Complete Network Configuration | DTP, VTP, EtherChannel, OSPF, NAT, VPN, STP | All Protocols

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone once again welcome to PM networking guys today in this video we are going to configure the whole network as you can see this is my topology in front of you in this topology we are going to configure multiple protocols like dtp vtp for VLAN dtp 4 trunking ether Channel between switches we are going to configure Port security ospf Nat or you can say Pat we are going to configure VPN we are going to configure rstp like STP type and these protocols hsrp C first of all let me make you familiar with this topology guys see we have two sides let's say this is side A one and this is side two both sides are connected with each other through internet so these users should be able to communicate with internet as well and these users should be able to access the resources which is available on remote site as well so four so ah for the internet connectivity we will configure pad on this router or we can configure Dynamic net so I will configure Pat on this router and on this router four the communication between these two sides we will create one tunnel uh between router 1 and router number two I will configure point to point VPN over here you can see this is the IP address of VPN okay this will be the edge technology is configuration after that inside the network here you can see link between switches must be configured as trunk so we will use the protocol dtp protocol for the trunking after that first of all I will start configuration from the scratch first I will Define IP address to the host to the client machine and as you can see these two machine belongs to VLAN 10 these two machine belongs to VLAN 20. these two machine belongs to VLAN 30 and these two machine belongs to VLAN 40. so I will create SPI on distribution layer switch over here on both switch we will create svi let's say here I will create SBI for VLAN 10 4 VLAN 10 and iPad is 4 wheel and 10 is 10.1.1.254. as you can see I am using IP in VLAN 10 from 10 subnet 10.1.1.0 is the subnet for VLAN ten slash 24. in the same way for VLAN 20 I will configure 20.1.1.254 svi four wheel and 30 4 wheel and 30 I will create 30.1.1.254 four wheel and 50 I will conf four wheel and 40 I will configure 40.1.1.254 on switch number two I will configure let's say for VLAN 10 10.1.1.253 or on switch number one we can configure 10.1.1.253 and on switch number 2 10.1.1.254 anything after that as you can between switch 1 and switch 2 distribution layer switch I am using multiple link so I will configure here ether Channel through Twitter Channel we will bundle this link and I will configure layer 3 ether channel so only A3 the channel as you can as you know we can configure IP address so I will configure IP from this subnet okay after that by default in the routing table of switch one there will be this network 11 Network 12 Network and all wheeler Network 10 30 10 20 30 40 right for the reachability here right so actually we need to see here all Lan Network to router number one and here we will configure what ospf let's say on order number one we will configure one default route towards ISP so that default route should be available in the routing table of switches as well so we will redistribute default route in ospf so as you know we are using ospf nowadays so that's why here I will use ospf routing protocol okay so we are going to configure multiple protocols here like these excess points should be configured as a portfast should be configured on access port but we I will enable rstp so we don't need to enable Port fast here okay or we can configure enable portfast as well okay guys so without wasting our time let's begin the configuration first of all I am going to start configuration from the scratch so let's assign IP address to the VPC to the client machine first of all let me configure IP address to vpc1 here IP address is 10.1.1.1 let's say slash 255 and here default gateway will be the virtual so I am going to define the virtual Gateway right that I will create through hsrp or by using hsrp VR RP and GL web BP any protocols we can use for the default gateway here in NC right so my virtual IP address will be 10.1.1.100 so I am directly providing that default gateway IP address to the client so let me configure vpc2 as well vpc2 here IP address will be 10 Dot 1.1.2 slash 24 and Gateway is 10.1.1.100 I am defining the same default gateway IP address and this is not the physical Gateway IP address okay I will show you this later here I am going to Define IP address so VLAN 20 user are using IP address from 20 networks so let's say configure IP from 20.1.1.0 so 20.1.1.1 slash twenty four and Gateway is again 20.1.1.100 done then let me configure vpc4 one IP address to vpc4 VPC for iPad this is 20.1.1.24 and Gateway is 20.1.1.100 then let me assign IP address to vpc5 as well six seven eight IP VPC 5 is 30.1.1 dot sorry IP 30.1.1.1 24 and 30.1.1.100 will be the default gateway that will be assign IP to vpc6 here let's say IP address is 30.1.1.2 slash 24 and Gateway will be 30.1.1.100 then now I am going to configure IP on vpc7 let me assign one IP over here IP 40.1.1.1 slash 24 and 40.1.1 Dot dot hundred now last vpcs vpc8 here let me configure the IP IP 40.1.1.24 and 40.1.1.100 that's it so till now I have just configured I have configured on the IP address on VPC right now my second step will be I am going to use dtp protocol to configure trunking between switches okay I will use the encapsulation protocol dot 1q for that ranking this is the first first country second configuration after configuring a IP address on VPC I am going to configure link between switches as trunk so that vtp will work so let me say let me take you to access layer switch access layer switch 1 and here I am going to configure two thing as you know VLAN and link between switches is trunk so these two interface on switch number one is is in VLAN 10 e0 slash 2 and 0 slash three are in VLAN 10 so I will configure these two port in VLAN 10 enable as you know to assign a port in a particular reason command is interface range e 0 slash two two three two three and switch Port access VLAN 10. in the same way two access layer switch 2 let me configure the VLAN first here I am going to say or directly I can copy the command from switch number one but that will be in different field and that is in different VLAN so leave those ports are invalent 10 and these these two ports are in VLAN 20 so interface range e 0 2 2 3 and say switch Port access VLAN 20 done now access layer switch 3 here I am going to say quantity and interface range e 0 2 2 3 and switch Port access VLAN 30 done let me take you to access layer switch 4. here I am going to use enable config after that interface range e 0 slash two to three and switch Port access VLAN 40 done we run configuration is done guys now I am going to configure link between switches as trunk and vtp both at the same time so do so vtp status by default vtp domain name is null and as you know there are some requirement of vtp first requirement is link between switches must be configured as trunk so first I am going to configure link between switches as trunk so let me take you in global config mode I will say interface range e 0 0 to 1 these two interface are connected with switch one so let me say switch Port trunk encapsulation Dot 1q and switch Port mode trunk then do so history I am going to copy these two command from here and I will paste these two command on all access layer switch to switch to let me paste the command done guys after that on access player switch 3 here also let me paste the command done and if you want to verify you can run command so interfaced trunk and now you can see Zero slash zero and zero slash one is your trunk link I am using same link on all switches that's why I am pasting the command directly done now I need to take you on access layer switch 4 and here I am going to paste the command okay interface range e 0 0 to 1 and say switch Port mode switchboard trunk encapsulation Dot 1q and switch Port mode trunk done app configure the switches link between switches are Trunk now I am going to change the vtp domain name so let's say vtp domain name is ccnp let's say done and on any switches you can verify vtp domain name let's say I am verifying on access layer switch 4 so vtp status you can see the domain name is let me maximize it vtp domain name is cisco123 vtp domain name is already configured over here so let me check again I thinks vtp domain name is already config I have already configured vtp domain name so let me verify it vtp domain name is ccnp PTP domain name already set up to ccnp so it is not propagating let me check on the switch number two let's say here I am getting one message as well so vtp status vtp domain name is cisco123 so here also on this switch also I am going to say no vtp domain name ccnp us or we can say vtp domain name Cisco one two three let me verify the domain name on distribution layer switch I think I have already configured the vtp in previous scenario so that's why it's showing so vtp status here also vtp domain name is cisco123 done on access layer switch 1 so vtp status domain name is Cisco one two three and here also it is Cisco one two three and let me verify one more thing that VLAN is propagating or not directly I am going to verify the VLAN on distribution layer switch let me run one command over here that is so VLAN brief let's say so you can see VLAN 10 villain 20 villain 30 and VLAN 40. all VLAN is automatically created on this switch on distribution layer switch so okay vtp is working fine so till now what we did we configure multiple things like here we have configured the IP address we have configured the vtp we have configured the link between switches at trunk now what I am going to do next step is I am going to configure The Ether channel right I am going to bundle this link between switches or directly what I can do I can create the svi over here so before creating the svi let me let me bundle the link first so on distribution layer switch what command I need to run interface range e one slash one two three and E 2 slash zero so these four links are there between switch one and switch two so I am going to say shut down first here I am going to say no switch Port because I am going to create layer 3 ether Channel and after that channel group then group number and after that mode let's say let me use the mode on mode static mode done now I am going to say no set over here no set right now let me take you to switch number two on switch number two also let me do same thing quantity interface range e one slash one two three and E 2 slash zero so that first of all shut down say no switch Port after that channel group group number is let's say 10 and mode is on I'm going to say no set again right if you want to verify you can verify so either Channel summary so you can see these ports are member of this port Channel and you can run one more command so ether Channel now here you can see group state is layer three so this is layer three third Channel now we can configure IP address over here and so IP interface brief you can see the port Channel status is up and line protocol is up and you can run so interface P10 command as well so interface for Channel 10 also you can see here Port channel is up line protocol of this channel is up now I am going to configure the IP address on Port channel so let's let's set a start IP configuration from distribution layer switch one first of all first of all on this switch also I will verify that my port channel is up or not so do so IP interface brief you can see Port Channel 10 is Upland protocol is up let me configure one IP address over here interface P10 IP address 11.1.1.1255.255.255.0 let me configure IP on switch 2 also so interface P10 and IP address is 10.1 sorry 11.1.1.11.1.1.2 255.255.255.0 app configure the IP address now if you want to check the reachability between switch 1 and switch 2 you can ping the IP address of switch 1 11.1.1.1 you can see there is reachability success rate is 80 percent now it is hundred percent so there is reachability between switch one and switch two it third channel is working fine so VLAN brief on both switches villain 10 20 30 40 is available now I am going to create the svi till now see what we did we configure the IP address on the VPC after that we configure the vtp we configure the link between switches are Trunk then we configure The Ether Channel now I am going to configure the svi I am going to create svi on switch 1 and switch 2. so let me take you to switch number one first first of all I am going to configure svi on switch number one done interface VLAN 10 or I can write down the command in notepad and directly I can paste it so let me write write down the command in Notepad here interface VLAN 10 after that no shutdown and then IP address will be 10.1.1.254. submit mask 255.255.255.0 then let me copy this one and after that we need to say exit then let me paste one more time over here VLAN interface VLAN 20 here IP address will be 20 exit and let me paste the command one more time for VLAN 30 your IP address will become 30 then again exit then let me paste one more time for VLAN 40 40 IP address will become 40.1.1.1 done exit let me copy this and let me paste it in global config mode off switch one okay hope guys you guys are getting me what I am doing here okay see I've created the SPI for VLAN 10 20 30 and 40. on all svr interface I have assigned the IP address if you want to verify that your svi is up or done so IP interface brief you can see so IP interface brief you can see your SBI interface are up done now I am going to create svi on switch number two so let me modify over here on svi on switch number two let's say my IP address is 253 for VLAN 10 also four wheel and 20 30 40 rest configuration is same you can see let me copy this and let me paste this command on which switch guys switch number two so let me take access of distribution layer switch tool go to Global config mode and here I am going to paste it done if you want to verify so IP interface brief now you can see your sbi's interfacer up now till now we had configured The svi Ether Channel vtp trunking and IP address to VPC now my VPC should be able to Ping the SBI interface so let me verify that yes vpcs are able to Ping the svi interface or not here from vpc1 I am going to Ping 10.1.1.254. let me check that this PC is able to Ping or not so you can see VPC one is be able to Ping the svr interface of VLAN 10. in the same way vpc2 should be also able to Ping so from vpc2 also you can verify ping 10.1.1.254 done it is able to Ping and it should be able to Ping the other svi interface also because one svr interface is running on switch number two that is 253 so it should be able to Ping this IP address also you can see both svi is reachable from the Lan user and VLAN 10 user can pin to villain 20 user as well first of all from vpc3 I am going to check that vpc3 is able to Ping ppc3 is member of villain 20 so I am going to Ping the SBI of VLAN 20 250 4 C and 243 253 sorry not 43 53 see both svr is are reachable from here now if VLAN 10 user want to Ping VLAN 20 user let me verify that this VLAN 10 user are able to Ping vln 20 user and 3040 or not so ping I'm going to Ping wheel and 20 means which VPC vpc3 from vpc1 so ping 20.1.1.1 this is the IP address of vpc3 let me hit enter this one is not able to Ping intervalent communication okay but it should ping because we have svi both both machine both vlans are able to Ping their svi interface so it it should be able to Ping but why it's it is not able to Ping guys the reason is so the default gateway whenever you will ping to different to the user Who belongs to different subnet it will forward traffic to their default gateway and now this default gateway is not reachable because this is the virtual Gateway so what I am going to do now I am going to configure hsrp protocol so that this default gateway should be reachable from the VPC for now if you will ping 10.1.1.10 100 it will not work as you know because this is not exist this iPad is still not exist so what I am going to do I am going to configure hsrp protocol on switch 1 and switch to distribution layer switch 1 and switch two so here what I am going to do say interface wait guys here I am going to say stand by after that group number so here we cannot run this this come we will run this command on the interface so let me take you to interface VLAN 10 and here I am going to say stand by after that group number is let's say 10 and then IP after that the virtual IP address that is 10.1.1.100 then this is the virtual IP address for VLAN 10. okay hit enter after that exit interface VLAN 20 and now if let me check that now VLAN 10 users are able to Ping this Gateway or not because this Gateway should be reachable now okay it will take some time after some time you can see here so stand by now this router is not active this router is standby after sometime this order will become active now you can see this order is active and now if you will ping from VPC one to this IP address you can see this is it is getting reply right so now this IP address is reachable for VLAN then I have done the configuration let me do same thing for VLAN 20 and 30 40. interface VLAN 20 standby after that group number 10 and then IP address 20.1.1.100 done exit interface VLAN 30 after that standby group number 10 and IP is let's say 30.1.1.100 this is the IP address then interface VLAN for T and IP address 40.1.1.100 done sorry 10 divided group number 10 ip10.1.1. sorry 40.1.1.100 done guys upgrade to this uh the I have configured hsrp on switch number one now let me configure hsrp on switch number two so directly what I can do I can copy the command from switch one do so history let me copy all command from here interface VLAN 10 is 10 by not from here interface VLAN 10 okay this is the virtual IP address for villain 20 30 40 so till here I am going to copy the command and let me paste this command on switch number two test it done and so stand by so you can see when I am running so standby command for VLAN 10. group number 10 state is listening it will take some time after some time this or this switch will become what standby as you know see stand by S10 by 4 or VLAN because which one have the higher IP address let's say switch 2 is my primary switch I want that all traffic should be forwarded to the internet from the Lan user via switch number two so what I can do I can increase the priority over here but for now switch one is active so until and unless which one will not goes down switch 2 will be in a standby so we have redundancy don't worry okay four wheel and 10 okay now I am going to run against this command so stand by so you can see this one this switch is standby and active is a virtual iPad AC this one and active router is 10.1.1.254 means which number one by default is 100 okay so everything is working fine till now and now different VLAN users should be able to Ping each other like villain 10 can ping villain 20 user now let me check first of all this IP address so you can see VPC one is able to Ping their virtual Gateway IP address in the same way vpc3 which belongs to VLAN 20 should be able to Ping their virtual IP address that is 20.1.1.100 and you can see it is reachable in the same way switch number means VPC number five belongs to uh we learned 30 so let me ping 30.1.1.100 from here you can see this is also reachable and from vpc7 which belongs to VLAN 40. so let me ping 40.1.1.100 done so this one is also able to Ping now I am going to check the intervene communication so from vpc1 which is member of VLAN 10 I am going to Ping VPC 3 which is member of VLAN 20 and IP address of vpc3 is 20.1.1.1 now you can see I am getting reply and there is connectivity in the same way let me ping the 30 user 30.1.1.1 yes reachability is there let me think the 40 user VLAN 40 user ping 40.1.1.1 done okay so till now my Lan users are able to communicate with each other uh there is intervene communication we have configured ether Channel we have configured hsrp we have configured the dtp vtp and the IP address on VPC now I am going to configure what C here first of all I am going to configure one IP address over here means I am going to make this interface as layer 3 interface this interface has layer 3 interface and then I will configure the IP address so that there should be reachability between router 1 and switches okay so by default these two interfacer switch Port means layer 2 ports I am going to make these ports these two ports are as layer 3 Port so let me take you take you to switch number one distribution layer switch 1 here interface e0 slash zero no switch port and now you can configure IP address over here IP address 12 dot 1.1.1.1 let's say 255.255.255.0 done app configure the IP address over here now let me take you to switch number two on switch number two interface e 0 slash zero no switch port and IP address 13.1.1.1 255.255.255.0 done guys app configure the IP address over here you can verify so IP interface brief this is completely real time scenario okay in real time uh you need to configure some time this type of scenario so here you can see app configure this IP address okay now what I am going to do I am going to take you to router number one on router number one also I am going to configure the IP address on router say no enable confit and interface F 0 0 this interface is connected with switch one so here I am going to configure ip2l Dot 1.1.2 255.255.255.0 no set exit interface f one slash zero this is connected with switch number two so here I am going to configure IP from 30 Network IP address 30.1.1.2 255.255.255.0 no set done exit now I am going to configure IP address on Van interface that is F2 0 say no set no set and IP address here I am going to configure IP 1.1.1 255.255.255.252 done is app configure IP address on router number one let me check the connectivity with switch ping 12.1.1.1 done ping 13.1.1.1 I'm able to Ping both switch switch 1 and switch 3 but so IP route this router does not have the svi network right so I am going to configure routing over here or you need to exchange you know more routes over here in your Enterprise's Network in your inside Network so you can use any rotting protocol we can use eserp we can use ospf we can use reap we can use BCP as well okay I am going to use ospf but I will not advertise when interface in ospf okay a router ospf after that process id1 Network 12.1.1.1.0 while Karma 0 Dot 0.0.255 and let's say area is zero let me advertise one more Network that is 13.1.1.0 done guys now let me configure ospf on multi-layer switch so let me take you on switch number one here and router ospf one Network 12.1.1.00.0.255 and area zero right now ospf University will come up between switch and router soon it is going to come up wait so IP ospf neighbor it is in two-way state it will take some time switches is going to take some time after some time you will see Neighbors it will come up router ospf one now I am going to advertise my svi networks in ospf so Network 10.1.1.0 0.0.255 area 0. now you can see neighborsip is up right in the same way 20 Network also I am going to advertise it in ospf and 30 Network also I am going to advertise it in ospf why I am advertising these networks so that R1 should receive this network because my Lan user is going to access Internet okay so I have advertised all networking ospf on switch let me do same thing on switch number two also on switch number two config a router ospf process id1 first of all Network 13.1.1.00.0.255 area 0 then Network 10.1.1.00.0.255 see both switches advertising same network area after that twenty then 30 and then 40 so we have configure routing as well right so IP ospf neighbor done so there is ospf neighborhood between switch 1 and switch 2 as well switch one and switch to so IP ospf neighbor you can see how many never are there this is between switches for VLAN 10 20 30 40 and this is the ospf now if you don't want to for ospf University between switches what you can do this is question guys you can configure these interfaces svi interface svi sorry I am saying svi passive interface right from the passive interface shorter does not send the ospf message so let me do that router ospf one and say passive interface VLAN tan VLAN 20 VLAN 30 VLAN 40. so IP ospf neighbor if you don't want to form never see between switches right like this you can configure passive interface on switch as well on switch one as well passive interface VLAN 10 VLAN 20 VLAN 30 VLAN 40. done and here also now you can see so IP or SPF neighbor done guys now router 1 will have all these prefixes in their routing table through ospf so IP route to SPF you can see this router I have 10 20 30 and 40 done now uh till now we have configured the routing now I am going to going to configure path over here Pat on router number one so that my Lan user can access Internet because till now Lan user cannot ping 8.8.8.8 right ping 8.8.8.8 it will not pink right and I have not configured I think internet order so let me configure internet router as well say no enable 150 host name internet and interface look back one and IP addresses 8.8.8.8 255.255.255.0 let's say after that interface F 0 0 no shirt and IP address IP address over here is 1.1.1.255.255.255.252 sorry done now let me check the connectivity between this router and my age router ping 1.1.1.1 it should be able to Ping yes it is able to Ping now I am going to close this and from router number one you can see I can ping 8.8.8 or not till now I can not ping 8.8.8 because here I am going to configure one default route towards the ISP after configuring the default towards ISP router one can ping 8.8.8 from the van interface only not from the Lan interface so confetti IP route 0.0.0.00.0.0.0 and Next Top IP address is 1.2 and exit interface is f 2 slash zero done sorry what happened first we need to define the exit interface F2 0 and 1.1.2 this is how we configure default route on Azure router right now ping 8.8.8.8 yes I can ping 8.8.8 but I cannot ping 8.8.8 from the Lan interface Source let's say first ethernet 0 0 from this interface it will not work so we need to configure what path over here we need to configure nothing Network address translation is required so to configure net first of all we need to configure Access Control list so let me configure one Access Control list access list let's say 10 permit any done after that IP Nat inside Source match Source from list number 10 and interface F2 0 overload this is the path configuration now let me verify that I am able to Ping 8.8.8 from My Lan interface or not still I am not able to Ping 8.8.8 from My Lan interface let me verify why so excess list there is no any match no access list 10. after that access list 10 permit IP and a sorry it will take no few second and we configure access list by using access list IP access list standard 10 permit IP permit and host is any so if I am pinging 8.8.8 ping 8.8.8.8 and source is fast ethernet 0 0 okay we need to configure now inside and outside sorry that's why it's not working otherwise access list is working fine I forget to configure inside and outside interface F 0 0 ipnet inside exit interface f one slash zero ipnet outside sorry this one is not outside this one is also inside no and ipnet inside and interface f 2 0 this one is outside ipnat outside done now ping 8.8.8.8 and source is first ethernet 0 0 now you can see my Lan interface I am able to Ping from Source first ethernet 0 0 to 8.8.8 but can My Lan user ping 8.8.8 guys now see pink 8.8.8 no because switch does not have the default route now because from here from VPC if you are pinging 8.8.8 so Source will be 10.1.1.1 destination will be 8.8.8.8 this PC will forward traffic to their default gateway and their default gateway does not have any root 48.8.8.8 so IP route in the routing table of this PC you can see there is no default dot available right so what I am going to do on edge router I am going to ospf that please generate one default router ospf 1 and default information originate sorry default information or we can directly say what redistribute we can say default information or is in it or you can redistribute connected you can run any commander okay default information or isn't it now this router will start originating when default dot in ospf and switches will get the default route now let me verify on switch number one that switch have received default default route or not so IP route now you can see default route is available over here now my Lan user can ping 8.8.8 or not ping 8.8.8 now you can see melanin users are able to access Internet so till now my Lan users are able to communicate with each other there are intervene communication as well and then users are able to access internet as well now I am going to configure the remote side this side this side guys okay so let's begin the configuration of this side as well this side also you can configure in same way like in LAN you know here you you already know how to configure the VLAN right how to configure the link between switches as trunk after that you will create the SBI over here right after that true you will configure routing over here in this domain and then you will configure Nat on router number two so let me do one thing directly I am going to configure order number two in remote side I'm not going to configure the VLAN again okay so let me configure the router to directly between router 2 Edge router and ISP this time this this side I am using 2.2.2.0 network this is not slash 24 or you can use slash 24 Also let's say it is 30. let me configure the van interface first interface f 4 0. no set IP address 2.2.2 Dot 1 255.255.255.252 done let me configure one IP address on ISP router config interface F1 slash zero IP address will be 2.2.2 Dot 2 255.255.255.250 to and say no shutdown return let me write the configuration and let me close the console here we don't need console okay now I am going to take you to router number two so let me take you to router number two and on daughter number two let's say on my F zero slash zero let me configure one IP address interface F 0 slash zero say no set and IP address is let's say anything we can configure 50.1.1.1255.255.255.0 let's say here I am using 50.2 done and on switch number one here let's say I am using 50.1 configuration will be same in this side also quantity interface f note f e zero slash zero no switch Port no shutdown and IP address 50.1.1.1255.255.255.0 I am going to configure one dotting protocol let's say ospf router SPF one and network 50.1.1.00.0.255 and area zero I can configure same on daughter number two also here what I am going to do a router ospf one network 50.1.1.00.0.255 and area is nothing but the zero right done ospf neighbors it will come up so IP ospf neighbor ping 50.1.1.21 so I am able to Ping 50.1.1.1 so IP protocol what protocol I am running ospf is working fine I have performed the routing for this network so IP ospf neighbor so now neighbor is in two ways soon it is going to come in full State okay after that you can see now OSP of neighbor CPS full here on edge router you will configure net so let me configure one Access Control list over here access list 10 permit any so I have configure Access Control list ipnet inside source after that list 10 an interface F 4 slash 0 overload done guys after that inside and outside so interface F 4 slash zero ipnet outside exit interface F 0 0 ipnet inside like this you can configure everything as you already know how to configure a thing okay ipnet inside F1 0 will be also inside two slash zero will also inside three slash zero will be also inside right now I need to Define one default Rod so IP route 0.0.000.0.0 and F four slash zero and next stop iPad this is 2.2.2.2 now let me check the connectivity ping 8.8.8.8 I'm able to Ping 8.8.8 from source first ethernet 0 0 from My Lan interface also I am able to Ping the internet okay means suppose My Lan user or Lan users are able to Ping internet like this like these user are able to access Internet suppose these users are also able to access internet right here we have one user and this user are able to access internet now my concern is here is one server and these user want to access this server okay so what we need to do here we need to configure VPN okay guys definitely if you want to learn everything so you have to you have to enroll in live training because it is not possible to you know configure everything or to make long long video for YouTube okay so make sure if you if you are a network engineer and you are thinking that your knowledge is stopping you to move further please enroll yourself for live training once that will be great for you okay after attending the live training you can configure these type option or any scenario right of rotting and switching and to understand or to learn any other technology routing and switching is compulsory first of all we need to understand routing switching okay so in this video I am going to make you understand now VPN configuration directly between order 1 and order two so see to configure VPN between order 1 and order two what I am going to do I am going to create one tunnel on this router interface tunnel let's say one after that tunnel IP address is 192.168.10.1 submit mass 255-255-255.0 then I've created one tunnel on the tunnel I have assigned the IP address now let's say tunnel Source tunnel source is 1.1.1.1 you know this or maybe I don't know you know this or you don't know this that why we need to define the tunnel Source IP address over here and why we need to define the tunnel destination IP address over here but here we need to Define tunnel Source internal destination tunnel Source will be the public my public IP address internal destination will be the remote public IP address okay so I have defined tunnel Source IP address Tunnel destination IP address and no maternal interfaces up I am going to going to create one tunnel on router number two now so let me take you to R2 and here interface let's say tunnel interface one IP address is 192.168.10 Dot to 255.255.255.0 done tunnel source is 2.2.2 Dot 1 and tunnel destination is 1.1.1.1 see 2.2.2 or 2.2.1 and 1.1.1 is reachable through internet this is concern of ISP internet that their IP address should be reachable with each other right and through this IP address I have created the tunnel and now my tunnel interface is up let me check that I am am I able to Ping the remote tunnel 192.168.10.1 C it's it's not working but it should ping it will ping guys wet let me troubleshoot it so IP interface brief my tunnel interface is up and this is the IP address of my tuner interface right let me check on daughter number one I am going to close some VPC from here let me close this one let me close this one and let me close let's say this one so I am closing three VPC okay now on router number one so IP interface brief my tunnel interface over here is also up and let me check the configuration on so run interface tunnel tunnel one so tunnel source is this one tunnel destination is this one tunnel destination is 2.2.2.2 ping 2.2.2.2 tunnel destination is wrong here right tunnel destination should be 2.2.2.1 right so let me correct it interface tunnel one and tunnel destination is 2.2.2.1 this is the tunnel destination IP address so run interface tunnel one not tunnel sources this one tunnel destination is this one let me ping the tunnel destination IP address 2.2.2.1 sorry this is internal destination that is 192.168.10.2 pink 192.168.10.2 this is the tunnel destination if it is not working or it's working it's working now you can see success rate is 80 percent and now this time success it will be 100 now guys through tunnel interface what we can do this is guys problem of software only right it's working fine tunnel is fine right there is no any issue with Channel interface this is how you configure tunnel now through the tunnel what I want I can share the prefixes let's say here we have lots of prefixes here we have some Network I want to share this network with router number two so I can see a through the tunnel interface on the order 2 router 2 have also some Network so I want to share that network with router number one I can share through the tunnel interface okay so let me show you that what we can do we can configure any routing protocol or a static routing on Tunnel interface let's say let me show you how we can configure the rotting protocols on router number one let's say I am going to use eigrp now router eigrp case number let's say 10 and network I am going to advertise tunnel Network 192.168.10.0 I've advertised this network so this router will start sending a grp Hello message from the tunnel interface yes or no if you want to in debug debug Erp packets eigrp and yes number 10 or directly wise I thinks debug eigrp debug aigrp timer packets packets and now then hello packet hello like this see it will send one Hello message from the tunnel interface you can see it is sending Hello message from tunnel one sending Hello message from tunnel one right now I am going to disable the the debugging and all and let me do same thing on router number two on order number two also I am going to configure the eigrps number 10 router is erps number 10 and Network 192.168.10.0 soon eigrp neighbors it will come up on tunnel interface you can see so IP eigrp neighbor now you can see there is one neighbor 10.1.1.1 on which interface on Tunnel interface now there is eigrp neighborship between router 1 and router 2. so as you know if eigrp neighborship is there between router 1 and order two we can share prefixes through eigrp so what I can do directly on router number one let's say I am advertising on daughter number two I am advertising let's say 50 Network a router eigrp 10 and network 50.1.1.00.0.255 or we can escape it I have advertised 50 Network in eigrp so now on router number two if you will check so IP eigrp interfaces so eigrp is running on this interface and this interface because I have advertised this network in eigrp and router 1 will have Network information of 50 let me show you so IP route eigrp now you can see 50 network is there and if you want to Ping the user in 50 Network ping 50.1.1.1 you can see it will ping through tunnel interface 50.1.1 Dot one is running on switch number one let me paint 50.1.1.2 C ping is working yes or no success rate is 100 and this is how you can share all Network all private Network through tunnel interface okay guys so today in this video we have learned how to configure multiple protocol in a topology okay guys and that's all for today if you want to learn these things in detail and all configuration in detail please enroll yourself for the live training that's all for today we will meet soon in next video till then stay safe guys bye bye see you in next video

Info

Channel: PM Networking

Views: 125,474

Rating: undefined out of 5

Keywords: computer networks, dns, cyber security course, ccna, computer network, ccna 200-301 full course, computer networking, comptia network+, comptia network+ full course, network security, security+, vlan, router configuration step by step, ccna course, palo alto firewall, troubleshooting network problem, bgp protocol, network engineer course, ccna 200-301, network engineer life, technical course for network engineer, ccnp, ccnp full course

Id: de7axFBMayk

Channel Id: undefined

Length: 64min 37sec (3877 seconds)

Published: Sun Jun 18 2023