Real-Time Network Configuration For Network Engineers | VLANs, DTP, HSRP, OSPF, NAT, VPN

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone once again welcome to PM networking hope you all are doing great guys one of my paid students shared this topology with me and told me to configure everything from a scratch so today we are going to configure this topology from the scratch and before starting the configuration let me tell you what we are going to configure in this topology as you can see in this topology we have two sides let's say this is side one this is side one say this site is in Delhi and this is let's say headquarter or main branch and this is site to branch office in different location let's say this is in Delhi and this is in Mumbai in different location Mumbai in different location at both sides are connected together with the help of Internet with the help of Internet this is my internet router and on internet router you can see I have one L back 88.8 okay and these two sites should be able to access Internet this is the first requirement means these user these PC should be able to access internet and here also we have some end devices those end devices should be able to access Internet the next configuration is site two means these user these PC should be able to access these server like here you can see in t location we have one HTTP server one tftp server one FTP server are there like this there are multiple server multiple services are there right in this side in headquarter so Branch offices user should be able to access this server so we will configure one tunnel GRE tunnel between uh you know age router to age router like this is age router of Mumbai location and this is age router of Delhi location right between these two age router we will configure G tunnel on G tunnel we will configure this network and if I will talk about the configuration from beginning from the scratch so you can see first of all we need to configure VLAN over here in this site inside two we have three layer this is core layer this is distribution layer and this is exess layer on exess layer switch we will configure V lens like here on switch Number One V uh there are some user in vland 10 on switch number two there are some user in vland 20 here we have some user in vland 30 and on distribution layer switch we will configure SPI SPI for V 10 20 20 and 30 you can see for SBI SBI for V and 10 we are going to use Network 1921 160. 10.0 for SBI SBI for vand 20 we are going to use this submit 20.0 and SBI for V 30 we are going to use 30. 0/24 subnet okay so we will configure One V you know IP address on the virtual interface of vend 10 20 and 30 on both switch after that we will configure hsrp so that my switch one this switch should be the active switch and this switch should be the extend by switch okay and then to reability between distribution layer and code layer we will configure OPF over here OPF to make reability between distribution layer and corer after that on edge router we will configure net Network address translation pad right so that these end devices can access internet and same configuration is required in headquarter also of over here also in delh location also here on this s we will configure net here let's say V is not required if you wish you can configure the V but here we have only two layer Co excess layer and distribution layer you can say core layer and excess layer we don't have distribution layer here you can design this this top this side you know also in three layer core layer distribution layer and excess layer but uh the main motive of this topology configuration is to configure VPN VPN between side one and side two and configuring net and configuring hsrp OPF this is completely like like real time configuration so that you can understand how in real time we are using internet or how two sides are connected uh together through internet in real time okay so this this is going to be configuration you can see between my this router Router number one and ISP internet router we are using uh subnet 100. 1.1.0 sl30 so here IP address is 100. 1.1.1 here IP address is 100. 1.1.2 and between I internet router and this router Router zero we are using this submit 10.0.0.0 sl30 so here IP address is 100 1.11.2 here IP address is 1001111 now let's begin the configuration guys I am going to start the configuration from access layer switch first of all I am going to configure VLAN on these switch and link between switches like link between acccess layer switch and distribution layer switch must be configured as trunk so we are going to configure these link as trunk and VLAN on access layer switch so let me access first access layer switch you will understand the configuration because I am going to configure everything step by step I will start the configuration from access layer switch first I will configure this this access layer switch then I will configure distribution lay switch then I will configure this router then I will configure routing protocol hsrp then we will configure net and VPN okay before that let me check PC have IP address or not if PC need IP address so first of all let me configure the IP on PC okay so pc1 belongs to vand 10 so you can see pc1 have IP address 192 1610.10 submit mask is 2555 255 25.0 and Gateway is 19 to 168 do 10. 100 guys this is the virtual IP address let me tell you first here what IP address I going to configure here for vand 10 for vand 10 I am going to configure 192 168 do 10.1 let's say and for VLAN 20 for VLAN 20 let's say we are going to configure 192 168 20.1 and for V 30 we are going to configure let's say 192.168.1 do uh 130. 1 these are the IP configuration on let's say this switch this is for V 30 for V 30 okay so for ven 10 we have this IP address on this switch for V 20 we have this IP address for V 30 we have this IP address in the same way on switch number two also we need to configure one IP address for all uh SBI interface so let's say for V land 10 interface here IP address is for vand 10 IP address is 192 16810 do2 and then for vand 20 let's say IP address over here is 192.168 do 20. 20.2 and for V and 30 for V 30 let's say IP address is 1921 68. 30.2 okay so these are the IP configuration on switch number two okay and after that our virtual IP address is our virtual IP address is hsrp virtual IP address is 192.168 do uh let's say 10.00 this is my virtual IP address let me write here virtual virtual IP equals this one okay this is virtual IP address so first of all let me configure these things okay so let me start the configuration from PC here you can see IP address is correct right IP address is uh 10.10 here on PC number two also I am going to configure one IP address let me check here IP is not configured so 192.168 do this PC also belongs to vand 10 so 10 dot let's say 20 submit mask is this one Gateway is 192.168.1 do 100 virtual IP address after that to PC3 here to PC3 also I can configure one IP address 192.168 do this PC belongs to vland 20 so here I am going to configure 20.1 let's say and gway is 192 168 do uh 20 dot 20 dot let's say 100 this is virtual IP address for vland 20 this is for vland 10 for vland 20 192.168.20.10 and for V 30 1921 16830 30.1 100 these are the virtual IP configuration okay so on PC number two here I have defined this IP address as the gway 19260 120100 on this PC I'm going to Define IP this PC also belongs to V 20 so 192 16820 do let's say 20 and getaway is 1921 16820 100 and then pc5 pc5 belongs to vland 30 so here we are going to configure 19 19 2. 16830 do10 let's say 2 192.168.0.100 is gway IP address and finally PC number six so PC number 6 IP address is let's say 192 do 168 do 192.168 do30 do2 and 192.168 do30 100 is the getaway done this is the IP configuration on PC now let me configure Xs layer switches so first of all I'm going to access this switch switch number one here as you know we need V 10 and we we need to assign two interfaces in V 10 interface range first need 0/3 and 0/4 0/3 is connected with pc1 0/4 is connected with PC 2 I'm going to say switch Port mode access switch Port mode access and then switch Port access VN 10 V 10 and now we can verify also so V brief here you can see uh V 10 is there and there are two interfaces in V 10 first e 0/3 and 0/4 then we need to configure access layer switch two so let me access this switch access Layer Two access layer switch two and here also here we need to put these two interface fast eate 0/3 and 4 in vand 20 so interface range fast e0 sl32 4 and say switch Port mode access and switch Port access VLAN 20 done now here also we can verify so wean brief I am not configuring you know link between distribution layer and access layer switch for now here I have only configured vland 20 and I have assigned these two interface in vland 20 then access layer switch three so let me access access layer switch three and here I am going going to configure again these two interface 0/3 and 4 in v and 30 so interface range F 0324 and say switch Port access VLAN 30 switch Port access VLAN 30 done I have configured the VLAN here also we can verify so VLAN brief you can see VLAN 30 is there and two interfaces are there fine now I am going to access distribution layer switch first let me access distribution layer switch one this switch see all the link of distribution layer switch one connected to access layer switch should be trunk link so I am going to configure these Port like 0/2 0/3 0/4 0/2 0/3 and 0/4 is connected with excess layer switch 0/2 is connected with switch one 0/ 3 is connected with switch two and 0/ 4 is connected with switch 3 so I'm going to configure these Port as Dynamic desirable so that these ports will become trunk Port okay for now if you will verify so interface and trunk so you can see we don't have any trunk interface here so let me configure trunk link interface range F 0/22 4 0/22 4 3 4 okay yes and here I'm going to say switch Port mode Dynamic desirable right this is dtp configuration and after running this command you can verify so interface trunk and now you can see 03 02 03 and 0/4 is configured as trunk right mode is dynamic desirable okay in the same way on switch number on distribution layer switch two also we need to configure these Port like 2 3 and four as Dynamic desirable so let me access distribution layer switch two and here also so I'm going to say first no to this and then config T interface range F 0224 and say switch Port mode Dynamic desirable right here also we can verify so interface trunk so you can see 0/2 3 4 is configured as now trunk okay so trunk configuration is done now we are going to create svi on distribution layer switch so first of all let me create SBI on distribution layer switch one so this is console of distribution layer switch one here I am going to say interface V land 10 first of all V 10 then V 20 then V 30 I have created three VLAN over here after that interface VLAN 10 and say IP address IP address to this V is 192 168 10.1 as I told you 255.255 5.25 5.0 here I have configured this IP address for vland 10 interface and then interface vland 20 and then IP address IP address over here 192 16820 do1 as you can see here I have mention the IP address for SBI interfaces okay 20.1 255.255.255.0 and then interface VLAN 30 interface VLAN 30 and then IP address is 192.168 30.1 255.255.255.0 done here we can verify the IP configuration I can maximize this console and here I can run so IP interface brief so you can see here we have IP address on V 10 interface V 20 interface and V 30 interface right so on these three virtual interface I have assigned the IP address now we need to do same thing on distribution layer switch 2 also so let me access distribution layer switch two here also I am going to configure uh SBI interface interface VLAN 10 and before that we need to create v v 10 exit V 20 exit VLAN 30 exit and then interface VLAN 10 and here for VLAN 10 IP address will be 192 16010 do2 this side I am configuring two so say IP address IP address 192.168.1.2 255.255.255.0 and 255 2555 25.0 and then I interface VLAN 20 20 and this time here IP address will be 192.168 do uh 20.2 255.255.255.0 and interface VLAN 30 here IP address is 192 IP address is 1921 16830 do2 255.255.255.0 done here also we can verify the IP configuration by running command show IP interface brief and if you will maximize it here you can see we have IP address on these three interfaces interface V and 10 20 and 30 after that we can do one thing we can verify the connectivity like between distribution layer switch one and distribution lay switch two so from distribution layer switch two I am going to Ping let's say the SBI of VLAN 10 on switch one so IP address of vland 10 interface on switch one is 192.168.1.1 so I'm going to Ping that IP address from distribution layer switch two let me check the connectivity okay and guys for better understanding what we can do here we can configure the host name Also let's say here host name is distribution layer switch 2 and on this switch I'm going to configure host name distribution layer switch one let's say host name distribution layer switch one done so from distribution layer switch one I'm going to check connectivity ping 192.168.1.2 which is the the SBI interface uh on switch number two and then for vand 20 I'm going to Ping 192.168.20.10 168 30.2 you guys can configure this topology by yourself and you should configure it then only you will understand the all configuration correctly and this is real time scenario completely so this is very useful right now okay we have configured the IP addresses we have created the svi on these distribution layer switch now next think is configuring hsrp configuring hsrp and in hsrp as you can see my virtual IP address would be 192.168.1.100 for V 10 user my virtual IP address for v2 user should be 19260 120100 and for V 30 user I Gateway should be 190 to 160301 100 right so and switch one should be the active switch and switch two should be the extend by switch so what we can do here we can increase the priority of hsrp by default priority is 100 so here we can set priority 110 okay so now let me begin the configuration of hsrp here so first of all here let me access uh distribution layer switch one and now here I'm going to say interface VLAN 10 interface vand 10 and then extend by virtual IP address extend by and group number after that we can set priority here first priority let's say 110 110 and extend by 10 we can enable pron also prum PR and then what we can say IP address sorry extend by extend by IP address IP on only IP and then IP address virtual IP 192 168 do1 do 10 do sorry 100 this is the virtual IP address we need to do same thing on distribution layer switch 2 also so interface vand 10 here also interface vland 10 and then extend by let's say group number 10 print and here we are not going to set extend by IP 1921 68. 10.00 here uh I have not configur priorties so by default priority is there and now if you will check so standby soby so ex standby this switch is is in listening estate now and virtual IP address is 192168101 100 that is fine by default priority is 100 okay and it is waiting now you can see this switch is in exent by this switch is in exent by and if you will check switch one so switch one is you can see active switch fine switch one is active switch and we need to do same thing for we 20 and for V 30 also so let me configure uh hsrp for VL 20 interface vland 20 and then say extend By Priority 110 and then extend sorry extend by 10 group number 10 or we can ignore it also in packet ASA estain by group number 10 priority this one extend By Priority 10 print preemption and then extend by IP 192.168.20.10 is the virtual IP address for V 20 let me configure same thing on switch number two also distribution layer switch to interface V land 20 and here I'm going to I'm not going to configure priority extend by 10 we can enable pron and then extend by IP 192 168 do uh 20.00 and wait for some time after some time now if you will check soend by so EX stand by you can see for vland 10 this switch is EX stand by and for vland 20 estate is not listening right so wait for some time after some time again this switch will become extend by for whe and 20 also switch one will become active for V 20 for V 10 for V 30 for all V you can see here hsrp V 20 is speak to standby so now this switch is standby for V 10 for V 20 and for V 30 also this switch will be stain by and if you want to configure let's say that this switch should be you know uh active for V 30 so for V 30 you can increase priority over here but in my scenario for all vland this switch should be the active switch switch one should be the active switch so that's why we are configuring higher priority on switch number one okay now let me configure same thing for VLAN 30 interface VLAN 30 and then say extend by group number 10 first of all Pon extend by group number 10 and priority here also let me set 110 and extend by extend by 10 IP 192 168 do uh 30100 30100 this this that's it now let me configure distribution layer switch two here also we need to configure same thing interface VLAN 30 extend by group number 10 let's say print and then extin by group number 10 and say IP 192.168 do 30.00 30.00 that's it and wait for sometime time after some time you will see this switch will become standby for V 30 also and this switch on switch number one if you will run so stand by command so EX stand by so EX stand by so you can see for vand 10 this switch is active switch for vand 20 also this switch is active switch and for vend 30 this switch is active for vand 30 also this switch is active means for all uh you know V 10 20 and 30 switch one is active switch and switch two is standby switch here you can see the log message fine now hope it is clear to you now I am going to check the connectivity from PC2 their default gateway PC2 their default gateway okay so let me do one thing from PC number one I'm going to Ping the Gateway ping 192.168.1.100 this is virtual IP address right and I am able to Ping I am able to Ping and I able to Ping this Gateway virtual Gateway IP address and uh switch one is my active switch means all the traffic whenever these PC will forward traffic let's say for internet or for the outside for the other branches all the traffic will go via switch number one Co distribution layer switch one okay because distribution lay switch one is my active switch now next configuration is next configuration is configuring uh the IP addresses between distribution layer and core layer so on switch number one I'm going to configure first IP address here on distribution layer switch one let me show you on distribution layer switch one you can see we need to configure one IP address on Fast ethernet 0/1 0/1 is connected with core layer right means rter number one so interface fast etherate /1 and as you know this is layer three switch right so if you want to enable the routing here on layer three switch you have to run command IP routing first IP routing this command and then on interface fast ethernet 0/1 to assign IP address on this interface first of all you need to run no switch Port command because by default all ports of Layer Two or layer three switches switch Port switch Port means Layer Two Port so you have to tell two interfaces that now you are not longer Layer Two put now you are going to become layer three put and then we can assign IP address here IP address 10 do 10 do 10 dot let's say 1 255 255.255 2502 because we are using sl3 to 30 okay so here I have assigned the IP address so we can run no set command also then distribution layer switch two I am going to configure one IP address on this interface first eate 1/0 of distribution layer switch two also so let me configure one IP here distribution layer switch two interface fast eate 0/1 here also I'm going to say no switch port and then IP address 10 do 10.1.5 SL sorry 255 255.255 252 right because here we you are able to see the subnet we are using uh the subnet 10.10.10 4/30 between distribution layer switch one and core layer means router between router and distribution layer switch to we are using this submit so first IP address is dot five I am running first IP address on distribution layer switch and second IP address on router okay and finally then IP routing IP routing IP routing done okay now now finally I'm going to configure uh this this router core layer we are going to assign IP addresses first on this router so let me show you the configuration here configuration is easy guys IP configuration first first of all we need to configure IP like on Fast ethernet 0/0 say no shutdown and IP address here I'm going to say IP address 10.1.1 dot uh one is on distribution layer switch one so here I'm going to configure two 2 55. 255.255 252 that's it then interface fast eanet 0/1 here also say no set and IP address is going to become 10 do 10 do 10 dot five is on distribution layer s two so here 6 255.255 255.255 2 done I have configure the IP address on these two interface and finally I'm going to configure IP on when interface these two one like L Lan interface and serial 0/ /0 is when interface here say noart and IP address here I'm going to assign IP let's say 100. 1.1 do 1 255.255 255.255 2 252 now now let me configure IP on internet router also let me access internet router and here also let me assign the IP configuration because on internet router I need to configure IP only okay after that I will close the console of internet router say enable config T interface serial 0/ 2/0 say no set yes and IP address 100. 1.1.2 255.255 255 do 255 255.255 252 okay I've have configured the IP address here and then interface Cal 0/2 SL1 on this interface also let me assign the IP IP over here is IP over here is 100 do 100 1.11.2 2555 255.255 252 and then let me create one loop back here interface loop back 1 and IP address is 8. 8. 8 do 8 255.255 do 255.255 255.255 okay I have configured the IP address on internet router so IP interface brief we can verify on interface fast ethernet 0/0 Z sorry Z not fast e serial 0/20 IP address is this one okay Port is up and on fast eate 021 IP address is this one and we have one loop back it do it do it fine let me close the console of internet router now the next configuration is we need reachability between distribution layer and code layer my means router should have uh these Network information right 192 Network one four wheel and 10 20 and 30 so how this distribution layer switch is going to advertise this prefixes to router for that we are going to configure OPF here OPF routing protocol between distribution layer switch and router so let me start the configur configuring configuration of OPF from distribution layer switch uh one so on distribution layer one switch one I'm going to run command router OPF and then let's say process is one here I can Define the router ID or we can leave the router ID right then we can advertise the network so Network one network is 10 do 10.1 do 1 0.0.0.0 and area Z guys this command will enable OPF on Fast ethernet 0/1 because this is IP address of fast ethernet 0/1 right so let me hit enter over here this command will enable OPF on this interface after that I am I I want to advertise uh some Network in OPF so let me advertise those network with the help of network command 192.168.10.0 this is for VLAN 10 0.0.0 255 and area zer this network and we need to advertise one more Network 10.1.1 do sorry 192.168 20.0 and 0.0.0 2555 area zero very good and one more Network 10.1.1 sorry 192.168.0.0 192.168.0.0 right so here I have advertised these Network also in OPF okay and now here if you will run this command so IP ospf so IP OSF interface brief so you can see OPF is not enabled on Fast EET 0/0 OSF is enabled on vand uh 10 interface OPF is enable on V 20 interface this is IP address of V 10 this is IP address of V 20 this is IP address of V 30 right so SPF is enabled on all interfaces now finally what we are going to do I am going to let's say configure OPF on R number one I am going to enable OPF on these two interface let me check that OPF never will come up or not so first of all let me configure OPF on this router so router OSF here also I'm going to say router OPF process one let's say and then Network 10 dot Network 10.1 do1 do2 is the IP address of fast Ean 0/0 0.0.0 .0 and area Z this command will enable OPF on Fast e 0/0 we are waiting for OPF neighborship let me run one command here to check OPF neighborship so IP yes here you can see the log message also OPF never has come up state is full from loading done so IP OPF neighbor we can check neighbor also yes who is neighbor 10.1.1.1 is the neighbor on fast eate 0/0 interface 10.1.1.1 is the neighbor on Fast EET 0/0 and nebor router ID is neighor router ID is 192 16301 highest IP address okay fine in the same way we need to configure OPF on this distribution layer switch 2 also right so let me access distribution layer switch 2 and on distribution layer switch two also I'm going to say router OPF process number one and then network network 10 dot 10 dot 10 dot here IP address is five on Fast e 0/1 0.0.0 and area zero and after that Network let's say 192 168 do 10.0 0.0.0 dot 255 and area zero and then we need to advertise 10 uh 192 168 20.0 20.0 and then we need to advertise 30.0 30 dot zero 30.0 I think I have run one wrong command here this command this command let me remove this command this command say no to this and then 20 is not I think added 20 yes now you can check so IP OPF interface brief right so OPF is enable on Fast e 0/1 v 10 20 and 30 V 10 V 20 V 30 and V 20 okay and now here we will check so IP OPF neighbor so you can see distribution layer switch switch two have three neighor right these are the these are the IP address of V distribution layer switch one means there is OPF neighborh between switch one and switch two for all vland for vland 10 for vland 20 for vand 30 for all vland between switch one and switch two we have one OPF neighbor ship we don't have any OPF neighbor ship between distri distribution layer switch to and this router because I think we have not enable OPF on this interface of router so let me enable ospf on this interface also again let me access router and interface interface fast etherate 0/1 and we can say IP OPF 1 area 0o we can enable OPF like this also soon OPF never will come up between uh distri ition layer switch to and router also so IP OPF neighbor yes you can see the log message now this rout this router have two neighbor one is distribution layer switch one and one is distribution layer switch two now guys here you can see here we have also OPF neighbor ship for all vand for V 10 20 and 30 but between distribution layer switch one and distribution Layer Two switch to we don't need OPF neighbor ship we don't need OPF neighbor ship so what we can do we can configure these interface as passive interface we can configure this interface as a passive interface and for now if you will check routing table of this router let me show you the routing table of the router routing table of the the router so IP root so this router should have you know 192 160. 10.0 also 20.0 and 30.0 so you can see yes this router have learn 192 168 10.0 from two side from distribution layer switch one and from distribution layer switch to from both switches have learned this network this network also 20.0 and 30.0 so router have this network information right and now if if you will check distribution layer switch one so IP OPF neighbor so we need to remove these neighbor right for between distribution layer switch one and distribution layer switch two so here what we can do here we can run simply one command interface VLAN 10 not interface VLAN 10 router OSF router OPF router OPF one process one and then passive interface of VLAN 10 then passive interface V 20 you can see never has goes down 20 and then 30 for vland 30 on switch number distribution layer switch two also we can configure this router OSF sorry router SP spf1 and we can say passive interface passive interface we land 10 V 20 and V 30 V 30 and now if you will check OPF neighborh here so IP OPF neighbor so now only router is the neighbor only router is the neighbor this is router ID of router highest IP address will become rou right right so this is highest IP address on router okay so now only router is neighbor of distribution layer switch 2 and distribution layer switch one also here also you can verify so IP OPF neighbor so this time only router is the neighbor fine so everything is fine here we have successfully configured the landan network now finally we are going to configure net on this router so that this these user can access Internet first okay so let me access router and here I am going to Define one default route first towards internet one default rout is required here so let me maximize it and here say IP root IP route 0.0.0 0.0.0 and next toop is 100.1 1 1.2 right and now I'm going to check that I able to Ping 88.8 or not ping 88.8 so yes you can see I am able to Ping 8.8 but for now these user the PCS cannot ping 8.8 because we have not configured the net so router will not translate the source and if router will not translate the source ISP will not have internet router will not have the rout for 192 168 Network so it will drop the reply packet so what I'm going to do I'm going to configure Nat here on this router here also let me change host name to R1 R1 okay and uh finally I access list access list let's say number is 10 permit after that permit any or we can say 192 168 do. 0.0 do 255.255 like this we can configure EX control list to match the source okay so router need to translate IP address from these range okay so it will uh Translate the traffic of 10 20 and 30 okay now IP net inside source list number 10 interface CDL 0/0 sl0 and overload this is the net configuration let me hit enter and now what I'm going to do I'm going to check that this PC is able to Ping internet or not ping internet or not ping 8 do8 do8 do8 destination host unreachable wait this PC should be able to Ping it do it do it yes now I am getting request time out error and okay net configuration is correct let me do one thing from distribution layer switch one let me ping 8.8.8.8 and can I use Source command here no in this scenario we cannot use Source command but we can see the packet by us using simulation mode so let me use simulation mode here and before pinging 88.8 let me ping again it do it do8 yes here is icmp traffic it will forward to switch switch will forward to uh distribution layer switch and distribution layer switch is dropping let me check what is the problem here on this distribution layer switch I'm going to check first let me check the connectivity from default gateway ping 192.168.1.100 yes I am able to ping my gway IP address I'm able to ping my gway IP address and uh ARP R table this is the MAC address and and I think this Mac address is in last it's ac0 right ac0 so interface VLAN 10 Mac address of this interface is Mac address of this interface okay Mac address of this interface vland 10 is this one and vland 10 user when we user will ping wait problem is you can see here pc1 is generating reply when I am pinging 88.8 from pc1 pc1 is generating reply 192 16810 do1 is generating this reply reply from 190 to 160101 actually problem is here you can see on distribution layer switch one or distribution layer switch two if you will check routing table if distribution layer switch one will receive any root so IP root right any packet where destination is 8. 8.8 it will check routing table in the rotting table rot is not available so it will drop the traffic so that's why distribution a switch one is dropping the packet so what we need to do here on router we have one default rout towards ISP we need to redistribute that default rout in OPF so on router simply we need to run one command router OPF process one and say default information originate that's it and now if you will check distribution layer switch routing table here so IP rot you can see just wait for some time it will receive one default rout now you can see get way of last is getaway of last is 10. 1.1.2 right there is one default rout here external rout is there 0.0.0 and in the same way you can see this default rout in distribution lay switch two also whenever uh distribution layer one switch one will fail this switch will become active so this switch should also have one default R so IP R OPF so yes external route is there okay fine and now let me check the PC is able to Ping 88.8 or not ping 88.8 or not so let me ping again and this time it should work ping should work wait request time out request time out now what is problem here we can again use simulation mode here we can check Access Control list so access list in Access list 192 160 okay that is fine here and so IP net translation don't have any translation and so run oh we have not defined inside interface and outside interface here this is problem right so let me say interface serial 0/0 and IP net outside and exit interface fast EET 0/1 IP net inside and exit interface fast ethernet 0/0 IP net inside done and now let me check the connectivity this time I think it should should work yes now you can see PC is able to pc1 is able to access internet I am getting the reply packet right it is request time out yeah now it's working fine okay from PC number two also we can check PC2 is also able to Ping internet or not so yes PC2 can also access Internet yes for uh V 20 user you can verify the connectivity for V 20 user V 20 user is able to Ping 8.8.8.8 or not yes will 20 user is also able to Ping 8. 8.8 and we 30 user yes we 30 user can also ping internet yes fine now what we are going to do we are going to configure this branch office right this branch office first of all again here also we will start the configuration from end devices let me Define the IP address say on server first so on This Server let me check the IP here IP is 101130 this one is submit mask and default gway is 10.1.1 fine tftp server IP address yes here tftp server IP address is 10.1.1 120 getaway is this one okay correct FTP server IP address FTP server IP address is also correct 10.1.1.10 now let me configure the router this router here I'm going to first configure host name say no and then we can say host name let's say add two host name add two and after that as you know interface fast eate 0/1 we are going to say this interface to noet and then IP address is 10.1.1.1 255.255 25.0 right now you can check HTTP or FTP tftp and these server are able to Ping their getaway or not let me check the connectivity to getaway 10.1.1.1 switch is not in forwarding State switch interface is not in forwarding State because of a spaning Tre protocol it will take 30 seconds and now if you will check connectivity you can see ping is working from tftp server also I can check the connectivity ping 10.1.1.1 yes I am able to Ping an FTP server from this FTP server also let me ping the Gateway ping 10.1.1.1 yes I'm able to Ping now let me configure this router this age router interface fast eate 0/1 ipn inside exit interface CDL 0/ /0 IP net outside say no set and IP address is 101. 1.1.1 255.255 255 do 252 252 and finally I'm going to check the connectivity am I able to Ping the public IP address of internet router ping 101. 1.1.2 yes I am able to Ping now let me configure the net here so access list number 10 say permit and this time my land network is 10.1 do 1 do let's say 0 0.0.0 do 255 and then IP net inside source list 10 and interface serial 0 by 0 by 0 overload right and IP rot one default R is also required IP R 0.0.0 0.0.0 and then next top is 1.11.2 right now let me check the connectivity to 88.8 from this router ping 8. yes I'm able to Ping 88.8 from this router let me check this HTTP server is able to Ping 8.8 or not ping 8.8.8.8 yes this HTTP server is also able to Ping 88.8 tftp Server ping 8 do88 do8 yes able to Ping 88.8 and FTP server p 8 do8 do8 do8 yes all servers are able to access internet now these two Branch are able to access internet now we need reachability between these two sides like from pc1 you cannot ping from pc1 you cannot ping HTTP server if you will ping 10. 1.1.30 this ping will not work right you can access only internet not this side this is private whenever you want to make communication between two private private sites over public network you need to create VPN you need to configure VPN so we here we are going to configure now VPN between two Edge routers so let's say start the configuration from this router from R1 on this router I going to create one tunnel interface tunnel let's say one and then we are going to say tunnel Source internal source is nothing but serial 0/ 0/0 IP address of Serial 0/ 0/0 then tunnel destination tunnel destination is 101.1 do1 do one remote side public IP and then IP address on this tunnel interface IP address on this tunnel interface will be 172 do 16.11 255.255 255 252 done here we have configured that tunnel interface so run you can see the configuration this is the configuration of tunnel interface this is the configuration of tunnel interface in the same way we need to create one tunnel on router two so let me access this router this this age router and here also I'm going to create one tunnel interface tunnel let's say one and then tunnel source is serial 0 by 0 by 0 then tunnel destination tunnel destination is 100. 1.1.1 see this two public IP address means 100. 1.1.1 and 100 1.11.1 are reachable with each other through internet because those both are public IP address okay and then I'm going to say uh IP address on this tunnel interface is 1721 16.12 here 255.255 255.255 to and now let me check the connectivity between these two tunnel interface on number one and R number two ping 1721 16.11 yes I am able to ping you can see I able to Ping because when I am pinging this IP address this router will check the routing table so IP route and in the routing able yes one network is available for this submit 172.16.0.0 16 and you can see 17216 1.0/3 is directly connected on tal interface and whenever exit interface is tal interface it will encapsulate the GRE header and it will add One external IP header in external IP header Source will be 100.1 do1 100 1.11.1 tunnel Source IP address and destination will be 100. 1.1.1 tunnel destination IP address right and it will forward from the teral interface me from the physical interface real 0 by 0 by0 okay and now on this tunnel interface we can configure anyin protocol to exchange prefixes like I want to you know advertise 10 prefixes in this s and I want to advertise these three prefix 192 168 10.0 20.0 and 30.0 in this side so we can configure uh any protocol any rting protocol on internal interface so like we have already OPF configuration on this router and I am able to Ping the remote tunnel IP address like 17216 1.2 right so we can configure we can enable OPF on Tunnel interface also let me enable it see how router OPF I'm running router OPF process one in this OSP appr proces I am going to advertise one more Network 17216 1.1 0.0.0 area Z okay when I will configure OPF on this side what will happen OPF never will come up on Tel interface so let me access this router again on this router also I'm going to configure OPF because here we are not running anyin protocol till now so let me enable router OPF router OPF process one then I'm going to advertise Network 10 do 1.1 0.0255 area 0 and then I'm going to advertise uh enable ospf on Tunnel interface by running command Network 17261 do2 0.0.0 area 0 wait for sometime USF never c will come up and when OPF never will come up yes you can see USF never has up uh on Tunnel interface and now if you will check rotting table so IP R OPF so so you can see router two have received these all Network information these all Network information okay these all Network information and this distribution layer switch let's say I want to check distribution layer switch one routing table because this router this distribution layer switch should also receive 10 prefixes 10. 1.1.0 so so IP R OPF yes you can see it have received this network 17261 .0 and now let me check this PC is able to Ping HTTP server which is located in different network ping 10.1.1 do30 so wait for some time you will see this PC can ping 10.1.1 do30 and this is how these two sides are able to communicate with each other destination host unreachable I'm getting this error wait for sometime what is the issue I'm getting reply from 100.1 do1 .2 100. 1.1.2 from this IP address guys this is I think problem of packet racer because here configuration is correct everything is fine here we don't have any problem because both router have Roots so these uh end devices can communicate with each other like side one and side two should be able to Ping now distribution layer switch to Ping let me do one thing ping from here I am going to Ping and this router let me check routing table of this router also here OSF neighbor ship is also flapping right because of this is definitely problem of packet R only process 100. 1.1.1 tunnel full to Da this is problem of packet rure only so IP route OPF yes we don't have any rout after some time again we will receive the route because OPF neighbor ship is flapping this is because of packet rer OU maybe 100% I 100% sure that this is because of packet racer but in real time configuration is exactly same guys this is how you configure net this is how you configure VPN this is how your two sides are connected with each other this is how two sites are communicating with each other our public network this is how sites are able to you know you are able to access Internet everything so this is basic configuration if you you have uh you are working in organization who have let's say two to three branches so definitely they are using this method only to connect all Branch together okay so this is all for today uh if you have learned something from this video guys please hit h on like button if you have not subscribed the Channel Please Subscribe the channel we will meet soon in next video till then stay safe bye-bye thanks for watching that's all for today
Info
Channel: PM Networking
Views: 22,051
Rating: undefined out of 5
Keywords: ccna, ccnp, ccie, network troubleshooting, network engineer, network configuration, router configuration, switch configuration, firewall configuration, scenario based network troubleshooting, network engineer interview questions, cisco network configuration, network engineer job, free training for network engineer, network engineer interview, ccna interview questions, basic networking protocols, network protocols, protocols, port number, dhcp, mpls, vrf, osi model, advance network
Id: --2qi7H7RHg
Channel Id: undefined
Length: 62min 4sec (3724 seconds)
Published: Sun Oct 08 2023
Related Videos
Complete Network Configuration | DTP, VTP, EtherChannel, OSPF, NAT, VPN, STP | All Protocols
PM Networking
165K
My Third Lab in Cisco Router | Static Route
Galaxy Infotech
770
Virtual Routing and Forwarding with Examples | VRF For Network Engineers | Service Provider
PM Networking
17K
Complete Network Configuration // CCNA Mega Lab! / OSPF, VLANs, STP, DHCP, Security, Wireless + more
Jeremy's IT Lab
22K
Configuring CISCO Switch at work | CISCO commands, real world best practice
East Charmer
318K
Layer 2 vs Layer 3 Switches
PowerCert Animated Videos
508K
Mastering VLAN Configuration on MikroTik, Step-by-Step Guide
The Network Berg
35K
Step-by-Step Network Configuration ( EtherChannel, VLANs, Trunking, MST, NAT and Default-Route)
PM Networking
22K
Connect Cisco Router and Switch to ISP Home Router and Access Internet
Cisco Config
264K
All Types of LSA's in OSPF | Depth Explanation of OSPF LSAs | Type 1 to Type 7 LSAs | #ccna #ccie
PM Networking
14K
Coding Adventure: Rendering Text
Sebastian Lague
329K
Networking basics (2024) | What is a switch, router, gateway, subnet, gateway, firewall & DMZ
IT k Funde
4.8M
1. Why We Need MPLS | Multi-Protocol Label Switching | All About MPLS For Network Engineers...
PM Networking
15K
VRF - Virtual Routing and Forwarding | What is Route-Distinguisher | Route-Target in VRF | #ccie
PM Networking
12K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.