This product is intended to be used as an educational product that provides exposure to the command line interface (CLI) of Cisco devices to practice and learn by discovery.

Packet Tracer 5.3 is the latest version of this Cisco network simulator, and it’s a key tool to use if you are a student pursuing the CCNA or dedicated to networking. This program creates a physical topology of network devices by simply drag-and-drop devices on the worksheet screen. After clicking on them you can access the configuration console of this device. All Cisco IOS commands are supported and even does the “tab completion” on a command. Once the physical and logical configuration of the network is build, you can do simulations of connectivity (ping, traceroute, etc) all from the device’s own console.

Main Features

The improvements to the new Packet Tracer 5.3 are:

* Support for Windows (2000, XP, Vista) and Linux (Ubuntu and Fedora).
* Allows multi-user and collaborative settings in real time.
* Support for IPv6, multi-area OSPF, route redistribution, RSTP, SSH, and multilayer switches.

Supports the following protocols:

* HTTP, Telnet, SSH, TFTP, DHCP and DNS.
* TCP / UDP, IPv4, IPv6, and ICMPv6 ICMPv4.
* RIP, EIGRP, OSPF multi-area, static routing and route redistribution.
* Ethernet 802.3 and 802.11, HDLC, Frame Relay and PPP.
* ARP, CDP, STP, RSTP, 802.1q, VTP, DTP and PAgP.

In this post I will try to illustrate static routing using a small network scenario (see picture below) and explain also some other issues related with ICMP Redirects and Cisco ASA firewall.

Network Description

From the example network above, we have a Cisco ASA firewall (ASA1) protecting our internal networks from the Internet. LAN1 is a Class C network subnet (10.1.1.0/24) which has user computers connected (this might be the headquarters LAN of the Enterprise). There is also a Router (R1) serving as a WAN router to connect a distant remote office over a WAN link.

At the other side of the WAN link we have R2 which serves as the Hub router having two spokes (R3, R4). There are also two more LAN networks with user computers (LAN2 connected to R3 and LAN3 connected to R4).

The IP addresses assigned to the network are as following:

ASA1 Internal IP: 10.1.1.254

R1 IP on LAN1 network: 10.1.1.253
R1 IP on the WAN link: 192.168.1.1

R2 IP on the WAN link: 192.168.1.2
R2 IP connected with R3: 192.168.2.2
R2 IP connected with R4: 192.168.3.2

R3 IP connected with R2: 192.168.2.1
R3 IP on LAN2 network: 10.2.1.254

R4 IP connected with R2: 192.168.3.1
R4 IP on LAN3 network: 10.2.2.254

LAN1 network: 10.1.1.0/24
LAN2 network: 10.2.1.0/24
LAN3 network: 10.2.2.0/24

Traffic Flow Requirements

We need to have the following communication between networks:

• LAN1 computers need to access the Internet through the ASA and also must be able to communicate with users and servers on LAN2 and LAN3.
• LAN1 users should be able to communicate also with “transit subnets” for troubleshooting and management purposes (“transit subnets” are the point-to-point networks connecting routers between them). These “transit subnets” are 192.168.1.0/30, 192.168.2.0/30, 192.168.3.0/30.
• LAN2 and LAN3 computers need to access the Internet through the ASA and also must be able to communicate with LAN1 network.

Configuration of Static Routing

The intention of this article is to explain static routing only, so I will not get into the full configuration details of all devices in the network. I will just show snippets of commands for static routes.

The general format of a static route command on a Cisco router is:

Router(config)# ip route [destination network] [mask] [gateway address]

The command above tells the router the following information: “if you want to send a packet to the following “destination network”, then send it to this “gateway address”.

The format of a static route command on a Cisco ASA firewall is:

ASA(config)# route [interface name] [destination network] [mask] [gateway]

Now let’s see the commands needed for each router. It’s more convenient to start from the bottom up:

Router R3:

R3(config)# ip route 0.0.0.0 0.0.0.0 192.168.2.2

We just need a default route on this router to send ALL traffic towards R2 gateway address (192.168.2.2).

Router R4:

R4(config)# ip route 0.0.0.0 0.0.0.0 192.168.3.2

Similar with R3, we just need a default route on this router to send ALL traffic towards R2 gateway address (192.168.3.2).

Router R2:

! Default route
R2(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1

! Static routes to reach LAN2 and LAN3
R2(config)# ip route 10.2.1.0 255.255.255.0 192.168.2.1
R2(config)# ip route 10.2.2.0 255.255.255.0 192.168.3.1

This is a little tricky. We need both a default route (to send all upwards traffic, including traffic to the Internet, towards R1) and also we need two specific static routes to reach LAN2 and LAN3 network. The two specific static routes (two last lines) are needed for the reply packets from LAN2 and LAN3 and also for LAN1 to be able to reach LAN2/LAN3.

Router R1:

! Default Route towards ASA for Internet Traffic
R1(config)# ip route 0.0.0.0 0.0.0.0 10.1.1.254

! Static routes to reach LAN2 and LAN3
R1(config)# ip route 10.2.1.0 255.255.255.0 192.168.1.2
R1(config)# ip route 10.2.2.0 255.255.255.0 192.168.1.2

! Static routes to reach transit point-to-point networks
R1(config)# ip route 192.168.2.0 255.255.255.252 192.168.1.2
R1(config)# ip route 192.168.3.0 255.255.255.252 192.168.1.2

Firewall ASA1:

ASA1(config)# route outside 0.0.0.0 0.0.0.0 [asa gateway IP]

! Static routes to reach LAN2 and LAN3
ASA1(config)# route inside 10.2.1.0 255.255.255.0 10.1.1.253
ASA1(config)# route inside 10.2.2.0 255.255.255.0 10.1.1.253

The ASA will need a default route towards its default gateway IP (assigned by the ISP), and also two static routes to reach the distant LAN2 and LAN3 networks. You DO NOT need a static route for LAN1 network because it is directly connected to the ASA.

Default Gateway for LAN1 computers

As we said before, one of the traffic flow requirements was to access LAN2 and LAN3 networks from LAN1 computers. If I ask you what should be the default gateway address configured on LAN1 computers, most of you would answer “The ASA internal address 10.1.1.254”. However, this is WRONG. Let me explain why.

Assume you configure the default gateway address for LAN1 hosts to be the ASA address 10.1.1.254. If HostA on LAN1 wants to send traffic to the Internet, then it will send it to its default gateway address (ASA firewall) which will forward the packet to the Internet. So far so good.

However, if HostA wants to send traffic to LAN2 or LAN3 hosts, it will again send the traffic to the ASA which is supposed to send an ICMP Redirect to HostA and tell him “hey, you should really be using 10.1.1.253 to get to LAN2 or LAN3”. However, the Cisco ASA is NOT ABLE to send an ICMP Redirect like it should. Therefore, HostA will never be able to communicate with LAN2/LAN3. If the ASA was a router instead, everything would work fine because routers actually are able to send ICMP Redirects.

So, the correct answer is to configure all hosts on LAN1 network to have Default Gateway address the IP of R1 (10.1.1.253). This way, they will be able to access both the Internet and the other internal LAN networks (LAN2/LAN3).

For any questions or comments please fill out the comment form below.

The newest Microsoft Exchange Server 2010 has been released a few months ago and enterprises are already upgrading from the older versions in mass scale. Microsoft holds almost 2/3 of the market share in email communication solutions and the Exchange Server 2010 is its flagship product and the cornerstone of Unified Communications for many companies.

The new Exchange 2010 version boasts ground breaking features such as PowerShell utilization as its main engine, Transport Protection Rules, Role Based Access Control, full unified communication support (text to speech, voice mail, instant messaging etc) and other advanced software communication features that make this product one of the most powerful enterprise tools.

If you are going to get involved for the maintenance and administration of Microsoft Exchange 2010 then you certainly need a good training for such a complex product. I.T administrators responsible for their Exchange Server must be ready and prepared to manage hundreds or thousands of users and their mailboxes, the security of the servers, the databases, the operating system etc. Getting a solid and proven Exchange 2010 training package is essential if you want to “survive” for such a demanding task.

There is also an Exchange Server 2010 relevant Exam, the 70-662 (Microsoft Exchange Server 2010 Configuration) which counts as credit towards two Microsoft Certifications (the Microsoft Certified Technology Specialist – MCTS and the Microsoft Certified IT Professional – MCITP certifications). Passing the 70-662 exam, you will be one step closer to a better career, to a better salary, and to a more stable IT position in your company.

Now, what if you could find a training package that will offer you two things:

1. Extensive in-depth training to teach you how to install, configure, maintain and troubleshoot the newest Microsoft Exchange 2010 Server with hands-on experience from a Certified Instructor.
2. Full coverage of 70-662 exam requirements with practice exam questions.

The combination of the above can be found in the Microsoft Exchange Server 2010 Training Package Here. Check it out because I believe it’s a great deal in terms of cost and the amount and quality of information that you will acquire. And the best part is that the training package above comes from one of the most trusted Computer Training companies, so you will be assured that you will get the best results.

The current Cisco certification exams are designed in such a way as to weed out those candidates who just memorized hundreds of possible exam questions in their attempt to pass the exam. If those candidates used only practice tests for preparation, they will just be disappointed on exam day. The certification exams will not only test if you possess the requited knowledge, but also if you have the ability to apply that knowledge in real world cases. Thats why the current Cisco exams are full of practical scenario questions. By taking one practice exam after the other will certainly not develop this skill.

Practice simulators are also fine up to a certain extent, but also do not depend very heavily on them. The most common network simulators I’ve seen do not let you make any mistakes on the router or switch configuration, so you do not actually learn from your mistakes. Remember that making mistakes on a Cisco configuration, observing them and then fixing them is what really helps to actually learn what you are doing.

When preparing for a Cisco Certification (especially for an entry level certification such as CCENT and CCNA) you are not just studying for an exam. Rather, you are building and fortifying your base and foundation for the upper layer certifications and for your career as well. Try to make your study efforts as effective as possible by building a solid foundation. You will achieve this by learning all possible networking theory and fundamental concepts, rather than memorizing hundreds of exam questions. Especially when studying for CCNA, the knowledge that you will acquire will be the most important from all and will be the corner stone for future certifications such as the CCNP and CCIE.

The best preparation for Cisco certifications is to stick to a well-rounded study plan which includes books, lab networking equipment (real or virtual) and practice exams. A recommended training package for Cisco certification exams is this computer based training here. If you combine it with a relative book from CiscoPress then you will have a complete well-rounded study package for passing your Cisco exam.

Information Technology is a booming industry. For an individual who decided to get into this field, it will be a rewarding decision in terms of salary compensation but also quite a challenge too.  Attending a focused and high quality I.T training related to your profession is inevitable if you want to survive in the demanding I.T career. Moreover, if this IT Training will help you also to obtain an I.T certification, this is even better. A certification in I.T (e.g certification in Microsoft, Cisco, VMWare, CompTIA etc) will help you tremendously to become established as an expert in the industry and will show also your current or prospective employer that you are investing in your career and that you are a person who takes his/her career advancement seriously.

IT Training Options

There are several options for getting an I.T Training. You can buy books and study by yourself (the cheapest option), you can attend a classroom/instructor based training (most expensive option), or you can purchase a Computer Based video training (probably the best option). The latest seems to be getting very popular over the last years mainly because of the excellent material being developed by the training vendors, and also because this kind of training combines both self-study and instructor-based teaching. One such vendor that develops computer video based training with great success since 2002 is TrainSignal for which I’m writing this review here.

TrainSignal Computer Training Vendor

Train Signal was found in 2002 and provides computer-based “Total Experience” training that gives individuals the tools and confidence to tackle real-world challenges, pass their certification exams and succeed in today’s competitive global IT market. The training lessons offered by TrainSignal are included in DVD disks and contain multiple file formats, convenient for learning anytime and anywhere.

Specifically, the training content comes as High Resolution Video format from real certified instructors (the classroom experience), MP3 Audio and iPod Video for “Training on-the-go”, PDF Instructor Notes for easy reading, and also Practice Exams to help you pass your certification easily.

In my opinion, Information Technology training in the new era should be based on E-Learning, and this is what TrainSignal will offer you. E-Learning is clearly advantageous over traditional classroom based training or pure self study using only text books. Much lower cost compared to instructor-based training, ability to study on your own pace, ability to learn with different lesson formats (video, audio, practice test) etc are some of the positive aspects of E-Learning.

Training Packages offered by TrainSignal

Train Signal offers a wide range of computer training packages covering Microsoft, Cisco, CompTIA, VMware, Wireless Networking, and Microsoft Office. Training is offered for over sixty different courses. The following training categories are offered:

• Microsoft Training
  • Windows Server 2008 Training
  • Windows Server 2003 Training
  • Exchange Server Training
  • Other Microsoft Training

• Microsoft Office 2007 Training
  • Word 2007 Training
  • Excel 2007 Training
  • PowerPoint 2007 Training
  • Outlook 2007 Training
  • Access 2007 Training
  • Visio 2007 Training

• Cisco Training
  • Cisco CCNA Training
  • Cisco CCNA Security Training
  • Cisco CCENT Training
  • Cisco ICND2 Training

• CompTIA Training
  • CompTIA A+ 2009 Training
  • CompTIA Network+ Training
  • CompTIA Security+ Training
  • CompTIA Project+ Training

• VMware Training
  • VMware vSphere Training
  • VMware vSphere Pro Series Training Vol. 1
  • VMware vSphere Pro Series Training Vol. 2
  • VMware ESX Server Training

• Wireless Networking Training (CWNA)

TrainSignal Approach and Key Advantages

As the company describes on their official website, the training offered by TrainSignal is based on the “Total Experience” concept. Specifically, the key advantages to choosing TrainSignal for your E-Learning training needs are the following:

• Scenario Based Training:

Each course offered by TrainSignal uses “real world scenarios” in which you are “hired” by a fictitious company to solve virtual problems with real world solutions. This means that the learner will understand both the theory and the practical application of every lesson in the course.

• True Expert Instructors

As we mentioned above, the Video courses in the training DVDs are taught by certified instructors who are true experts in their field. All instructors have diverse range of real world experience, so they can pass it on to you in the training course.

• Prepare for Certification the Right Way

All lessons are so detailed that cover all main aspects of the certification exam for the particular course. Each course contains also exam simulation and practice tests from Transcender, the world’s respected exam simulation provider.

• 100% Original Material Developed Exclusively at TrainSignal

Unlike other training vendors that are actually resellers, TrainSignal offers 100% original content developed in-house. This means better support, better quality control and better fine-tuning of the material according to feedback received from learners.

• Long Term Investment in knowledge

Each training course will not only be used once and then forgotten. Rather, it will be a long term expert resource you will refer to again and again. In each course you will find value added professional recommendations, instructor notes, expert insights etc that will be essential for your day to day work in your professional environment.

• 90-Day Money Back Guarantee

The company is so confident about the value of its training courses that offers a 90-Day money back guarantee. It’s probably the only computer training vendor that offers a money back Guarantee for their products.

Some Customers of TrainSignal

Some of the world’s top companies, government agencies, colleges etc have used training courses from TrainSignal. Some examples include DELL Computers, Cisco Systems, JP Morgan Chase, Bridgestone tires, USA Army, Comcast, U.S Department of State, U.S Department of Health, University of Southern California, Arkansas State University, Arizona State University etc.

My Conclusion about TrainSignal

I can talk from personal experience here. As a Cisco certified professional (CCNA, CCNP, CCSP) and as a former Microsoft Certified Professional (MCP), I have extensive knowledge about I.T certifications and training. I have used Trainsignal for my CCNP certification which helped me to pass all exams with scores over 950/1000. Considering the depth and quality of the Cisco related training courses that I have personally used, I can assure you that you will find the same high quality training in all the other courses offered by TrainSignal. I certainly suggest TrainSignal as an excellent E-Learning resource for your IT training courses.

A privately-held company, Train Signal is based in Schaumburg, IL. For more information about Train Signal, please visit www.trainsignal.com.

“In December 2009, thousands of IT students received a nasty holiday surprise as leading IT certification bootcamp providers ComputerTraining.edu and Vigilar’s Intense School suddenly announced they were going out of business, effective immediately.

Online IT forums flooded with panicked posters desperate to determine whether they would be able to continue their coursework and obtain refunds for training they’d never receive. Many posts took on a tragic tone as concerned colleagues and other training firms lamented the fate of the victims. “The worst are the clients who have bought classes that will not be delivered or clients who have bought a large quantity of vouchers worth absolutely nothing, some of them losing their yearly training budget. This is the tragedy in all of this,” stated Sondra J. Schneider, the founder and CEO of Security University. It appears both training firms may have fallen victim to the ongoing credit crunch.

Although the suddenness of the announcements came as a shock, industry insiders were not surprised that investors and banks abandoned training programs based on antiquated business models. Many noted that although expensive classroom instruction was once the primary option for IT certification, elearning has replaced it as firms focus on cost-efficiency and increased ROI. For organizations struggling to do more with less for the foreseeable future, e-learning advancements may even represent the difference between potential growth and stagnation.

Are Classroom Bootcamps Worth the Risk?

There’s no denying the value classroom training bootcamps have provided the IT industry. Courses are usually led by highly qualified subject experts. Students receive attention in small to moderate sized groups. Ideally, their focus is not diverted from the subject by outside distractions and competing job duties. Although some executives continue to view classroom training bootcamps favorably, the exorbitant cost is unfortunately becoming a luxury few organizations can now justify. Training firms that continue to count on luxury spending in 2010 will undoubtedly struggle and fail.

Although companies still rely on quality IT certification training, only 48% of the IT certification courses conducted in 2009 occurred via traditional instructor-led classroom-based training. (1) In 1999, that figure was 71%. In 2010, only the training firms that offer a variety of affordable e-learning alternatives can be expected to survive.

Vetting IT Certification Bootcamp Providers

In the wake of the closings of bootcamp providers ComputerTraining.edu and Vigilar, IT bootcamps may pose a significant investment risk. Since courses are often paid for weeks or even months in advance, and the training firm’s financial records are not common knowledge, there’s no way to anticipate where the ax could fall next. Even training institutions that appear to be thriving could be in trouble.

For example, Vigilar’s Intense School advertised a 95% pass rate on exams. The company’s website continued to post news of awards and achievements during the months before the school’s closing, including an appearance by school representatives on the Today Show. News that the school had been named a finalist in the 2010 SC Awards for outstanding achievement in IT security came mere days before the Intense School closed its doors for good.

Statistics like these prove that there is no foolproof way to vet IT certification bootcamp providers in today’s economic climate. Unlike e-learning products that can be provided immediately upon payment, bootcamp courses are usually scheduled in advance, increasing the risk of loss if the company’s fortunes fade quickly. In a statement posted on the company’s website, ComputerTraining.edu representatives claimed to have been shut down by BB&T Bank “with no forewarning or notice.

Several training providers have offered to provide similar courses for free or at a reduced cost to Vigilar and ComputerTraining.edu students. Clients can also contact their state educational regulators to try to recoup some of their lost investment. Many remain hopeful, but these limited and often inconvenient options just aren’t good enough. IT executives are wary of becoming overly dependent on training programs wedded to outdated business models and fearful of bootcamp failures derailing their own training objectives.

Relying on Bootcamp Guarantees?

Before bootcamps began closing, the principal risk associated with purchasing the courses involved paying significant upfront fees only to have poorly prepared students later fail the exams. Of course, classroom bootcamp vendors offer satisfaction guarantees to help you mitigate your investment risk. But how often are those guarantees actually implemented? Take this example: Employee A fails to pass the PMPcertification exam after you’ve paid $1900* (plus travel expenses) for the 4-day classroom test prep course. You request a refund from the vendor, but you are only eligible for an initial refund of $275, and your employee must take the exam again within the next 30 days to be eligible for any additional funds.

In fact, IT training vendor PMStudy maintains a refund policy that requires students to fail the PMP exam three times before the company will refund the entire course price – and that refund only applies if the student took the first exam within 30 days after the bootcamp and makes each subsequent attempt within the next 30 days, and the next 30 days, and so on…

So although you could potentially recoup your entire investment in this scenario, the process won’t exactly be painless. And, of course, you won’t be able to recoup lost travel fees, the price of accommodations, or the employee’s lost time away from work while he was attending the bootcamp.

What’s the E-Learning Cost Comparison?

Using our previous example, suppose that Employee A decides to forego the $1900 bootcamp and instead selects a comprehensive PMP exam prep package** from the same vendor, only this time in an e-learning format. The cost savings? At least $1500, and possibly more, since many e-learning vendors provide a variety of packages that allow employees to receive only the materials they actually need. Add in fees for travel, accommodations, and lost work hours, and the numbers can change from red to black in a hurry.

How Much Time Can You Save with E-Learning?

Since e-learning programs allow students to study at their own pace, employers control the amount of time lost during the workweek. Some employees are permitted to study solely during non-working hours, while others enjoy study periods during any downtime that occurs throughout the workday. Unlike classroom training, e-learning is flexible, so employees and employers have the power to determine when studying should occur. Unfortunately, many employers are now short-staffed due to the recession, so they can’t often spare key employees for offsite bootcamp courses.

E-learning affords businesses the opportunity to enhance the skills of their core workforce without sacrificing employee productivity. Contrary to popular belief, computer-based training also actually requires less time than instructor-led training. The time required to complete an e-learning course ranges by an average of 40-60%, with some students spending up to 80% less time on coursework. (2)

How Easy Are E-Learning Courses to Use?

Many e-learning vendors provide courses that appeal to several senses by integrating text, graphics, and audio features. This inclusion is critical, since most educators believe that students what they hear and see.

IT employees often prefer e-learning formats since they allow them to experience course materials in the format in which they are already most comfortable. Ask any IT worker whether he’d prefer to sit in a classroom with other students listening to a lecture or participate in a self-paced computer-based course.
You probably won’t be surprised by his answer.

What’s the Value of a Self-Assessment?

Self-assessments are one of the most unique features of any quality e-learning program. Students can take a pre-test before they even begin studying in order to gauge their strengths and weaknesses. This feature enables students to proceed with a program customized to meet their needs. Many are often surprised by the results, unaware of how much or how little they actually know about certain subject areas. By obtaining this information ahead of time, the student can then tailor his program to focus on the areas in which he needs the most assistance instead of wasting it on areas he may have already mastered. Self-assessments were created specifically to address the frustration many students experience by one-size-fits-all classroom or self-study courses that give equal weight to all course material regardless of the skill level or experience of the individual student.

How Does E-Learning Reduce Test Anxiety?

One of the most common obstacles experienced by potential test-takers in any field is classic test anxiety. Forcing an anxious employee to participate in a classroom setting can only exacerbate this problem.

Allowing students to study alone and take practice tests in the format they’ll actually use for the examination can go a long way toward reducing their anxiety. Taking advantage of e-learning products that offer self assessment features are also helpful, since they give students immediate feedback on their progress.

Computer-based pre-tests can reassure students who are unsure of their abilities. Many are pleasantly surprised to learn they have already mastered certain areas of the exam. Even providing guidance on the areas in which they should focus can have a calming effect. Most importantly, e-learning affords test anxiety sufferers the comfort of studying and learning in private, and based on their own schedule.

Using E-learning to Standardize Staff Skill Levels

One of the most popular features of e-learning is the ability to use the medium across a large and diverse group of employees. In the past, the prohibitive cost of classroom bootcamps and accompanying travel requirements often led employers to select only a few choice staff members for IT certification training. Unfortunately, those decisions also meant that large numbers of IT staff remained uncertified and unfairly dependent on the lucky few who had received formal training. Since untrained staff members tend to underutilize existing technology, additional technical resources were routinely wasted, something no organization needs, especially in the midst of a struggling
economy.

Industry studies show that Microsoft certified teams are 28% more productive, and teams in which more than half of the team members are Microsoft certified demonstrate a 15-17% improvement in job capabilities.(3)

What Types of E-Learning Formats Are Available?

One of the strengths of the e-learning industry has been its acknowledgment that no two students learn in the same way. Elearning vendors know that Employee A prefers CBT training, but Employee B learns best by listening to audio courses during his commute, and Employee C just wants to take as many practice tests as humanly possible. Video, audio, and CBT options abound, as do more traditional workbook and textbook alternatives. Students can choose individual products or select a combination of tools in order to maximize their learning potential and improve their chances of passing certification exams on the first attempt. Computer based reporting features and constant feedback further validate their progress.

Conclusion

The sudden insolvency of two reputable and respected IT certification training firms has given the entire industry a reason to re-evaluate its training methods. As classroom bootcamp training becomes less of a standard and more of a luxury, e-learning presents a cost-effective alternative for organizations looking to do less with more, and do it quickly. Utilizing e-learning programs enables a global workforce to enhance skill sets without expensive travel and inconvenient scheduling headaches. Staff productivity levels are preserved, and learning becomes more individualized as students choose from a variety of video, audio, and CBT learning formats. Employees prefer the adaptability of e-learning. It reduces test anxiety and provides invaluable and immediate, student-specific feedback that can’t often be duplicated in a classroom setting. Paid certification opportunities can certainly help you lure and retain the best and brightest technical minds, but providing these benefits to your workforce doesn’t have to fracture your firm’s bottom line. Utilize e-learning alternatives to strengthen your workforce while enjoying increased productivity and elevated employee morale.”

Ben Ice is the Editor of The Cert Times and the Marketing Manager for ExamForce, a division of LearnForce Partners LLC.

For more information on ExamForce’s IT certification e-learning products, please visit http://www.examforce.com

To request a FREE Exam Prep Software Bundle, go to http://www.examforce.com/customer/special15.php?sid=1106

Article Source: http://EzineArticles.com/?expert=Ben_Ice

Configuring Ethernet or Fast Ethernet Interfaces
Router> enable
Router # config terminal

! enter the interface configuration submode
Router(config) # interface fastethernet 0/0

! IP configured on the interface
Router(config-if) # ip address 10.1.10.1 255.255.255.0

!bring the interface up
Router (config-if) # no shutdown
Router (config-if) # description lan (assign a name to the interface)
Router (config-if) # exit
Router (config) #

* Note that the interface naming can be different. Examples are FastEthernet, Ethernet, GigabitEthernet etc. Also, the interface numbering varies from router to router, such as 0, 1, 0/0 0/1, etc.

Configuring DTE Serial Interfaces
Note that DTE serial interfaces receive clock from the Serial WAN modem.

Router> enable
Router# config terminal

! enter the interface configuration submode
Router (config) # interface serial 0/0

Router (config-if) # ip address 172.16.1.1 255.255.255.252
Router (config-if) # no shutdown
Router (config-if) # description WAN Network (assign a name to the interface)
Router (config-if) # exit
Router (config) #

* Note that the interface numbering can be 0, 1, 0/0 0/1, etc. This varies by router.

Configuring DCE Serial Interfaces
Note that DCE serial interfaces provide clock to the connected device on the interface.

Router> enable
Router# config terminal
Router(config) # interface serial 0 / 1
Router(config-if) # ip address 10.1.1.1 255.255.255.0

!configure the clock rate that will be provided by the router
Router(config-if) # clock rate 128000
Router(config-if) # no shutdown
Router(config-if) # description WAN Network (assign a name to the interface)
Router(config-if) # exit
Router(config) #

* Note that the interface number can be 0, 1, 0/0 0/1, etc. This varies by router model.

To allow complete simulations, GNS3 is strongly linked with :

* Dynamips, the core program that allows Cisco IOS emulation.
* Dynagen, a text-based front-end for Dynamips.
* Qemu, a generic and open source machine emulator and virtualizer.

GNS3 is an excellent complementary tool to real labs for network engineers, administrators and people wanting to pass certifications such as CCNA, CCNP, CCIP, CCIE, JNCIA, JNCIS, JNCIE.

It can also be used to experiment features of Cisco IOS, Juniper JunOS or to check configurations that need to be deployed later on real routers.

This project is an open source, free program that may be used on multiple operating systems, including Windows, Linux, and MacOS X.
Features overview

* Design of high quality and complex network topologies.
* Emulation of many Cisco IOS router platforms, IPS, PIX and ASA firewalls, JunOS.
* Simulation of simple Ethernet, ATM and Frame Relay switches.
* Connection of the simulated network to the real world!
* Packet capture using Wireshark.

Important notice: users have to provide their own IOS/IPS/PIX/ASA/JunOS to use with GNS3.

More Info: http://www.gns3.net/

If the attack contains thousands of non-legitimate connections to initiate TCP communication (SYN packets) towards a single host, the target host gets overloaded from the requested connections because the three-way TCP handshake does not get completed (because these TCP connections have unreachable return addresses, the connections cannot be established).  The resulting volume of unresolved open connections eventually overwhelms the server and can cause it to deny service to valid requests. The above attack is also called SYN Attack.

TCP Intercept is a feature on routers used to prevent and mitigate TCP SYN-flooding attacks by monitoring the rate of SYN packets and intervening inside the TCP communication whenever necessary in order to reduce the number of incomplete TCP connections.

There are two modes for TCP Intercept: “Intercept Mode” and “Watch Mode”.

Intercept Mode

The most “invasive” mode is “Intercept Mode”. The router establishes a connection with the client on behalf of the destination server, and if successful, establishes the connection with the server on behalf of the client and knits the two half-connections together transparently. This means that if the connection is legitimate, it will reach the server with no problem. If the connection is from a non-legitimate client, the half-open connection will be dropped by the router. This mode consumes a lot of memory and CPU on the router.

Watch Mode

We recommend using the “Watch Mode” instead of the “Intercept Mode”.  In Watch Mode, the router passively watches the connection requests flowing through the router. If a connection fails to get established in a configurable interval, the software intervenes and terminates the connection attempt.

Configuration of TCP Intercept

On router connecting the host under attack, configure the following (assume target host under attack is 1.1.1.1):

Router(config)# access-list 101 permit tcp any host 1.1.1.1
Router(config)# ip tcp intercept mode watch
Router(config)# ip tcp intercept list 101

The above configuration will watch the TCP SYN packets towards host 1.1.1.1. If the SYN packets exceed a certain default value, the router starts to close incomplete TCP connections. Specifically, if the number of incomplete connections exceed 1,100, or the number of connections arriving in the last one-minute period exceed 1,100, each new arriving connection causes the oldest partial connection (or a random connection) to be deleted. These are the default values, which can be altered.

As its name suggests, the IEEE 802.3ba standard allows for Ethernet services of 40 and 100 Gbps in both LAN and WAN implementations. The initial plan for the fastest Ethernet ever was to develop the technology for the 40 Gbps to support high-speed connections between switches and core servers, while for the 100 Gbps speed the plan was to support transport trunks for Internet and Video over IP. Both standards are applicable for the transport of packets in optical fiber networks.

Of course, as in previous cases, the new standard maintains backward compatibility with the rest of the Ethernet family.