CCNA :: Part 9 - IP Access Lists - Named Acess List

Named IP Access Lists 

Named ACLs can be used to match the same packets, with the same parameters, you can match with standard and extended IP ACLs. Named IP ACLs do have some differences, however, some of which make them easier to work with. The most obvious difference is that IOS identifies named ACLs using names you make up, as opposed to numbers—and you have a better chance of remembering names. Named ACLs also have another key feature that numbered ACLs do not: You can delete individual lines in a named IP access list. With numbered ACLs, if you enter no access-list 101 and then enter the rest of the command, you don’t just delete that single line—you delete the whole list! With named ACLs, you can enter a command that removes individual lines in an ACL. Other than that, the only differences are the changes in the configuration syntax.

CCNA :: Part 9 - IP Access Lists - Extended

Extended IP Access Control Lists

Extended IP access lists have both similarities and differences compared to standard IP ACLs. Just like standard lists, you enable extended access lists on interfaces for packets either entering or exiting the interface. IOS searches the list sequentially. The first statement matched stops the search through the list and defines the action to be taken. The one key difference between the two is the variety of fields in the packet that can be compared for matching by extended access lists. A single ACL statement can examine multiple parts of the packet headers, requiring that all the parameters be matched correctly in order to match that one ACL statement. That matching logic is what makes extended access lists both much more useful and much more complex than standard IP ACLs

CCNA :: Part 9 - IP Access Lists - Standard

Standard IP Access Control Lists

IP access control lists (ACLs) cause a router to discard some packets based on criteria defined by the network engineer. The goal of these filters is to prevent unwanted traffic in the network—whether to prevent hackers from penetrating the network or just to prevent employees from using systems they should not be using. IP access lists can also be used to filter routing updates, to match packets for prioritization, to match packets for VPN tunneling, and to match packets for implementing quality of service features.

CCNA :: Part 8 - Frame Relay

Frame Relay Technology

Frame Relay is still one of the most popular WAN services deployed over the past decade, and there’s a good reason for this—cost. By default, Frame Relay is classified as a non-broadcast multi-access (NBMA) network, meaning it doesn’t send any broadcasts like RIP updates across the network. Frame Relay has at its roots a technology called X.25, and it essentially incorporates the components of X.25 that are still relevant to today’s reliable and relatively “clean” telecommunications networks while leaving out the no-longer-needed error-correction components.

CCNA :: Part 8 - Frame Relay Monitoring and Troubleshooting

Several commands are used frequently to check the status of your interfaces and PVCs once you have Frame Relay encapsulation set up and running:

iscoTests-HQ#sh frame ?
  end-to-end     Frame-relay end-to-end VC information
  fragment       show frame relay fragmentation information
  ip             show frame relay IP statistics
  lapf           show frame relay lapf status/statistics
  lmi            show frame relay lmi statistics
  map            Frame-Relay map table

CCNA :: Part 8 - Frame Relay Implementation

Let’s get started by looking at a simple example given on Fig. 44 from the previous page:

                                                                        Fig - 44

Here are how these configurations would look about all of the routers:

CCNA :: Part 7 - PPP Authentication

Authentication

Security issues in a WAN can differ compared to security in a LAN. In a LAN, most devices can be under the control of the organization owning the devices. Traffic between devices in the same building might not ever leave the confines of the office space used by that company. However, with WANs, by definition, the traffic leaves one location and travels through some other network owned by the service provider and back into another site.