Exam Essentials
Remember the default serial encapsulation on Cisco routers. Cisco routers use a proprietary High-Level Data-Link Control (HDLC) encapsulation on all their serial links by default.
Remember the PPP Data Link layer protocols. The three Data Link layer protocols are Network Control Protocol (NCP), which defines the Network layer protocols; Link Control Protocol (LCP), a method of establishing, configuring, maintaining, and terminating the point-to-point connection; and High-Level Data-Link Control (HDLC), the MAC layer protocol that encapsulates the packets.
Be able to troubleshoot a PPP link. Understand that a PPP link between two routers will show up and a ping would even work between the router if the layer 3 addresses are wrong.
Remember the various types of serial WAN connections. The serial WAN connections that are most widely used are HDLC, PPP, and Frame Relay.
Understand the term virtual private network . You need to understand why and how to use a VPN between two sites and the purpose that IPsec serves with VPNs.
Understand how to configure and verify a GRE tunnel. To configure GRE, first configure the logical tunnel with the interface tunnel number command. Configure the mode and transport, if
needed, with the tunnel mode mode protocol command, then configure the IP addresses on the tunnel interfaces, the tunnel source and tunnel destination addresses, and your physical interfaces with global addresses. Verify with the show interface tunnel command as well as the Ping protocol.
Written Lab 21
You can find the answers to this lab in Appendix A, “Answers to Written Labs.”
Write the answers to the following WAN questions:
1. True/False: The IWAN allows transport-independent connectivity.
2. True/False: BGP runs between two peers in the same autonomous system (AS). It is referred to as External BGP (EBGP).
3. TCP port 179 is used for which protocol?
4. Which command can you use to know the hold time on the two BGP peers?
5. Which command will not tell you if the GRE tunnel is in up/up state?
6. True/False: A GRE tunnel is considered secure.
7. What protocol would you use if you were running xDSL and needed authentication?
8. What are the three protocols specified in PPP?
9. List two technologies that are examples of layer 2 MPLS VPN technologies.
10. List two VPNs that are examples of VPNs managed by service providers.
Hands-on Labs
In this section, you will configure Cisco routers in three different WAN labs using the figure supplied in each lab. (These labs are included for
use with real Cisco routers but work perfectly with Cisco’s Packet Tracer program.)
Lab 21.1: Configuring PPP Encapsulation and Authentication
Lab 21.2: Configuring and Monitoring HDLC
Lab 21.3: Configuring a GRE Tunnel
Hands-on Lab 21.1: Configuring PPP Encapsulation and
Authentication
By default, Cisco routers use High-Level Data-Link Control (HDLC) as a point-to-point encapsulation method on serial links. If you are connecting to non-Cisco equipment, then you can use the PPP encapsulation method to communicate.
Labs 21.1 and 21.2 will have you configure the network in the following diagram.
1. Type sh int s0/0 on RouterA and RouterB to see the encapsulation method.
2. Make sure each router has the hostname assigned.
RouterA# config t
RouterA(config)# hostname RouterA
RouterB# config t
RouterB(config)# hostname RouterB
3. To change the default HDLC encapsulation method to PPP on both routers, use the encapsulation command at interface configuration. Both ends of the link must run the same encapsulation method.
RouterA# Config t
RouterA(config)# int s0
RouterA(config-if)# encap ppp
4. Now go to RouterB and set serial 0/0 to PPP encapsulation.
RouterB# config t
RouterB(config)# int s0
RouterB(config-if)# encap ppp
5. Verify the configuration by typing sh int s0/0 on both routers.
6. Notice the IPCP and CDPCP (assuming the interface is up). This is the information used to transmit the upper-layer (Network layer) information across the HDLC at the MAC sublayer.
7. Define a username and password on each router. Notice that the username is the name of the remote router. Also, the password must be the same.
RouterA# config t
RouterA(config)# username RouterB password tod
RouterB# config t
RouterB(config)# username RouterA password tod
8. Enable CHAP or PAP authentication on each interface.
RouterA(config)# int s0
RouterA(config-if)# ppp authentication chap
RouterB(config)# int s0
RouterB(config-if)# ppp authentication chap
9. Verify the PPP configuration on each router by using these commands.
RouterB(config-if)# shut
RouterB(config-if)# debug ppp authentication
RouterB(config-if)# no shut