permit host 172.16.10.3 telnet ‫م‬9:)4 [ ‫ إ‬N84 ‫; ا‬1 93‫ وا‬: ‫ح‬4' 7H out ‫ وة‬in ‫ة‬
Lab_A(config)#line vty 0 4
Lab_A(config-line)#access-class 50 in
R(config)#no access-list 10 or 50 'which number you chose it' ACL ‫ء ال‬2 ‫ إ‬7H

: | N 4 ‫; & ا‬% ‫ي‬o‫ل ا‬hE  8 N  &8 63 7H *

BS k ‫ إد ا 'ك‬-1
Broadcast ‫ و‬Network address 99 -2
( wide mask ) ; ‫ج‬:‫ˆ و‬%  a#3? -3
R (config)#access-list 10 deny 172.16.30.0 0.0.0.0 : ;o‫ آ‬6 ‫
ن ا‬% – 4
wide mask ‫
ن ال‬% ; > ‫ وا‬Network address ‫
ن‬% ‫ول‬Y‫ ا‬IP‫ ال‬r%

[2] Extended access lists [ACL]

* Extended ACL:
1- source 2- destination 3-protocol[packet type] 4-action
8‫ ه‬# ‫ة‬9M
-Assign ACL on source interface and make the direction IN
:1‫]ل‬
action source dest Protocol
Telnet
R(config)#access-list 110 deny TCP any 172.16.1.0 0.0.0.255 eq 23

TCP
HTTP/TELNET/FTP/SMTP 6> APP layer 7H ;1 62) ‫وآل‬% ‫ا إذا آن‬X‫م ه‬9:)4
TCP/UDP ‫ )ج أآ) ع ا وآل‬1 APP layer 7H ;1 62)  IP ‫
  آن ال‬
Any
des I ‫ل إ‬D ‫ع  ا‬8 ‫ز‬#G 6‫ آ‬: q8
Source Dest
Host Subnet Any Host Subnet Any
Single IP subnet   H ‫ز‬#G ‫   أي‬H
93‫ز وا‬#G   H 8
:2‫]ل‬
R(config)#access-list 110 deny TCP host 10.10.1.1 host 10.10.2.50 eq FTP

?4 ‫ا ا‬X‫ ه‬K‫ أ‬EY‫; ا‬1

R(config)#access-list 110 permit IP any any
Configuring Extended [ACL]
[1] Create conditions
Lab_A(config)#access-list 110 deny tcp any host 172.16.30.2 eq 23
Lab_A(config)#access-list 110 permit ip any any
[2]Assign ACL on interface ‫ ا‬3‫ ا] وه‬V#‫ا‬
Router(config)#int f0/0 <== ‫رس‬4 ‫ ا‬I' [?
Router(config-if)#ip access-group 110 in
 -20-@@ C C N A 2012 || 2008


  

[3] Named access lists [ACL]

Configuring Named [ACL]

* To create named access list: -
[1] Create ACL
Lab_A(config)#ip access-list standard BlockSales ; ) ‫ل ا‬9 s% ‫ ا ط‬s. named Exten ;1
[2] Create conditions 1-Standard to Extended
2-I ‫[ إ‬T ‫ل ا ط ا > ; وإ‬3‫أ‬
Lab_A(config-std-nacl)#deny 172.16.40.0^0.0.0.255 ‫ة‬F ‫ ا ط‬6‫ا‬ deny tcp 10.10.1.0^0.0.0.255 host 10.10.2.2 eq ftp
Lab_A(config-std-nacl)#permit any permit ip any any
[3] Assign ACL to interface 3- out to in
Lab_A(config)#int e1
Lab_A(config-if)#ip access-group BlockSales out

Time-Based ACLs >B 'E ‫ت‬:‫ أو‬3B ‫وط‬+‫ ا‬mT‫ أ‬m‫آ‬

[1] create a period
Router(config)#time-range no-http I8 ‫ ا‬I' ‫ل‬9 ‫;ء‬F ‫وض‬. ‫ وا‬J71 a‫ا ا‬X‫ه‬ named ;1 J71 62)
Router(config-time-range)#periodic weekend 06:00 to 12:00 ‫ء‬4 ‫; ا‬1  > ‫; ا (ح وا‬1 ‫ه‬8 ‫ول‬Y‫ا‬ ‫; ا او‬1 ‫ وف‬a‫ ا‬Weekend
[2] attach the created period to ACL
Router(config)#ip access-list extended Time J71 a‫ا‬ www or 80 or HTTP
Router(config-ext-nacl)#deny tcp any any eq www time-range no-http
[3] Assign ACL on interface :‫م‬Y‫ا‬
Router(config-ext-nacl)#interface f0/0 Saturdays
Router(config-if)#ip access-group Time in sundays

Remarks
** Uses in Extended ACL ‫ت‬y3h ‫ا‬
R(config)#access-list 110 remark Permit Bob from Sales Only To Finance ‫;ء‬F ‫أي‬-J71 a‫ا‬ ‫ ا  )ف‬6> ‫ت‬y3h ‫ي‬4
R(config)#access-list 110 permit ip host 172.16.10.1 172.16.20.0 0.0.0.255 #' ‫[ وش‬ACL]
R(config)#access-list 110 permit ip any any
Ext & named ;1 J71 ‫دة‬G Remark 87
** Uses in Named ACL
R(config)#ip access-list extended No_Telnet
R(config-ext-nacl)#remark Deny all of Sales from Telnetting to Marketing ‫;ء‬F ‫أي‬
R(config-ext-nacl)#deny tcp 172.16.30.0 0.0.0.255 172.16.40.0 0.0.0.255 eq 23
ACL
Switch Port ACLs „)4 ‫)ى ا‬4 I'
[1] Create conditions
S1(config)#mac access-list extended My_MAC_List J71 a‫ا‬ subnet „)4 ‫; ا‬1 2' 8‫ه‬
S1(config-ext-macl)#deny any host 000d.29bd.4b85 ‫ ا ك‬aM‫ر‬ host OR any J71
S1(config-ext-macl)#permit any any mac J ip ‫ال‬9% 8‫ه‬
[2] Assign ACL on port X.8 6‫; آ‬1 ACL &K‫ إ ; راح أ‬q81 any N‫ دا‬
S1(config-ext-macl)#int f0/6 range ‫م ال‬9:)‫ ا‬#8 _91 ) ‫ي‬X‫وه‬
S1(config-if)#mac access-group My_MAC_List in S1(config-ext-macl)#int range f0/6-10

R#show access-list ip/ipx/apple ‫ـ‬% ‫ ا او اءًا‬I'  ‫ ا‬ACL 6‫ض آ‬

R#show access-list 110 110 aM%  ‫ ا‬J71 ACL ‫ض‬
R#show ip access-list J71 IP I'  ‫ا‬ACL ‫ض‬
R#show ip interface _ ‫أو‬ACL #1 ‫ وإذا آن‬interface I' ‫;ء‬F 6‫ض آ‬
R#show running-config ‫;ء‬F 6‫ آ‬$
R#Show mac access-group MAC I'  ‫ا‬ACL ‫ض‬
 -21-@@ C C N A 2012 || 2008


  

Chapter: 8
Managing Cisco IOS Software
This things we will learn it in this chapter : 7"‫ا ا‬Z‫ ه‬3B .#E ‫ راح‬3‫ء ا‬,‫ ا‬pZ‫ه‬
1- Password Recovery
2- Back up IOS
3- Restore IOS
4- Upgrade IOS
5- Back up [ for config ]
6- Restore [ for config ]
7- CDP [ protocol ]

* Router Boot Sequence:

1- The router performs a POST.
2- The bootstrap looks for and loads the Cisco IOS software
3- The IOS software looks for a valid configuration file stored in NVRAM
4- If a startup-config file is in NVRAM, the router will load and run this file

Configuration register
* It is 16-bit software register that’s written into NVRAM
* configuration setting on Cisco routers is 0X2102 This default
N% 16 = #'‫; آ‬8 N% 4  #8 aM‫ ر‬6‫ و)
ن آ‬Hexadecimal ‫ـ‬% ‫
ن 
)ب‬% 0x 9% aM ‫ا‬
* Notice that bit 6 can be used to ignore the NVRAM contents. If it is enabled.
Bit number 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
Binary 0 0 2 0 0 0 0 1 0 0 0 0 0 0 1 0
Config Register 2 1 0 1
Here the important thing for me the bit number 6 if was:
0
load NVRAM content [start up config] ‫رد‬14 #$% ‫ي‬12
1
Ignore NVRAM content ‫ه‬% ‫ي‬12 – ‫رد‬14‫ ا‬#$ 
Here are the main steps to password recovery: : 3 ‫م‬1> OS 2142  ‫ ا‬9: ‫و‬
To know the value of config Register , use this commend :
R#sh ver 93‫ وا‬aM ‫ ا‬I ‫ إ‬6 aM‫ ر‬N ‫; ا‬1 .( ‫ ا‬M 2)
[1] ;1 ‫ي‬4 ‫ ا‬aM ‫ ا‬6‫ و)ه‬6) % ‫م‬7 _ ;

R> ‫ا‬9 ‫ وا‬6DY‫; ا‬1 ‫ا‬X‫
ن آ‬% ‫ا او‬ ‫ا‬9 ‫; ا‬1 ‫ ا او 
ن‬I2%‫ا أ‬9 ‫ا‬
: ; ) ‫ ا‬6
 ‫
ن ا‬1 Ctrl+Pause/Break I' J2K‫ة أ‬F‫ ا او ( و‬62F‫;ء وأ‬.H‫[) أ‬1‫;  ا رد ا ';  أ‬8 ‚4‫ و‬8‫ ه‬6D  6M rommon 1 >
rommon 1 > rom monitor I4‫و‬
[2] Changing the Configuration Register to ignore NVRAM contents
rommon 1 > confreg 0x2142
[3] Reloading the Router and Entering Privileged Mode by this command
start run
rommon 1 > reset reset ‫ ا او أو أي‬62F‫;ء وأ‬.H‫ _زم أ‬2142 I' 6E9 r%
Old
The router will reload and ask if you want to use setup mode answer NO.
R>en new
[4] Copy startup-config to running-config in Privileged Mode by using this command
R#copy start run config ‫ ' ال‬6M Y‫ا ا‬X‫& ه‬K‫>>>>>>>>>>>>>>>> أ‬
[5] Change password by setting new password
Router#conf t rommon I' rest ‫ال‬
Router(config)#enable secret kkkk privilege mode I' reload ‫وال‬
[6] Change the value of configuration register to enable NVRAM contents
Router(config)#config-register 0x2102 privilege mode 3 ;1 config register ‫ ال‬M 2 7H
[7] Save your work #E‫ ا‬j"V
Router#copy run start
[8] Reload router to activate changing of configuration register
Router#reload
 -22-@@ C C N A 2012 || 2008


  

TFTP WINDOWS /A +% 

UDP
v12 : ‫ا‬Z‫ه‬ .A ‫ف‬E ‫ >ر‬5‫ و‬.BE 5‫و‬
FTP
WINDOWS /A #E
HTTP TCP
.A ‫ف‬E ‫ و >ر‬.BE ‫و‬
HTTPs

Backing Up the Cisco IOS

** To back up the Cisco IOS to a TFTP server, you use this command ‫ل‬hE  FTP ‫وز‬9  ‫ ا‬6 ;‫?ة ه‬E ‫ أول‬-1
R#copy flash FTP ‫ل‬D ‫ ا‬I ‫ر إ‬9( ‫;  ا‬8 a‡ ‫ ا 
 ت‬a‡ ‫ا‬% ‫إزا‬/ 1K‫ إ‬a‡ a
) ‫ ا‬3
OR IIS=>internet info service
R#copy flash TFTP ‫ا‬X‫& ه‬K‫)ر أ‬E_‫; ا‬1
94 ‫ أو‬945‫ ا‬u"' fH2' /% ‫ا ه‬Z‫ آ‬E‫( و‬B2‫)ا‬Q41.‫ ا‬94‫ ا‬9U ‫ ا"ش‬94‫ ا‬XL ‫ راح‬/A‫ ا‬3B ‫ ا‬/A \‫ ا‬E
Inetpub f#4‫ ا‬f=+| ‫م‬: ‫ي‬Z‫ ا‬1‫  ه‬D  3B ‫زك‬.D 3B m#‫ ا‬% ‫† وراح‬2'‫ ا‬#E ‫م‬1> ‫ه راح‬E ‫ ا‬9U  g
* To know the name of the IOS image , use this command :
R#sh flash ‫ وا ع‬9:)4 ‫ ا ة وا‬34 ‫ش وا‬h. ‫ ا‬a‫; ا‬8?
or
R#sh ver ‫ش‬h.' h ً ‫ ا ام آ‬a3 ;?
or ‫دة‬G ‫ ا‬6> ‫وا‬Y‫م ا‬9:)4 q9% ‫? و‬4 ‫ا ا‬X‫ه‬
R#dir flash: 9M ‫وس‬9 ‫; ا‬1
----.bin ‫اده‬9)‫
ن ا‬% image a‫وأف ا‬

R#copy FTP flash ‫ع‬G)‫ ا‬restor 6 7H

Router#ping FTP_server

* IOS file system

Router#show file info flash:c1841.bin
Router#delete flash:c1841.bin
Router#pwd [' 62)F‫اآ)ري ا '; أ  ا‬9 ‫ ا‬%

NVRAM 34 ‫ ه‬config 6 34 ‫أآ‬

J%‫د ر‬G‫  و‬9‫ أ‚آ‬-1

FTP 6  9‫ أ‚آ‬-2

----.bin ‫ ه‬62) ‫م ا‬y ‫اد‬9)‫ا‬

** To copy the router’s configuration from a router to a FTP server config 6 backup :4 ‫أي‬
Router#copy run FTP a#8% ‫ق‬1 9G _‫ن و‬#%) Y‫ ا‬X‫ه‬ config ‫أ اع‬
or 1- start
Router#copy start FTP 2- run
** Copying the Current Configuration to NVRAM
Router#copy run start
** If you did copy the router’s configuration to a TFTP server as a second config ‫ع ال‬G‫ إر‬pH
backup, you can restore the configuration
Router#copy TFTP run or ftp
 -23-@@ C C N A 2012 || 2008


  

Cisco Discovery Protocol (CDP) [L2]

. #E ‫"
 راح‬H
A1 fB ‫ن‬1( # 3'E ، >B 1(24 ‫ت‬+ 14‫ات و‬%‫ راو‬/A ‫ل‬, ‫ل‬1‫آ‬1%‫ و‬1‫ ه‬-
L3 Troubleshooting 3B‫آ و‬+#‫ ا‬V 3B 3"%‫ و‬، f‫ا‬D /‫ " إ‬E% Q‫ آ‬4 %‫ إن آ راو‬: f"‡‫ و‬-

q‫ ر‬6 8‫)ة ز‬1 6‫آ‬ how often CDP packets are transmitted to all
‫ا [ 
 
  راوات أو )ت‬G‫و‬ CDP timer
active interfaces.
( ‫د  ا ر‬7 ‫; ) وه; ا ' ا‬#)8‫ و‬8‫)ة ز‬1 #
qX‫ل ه‬hE  ‫دة‬9 ‫ة‬9 97 q‫ر‬G  ‫ه‬XE ;' ‫ا 'ت ا‬ the amount of time that the device will hold
NM} ‫ا‬
CDP holdtime
packets received from neighbor devices.

Configuration
Router#sh cdp

** Use the global commands cdp holdtime and cdp timer to configure the CDP holdtime and timer on a router:
Router(config)#cdp timer 90 9‫ أر‬.‫ آ‬NM ‫ ا‬2) ‫ ‡  و‬60 6‫ آ‬r9) % ‫م‬7 [ ‫; إ‬K‫)ا‬1_‫ا‬
Router(config)#cdp holdtime 240 9‫ أر‬.‫ آ‬NM ‫ ا‬2) ‫ ‡  و‬180 6‫ آ‬r9) % ‫م‬7 [ ‫; إ‬K‫)ا‬1_‫ا‬
** Gathering Neighbor Information by using this command
Router#sh cdp nei detail 6D.) ‫ض ا‬
** Gathering Interface Traffic Information including the number of CDP packets sent and received and the
errors with CDP.
Router#sh cdp traffic [)'7)‫ ا‬N
% a‫ أر')[ وآ‬N
% a‫ض آ‬
** Gathering Port and Interface Information including CDP status on router interfaces or switch ports.
Router#sh cdp interface CDP62) ;' ‫ ا‬s1) _% TM %
** To turn off CDP on one interface on a router,
Router(config)#int s0 fE'‫ وأ‬%‫ ااو‬/A  ‫ أد‬Q(‫ ا‬4 p‫إذا  أ‬
Router(config-if)#no cdp enable
 -24-@@ C C N A 2012 || 2008


  

Chapter: 9
Switching Layer2
hexadecimal <== 48bits ‫ 
ن‬Mac address ‫ال‬

* Three Switch Functions at Layer 2:

1. Address learning MAC table ‫ء‬8% ' ;‫ه‬
2. Forward[if Destination known‫] وف‬/filter[if Destination unknown‫ وف‬A]
source (‫ر‬9( ‫س ) ا‬Y‫ا ا‬9 & ‫ ا‬I' Broadcast ‫ي‬4
3. Loop avoidance (Broadcast storm)

( multi-link : I4 ) |8  >‫‚آ‬% ) % J% 

 -
J71 93‫ وا‬IP XE „)4 ‫ ا‬-
* Spanning Tree Protocol (STP) : ‫ب‬1‫ ا‬W' ‫ل‬1‫آ‬1%
layer2  > ‫ ا‬7? ‫; ا‬1 loop avoidance ‫& ' ا 'ب‬8 ‫ا ا وآل ه‬X‫ة  ه‬9T. ‫ا‬
logical ‫ي‬X‫ وه‬single link J71 93‫ر وا‬4 61‫رات وأ‬4 ‫& ا‬G &8‫ا ا وآل أ‬X‫ ه‬pH 1 multi-link ‫د‬G‫ ا 
' ه; و‬-1
open path I ‫ إ‬closed path  ‫ر‬4 ‫ ا‬6 I' ‫م ا وآل‬7 -2

* STP steps 6 ‫ب وا‬:) _‫?ات ا‬E:

1- elect(‫ب‬:) ‫ )ا‬Root Bridge (switch) based on :
a) priority [less] (32,768 ;‫
 ه‬4 ‫; )ت‬1 ;K‫)ا‬1_‫ه ا‬Y‫ ا‬aM‫) ر‬ ‫ أه‬6M‫)ر أ‬E‫أ‬
b) Bridge ID (BID) MAC address [less]aM‫ ر‬6M‫)ر أ‬E‫أ‬

:r3  DP ‫)ر ا ـ‬E‫ 

ن ا‬Non-RB #‫)ت وا ); ا‬4 ‫; ا‬1 

a) priority (32,768 ;‫
 ه‬4 ‫; )ت‬1 ;K‫)ا‬1_‫ه ا‬Y‫ ا‬aM‫;ء ) ر‬F 6M‫أ‬
b) BID (MAC‫(د ا ـ‬7 ‫ ا‬8‫ ه‬H)‫;ء‬F 6M‫أ‬

2- All ports on (Root Bridge) become [(designated port) [Forward Port]

‫رت‬% ‫روورد‬1 I4 ‫ج‬9% ‫ ا وت‬I' ‫ ا رت‬6‫آ‬

3- Remaining Bridge[sw] become [Non-Root Bridge]

Non-Root Bridge I4 M ‫)ت ا‬4 ‫; ا‬1 ‫ا رت‬

4-For each Non-Root Bridge only one Root Port

(
‫ب ا‬Y‫; ا‬8 ) ‫ج‬9% ‫ & روت‬H% ‫ وه; ا ); 
ن‬J71 93‫رت وا‬% ‫ روت‬9G Non-RB ‫)ت‬4 ‫; ا‬1

:; ) ‫)ر 
ن  آ‬E_‫ ا‬7H‫
ت و‬8' ‫  ا‬93‫رت وا‬% ‫)ر روت‬E% STP ‫م‬7 multi-link |8  >‫ي أآ‬98 ‫ إذا‬#
a) cost ; > ‫ 'ر ا‬67)8 ‫وى‬4 ‫;ء وإذا‬F 6M‫)ر أ‬E‫أ‬
Speed Cost
2 10G
4 G
19 F
100 E
)%‡ ‫م‬M‫ر‬Y‫ ا‬qX‫‚ن ه‬% '
b) Port number ‫;ء‬F 6M‫)ر أ‬E‫أ‬
f0/0 or f0/2 or f0/3 „)4 ‫ ا‬I' ‫ ا رت ا 
)ب‬aM‫ا '; ه ر‬

5- For each segment only one Designated Port [Forward Port]

)4 ‫ ا‬% J% ;' ‫| ا‬8 ‫ ه ا‬8‫ ه‬segment ‫ـ‬% ‫(د‬7 ‫ا‬
‫ي‬4 ‫ راح‬RP _‫ و‬DP s ‫رت‬% ‫‚ي‬1 ['‫ و‬RP Eo‫)„ ا‬4 ‫; ا‬1 ‫ ا رت‬a‫ وا‬DP ‫[ ه‬1 6D ‫ ا رت ا‬a‫ 
ن ا‬RB ‫)„ ا '; 
ن‬4 ‫; ا‬1
block ['

BPDU: Bridge Protocol Data UnitI4 ‫)ت‬4 ‫ ا‬% ‫ا ا ); 
ن‬9 ‫ا‬
 -25-@@ C C N A 2012 || 2008


  

[STP]Spanning-Tree Port States \ ‫ أ‬f#A‫

أ‬
1- Blocking 2- Forwarding
Configuring Cisco Catalyst Switches
*** Setting the Passwords
Switch(config)#enable password todd -----> non Encrypted MAC Address <== ‫ز‬# ‫ا‬
Switch(config)#enable secret todd -----> Encrypted
*** Setting the Hostname
Switch(config)#host S2950
*** Port Security
Switch(config)#int f0/1
Switch(config-if)#switchport port-security mac-address sticky  € ‫ ا ك‬I' ‫)„ )ف‬4 ‫ه ا‬8 sticky ‫ و‬J71 sticky '‫; أو اآ) آ‬4.8% ‫ ا ك‬J3‫ 
 أ‬8‫ ه‬-
Switch(config-if)#switchport port-security maximum 1 MAC Address ‫ـ‬% a#)1 „)4' ‫ح‬4 ‫ة ا‬k#GY‫د ا‬9 -
Switch(config-if)#switchport port-security violation shutdown ‫ز‬# ‫ء ا‬.H‫)أ  أ[( وه إ‬Y‫ا ا‬X‫ ه‬X.8 ‫?)[ راح‬3 ;' ‫ات ا ك  ا‬2 ‫د‬9 ‫  زاد‬-
S(config)#int range f0/1–5 ‫رت‬% ‫رت‬% #4  ‫ال‬9% ‫   ا رت‬I' Security ‫ي‬4 N2% ‫إذا‬
*** Setting IP Information host [ ‚‫)„ ) آ‬4 ‫ا‬
S2950#config t „)4' IP ‫ إ?ء‬.‫آ‬
S2950(config)#int vlan1 N%‡ VLAN1 ‫)ر‬E‫)„ ا‬4 ‫ ا‬I' T‫دا‬
S2950(config-if)#ip address 172.16.10.17 255.255.255.0
S2950(config-if)#no shut
S2950(config-if)#exit
S2950(config)#ip default-gateway 172.16.10.1 2 „) I ‫ إ‬1 „)  ‫ ا  ت‬67)8)

S#sh mac address-table MAC Address Table ‫ض ال‬

S#sh spanning-tree RB ‫ و‬Non-RB‫ض‬%
Sw(config)#spanning-tree vlan 1 priority 16384 ‫ )„  
ن ا ووت‬I2%‫  أ‬6ML ‫ه‬A‫ وأ‬Priority ‫ ال‬2
OR
Root Bridge ‫راح 
ن ال‬
S1(config)#spanning-tree vlan 1 root primary ‫ة‬F‫ و‬3‫ا‬D #T?‫إ‬

: ‫ر‬y) _‫ا ا‬X‫ ه‬I?:‫ 'ن أ‬Fast ‫ ا رت‬6G‫أ‬

BPDU 67)4 Block (20 sec)  ‡ 50 ;K‫)ا‬1_‫ا‬
#G: 
‫ و‬DPDU 67)4 Listening (15 sec)
MAC ADD TABLE ‫ء‬8% ;1 ‫ ورك‬#G: 
‫و‬BPDU 67)4 Learning (15 sec)
Forward

PortFast I' J71 6 BPDUFilter ‫ و‬BPDUGuard ‫ت‬87) ‫ ا‬qX‫ه‬

S2950(config)#int range f0/3-4
S2950(config-if-range)#spanning-tree portfast
S2950(config-if-range)#spanning-tree bpduguard enable BPDU ‫ل‬7)‫& ا‬8
S2950(config-if-range)#spanning-tree bpdufilter enable
Spanning Tree UplinkFast
NonRoot I' J71 #7H‫أ‬
69% ‫ي‬98 ‫  
ن‬#'‫ أ‬: ‫ة‬k
E€ ‫رت‬% k# ‫ 
' 
ن‬6(  ‫أول‬
E€ ‫رت‬% k# [ Y y)8  8#1  ‡ 50 y)8 nonroot ‫ و‬root ‫ ال‬%
S2950(config)#spanning-tree uplinkfast
Spanning Tree BackboneFast
;.'E ‫ر‬4 XE‚
‫)ت‬4 ‫ ا‬6‫ آ‬I'‫ و‬nonroot ‫و‬root I' #7H‫ا‬
S2950(config)#spanning-tree backbonefast
Erasing the Switch Configuration
S2950#erase startup-config
 -26-@@ C C N A 2012 || 2008


  

Chapter:10
Virtual LANs [VLAN]

: VLAN ‫ ال‬9T‫ا‬1
interface  6'M ‫د‬9 I' subnet ‫; 
 ا
>  ال‬8 interface 6
subnet [ ‫ 
' إ‬N'3 -1
logical interface ‫'ن‬% 4.2 I' ‫ )ي‬one physical interface‫; ا او ال‬1 -
sub interface ‫ا‬X‫ ه‬F0/1.1

 ‫ ا‬I' ‫ق‬8)E‫ي ا‬4 ‫ا‬X‫ن أآ>  آ‬Y 1024  >‫ر أي أآ‬9M‫  أ‬-
(a# [?%‫ وأر‬E€ „) ;1 a47 ‫ ا‬s.8 &% :F |F‫ر أ‬9M‚1 ‫)„ 'ن‬4 ‫;  آن ا‬8 ) physical limitation '
 63 -2
r‫و‬9 % |'#)4 [ Y broadcast '
 63 -3
( subnet  >‫ن ) أآ‬Y‫ ' ا‬-4

a#8% J%‫)ج او'ن أر‬3‫ ا‬VLAN  >‫ أآ‬N' ‫إذا‬ -

.'): ‫; )ت‬1 ‫ون راو و  آ ا‬9% a#8% 6‫; ا)?& أا‬8 x1 subnet  I ‫ة إ‬93‫ ا ا‬VLAN N4M ‫
 إذا‬ -
.'): ‫ )ت‬I' ‫ق( أو‬1/N) .'): ‫; أآ‬1  ‫  آ‬I)3 q93‫ و‬VLAN ;1 ˆ% & ‫م‬4MY‫& ا‬G‫ر ا‬9M‫أ‬ -
‫ )وآ 'ـ‬VLAN1 ‫ آ أن‬VLAN2  ‫أ‬9 8 x1 VLAN ‫ إذا أرد  إ ء أي‬q8‫ و‬VLAN1 ;1 ‫دة‬G ‫ ( 
ن‬Ports ) „)4 ‫)ت ا‬1 -
Administrator

collision domain fU‫و‬V‫دم و‬7‫* ا‬

Hub ‫ب‬# ‫; ا‬1 -1
( &' N‫ود آ‬% ) 6
‫ آ‬# ‫)ى ا‬4 I' 6( ‫ا )(دم‬
Switch „)4 ‫; ا‬1 -2
( ‫ر‬9( ‫ا ا‬9  &' N‫ود آ‬% ) J71 ‫)ى ا رت‬4 I' ‫ث‬9 ‫ا )(دم‬
‫; ا او‬1 -3
[each Router Interface Represents Broadcast domain] ‫ة‬93‫ ا ا‬subnet ‫)ى‬4 I' ‫ث‬9 ‫ا )(دم‬

VLAN Types
Static VLANs Dynamic VLANs
f2" ‫رت‬1‫ ا‬/A ‫ن‬1( +‫ه' ا‬ f2" ‫ز‬.‫ ا‬/A ‫ن‬1( +‫ه' ا‬
- By admin 6 % ‫م‬7 N ‫أ‬ - By admin 6 % ‫م‬7 ‫ا‬%
NG ‫ة أو‬k#GY‫ت ا‬A '1 ‫ ا رت‬s.8 assign 6‫ أ‬8‫ ه‬N'7 ‫ت أو‬A '1 ‫ة‬k#GY‫)ى ا‬4 I' ‫ 
ن‬r9) ‫ ا‬8‫ه‬
([4. ‫ ا رت‬I' ‫ادات‬9]‫ن ا‬Y ‫ق‬. ) ‫ة‬99G ‫ة‬k#G‫أ‬ (VLAN s. ;1 ‫ز‬# ‫) ا‬4 ‫اح‬1) ‫ز‬# ‫ا‬
dynamic ‫ و‬static 62F‫& أ‬.8  -
f0/1
VLAN2[sales] , f0/2
VLAN3[IT] , f0/3
VLAN4[marketing] , f0/4
VLAN5[accounting] -

*There are two different types of links in a switched environment:‫

ت‬8' ‫أ اع ا‬

1 2
Access links Trunk links
N# ‫)„ وا‬4 ‫ ا‬% „)‫ )„ و‬%
‫ )„ وراو‬%
access port ‫ول وا > ;  أن 
ن‬Y‫)„ ا‬4 ‫; ا‬1 ‫ا رت‬ J71 „)4 ‫ ا‬I' Trunk port ‫ول وا > ;  أن 
ن‬Y‫)„ ا‬4 ‫; ا‬1 ‫ا رت‬
[ Config ‫ أي‬q8 ‫ا‬X‫ ا او وه‬s ‫ و‬J71 „)4 ‫ ا‬I' [ Config ‫ أي‬q8 ‫ا‬X‫ ا او وه‬s ‫و‬
Fast Ethernet ‫_زم 
ن ا رت‬
: ;o‫ ا‬6
VLAN-ID -1
„)4 ‫ ا‬I' VLAN  >‫ي أآ‬98 ‫ إذا آن‬VLAN-ID ‫)ج‬3‫ا‬
Encapsulation '2 -2
:‫م‬9:)4 ‫وآل‬% ‫ أي‬99)% ‫م‬M‫ وأ  أ‬K‫)ج أ‬3‫ ا‬5 aM‫ز ر‬#G‫ و‬1 aM‫ز ر‬#G % 67 ‫  أي‬

Frame tagging [Encapsulation]

Inter-Switch Link (ISL) IEEE 802.1Q [dot1Q]
- Cisco - Open standard
 -27-@@ C C N A 2012 || 2008


  

VLAN Trunking Protocol [VTP]:

VLANs ‫ ' إدارة ا ـ‬6#4 -
‫)ت‬4 ‫ ا‬7% ‫ راح ف‬VTP ‫ام‬9:)% ‫ه‬9%‫ و‬config ‫ وأي‬J71 93‫)„ وا‬4 ‫أروح‬ -

: VTP ‫ة‬k  9.)‫* 'ن أ‬

(‫ة‬2D ‫س  ا ف آة أو‬43 ) 93‫ وا‬a‫ و
ن [ ا‬93‫ وا‬Domain 6E‫)ت دا‬4 ‫& ا‬G 6E‫ أد‬-1
client 62) ‫ راح‬7 ‫ وا‬server1 62) 93‫ _زم )„ وا‬-2

VTP Modes of Operation

Server Client Transparent
: 3%z ‫ ا>م‬WL2% &‫ أ‬f' ‫وا"=ة‬ Q' (‫ وا‬B2‫ ˆ ا‬14
 ˆ 14 local 3% ‫ن‬1(% # t$  #V Q 1 ‫ن‬+A fH4‫ا‬
#2% ‫دة‬A‫ – إ‬BT‫ف – إ‬ZV – ‫ء‬+‫إ‬ >2 ‫د‬ .>2 3‫ت ا‬1E#‫ و(
ا‬f‫ا‬D /‫ه إ‬+' ‫م‬1> 
VLAN ‫اـ‬ .4
(#
server mode <== By defaults K‫)ا‬1‫ ا‬XE‚ Cisco 
4  „) ‫* أي‬

router on a stick I4 ‫; ا او‬1 93 ‫* ا رت ا‬

Configuring VLANs
• Create VLAN ( by global config ) ‫ي‬Z‫ ه‬#A‫ ر ا‬5‫ ا‬3B You can’t change, delete, or rename VLAN 1, because
Switch(config)#vlan 2 it’s the default VLAN.
Switch(config-vlan)#vlan 3
Switch(config-vlan)#vlan 4
Switch(config-vlan)#vlan 5
• [1]Create VLAN ( by Database Mode ) ‫ي‬Z‫ ه‬#A‫ ا‬#E#‫ ا‬3B
+#2‫ ‰ ا‬3B
S1#vlan database
S1(vlan)#vlan 2 name sales
S1(vlan)#vlan 3 name IT
• [2]Assigning Switch Ports to VLANs >>>>>>>>>>>> ‫ه‬2%‫ ا '; أ‬VLAN I ‫ ا رت إ‬98‫ ا‬I2%‫أ‬
Switch(config-if)#int f0/2 |‫??| ور‬: 43 I' ‫د ا رت‬8‫ إ‬-
_ ‫ أو‬N'E‫ة د‬k#GY‫ف ا‬F‫ 'ن أ‬sh VLAN ‫د أي‬8]‫ ا‬9%‫و‬
Switch(config-if)#switch port access vlan 2 q2%‫ ا '; أ‬VLAN ‫ ال‬aM‫ر‬
SW1(config-if)#switch mode access N# ‫)„ وا‬4 ‫ ا‬% 6
‫ ع ا‬99
• If you want to verify your configuration, use this:
Switch#sh vlan _ ‫ أو‬vlan ‫ ال‬N7H 6‫)ض ه‬4 ‫'ن ف‬
* [3]Configuring Trunk Ports [Assigning Switch Ports to be trunk] 8% '): ‫; )ت‬1 N ‫  آ‬#$% ‫ة ف‬93 ‫ ا‬VLAN ;1 ‫ة‬k#GY‫ ا‬: 3 ‫?ة‬E 9%
93‫; )„ وا‬1  ‫و‬#$% ‫  ف‬.'): VLAN ;1 ‫ة‬k#GY‫ا‬
Sw(config)#int f0/12 trunk62) ;' ‫ ا رت ا‬aM‫ ر‬8‫& ه‬$
Sw(config-if)#switch port mode trunk ‫& ا وآ_ت‬G ‫)„ ف‬4 ‫ إن ا‬3 ;1 ‫ه‬2%‫)ر ع ا وآل ا '; أ‬E‫ وا‬8‫أآ‬
Sw(config-if)#switchport encapsulation dot1q >>>>>>>>>>>>>>> ‫;ء‬F )‫ )ج أآ‬1 2950 aM‫)„ ر‬4 ‫ ا‬6> 93‫وآل وا‬% _‫
  آن  ف إ‬
• Defining the Allowed VLANs on a Trunk *****
‫? ور ا  ت‬7 ‫ و‬J% ‫? ا‬7 [ ‫ إ‬a
% N‫آ‬% ‫ي‬Y c4 ‫رت‬% | ‫; ا )ا‬K‫)ا‬1_% ***
Sw(config-if)#switchport trunk allowed vlan 1-10 ***** #' )% [ ‫ح‬4 ‫ ا‬VLAN ‫د‬93‫ أ‬8‫
 ه‬1 62 ‫و'[ ا‬
Sw(config-if)#no switchport trunk allowed vlan *****
• [4]Configuring Inter-VLAN Routing
Router#config t
Router(config)#int f0/0
Router(config-if)#no ip address [2' IP [1 ‫  آن‬
Router(config-if)#no shutdown
Router(config-if)#int f0/0.1 sub-interface I' ‫ل‬E9 ‫ ا‬8‫ه‬
Router(config-subif)#encaps dot1q 1 -----> VLAN 1 6 ‫)ت‬4 ‫ˆ ا‬% ‫ن‬Y encapsulation '2) ‫ة ا‬9T1
Router(config-subif)#ip address 192.168.10.100 255.255.255.0 dot1Q I' #$%‫ و‬isl I'
Router(config-subif)#int f0/0.2
Router(config-subif)#encaps dot1q 2 -----> VLAN 2 ‫}ال‬4 ‫; ا‬1 74 | N 4 ‫د  ا‬93
Router(config-subif)#ip address 192.168.20.100 255.255.255.0
* Config VTP
Switch(config)#vtp mode server ------> default 
4 ‫; )ت‬1
Switch(config)#vtp domain orbits ً ‫  أآ> أ‬
Sw(config)#vtp password kkkk
 -28-@@ C C N A 2012 || 2008


  

Packet
Data Voice Video
Real time Real time
‫م‬9:)‫ أآ و'[ ا‬priority #?‚1 delay ‫ر‬y) ‫ ا‬6)  8‫ه‬
QoS[Qulity of service]
qA  >‫ أآ‬9E ‫دة‬G ‫ا (ت )ج‬
intelligent ;)
F q81 ‫ق‬1 ;' ‫ أ اع ا  ت ه; ا‬N8‫* إذا آ‬

Configuring Voice VLANs

Switch(config)#mls qos
Switch(config)#interface f0/1
Switch(config-if)#mls qos trust cos
Switch(config-if)#switchport voice vlan dot1p
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#switchport voice vlan 10
 -29-@@ C C N A 2012 || 2008


  

Chapter: 11
Network Address Translation
[NAT]
IP
Virtual [private] Real [public]
10.0.0.1 : 10.255.255.254
172.16.0.1 : 172.31.255.254
192.168.0.1 : 192.168.255.254
Real IP 1.B ‰‫ا ا‬Z‫ ه‬3B ‫د‬1D1 _ IP ‫أي‬

9.'  1$ ‫م‬1> t$ real IP ‫ و‬virtual IP

 :A 3‫ ه‬NAT ‫ال‬
(‫ا‬D m( ‫ز‬.D ( real IP /A ‫ل‬17$‫ أن ا‬tV) Q'‫ ا‬/A ‫ل‬1 ‫" ا‬H#‫ة ا‬.D‫ >رة ا‬: f%=B‫و‬

PAT
Port Address Translation

NAT
Static Dynamic Overloading == [PAT]
Many virtual IP => Many real IP Static Dynamic
One virtual IP => one real IP :‫ط‬F With Overloading With Overloading
Number of real IP=number of virtual IP
Many virtual IP => One real IP Many virtual IP => Many real IP
Many real IP CALLD pool of real IP

(( ;4‫ام ا وآ‬9:)‫ 
 ا‬h> )) ‫ ا 'ل‬93‫ ه أ‬NAT ‫ال‬

NAT Names
Inside local Inside global Outside global
Name of inside source address Name of inside host after Name of outside destination host
before translation translation after translation
Virtual IP [1 ‫(د‬7 ‫ا‬ Real IP [1 ‫(د‬7 ‫ا‬ ;)
F ‫رج‬E # 6D‫ أو‬I2%‫ا ? ا '; أ‬

Static NAT
[1]Creates a static NAT translation between 192.168.10.1 and 192.1.2.109 real&virtual
 :E‫ا‬ N ) ]‫ح [ ا‬4 ‫ز ا‬# ‫ا ا‬X‫ه‬
Router(config)#ip nat inside source static 192.168.10.1 192.1.2.109 NAT Table;  192.168.10.1 Virtual IP‫ا ال‬X‫ه‬
[2]Configures NAT inside interface insidem E% 192.1.2.109 Real IP‫ا ال‬X‫ه‬
Router(config)# interface f0/0
Router(config-if)# ip address 192.168.10.1 255.255.255.0
Router(config-if)# ip nat inside 'E‫ا‬9 ‫ ا 
ا‬I' ‫ا 'ن )ف‬X‫ه‬
[3] Configures NAT outside interface outsidem E%
Router(config)# interface Serial0/0
Router(config-if)# ip address 192.1.2.109 255.255.255.240
Router(config-if)# ip nat outside G‫ر‬: ‫ ا 
ا‬I' ‫ا 'ن )ف‬X‫ه‬

Dynamic NAT
[1]Defines a NAT pool (outside addresses) named MyPool with a range of addresses Pool=> many Real address  
60.1.1.2 – 60.1.1.6 ISP  IP ‫)ي ال‬
Router(config)#ip nat pool MyPool 60.1.1.1 60.1.1.6 netmask 255.255.255.248 ISP  q‫( )ا‬IPs)‫ة‬k#G‫ أ‬6 ;8 8‫ه‬
[2]Determine inside addresses that will use NAT, that addresses are defined in ACL
Router(config)#ip nat inside source list 10 pool MyPool ACL aM‫ه ر‬8 10 ‫ول وال‬9 ‫; ا‬8 8‫ه‬
J71 ‫ة‬k#G‫ أ‬6 93‫ ا ا‬NM ‫; ا‬1 
‫ز‬#G 254 6E9 ‫ر‬97
Router(config)# access-list 10 permit 192.168.10.0 0.0.0.255
[3] Configures NAT inside interface >>>>>>>>>>>>>>
[4] Configures NAT outside interface >>>>>>>>>>>>>>
Static NAT ;1 ‫وا‬Y‫ ا‬s.
 -30-@@ C C N A 2012 || 2008


  

(‫'[ ز‬M  ‫ن‬Y 1024  I'‫ أ‬aM‫م ر‬9:)‫ة ) وا‬k#GY‫د  ا‬9 >‫ج أآ‬E‫ر أ‬9M‫ 'ن أ‬Port ‫م‬9:)‫[ ا‬9:)‫و'ن أ‬

Overload NAT (PAT)

[1] Defines a NAT pool (outside addresses) named MyPool with a range of
Single address 60.1.1.1
Router(config)#ip nat pool MyPool 60.1.1.1 60.1.1.1 netmask 255.255.255.248 J71 93‫ز وا‬#G
[2]Determine inside addresses that will use NAT, that addresses are defined in ACL
Router(config)#ip nat inside source list 10 pool MyPool overload =========

8‫ ه‬9:)4 ‫ ا‬NAT ‫وش ع ال‬
Router(config)# access-list 10 permit 192.168.10.0 0.0.0.255 Static PAT or Static overload = ‫
ن‬% 8‫ه‬
[3] Configures NAT inside interface
[4] Configures NAT outside interface

Simple Verification of NAT

* To see basic IP address translation information, use the following command: table ‫ض ال‬
Router#show ip nat translation
This output will show the sending address, the translation, and the destination address on each debug line:
Router#debug ip nat # ‫ و‬#'7)4‫ و‬#' ;) ‫; ا ' ا‬8‫ر‬
* To cancel the debug ‫ ء‬3‫م ا ا‬H4‫ا‬ ‫)ة‬1 #'21resource |'#)4 debug '‫و‬
R#undebug all #7'A‫ أ‬a‡ 8
Or
R#un all
 -31-@@ C C N A 2012 || 2008


  

Chapter: 12
Wireless LAN
[WLAN]

: ‫ج‬V‫ ا‬3(4 5 ‫ل‬7%‫ ا‬/‫* إذا أ‬

( .\E W ‫ة‬.D‫ أ‬W# 3'E – (2‫( ا‬+‫ ا‬3B ˆ 12‫ ) ] ا‬Access Point Q' 1 u2‫ أآ‬-1
( (2‫( ا‬+‫ ا‬3B (+‫ ) ] آت ا‬3(4 5 (, ‫ آت‬-2

Electromagnetic 2K'‫و‬.(‫ت ا‬D1#‫ ا‬A 9 ‫ا‬1‫ا‬

2.4 GHZ Wireless 802.11 b and 802.11g Unlicense @ 7% . ‫ج‬$ 
5 GHZ Waves 802.11 a Unlicense @ 7% . ‫ج‬$ 

Agency Purpose

'h ‫رد '
ت ا‬9 )_‫ ا‬6  j4
Creates and maintains operational standards
Institute of Electrical and Electronics Engineers (IEEE)

‫; أ‬1 ‫دة‬G j# ‫ ا‬qX‫ت وا )ددات – وه‬G' c‫  إ?ء (ر‬j4
Regulates the use of wireless devices in the U.S.
Federal Communications Commission (FCC)
%‫; أورو‬1 ‫دة‬G j# ‫ ا‬qX‫ت وا )ددات – وه‬G' c‫  إ?ء (ر‬j4
Chartered to produce common standards in Europe
European Telecommunications Standards Institute (ETSI)
Wi-Fi Alliance Promotes and tests for WLAN interoperability

WLAN Association (WLAN) Educates and raises consumer awareness regarding WLANs

.&‫ دو‬3B H‫Š ا‬.‫ 

ا‬M % ‫ج‬$ 3:‫ وا‬900MHz / 2.4GHz / 5 GHz : ] M % /‫ج إ‬$% 5 ‫ددات‬% D1 f|B 9E

802.11b 802.11g 802.11a

Data rate Up to 11 Mbps Up to 54 Mbps Up to 54 Mbps
Modulation method DSSS DSSS & OFDM OFDM
Frequency band 2.4GHz 2.4GHz 5 GHz
channels numbers ‫ات‬87 ‫د ا‬9 14 14 23= ;
Y‫م ا‬y8 ‫; ا‬1 ‫ات‬87 ‫د ا‬9
19 = ;%‫ورو‬Y‫م ا‬y8 ‫; ا‬1 ‫ات‬87 ‫د ا‬9
‫)ر‬E‫ات أ‬87 ‫ˆ أي ا‬%  % ‫ ا )دد‬s. ‫  آن‬
Non-overlapping channels
3non
1-6-11 3non
1-6-11 12
: ‫ت‬1K‫إ‬
cover area ‫ ال‬N'M '‫ آ‬data rate‫ آ' زادت ال‬-1
data rate‫ وزاد‬cover area ‫ ال‬N'M '‫ آ‬Frequency‫آ' زاد ال‬
‫ث أي (دم‬9  CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) or RTS/CTS (Request To Send, Clear To Send) ‫ ا وآل‬4% -2
‫ ا )دد‬s. a# ‫ن‬Y ˆ% & ‫رون )'ن‬97 b and g ‫ع‬8 ‫ ا‬-3

DSSS
Direct Sequence Spread Spectrum ||| OFDM
Orthogonal Frequency Division Multiplexing
-32-@@ C C N A 2012 || 2008


  

N8% s4‫ون أآ‬9% ‫ز‬#G % J%‫ ر‬7H ;‫ ه‬AD-HOK ‫ال‬ -

Cisco’s Unified Wireless Solution3(4 1(24 ‫آ‬, ‫ل‬1V

• MESH :
- Root Access Points (RAPs) 
'4 ‫ ا 
ا‬I' 6D‫وا‬: q8
- Mesh Access Points (MAPs) ‫ ا وت‬pH  
'4 ‫ ا 
ا‬I' 6D‫ وا‬: q8

• AWPP: Root I ‫ إ‬MESH ‫ل  ال‬D' ‫ر‬4 6$1‫د أ‬9 ‫آل‬%

- Adapter wireless path protocol
-This protocol allows RAPs to communicate with each other to determine the best path back to the wired network via the RAP.

• Wireless Security :
1. Open Access

2. SSIDs, WEP, and MAC Address Authentication

SSID
Service Set Identifiers '() ‫'
 ا‬h ‫ ض  ه; ا 
ت ا‬98
 ‫ ا‬a‫ا‬
WEP
Wired Equivalency Protocol . A  #' 
‫ وه; ا س‬c. ‫ي 
   ا‬4
MAC addresses
6E9 ;) ‫ ه; ا‬J71 '4 ‫ة ا‬k#GY‫ ا‬r%

3. WPA or WPA 2 [Pre-Shared Key (PSK)] "+ ‫رد‬14‫ ا‬4 -]‫" أآ‬+% 3LE
- WPA
Wi-Fi Protected Access and WPA2(‫ )ا ?ر‬Pre-Shared Key (PSK) is a better form of wireless security than
any other basic wireless security methods mentioned so far.
‫& ا رد‬K‫; و‬1 8
 ‫ ت ا‬: ‫ول وا > ; )ا ?ر( ه زدة ا‬Y‫ ا‬% ‫ق‬. ‫ا‬

4. Cisco Unified Wireless Network SecurityfD‫ و‬#‫ أآ‬/A (45 (, X‫ل آ‬1V
- Secure Connectivity for WLANs ‫ا‬9 ‫ ا‬pH 
- Trust and Identity for WLANs k‫)آ وا_‡را‬8‡_‫ ا‬pH 
- Threat Defense for WLANs ‫ات‬99#) ‫ ا‬1 pH 

ISR integrated service router <== u ‫ا‬1‫ ا‬9A% 3‫ات ا‬%‫ ااو‬94‫ ا‬-
(#‫ت ا‬H‫ ا‬%‫راو‬
 -33-@@ C C N A 2012 || 2008


  

Chapter: 13
Internet Protocol Version 6
(IPv6)
IPv6 IPv4
128 bits 32 bits

W E% 16 bit 16 bit 16 bit 16 bit 16 bit 16 bit 16 bit 16 bit 16 bit
Hexadecimal 00AB Cf00 2434 1270 3210 4210 5611 877 991A
--:--:--:--:--:--: (
1‫
)آ‬L>' 9.' 7B‫ا‬

- [ IP v.4 ] number of add = 232

- [ IP v.6 ] number of add = 2128
- No size for header

** The Benefits and Uses of IP v.6 :

1. IPv6 is 128 bits which gives (3.4 x 10^38) of addresses.
2. The header in an IPv6 packet have half the fieldsr‫و‬9  ‫ام ا‬9:)‫ ا‬6'7.
3. There is no broadcast in IPv6 because it uses multicast traffic instead.

x:x:x:x:x:x:x:x
;'DY‫ ا‬6
 ‫ا‬ 1080:0000:0000:0000:0008:0800:200C:417A
J4 1080:0:0:0:8:800:200C:417A
#$% 9% ;' ‫ر ا‬.DY‫ ا‬r% ، >‫ أآ‬J4
‫ا‬X‫ام ه‬9:)‫ و_ 
 ا‬:: J3‫)(ره وأ‬E‫ا‬ 1080::8:800:200C:417A
J71 ‫ة‬93‫)(ر إ_ ة وا‬E_‫ا‬

0:0:0:0:0:0:0:1
::1
loop back I4‫و‬
local host I4 ‫ وه‬v4 ;1 127.0.0.1 [‫و‬

IPv6
prefix-address prefix-length
| N  6>

F0/1=> 12:34:56:7::1/64 I ‫و‬Y‫ ا‬aM‫ر‬Y‫& ا‬%‫ر‬Y‫ | وا‬N  6> ;‫ وه‬prefix length ‫ه‬8 64 ‫ال‬-
.'): N  ;1 ‫‚آن‬% q81 ‫ت‬2  ‫ة و‬93‫ ا ا‬N 4 ‫ ا‬6E‫ دا‬9%‫ أ‬2) 

.'): N  ;8? r% FFFF I ‫ إ‬1  ‫ 

ن‬1 ‫ وه‬EY‫د ا‬9 ‫ا‬-
F0/1=> 12:34:56:8::1/64 | N   q81 H‫و‬
12:34:56:7:: net add 6> ) ‫ا‬X‫ه‬

Router interface ‫ ـ‬+‫ا ا‬Z‫ه‬

.Q41.‫ ا‬W% MAC address b K
A Q 128 /‫ إ‬#(% t$ ‫ ات‬3: generate #A 3‫ ه‬EUI
Q 64
A >  f‫ أ‬X Prefix length f‫ أ‬tV

MAC : 48 bits
U

: ‫ ]ل‬، QU 1‫ وه‬FFFF 1‫ وه‬9:‫ا ا‬Z‫ > ه‬K
A BT‫ > ا‬K
0000.abcd.0001
FFFF
0000.abff.ffcd.0001
 -34-@@ C C N A 2012 || 2008


  

Host Config
Manual Automatic
stateless statefull
No DHCP DHCP
Found in the network Found in the network
DHCP pH  6 8‫ه‬-
‫وز‬98‫و‬XP XE‚ Automatic
broadcastD1 5‫> و‬B multicast ‫م‬H2 f‫ إ‬IPv4 /A IPv6 ‫
ات‬

** Address Types: -
1. Unicast address single IPv46> –  ‫ان‬8 ‫وح‬
2. Multicast address class D in IPv46> -#'‫س آ‬8' 6D
3. Anycast address J71 s1 ) h N‫آ‬% 6‫ض إ ; أر‬2 ‫ر وا‬4 43‫ أ‬43 I'  ‫ او‬6D
4. Global unicast addresses Public IP v.46>
5. Link-local addresses Privet IP v.46>

.... /#2 virtual ‫ و(

ال‬IPv4 ] virtual and real IPv6  ‫ دا‬D1 ً\ ‫أ‬

0:0:0:0:0:0:192.168.100.1
This is how an IPv4 address would be written in a mixed
IPv6/IPv4 network environment.
2000::/3 The global unicast address range real IP ]#
0010.0000.0000.0000
FC00::/7 The unique local unicast range ‫ن‬z‫م ا‬H2 _ private IP ]#
FE80::/10 The link-local unicast range f‫ا ا‬Z‫ه‬ 1111.1110.1000.0000
FF00::/8 The multicast range multi-cast 3 ]#

Configuring Cisco Routers with IPv6

* Enable IPv6 ‫ل‬, ˆ 3T‫ا‬B5 f IPv6 ‫ ال‬,‫ن أ‬+A single IP / dse ‫د‬9
Router(config)#ipv6 unicast-routing
• Configure IPv6 on the interface
Router(config)#int f0/0
Router(config-if)#ipv6 address 2001:db8:3c4d:1:0260.d6FF.FE73.1987/64 Prefix length
OR ‫ي‬X‫ ا ك وه‬pH  ‫ي إ ء و
ن‬4
• You can allow the device to use its MAC address and pad it to make the interface ID. ‫ي‬98  ‫[ 
ار‬1 ‫  
ن‬r% #K‫أ‬
Router(config-if)#ipv6 address 2001:db8:3c4d:1::/64 eui-64 Extended user interface‫ي‬X‫ه‬
M ‫ ا‬N% 64 6 ‫ي إ ء‬4 r%

Dynamic Host Configuration Protocol (DHCPv6)

IP v6 ‫ادات ب‬Al ‫ء‬,‫ ا‬pZ‫ج ه‬V‫ا‬
DHCPv6 Client A node that initiates requests on a link to obtain configuration parameters.
DHCPv6 Server A node that responds to requests from clients to provide addresses, prefix lengths, or other configuration parameters.
DHCPv6 Relay A node that acts as an intermediary to deliver DHCPv6 messages between clients and servers.
9 ‫ ; ا‬6> DHCP 6 # ‫ & ا ?'ت وإر‬a)‫ و‬J‫ ) و‬#1 DHCP I' J2K ‫  
ن‬r% ‫م‬9:)4‫و‬
DHCPv6 Agent either a server or a relay. [?3‫
 أ‬
 -35-@@ C C N A 2012 || 2008


  

Configuring Cisco Routers with IPv6

Dynamic Host Configuration Protocol (DHCPv6)
Router(config)#ipv6 dhcp pool test a‫ا‬ RS = ‫ول‬Y‫ ا‬aM ‫ا‬
RA = ; > ‫ ا‬aM ‫ا‬
Router(config-dhcp)#prefix-delegation pool test lifetime 3600 3600 ; ‫ >ا‬% ‫ي‬X‫م ه‬M‫ر‬Y‫ا‬
Router(config)#int f 0/0
Router(config-if)#ipv6 dhcp server test generation ‫; ال‬1 [%)  ‫ا 'ن‬X‫وأي ه‬
IPv6 Routing Protocols 62)‫ و‬#%)  r% two switchs %
• RIPng [next generation 3]‫]اار ا‬ state less
Router(config)#int f 0/0 J71 interface ‫)ى ال‬4 I' ['2F‫أ‬
Router(config-if)#IPV6 rip 1 enable process ID q8 8‫ ه‬1 aM ‫ر‬
• EIGRPv6
Router(config)#ipv6 router eigrp 10 Autonisim systemq8 8‫ ه‬10 aM‫ر‬
Router(config-rtr)#no shutdown
Router(config)#int f 0/0
Router(config-if)#ipv6 eigrp 10
• OSPFv3
Router (config)#ipv6 router osfp 10 process ID q8 8‫ ه‬1 aM ‫ر‬
Router (config-rtr)#router-id 1.1.1.1 ‫ة‬F 8‫ ه‬q‫د‬93‚1 DR ‫ب‬:) ‫; ا‬1 id I'‫ أ‬XE‚ ;' ‫ه ا‬
Router(config)#int f 0/0 J71interface ‫)ى ال‬4 I' ['2F‫أ‬
Router(config-if)#ipv6 ospf 10 area 0
Migrating to IPv6
IPv6 /‫ إ‬IPv4
 bB‫ا‬1 upgrade ‫ي‬14‫ أ‬m‫آ‬
1- Dual Stacking
It allows our devices to communicate using either IPv4 or IPv6.
Router(config)#ipv6 unicast-routing
Router(config)#interface fastethernet 0/0
Router(config-if)#ipv6 address 2001:db8:3c4d:1::/64 eui-64 IPv6 ‫ و‬IPv4  93‫ وا‬XE s1) _‫ا‬
Router(config-if)#ip address 192.168.255.1 255.255.255.0 ‫ز‬# ‫) إذا آن ا‬7? ‫ ا‬93‫)ر أ‬E‫م ا‬9:)‫ا‬
2- 6to4 Tunneling 6) ‫ر‬97 (N# ‫ا‬-„)4 ‫ا‬-‫)ا او‬
Router1(config)#int tunnel 0 )7? %
Router1(config-if)#ipv6 address 2001:db8:1:1::1/64
Router1(config-if)#tunnel source 192.168.30.1
Router1(config-if)#tunnel destination 192.168.40.1
Router1(config-if)#tunnel mode ipv6ip
Router2(config)#int tunnel 0
v4 ‫;ء ل ب‬F I ‫ إ‬v6 ‫;ء ل ب‬F 6E‫أد‬
Router2(config-if)#ipv6 address 2001:db8:2:2::1/64
Router2(config-if)#tunnel source 192.168.40.1
IPv6 ‫
_ ف‬%  ‫[ إذا آن‬9:)‫ا‬
Router2(config-if)#tunnel destination 192.168.30.1
Router2(config-if)#tunnel mode ipv6ip
Configuring IPv6 on Our Internetwork
Corp#config t ‫ ا او‬I' ‫ادات‬9]‫ أي ا‬two ways q2%‫إذا أ‬
Corp(config)#ipv6 unicast-routing 93‫ راو وا‬I' ‫ادات‬9]‫ أي ا‬one way q2%‫إذا أ‬
Corp(config)#int f0/1
Corp(config-if)#ipv6 address 2001:db8:3c4d:11::/64 eui-64
Corp(config-if)#int s0/0/0
Corp(config-if)#ipv6 address 2001:db8:3c4d:12::/64 eui-64
Corp(config-if)#int s0/0/1
Corp(config-if)#ipv6 address 2001:db8:3c4d:13::/64 eui-64
Corp(config-if)#int s0/1/0
Corp(config-if)#ipv6 address 2001:db8:3c4d:14::/64 eui-64
Corp(config-if)#int s0/2/0
Corp(config-if)#ipv6 address 2001:db8:3c4d:15::/64 eui-64
Corp(config-if)#^Z
Corp#copy run start
R1#config t
R1(config)#ipv6 unicast-routing
R1(config)#int s0/0/0
R1(config-if)#ipv6 address 2001:db8:3c4d:12::/64 eui-64
R1(config-if)#int s0/0/1
R1(config-if)#ipv6 address 2001:db8:3c4d:13::/64 eui-64
R2#config t
R2(config)#ipv6 unicast-routing
R2(config)#int s0/2/0
R2(config-if)#ipv6 address 2001:db8:3c4d:14::/64 eui-64
R3#config t
R3(config)#ipv6 unicast-routing
R3(config)#int s0/0/1
 -36-@@ C C N A 2012 || 2008


  

R3(config-if)#ipv6 address 2001:db8:3c4d:15::/64 eui-64

1- Configuring RIPng
Corp#config t
Corp(config)#int f0/1 No shut ‫_زم‬
Corp(config-if)#ipv6 rip 1 enable
Corp(config-if)#int s0/0/0
Corp(config-if)#ipv6 rip 1 enable
Corp(config-if)#int s0/0/1
Corp(config-if)#ipv6 rip 1 enable
Corp(config-if)#int s0/1/0
Corp(config-if)#ipv6 rip 1 enable
Corp(config-if)#int s0/2/0
Corp(config-if)#ipv6 rip 1 enable
• Configuring RIPng
R1#config t
R1(config)#int s0/0/0
R1(config-if)#ipv6 rip 1 enable
‫ة‬k#GY‫ ا وآ 
; )ف ا‬X‫  ه‬93‫)ج وا‬3‫أ‬
R1(config-if)#int s0/0/1 ˆ ‫ ا‬#$%
R1(config-if)#ipv6 rip 1 enable
R2#config t
R2(config)#int s0/2/0
R2(config-if)#ipv6 rip 1 enable
R3#config t
R3(config)#int s0/0/1
R3(config-if)#ipv6 rip 1 enable
• Verifying RIPng
R3#sh ipv6 route
R3#sh ipv6 protocols
R3#sh ipv6 rip
R3#sh ipv6 interface serial 0/0/1
R3#debug ipv6 rip
2- Configuring OSPFv3
Corp#config t
Corp(config)#int f0/1
Corp(config-if)#ipv6 ospf 1 area 0
Corp(config-if)#int s0/0/1
Corp(config-if)#ipv6 ospf 1 area 0
Corp(config-if)#int s0/1/0
Corp(config-if)#ipv6 ospf 1 area 0
Corp(config-if)#int s0/2/0
Corp(config-if)#ipv6 ospf 1 area 0
• Configuring OSPFv3
R1#config t
R1(config)#int s0/0/1
R1(config-if)#ipv6 ospf 1 area 0
R2#config t
R2(config)#int s0/2/0
R2(config-if)#ipv6 ospf 1 area 0
R3#config t
R3(config)#int s0/0/1
R3(config-if)#ipv6 ospf 1 area 0
• Verifying OSPFv3
R3#sh ipv6 route
R3#sh ipv6 protocols
R3#sh ipv6 protocols
R3#sh ipv6 protocols
Corp#debug ipv6 ospf packet
Corp#un all
 -37-@@ C C N A 2012 || 2008


  

Chapter: 14
Wide Area Networking
[WAN]
‫ او‬3B ‫ت‬57%5‫آ ا‬, /A #=: : ( ) uB4 ‫أي‬
Defining WAN Terms:
• Customer premises equipment (CPE)
• Demarcation point
• Local loop
• Central office (CO)

Service
Demarcation point
6 ‫ة ا‬k#G‫آ ا_(_ت وأ‬F ‫ة‬k#G‫ أ‬% 6(. ;) ‫? ا‬78 ‫وه; ا‬
LAN1 LAN2

R ;4T ‫ ا‬k‫ا آ‬

Central
Office

O O

‫ة‬k#G‫[ أ‬1 ‫ي‬X ‫ ا‬k ‫ا‬

CPEI4‫ و‬6 ‫ا‬ Local loop
I4‫وع و‬. ‫ا‬

** WAN Connection Types WAN 6E‫ دا‬#9:)‫ اع ا '; 

 ا‬Y‫ا‬
1- Dedicated for example: lease line ‫(ص‬: JE
2- Circuit switched for example : ISDN or dial up
128K or 1.5Mbps ‫ إ‬ISDN ‫ و‬56K dail up ‫ـ‬1 ‫ت‬4 ‫ ا‬a#8% ‫ق‬. ‫)[ وا‬9:)‫  ا‬I) [' &1‫ اد‬JE
3- Packet switch for example : Frame relay 6  >‫
 '[ أآ‬93‫ وا‬JE

... DCE u‫ و‬DTE +% ‫ات راح‬%‫ ااو‬W#D service uB4 fB 1
CSU/DSU [ Circuit Service Unit / Data Service Unit] ‫م‬H2 ‫اح‬B  2 K1 Q‫وإذا آ‬

DSL
Based band

WI-MAX
Broad band

:f ‫ل ص‬1‫آ‬1%‫ وو‬m% uB4 (‫ و‬Encaps m% ‫ن ه'ك‬1( ‫ أن‬X service ‫ 
ل ال‬Q‫ إذا ت اآ‬#
protocol
HDLC PPP Frame Relay
High-Level Data-Link Control Point-to-Point Protocol
: 3B >B ‫م‬H2 ‫و‬ : 3B >B ‫م‬H2 ‫و‬ : 3B >B ‫م‬H2 ‫و‬
1-lease line 1-lease line 1-Frame Relay
2-ISDN
3-Dial up
‫ن آ‬1( ‫ أن‬X fH4‫ إذا ا‬1-‫ل‬1‫آ‬1%‫و‬
 ]‫ أآ‬f D1 ‫و‬
LCP (Link Control Protocol)

* You can’t use HDLC or PPP with Frame Relay.

‫آ‬+‫ ا‬u"

%‫ ااو‬2-Layer2 ;1 6‫ل و‬D ‫ ? ا‬I ‫ل ا  ت إ‬D‫  و‬9‫)‚آ‬
NCP (Network Control Protocol )

With Frame Relay there are two encapsulation types:
1- Cisco 2- IETF
L3 ‫ & أي ع  أ اع ا وآ_ت‬6) ‫ر‬97 (Internet Engineering Task
3- Authentication protocol Force)
 -38-@@ C C N A 2012 || 2008


  

* PPP has many advantage:

1- multi-link Back up3B 3"
(#
2- Callback ‫ودة ا_(ل‬
3- Authentication p7) ‫ا‬
a- CHAP (Challenge Hand Authentication Protocol)
[Encrypted) .
b- PAP (Password Authentication Protocol)
[Clear Text] cK‫وا‬
4- Compression J2$ ‫ا‬
5- Route packet for different routed packet

Configuring PPP on Cisco Routers

• Turn on PPP on connected interface PPP ‫ ـ‬m% Base config:
IP [?‫ وأ‬interface ‫ ال‬62F‫ أ‬-1
Router(config)#int s0 OSFP ‫ أو‬RIP ‫د ع ا وآل‬93‫ أ‬-2
Router(config-if)#encapsulation ppp : ;1 ‫م‬9:)4 PPP ‫ال‬
• Configuring PPP Authentication b>$% 1- Lease line
2- Dial up
Router(config)#hostname RouterA a‫ا‬ 3- ISDN
RouterA(config)#username RouterB password cisco
RouterA(config)#int s0
 ‫ ا وآ‬6
% ‫ول‬
RouterA(config-if)#ppp authentication chap pap
Router(config)#hostname RouterB a‫ا‬ ‫ ا س‬s. ‫ > ; و‬% ‫ول‬Y‫م ا‬9:)4 ‫ ا‬a‫أ; ا‬
‫ ا س‬s. ‫ول و‬Y% ; > ‫م ا‬9:)4 ‫ ا‬a‫وأ; ا‬
RouterB(config)#username RouterA password cisco
RouterB(config)#int s0
RouterB(config-if)#ppp authentication chap pap

Frame Relay
(( ; 2 ‫ ا‬Lease line ‫م‬9:)4  ‫ال‬9% )) 93‫ أآ>  وا‬I' r‫و‬9  ‫ ا‬a47
Frame Relay 1‫ وه‬m  g ‫ل‬1‫آ‬1% ‫م‬H2 '.B TCP/IP ‫ل‬1‫آ‬1%‫ او‬9."  Frame Relay ‫اـ‬

* Frame Relay has become one of the most popular WAN services deployed.
* Frame Relay is a packet-switched technology
* Frame Relay, by default, is classified as a non-broadcast multi-access (NBMA)

* Frame Relay PVCs are:

 ‫د‬E‫ت ا‬+ 12‫
ا‬A mH 1‫ وه‬PVC [Permanent Virtual Circuit] /#2% %‫ وااو‬FR switch
 &'‫ا‬
1- devices using (DLCI) Data Link Connection Identifiers N‫  'آ‬aM‫?; ر‬

Local Management Interface (LMI) /#2% Signal (‫رة‬,‫ )إ‬D‫ أو‬Up 24H ‫ن‬1( PVC 3 ‫ن أ‬+A
is a signaling standard used between your router and the first Frame Relay switch it’s connected to.
ISP 9: ‫ود ا‬k ‫ ه‬LMI ‫د ع‬9 ;' ‫وا‬

** There are three different types of LMI message formats:

1- Cisco (default) 2- ANSI (open standard) 3- Q.933A. (open standard)

Frame Relay Implementation

RouterA(config)#int s0/0
RouterA(config-if)#no shut
RouterA(config-if)#encapsulation frame-relay IETF IETF ‫ ب‬frame relay ‫' ال‬2
RouterA(config-if)#ip address 172.16.20.1 255.255.255.0
RouterA(config-if)#frame-relay lmi-type ansi ‫ث أ اع‬h> ‫)ر  ا‬: 

RouterA(config-if)#frame-relay interface-dlci 101
 -39-@@ C C N A 2012 || 2008


  

show frame lmi Give you the LMI traffic statistics exchanged between the local router and the Frame Relay switch.
9:)4 ‫ا‬LMI ‫ض ع‬
* list all configured PVCs and DLCI numbers.
show frame pvc
* It provides the status of each PVC connection and traffic statistics.
* Check for LMI traffic.
show interface
* Displays line, protocol, DLCI, and LMI information.
show frame map Displays the Network layer–to–DLCI mappings.

Virtual Private Networks (VPN)

** There are three different categories of VPNs:

1- Remote access VPNs
2- Remote users VPN
3- Site-to-site VPNs

** Tunneling protocols "+% #A 1‫ ه‬f' ‫ وا"=ة‬logical ‫ن‬1( tunnel ‫ ال‬EK

1- Point-to-Point Tunneling Protocol (PPTP) (open standard)
2- Layer 2 Tunneling Protocol (L2TP) ;‫ا أآ> 
ر‬X‫( ه‬open standard)
3- Generic Routing Encapsulation (GRE) 
4 ‫ راوات‬I' J71

** Security Protocols (IPSec) ‫ن‬jF ‫م‬9:)4‫ و‬L2TP ‫آل‬% ‫م‬9:)4

1- Authentication Header (AH)
2- Encapsulating Security Payload (ESP)

IPsec
encrypted
IP
Clear