Are you sure you want to cancel your subscription?

If you cancel, your subscription will remain active through the paid term. You will be able to reactivate the subscription until that date.

Sorry to see you go

Your subscription will remain active until . If you change your mind, you may rectivate your subscription anytime before that date.

Are you sure you want to reactivate?
Welcome Back!

Your subscription has been reactivated and you will continue to be charged on .

Reactivate Subscription

Thank you for choosing to reactivate your subscription. In order to lock in your previous subscription rate, you owe: .

Your Subscription term is from - .

Questions? Call Sales.

541-284-5522
Payment Due:

OK
Auto-Renew Subscription

To auto-renew your subscription you need to select or enter your payment method in "Your Account" under Manage Payments.

Click continue to set up your payments.

CBT Nuggets License Agreement


Unless otherwise stated all references to “training videos” or to “videos” includes both individual videos within a series, entire series, series packages, and streaming subscription access to CBT Nuggets content. All references to CBT or CBT Nuggets shall mean CBT Nuggets LLC, a Delaware limited liability company located at 44 Country Club Road, Ste. 150, Eugene, Oregon.


A CBT Nuggets license is defined as a single user license. Accounts may purchase multiple users, and each user is assigned a single license.


  • GRANT OF LICENSE. CBT Nuggets grants you a non-transferable, non-exclusive license to use the training videos contained in this package or streaming subscription access to CBT content (the “Products”), solely for internal use by your business or for your own personal use. You may not copy, reproduce, reverse engineer, translate, port, modify or make derivative works of the Products without the express consent of CBT. You may not rent, disclose, publish, sell, assign, lease, sublicense, market, or transfer the Products or use them in any manner not expressly authorized by this Agreement without the express consent of CBT. You shall not derive or attempt to derive the source code, source files or structure of all or any portion of the Products by reverse engineering, disassembly, decompilation or any other means. You do not receive any, and CBT Nuggets retains all, ownership rights in the Products. The Products are copyrighted and may not be copied, distributed or reproduced in any form, in whole or in part even if modified or merged with other Products. You shall not alter or remove any copyright notice or proprietary legend contained in or on the Products.
  • TERMINATION OF LICENSE. Once any applicable subscription period has concluded, the license granted by this Agreement shall immediately terminate and you shall have no further right to access, review or use in any manner any CBT Nuggets content. CBT reserves the right to terminate your subscription if, at its sole discretion, CBT believes you are in violation of this Agreement. CBT reserves the right to terminate your subscription if, at its sole discretion, CBT believes you have exceeded reasonable usage. In these events no refund will be made of any amounts previously paid to CBT.
  • DISCLAIMER OF WARRANTY AND LIABILITY. The products are provided to you on an “as is” and “with all faults” basis. You assume the entire risk of loss in using the products. The products are complex and may contain some nonconformities, defects or errors. CBT Nuggets does not warrant that the products will meet your needs, “expectations or intended use,” that operations of the products will be error-free or uninterrupted, or that all nonconformities can or will be corrected. CBT Nuggets makes and user receives no warranty, whether express or implied, and all warranties of merchantability, title, and fitness for any particular purpose are expressly excluded. In no event shall CBT Nuggets be liable to you or any third party for any damages, claim or loss incurred (including, without limitation, compensatory, incidental, indirect, special, consequential or exemplary damages, lost profits, lost sales or business, expenditures, investments, or commitments in connection with any business, loss of any goodwill, or damages resulting from lost data or inability to use data) irrespective of whether CBT Nuggets has been informed of, knew of, or should have known of the likelihood of such damages. This limitation applies to all causes of action in the aggregate including without limitation breach of contract, breach of warranty, negligence, strict liability, misrepresentation, and other torts. In no event shall CBT Nuggets’ liability to you or any third party exceed $100.00.
  • REMEDIES. In the event of any breach of the terms of the Agreement CBT reserves the right to seek and recover damages for such breach, including but not limited to damages for copyright infringement and for unauthorized use of CBT content. CBT also reserves the right to seek and obtain injunctive relief in addition to all other remedies at law or in equity.
  • MISCELLANEOUS. This is the exclusive Agreement between CBT Nuggets and you regarding its subject matter. You may not assign any part of this Agreement without CBT Nuggets’ prior written consent. This Agreement shall be governed by the laws of the State of Oregon and venue of any legal proceeding shall be in Lane County, Oregon. In any proceeding to enforce or interpret this Agreement, the prevailing party shall be entitled to recover from the losing party reasonable attorney fees, costs and expenses incurred by the prevailing party before and at any trial, arbitration, bankruptcy or other proceeding and in any appeal or review. You shall pay any sales tax, use tax, excise, duty or any other form of tax relating to the Products or transactions. If any provision of this Agreement is declared invalid or unenforceable, the remaining provisions of this Agreement shall remain in effect. Any notice to CBT under this Agreement shall be delivered by U.S. certified mail, return receipt requested, or by overnight courier to CBT Nuggets at the following address: 44 Club Rd Suite 150, Eugene, OR 97401 or such other address as CBT may designate.

CBT Nuggets reserves the right, in its sole discretion, to change, modify, add, or remove all or part of the License Agreement at any time, with or without notice.

Billing Agreement


  • By entering into a Billing Agreement with CBT Nuggets, you authorize CBT Nuggets to use automatic billing and to charge your credit card on a recurring basis.
  • You agree to pay subscription charges on a monthly basis, under the following terms and conditions:
    • CBT Nuggets will periodically charge your credit card each monthly billing cycle as your subscription charges become due;
    • All payments are non-refundable and charges made to the credit card under this agreement will constitute in effect a "sales receipt" and confirmation that services were rendered and received;
    • To terminate the recurring billing process and/or arrange for an alternative method of payment, you must notify CBT Nuggets at least 24 hours prior to the end of the monthly billing cycle;
    • You will not dispute CBT Nugget’s recurring billing charges with your credit card issuer so long as the amount in question was for periods prior to the receipt and acknowledgement of a written request to cancel your account or cancel individual licenses on your account.
  • You guarantee and warrant that you are the legal cardholder for the credit card associated with the account, and that you are legally authorized to enter into this recurring billing agreement.
  • You agree to indemnify, defend and hold CBT Nuggets harmless, against any liability pursuant to this authorization.
  • You agree that CBT Nuggets is not obligated to verify or confirm the amount for the purpose of processing these types of payments. You acknowledge and agree that Recurring Payments may be variable and scheduled to occur at certain times.
  • If your payment requires a currency conversion by us, the amount of the currency conversion fee will be determined at the time of your payment. You acknowledge that the exchange rate determined at the time of each payment transaction will differ and you agree to the future execution of payments being based on fluctuating exchange rates.

CBT Nuggets reserves the right, in its sole discretion, to change, modify, add, or remove all or part of the Billing Agreement at any time, with or without notice.

Cisco CCNA ICND2 640-816

Review: Rebuilding the Small Office Network, Part 1

This video is only available to subscribers.
Start your 7-day free trial today.

A free trial includes:

  • Unlimited 24/7 access to our entire IT training video library.
  • Ability to train on the go with our mobile website and iOS/Android apps.
  • Note-taking, bookmarking, speed control, and closed captioning features.
Video Titles Duration
1. Review: Rebuilding the Small Office Network, Part 1
00:33:54
2. Review: Rebuilding the Small Office Network, Part 2
00:28:45
3. Review: Rebuilding the Small Office Network, Part 3
00:23:36
4. Switch VLANs: Understanding VLANs
00:16:09
5. Switch VLANs: Understanding Trunks and VTP
00:39:07
6. Switch VLANs: Configuring VLANs and VTP, Part 1
00:35:58
7. Switch VLANs: Configuring VLANs and VTP, Part 2
00:39:36
8. Switch STP: Understanding the Spanning-Tree Protocol
00:28:18
9. Switch STP: Configuring Basic STP
00:21:16
10. Switch STP: Enhancements to STP
00:29:54
11. General Switching: Troubleshooting and Security Best Practices
00:29:23
12. Subnetting: Understanding VLSM
00:18:42
13. Routing Protocols: Distance Vector vs. Link State
00:26:25
14. Routing Protocols: OSPF Concepts
00:30:36
15. Routing Protocols: OSPF Configuration and Troubleshooting
00:39:53
16. Routing Protocols: EIGRP Concepts and Configuration
00:32:28
17. Access-Lists: The Rules of the ACL
00:27:44
18. Access-Lists: Configuring ACLs
00:34:40
19. Access-Lists: Configuring ACLs, Part 2
00:48:42
20. NAT: Understanding the Three Styles of NAT
00:20:00
21. NAT: Command-line NAT Configuration
00:35:41
22. WAN Connections: Concepts of VPN Technology
00:33:20
23. WAN Connections: Implementing PPP Authentication
00:34:39
24. WAN Connections: Understanding Frame Relay
00:28:42
25. WAN Connections: Configuring Frame Relay
00:30:52
26. IPv6: Understanding Basic Concepts and Addressing
00:33:59
27. IPv6: Configuring, Routing, and Interoperating
00:23:36
28. Certification: Some Last Words for Test Takers
00:13:10
29. Advanced TCP/IP: Working with Binary
00:25:51
30. Advanced TCP/IP: IP Subnetting, Part 1
00:55:06
31. Advanced TCP/IP: IP Subnetting, Part 2
00:22:29
32. Advanced TCP/IP: IP Subnetting, Part 3
00:19:53

Review: Rebuilding the Small Office Network, Part 1

00:00:00 - Hello and welcome to the CBT nuggets ICND2 video series. My name
00:00:07 - is Jeremy Cioara. And I'm extremely excited to get going into
00:00:12 - this ICND part 2. I don't mean to set your expectation high or
00:00:16 - anything like that, but this series is going to be awesome. It's-I'm
00:00:21 - looking-I was-I put-I-Look
00:00:24 - at me, I can't even talk, that's how awesome it going to be. I
00:00:27 - just got finished recording the CCENT or ICND1 which is really
00:00:32 - good. I'm really happy with it. It is kind of an intro to networking,
00:00:37 - an introduction to CISCO. It talks about some of the key configuration
00:00:40 - of LAN switches and of routers and you know, it was really good
00:00:44 - package. But the reason I'm so excited to get into this is because
00:00:48 - this is where the technology really, you know, hits the road
00:00:52 - and starts running. I guess the best way I can describe this
00:00:56 - is, have you ever seen the movie Aladdin? It's an old Disney
00:00:59 - movie; cartoon for kids. And there's a part in that movie where
00:01:04 - this evil sorcerer, it's near the end, this evil sorcerer kind
00:01:08 - to moves up to the next level of his power. He becomes a genie
00:01:11 - and you just see him explode out of this building and it goes
00:01:14 - "Laughter The world is mine to control", you know, he got this
00:01:19 - evil villain kind of voice. Not that I'm an evil sorcerer or
00:01:22 - anything, but that's kind of what I feel like. When I was going
00:01:26 - through, ICND1 or CCENT, you know it-you know I would go to the
00:01:30 - configurations and then start going, it's like you start on a,
00:01:34 - you know kind of a smooth jog and you're going and going and
00:01:37 - all of a sudden, you get to a point and I stop. My mind would
00:01:40 - say wait you want to take them there but I couldn't because that
00:01:44 - it was way beyond the scope the ICND1 exam. But now, we can go
00:01:49 - there. It's almost like, we can start with this jog, and that
00:01:53 - what the initial videos are going to be about. I'll explain those
00:01:55 - in just a moment. And we can just go into this full sprint into
00:01:59 - this technology that will just blow your mind, it's awesome.
00:02:02 - So, let me talk about what we're going to do as we begin this
00:02:05 - series. I'm starting of by rebuilding the small office network.
00:02:10 - It may have been some time between the CCENT series and the series
00:02:15 - for you so I intend these first few videos to be sort of a refresher
00:02:20 - in a very practical cram session sort of way. Just about everything
00:02:24 - that we do in these videos, first few videos, are going to be
00:02:29 - all live demonstration. Meaning you're going to see a network
00:02:33 - topology and we're going to build it. We're going to be walking
00:02:36 - through configuration after configuration and I'm going to go
00:02:39 - through and review the key LAN concepts as we're configuring
00:02:42 - them and the key LAN configurations is just to get your blood
00:02:45 - flowing again. Even if it hasn't been a while since the CCENT
00:02:49 - series, even if you just got certified, I would still say this
00:02:54 - is still good for you to go through because it's going to relay
00:02:57 - that foundation that as we get into the series I'm going to assume
00:03:01 - we're all on the same page and get us all ready to go. So, what
00:03:06 - we're going to start of with is LAN concepts, meaning the switch
00:03:10 - as usually where most networks began is all the PCs and servers
00:03:14 - connecting to a local area network switch. We're going to get
00:03:17 - that switch configured and then move into the routers and begin
00:03:20 - configuring our internet connections and wide area connections
00:03:23 - between offices. This is where we'll begin. This is our network
00:03:28 - that we're going to rebuild as we begin this series and then
00:03:31 - begin enhancing as we go through. We have three routers that
00:03:35 - we're going to be configuring in the upcoming videos. One that
00:03:38 - is connected in the internet, two of them that are between offices,
00:03:41 - essentially this over here represents one office and then we
00:03:45 - a have WAN link over here to another small office over here.
00:03:48 - So we'll configure those routers but what we're going to focus
00:03:51 - on right now is that the orange halo right around it, the switch.
00:03:56 - We're going to work through the LAN configurations beginning
00:03:58 - with wiping out old configs. We're going to clear the switch
00:04:01 - out, get it back to its base configuration and then begin by
00:04:06 - configuring the security, the cosmetics of the switch meaning
00:04:09 - the name of the switch, the working environment that we're going
00:04:11 - to be working in. We will get management set up for the switch
00:04:14 - where we can telnet to it remotely and manage it. We're working
00:04:17 - on configuring the interfaces. Hard coding speed and duplex and
00:04:21 - assigning description where we see appropriate. Then finally,
00:04:24 - we'll verify our configuration using sup-many of the show commands
00:04:27 - and show CDP to make sure what we're connected to that CISCO
00:04:31 - discovered protocol and then we'll back up our configurations
00:04:34 - to a TFTP server.
00:04:36 - So, let me go in and slide our window in here. This is our switch
00:04:40 - that we actually used in the CCENT series and I want to begin
00:04:44 - by eliminating everything that we did; log-on banners, passwords,
00:04:48 - everything like that. It's all wiped out when you do one of two
00:04:52 - things. One, the old way, we can type in write/erase, hit enter,
00:04:58 - says erase and view, run o file system or remove all configurations,
00:05:02 - we hit enter and we are good. That will wipe out them NVRAM.
00:05:06 - Now, depending on the device that you are on, the newer way,
00:05:09 - is either erase and you can do a and you can do start up config
00:05:15 - or some different devices namely routers and some switches will
00:05:19 - be delete sort of configs, so erase or delete, either one works
00:05:23 - and does the same thing as the write or erase. It's just-write
00:05:26 - or erase is considered legacy. Now that kills the NVRAM. There's
00:05:32 - our concept to review non-volatile RAM. That's the RAM that will
00:05:37 - remain when the powers goes out. But the configuration is still
00:05:40 - active on the switch in the RAM. So to truly flush it out, we
00:05:45 - need to do a reload of the switch. Now be careful. I've done
00:05:49 - this plenty of times just on instinct. It comes up and says,
00:05:52 - "System configuration has been modified. Do you want to save?"
00:05:55 - And you think, "oh yeah", because you always save, right? But
00:05:58 - if you save, you just undid everything that you just did because
00:06:02 - this going to write everything from RAM, meaning the stuff that
00:06:05 - we're trying to erase, back to NVRAM and it's going to boot up
00:06:08 - with its same old configuration. So I'm going to say, "No, I
00:06:11 - do not want to save", and then it says, "Proceed with reload?"
00:06:14 - Sure thing. So this will reload the switch. It's going to the
00:06:17 - boot process and I'll pause the video as it does that, but once
00:06:22 - it comes back up, it will have no configuration and should give
00:06:25 - us that ever so lovely question, "Do you want to enter initial
00:06:29 - config dialogue?" So let me the pause the video here.
00:06:32 - Alright we've made it to the boot process and just to review
00:06:36 - what the boot process looks like, we rate about there, did the
00:06:41 - reload and it went through, boot it up. All of these pound symbols
00:06:45 - action is capping the IOS out of flash into RAM so it can run
00:06:51 - faster and decompressing it as it does that because it's compressed
00:06:54 - and flashed, you can see right there. Uncompress and installed,
00:06:57 - gives some copyright information,
00:07:00 - etc. Runs through and test all the core components, some cryptography
00:07:05 - warnings about exporting to countries that don't allow that.
00:07:09 - There's our model number of switch. This is our memory installed
00:07:13 - inside of the switch, it's a RAM. Shows the image that is running,
00:07:16 - it's a layer 2/3 image all the controllers that are inside of
00:07:20 - it that actually managed the interfaces. Down below,
00:07:26 - you can see system's serial number and so on but this is just
00:07:29 - some of the status messages now that it's up and running, we
00:07:32 - can hit enter and see, "Do you want to enter the initial config
00:07:35 - dialogue?". Now that you have graduated to the ICND2 level, we
00:07:40 - always answer no to that. We went through it in ICND1 just to
00:07:45 - see what it look like but it just get a few question into that
00:07:48 - and you realize, that's not where you want to be. You want to
00:07:51 - be at the command line where we can manually configure things
00:07:54 - because that's where we can do things much faster and more efficiently.
00:07:58 - So, I'm sitting at the switch little right angle bracket lets
00:08:01 - me know I'm in user mode. Now let us look our objective. We've
00:08:05 - wiped up our configurations, let me grab my pen here, and we
00:08:09 - are good to go on that. Now we can do the passwords and banner
00:08:14 - to lock it down. Now, there's a lot more to that than meets the
00:08:17 - eye. We have not just password for the privilege mode but passwords
00:08:22 - for telnet and things like that. So, let's walk through it. First
00:08:25 - of, to move into the privilege mode, we type in "enable", "tab
00:08:28 - key" finishes the command. Moving to global configuration mode
00:08:32 - and set the most important password of all first, the privilege
00:08:36 - mode password. We can do it one of two ways, we can type in "enable
00:08:40 - password" and whatever we want our password to be, right there,
00:08:44 - I could put CISCO as my password. But the problem with the enable
00:08:48 - password command is that it stores it in the running config in
00:08:51 - clear text. Most people if not all, use nowadays the enable secret
00:08:57 - which will hash the password in the running config. It's a pretty
00:09:01 - sophisticated form of encryption that makes it virtually unbreakable.
00:09:06 - So I'm going to choose the enable secret CISCO which is the worst
00:09:09 - password you could ever use in the real world but in lab environments,
00:09:12 - it's great because you'll never forget it. So we've now protected
00:09:15 - our privilege mode. Just to test, I'll type in "disable" and
00:09:20 - "enable" one more time and now it's prompting me for password
00:09:23 - which I type in CISCO. Now let's lock down the telnet ports.
00:09:27 - We do that by typing in "line vty0
00:09:31 - 4" where 0 is the first vty port number and 4 is the last. So
00:09:36 - it's kind of like typing line vty0 through 4. So I'm configuring
00:09:41 - all of them at the same time. Now remember the vty stands for
00:09:44 - virtual terminal. And-virtual-hang-on.
00:09:50 - Virtual tel-ah so here's your tech fact for the day. Lot of the
00:09:54 - documentations say its virtual terminal but it's actually not.
00:09:58 - It's virtual teletype. That was one of the, you know what-hang
00:10:03 - on, hang on. Okay sorry. I just had to go to my web browser and
00:10:07 - verify that. It is virtual teletype which is an old system that
00:10:12 - we had of communicating and now we use telnet to connect to our
00:10:14 - virtual teletype port. So I'll underline "vty0 4", I'll type
00:10:19 - in "log in". What that does is require log-ins to those ports.
00:10:24 - If I were to negate that, type in "no log in". Oh that is so
00:10:28 - dangerous because at that point people can telnet into the router
00:10:32 - and there's no log-in required. It's not saying, no log ins allowed.
00:10:36 - It's no log in required so they can log in without a password.
00:10:40 - So we typed in and log in, you noticed it says "log in will be
00:10:42 - disabled" until you set a password because you told me the require
00:10:45 - log-ins but haven't told me what password to use, so I'll type
00:10:48 - in password off CISCO and hit enter. I've now secured my telnet
00:10:53 - ports with a password of CISCO and jump type out "line console
00:10:58 - 0", we're going to lock down the console port. We'll say log
00:11:01 - in and the password on the console port is also CISCO, and finally
00:11:06 - "line aux 0". Right, I'm on the switch (laughing). Switches don't
00:11:13 - have aux ports. A router, routers have the auxiliary ports where
00:11:17 - you can attach a modem and that's one of the common thing that
00:11:20 - people do on routers but switches don't have it. So we've got
00:11:24 - the vty passwords configured, the enabled secret password configured
00:11:28 - and the console password configured. I would say we're good to
00:11:31 - go on passwords. Now let's set on the log-in banner. We do that
00:11:34 - by typing in "banner motd" which is "message of the day" and
00:11:39 - then we type in a delimiting character. Now that context since
00:11:43 - its develop isn't to helpful because it's kind of confusing.
00:11:45 - Says, c banner text c" where c is delimiting character. That
00:11:49 - means type in whatever number or symbol you want. I'll use a
00:11:55 - enter. Soon as I do that it started to log on banner and I can
00:11:59 - be you know nice and creative. "Do not log on",
00:12:05 - put my "*" as well. Now I believe I've mentioned this in the
00:12:08 - part one of the series but if you haven't seen that one, I do
00:12:11 - want to mention that don't-its, its, let me say this, it's not
00:12:15 - a good practice to make this log on banner excessively long.
00:12:20 - I've seen people that will put the entire disclaimers and the
00:12:24 - acceptable users policies and everything in here, even ask key
00:12:27 - art little picture on their of you know, men with guns that has,
00:12:32 - you know, do not log in, well that's fun. It will slow your router
00:12:36 - down. Meaning the running config will be larger, it's more to
00:12:40 - process but more so, when you go to "save your configuration"
00:12:43 - it's just takes forever. So short and sweet, I'll end with my
00:12:46 - and now I have a log on banner. With that, I'll exit the router.
00:12:51 - It says, "console ports available". I'll hit "enter", says "do
00:12:54 - not log in". My log on banner successful. I also see my console
00:12:59 - password is successful because I'm prompted immediately for password.
00:13:03 - I'm in user mode, privilege mode, password, good. So we've now
00:13:07 - got the passwords and the log on banner configured. Now let's
00:13:11 - move on to the cosmetics. We need to configure the name of the
00:13:14 - switch and our general work environment.
00:13:18 - Let's start of with the name of the switch. I'll jump in to global
00:13:22 - config mode, really simple command, host name, and we can name
00:13:26 - it whatever we'd like. Let's call it, well this is what I named
00:13:31 - it before but we'll call it that again, "cv switch", we'll make
00:13:34 - it unique "2" (cv switch 2). Creativity at its best. So "cvt
00:13:38 - switch 2" is now the name of the switch. Now what I mean when
00:13:41 - I say work environment in the second half, it's just the things
00:13:46 - that makes the switch or router easier to work with. The first
00:13:50 - of those things is the synchronize logging. Meaning if you're
00:13:55 - making changes and you know, bump and you round, so on, let's
00:13:58 - say we exit back to privilege mode and say oh I want to do show-oh
00:14:03 - I hate that. You get this message right here, right? It says
00:14:06 - "configure from console by console." It's a status message and
00:14:09 - you'll get tons of those. Those interfaces go up and go down
00:14:12 - and all kinds things that happen on the switch. Status messages
00:14:15 - will abound but the problem they cut what you're typing in half.
00:14:19 - You can see S-H right there and O-W ow over there. And I'm typing
00:14:24 - at the end of this message over here which it will still work
00:14:28 - if I can keep my wits about me and keep on typing it in but it's
00:14:32 - just it's difficult. So what I prefer to do is go under the console
00:14:36 - port and type in the command "logging synchronize",
00:14:42 - enter. I'll also go under the vty lines because you can actually
00:14:46 - watch those messages from there so I'll do the same thing over
00:14:49 - there. Telnet ports will now have synchronized log in. Now watch
00:14:53 - will happens when I exit back out. I do a "show running"
00:14:59 - there it goes. We got the message and it repainted what I was
00:15:03 - typing below it. It's such a simple feature. I don't know why
00:15:06 - it's not on by default but it's so helpful not to have these
00:15:10 - messages interrupting you. Good. Now one thing I'll show you
00:15:13 - for a lab environment that will be very handy is go on to the
00:15:18 - console port and type in "no exec time out" or you can type in
00:15:23 - "exec time out 0 0", it does the same thing. It keeps the router
00:15:29 - from kicking you of after five minutes of vital time by default.
00:15:32 - Lot of times we'll be working on our devices. We'll look at the
00:15:35 - book or we'll look at the website or you know, we're configuring
00:15:38 - things and getting it set up and we'll get kicked of so and we
00:15:40 - have to log back in, get back to where we were. So this will
00:15:43 - keep it from kicking you out. Now I want to emphasize this is
00:15:47 - in a lab environment. In the real world, this is a huge security
00:15:51 - vulnerability because if you forget to log out, that means the
00:15:55 - next person that comes in after you is going to be logged in
00:15:58 - because it never kicks him out. Maybe just for your own wits,
00:16:01 - you could type in something like exact time out. We'll say something
00:16:05 - like 800 where at 800 minute of vital time, it will log you out.
00:16:11 - But it-for me, I'd prefer just to keep it there all the time. Now,
00:16:16 - the last command for the work environment that I like to do on
00:16:20 - all my devices is type in "no IP domain-look
00:16:25 - up". From global configuration mode, what that command does is
00:16:31 - keep you from getting hung up on mistypes. Meaning, I didn't
00:16:35 - want to demonstrate it because it would hang there for about
00:16:38 - 60 seconds but when you mistyped something from privilege mode,
00:16:42 - it will typically sit there and go translating to 255255255255
00:16:46 - and just hang there. There is now way to really break
00:16:50 - out of it except on some of the newer devices, you can use "control+shift+6"
00:16:54 - to break it but on a lot of them older and modern devices, they
00:16:59 - you are just stuck there and you have to wait there for 60 seconds.
00:17:02 - What it's trying to do when it's translating that is telnet to
00:17:08 - a device named ASDF or whatever you're mistyped is. Meaning the
00:17:12 - router thinks or the switch thinks that you're trying to telnet
00:17:15 - to something name that. If you don't have DNS set up on your
00:17:19 - switch o router it's just going to send out broadcast to the
00:17:23 - network saying, "Hello is anyone out there named ASDF? Anyone?
00:17:28 - Bueller? Come on. Let me know". And it will just hang there and
00:17:31 - wait. And meanwhile, you're staring at the prompt just going,
00:17:33 - "Come on. Come on." So no IP domain look up immediately says
00:17:37 - I'm not even going to bother looking at that name because it's
00:17:40 - probably just invalid anyway. So that is setting up the name
00:17:46 - of the switch in the work environment. Now let's get to the big
00:17:49 - one. Management. Assigning
00:17:52 - a switch, an IP address and the default gateway will allow you
00:17:55 - to manage it remotely. So you don't have to stand on those cold
00:17:58 - IT rooms and you know, hook into the console port and shiver
00:18:02 - your way through the configuration. So let me expose a little
00:18:06 - bit more of this diagram. We have this IP addresses that I plan
00:18:09 - on assigning at least initially. It gives us enough information
00:18:13 - to give the switch its IP address 192168.1.10
00:18:17 - with a class c on that mask. And its default gateway which will
00:18:20 - be this router that is connected to the internet. Now on modern
00:18:25 - CISCO switches, CISCO used to have many different ways to give
00:18:28 - a switch on IP address. Sometimes in the older ones, it was even
00:18:31 - from global configuration mode. But on modern CISCO switches,
00:18:34 - they prefer to give them to VLAN interfaces. Now
00:18:39 - without getting too deep into the VLAN world which will be a
00:18:42 - huge part of this series later on. By default, all switches have
00:18:47 - this interface known as VLAN1, all CISCO switches. And VLAN1
00:18:51 - represents the VLAN that all the ports of your switch are assigned
00:18:55 - to. Now again, we haven't really discussed VLANs too much. Up
00:18:59 - to this point, it's one of the new concepts we'll talk about
00:19:02 - in this series. But it's a way of managing-how
00:19:07 - do I summarize VLAN in a single statement. Let's just say it
00:19:10 - the way of managing the ports on your switch and what networks
00:19:15 - they belong to. By default they all belong to VLAN1. So to give
00:19:20 - this switch a management IP address, we need to move into the
00:19:24 - global configuration mode. Get under the interface VLAN1 and
00:19:29 - give it the IP address. 192168.1.10
00:19:33 - which is the IP we just saw in the diagram. And it's going to
00:19:36 - ask us for the subnet mask someday. CISCO will allow us to use
00:19:41 - the sider notation or the slash notation but for now we have
00:19:44 - type it in decimal. So that is the IP address that assigned but
00:19:48 - be careful. Because the VLAN1 interface is always administratively
00:19:53 - down by default. So what we have to do to bring it up? No shut
00:19:57 - down. It's been so many times I could just relay one experience
00:20:01 - where I configured devices and shipped them to clients meaning
00:20:06 - the you know for remote installations and stuffs like that and
00:20:09 - I kind of preconfigured the network and I've done you know config
00:20:13 - on it in a hurry and just shipped and forgot to do a "no shut
00:20:16 - down". And there's nothing more painful than thankfully with
00:20:20 - this client it was just a two-hour drive but there's nothing
00:20:23 - more painful than jumping on a plane playing planning a two week
00:20:27 - trip to find out you just have to type in "no shut down". So
00:20:31 - we've now got the management interface brought up and let me
00:20:36 - show you the first shortcut of the series. You know that show
00:20:39 - command only work from privilege mode right? I did this command
00:20:43 - right here with show IP interface brief to verify all the interfaces
00:20:46 - on my switch. Well, you can actually on modern CISCO switches
00:20:51 - and routers implement the new "do" command. I can type in "do"
00:20:55 - from any mode that I'm in, followed by a show command. Show IP
00:21:00 - interface brief. And it will execute that shield command from
00:21:04 - whatever mode I'm in. That's awesome. So I don't have to always
00:21:07 - exit back out. And I can verify that my VLAN1 interface is up.
00:21:12 - Line protocol is up. That means we're communicating and this
00:21:15 - switch should now be able to telneted too since designed it with
00:21:19 - VTY password and an enable secret password. One more piece of
00:21:23 - that puzzle and that is the default gateway. That is a global
00:21:27 - configuration mode command. I type in "IP default-gateway"
00:21:31 - and the default gateway I plan on using. That would be my IP
00:21:34 - router up here. 192168.1.1,
00:21:39 - enter. We now, with that in place, can manage the switch from
00:21:43 - the local LAN just by giving out the IP address and remotely
00:21:47 - by giving in the default gateway. Without a default gateway,
00:21:50 - the switch has no way of getting of its local network. So that
00:21:54 - point the management of our switch is good to go.
00:21:59 - And the default gateway is set. So we can move down the interfaces
00:22:05 - themselves. The speed, duplex and descriptions. Now with the
00:22:10 - interfaces, all of them are set into show run; by default it
00:22:16 - will probably hide it. All of them are set to auto negotiate
00:22:19 - the speed and duplex of the interface. Now my quick witty saying
00:22:24 - on that is the auto negotiation-we'll
00:22:29 - see I've ruined my own saying. With auto negotiation, you ought
00:22:32 - to not use it. Auto is typically bad in most thing CISCO, meaning
00:22:38 - that yes it will work most of the time but it leaves some room
00:22:41 - for doubt. And with the speed in duplex, if it auto detects it
00:22:45 - incorrectly, you're going to get a bunch of errors on the port.
00:22:48 - Sometimes the port will just shut down. Other times it will just
00:22:51 - operate very slowly because it has a duplex mismatch between
00:22:55 - those sites. Now what I'm not saying, I'm not saying to go through
00:22:59 - in your entire organization of 1500 computers and hardcode every
00:23:04 - single switch ports to exactly the speed and duplex that is meant
00:23:06 - to be. The reason I'm not saying that is the auto detects mechanism
00:23:11 - has just a guestimate. This is from my experience about a 95%
00:23:16 - successful detection rate. Now first of, this isn't a CISCO problem.
00:23:21 - It is not something that CISCO just implemented poorly. This
00:23:23 - happens across the board on any vendor switch just because the
00:23:26 - network cursor so diverse out there. Ninety five percent is pretty
00:23:31 - good. Meaning that 95% out of you hundred computers will typically
00:23:35 - work okay with auto detection but five of them will not. Meaning
00:23:41 - you're going to get slow links and so on. So what my rule of
00:23:44 - thumb is maybe skip over the clients, the computers, and just
00:23:48 - hardcode the key ports in your network. Meaning ports to routers.
00:23:54 - Those are key ports. Ports to printers, ports to servers, those
00:23:58 - are all considered key ports in my mind and if we have a mismatch
00:24:02 - on those it will affect far more than just one user whose not
00:24:05 - able to work efficiently. So those of the ones you want to go
00:24:09 - underneath. In this case I'll just demonstrate one of those interfaces.
00:24:14 - I'll go into interface pass Ethernet 0/1 which will eventually
00:24:18 - connect to this router. We have not actually physically connected
00:24:20 - it yet. And I'll type in IP@-oh what I'm I doing. Duplex followed
00:24:27 - by full, by default its auto, and in this case speed 100.
00:24:34 - 100 megabits per second. And that is hard coding the speed in
00:24:37 - duplex. Now this interface is going to connect to our internet
00:24:41 - facing router so I'd like to attach description. Again descriptions
00:24:45 - I use sparingly, I do not do that on every port, just the key
00:24:49 - ports so when I'm looking in my switch, I can get a quick feel
00:24:53 - of what's connected. Let
00:24:56 - me do this first and I'll give you a quick view of that. I'm
00:24:59 - going to type in that description, "INTERNET ROUTER CONNECTION".
00:25:05 - Usually when I type in description,
00:25:08 - I usually type them in all uppercase and I do that for most things
00:25:11 - with the name so I can see it very quickly in running config
00:25:14 - and I know that something that I typed in. It's not a command.
00:25:17 - So that sets the description and that-let me get back, I'll show
00:25:20 - you a bonus command, not really documented very well in CISCO
00:25:24 - at all. But it is show interface description. That's a great
00:25:28 - way where you can scroll through the interfaces on your switch
00:25:31 - and see it quick view on what the description are and see those
00:25:35 - key ports without having to do a full running configuration done.
00:25:38 - Let me just give you a good idea of what this looks like. I have
00:25:41 - a switch that runs my home. And I'm going to telnet right here.
00:25:46 - I actually have no log in on that required because it's protected
00:25:51 - from anyone outside of my home by my firewall. Now just to show
00:25:54 - interface description
00:25:58 - on there and you can see that I have all of these different interfaces.
00:26:01 - I have you know my wife's IP phone, yes, I have IP phones in
00:26:06 - my home. I confess I am a true geek. We have the wireless router;
00:26:13 - all of that. So this is the quick way that I can see I even have
00:26:17 - a Cat 5 port in the kitchen. But I have quick view of all the
00:26:21 - interfaces and what they connect you. So if I'm looking for an
00:26:24 - interface, I can just do a quick show description and see exactly
00:26:27 - where those connect to. So that's a handy command. So that is
00:26:30 - assigning the speed duplex and descriptions of our interfaces. Finally,
00:26:35 - let's verify and back up our configuration. The first thing I'm
00:26:40 - going to do is use the CISCO discovery protocol to verify my
00:26:43 - network connections. I'm showing on my diagram that I have two
00:26:46 - routers plug in to the switch and I did connect one of this up
00:26:51 - to the, one of the fast Ethernet interfaces on the switch between
00:26:55 - the recordings of the one that we hard coded the speed in duplex
00:26:58 - on. So we do have these connections but the CISCO discovered
00:27:02 - protocol will help me map them out and see what ports are connected
00:27:06 - to what. So what I can do is jump into my switch and do a "show
00:27:11 - cdp neighbors". Now
00:27:14 - I'm verifying that I have-it looks like the same router connected
00:27:18 - to two interfaces. But when you really look at it, you see those
00:27:22 - are two different platforms. It is just two different platforms
00:27:25 - with the same name, same host name typed in. So one of the first
00:27:29 - things as we get in to our router configurations will be to clear
00:27:33 - the router configs. Now I can look right here and this is key
00:27:37 - information because I see the local interface that is plugged
00:27:40 - in to which is the interface on the switch. So I can look and
00:27:44 - see one router, choose connected the fast internet 0/1 that's
00:27:48 - the 26-11 router. I can tell you that's the sky right here. So
00:27:52 - this is, if I was diagramming it I say FA 0/1 and label that
00:27:56 - port. The other one I believe fast Ethernet 0/4.
00:28:01 - So I can label that port FA0/4. Now make this diagram pretty
00:28:07 - as we go through in add the pieces one by one and I'm also able
00:28:11 - to see the remote port ID. Ethernet at 0/0 and fast internet
00:28:15 - 0/0 appeared. I got Ethernet 0/0 which is a 10 mega bit per second
00:28:22 - port because it's just plain Ethernet. Fast Ethernet FA0/0
00:28:29 - is my hundred megabit per second port connection. So now I'm
00:28:33 - able to label those key ports on my network diagram and even
00:28:36 - put description on them eventually as we go through that configuration.
00:28:40 - Now remember we can also type in shows CDP neighbor detail and
00:28:44 - hit enter and see all the information about the switches. I can
00:28:48 - see what remote IP address it's configured with. I can see the
00:28:51 - platform that it's configures as. We saw that in the brief outlet.
00:28:56 - I can the see the IOS versions that running on there. This one
00:28:59 - is running version 12.4 released 4 xc and I can get-a lot of
00:29:03 - good information is displayed via CDP. Now
00:29:07 - we can also verify our configuration on the switch by using the
00:29:10 - show interfaces command. To show interfaces, we'll actually scroll
00:29:15 - through one by one starting with VLAN, every single interface
00:29:18 - that you have and all the stats about that interface. Let's scroll
00:29:21 - down even more. There's fast Ethernet 0/1. That's our internet
00:29:25 - router connection. I can see that that one has received 70 packets.
00:29:29 - Not too much going on there in the last five minutes. I can see
00:29:34 - the, the duplex. You can see its such full duplex 10 megabit
00:29:38 - per second because that is an Ethernet connection. Even though
00:29:41 - the media, the cable can support 10/100, the router itself cannot.
00:29:47 - I can also do a show Mac address table. And we'll see if any
00:29:53 - of that has been filled in. The static Mac addresses belong to
00:29:56 - the switch itself. You can see the port that is assigned to the
00:29:58 - CPU. And if I scroll down. There's my two Mac addresses of my
00:30:03 - routers that I've learn. Fast Ethernet 0/1 and 0/4. I guarantee
00:30:07 - you when we go on the routers in the upcoming videos, we'll be
00:30:10 - able to verify that those are indeed the Mac address is on there.
00:30:14 - Last but not the least, I would like to back up our configuration.
00:30:18 - I know I mentioned TFTP on there and that is one way to back
00:30:21 - up the configuration but until we get the full network set up,
00:30:25 - I'm not going to do a TFTP back up because what I plan on doing
00:30:28 - is setting up a centralized TFTP server and having everything
00:30:32 - copied it's backed up config to that one server. For now, I'll
00:30:36 - show you the quick and dirty. That is actually my preferred way
00:30:39 - of backing up the configuration. First of, you want to save it.
00:30:43 - The official CCNA approved method is copy, running config, start
00:30:48 - up config, and enter. When asked for a file name, you just hit
00:30:51 - enter because start up config is the default. Like I said CCNA
00:30:55 - approved way. Real world, that's what you do. Right, which is
00:31:00 - actually short for right memory is a quicken and fast way to
00:31:04 - save your configuration from run to start or from RAM to NV RAM.
00:31:09 - Now to back up your configuration, the quick and dirty way is
00:31:12 - to do a show run. Scroll to the very bottom of that configuration.
00:31:18 - Shoot all the way back up to the top.
00:31:22 - Right there. You can either choose to start from here or from
00:31:26 - the first explanation point and highlight everything. I'll
00:31:32 - do it all to C which in Tera Term is copy. Don't
00:31:37 - right click on Tera Term. That will copy and paste everything.
00:31:41 - Meanwhile, while that action is happening. I'll open the ultra-sophisticated
00:31:45 - note pad. Come over here. Hide all that gibberish going on and
00:31:49 - paste right there. That is a complete back up of the configuration.
00:31:55 - Oh looks like I've got some VLANS in there. I still need to delete
00:31:58 - from the old config. I'll talk more about VLANS as we get deeper
00:32:02 - into the concepts. But that is a complete back up of all the
00:32:06 - configuration that I put inside of this switch so far. There's
00:32:09 - my VLAN interface, my default gateway. And I say this is my complete
00:32:13 - back up in the sense that if I wanted to restore these config,
00:32:16 - I would just start from the first exclamation point. Highlight
00:32:19 - it down
00:32:21 - to the very end, edit copy. Now I want you to imagine with me
00:32:26 - that this switch is a brand new switch, meaning it doesn't
00:32:31 - have config. I know it does but imagine. I'll just come over
00:32:34 - here and go to edit, paste. What it's doing is pasting in the
00:32:39 - entire configuration that I just backed up. If this were a brand
00:32:43 - new switch, meaning it had no configuration on it. Right there
00:32:48 - would be the masterful way of reconfiguring it from scratch on
00:32:53 - the fly. Just like that. No
00:32:56 - TFTP server needed. No setting up IP addresses manually. That's
00:33:00 - in my opinion is one of the best ways to do a back up and restore
00:33:03 - your configuration.
00:33:06 - I promised the fly by didn't I? (laughing) Whew! I can breath
00:33:10 - now (sighing in relief). That was the configuration, foundation
00:33:16 - configuration of the switch in the small office network. That
00:33:20 - was all the concepts that we talked about in the CCENT videos
00:33:24 - series with the exception of one and that is port security. I
00:33:28 - plan on adding that later on. We're-we have locking it down to
00:33:32 - a specific Mac address and only that Mac address can use that
00:33:35 - port. I don't want to do that yet because that will really throw
00:33:38 - us of when we start connecting devices. So what we did is we
00:33:41 - walked through a review of a lot of the LAN concepts as we went
00:33:44 - through that configuration and did the complete configuration
00:33:47 - of a small office LAN network. I hope that this has been informative
00:33:51 - for you and I'd like to thank you for viewing.

Review: Rebuilding the Small Office Network, Part 2

Review: Rebuilding the Small Office Network, Part 3

Switch VLANs: Understanding VLANs

Switch VLANs: Understanding Trunks and VTP

Switch VLANs: Configuring VLANs and VTP, Part 1

Switch VLANs: Configuring VLANs and VTP, Part 2

Switch STP: Understanding the Spanning-Tree Protocol

Switch STP: Configuring Basic STP

Switch STP: Enhancements to STP

General Switching: Troubleshooting and Security Best Practices

Subnetting: Understanding VLSM

Routing Protocols: Distance Vector vs. Link State

Routing Protocols: OSPF Concepts

Routing Protocols: OSPF Configuration and Troubleshooting

Routing Protocols: EIGRP Concepts and Configuration

Access-Lists: The Rules of the ACL

Access-Lists: Configuring ACLs

Access-Lists: Configuring ACLs, Part 2

NAT: Understanding the Three Styles of NAT

NAT: Command-line NAT Configuration

WAN Connections: Concepts of VPN Technology

WAN Connections: Implementing PPP Authentication

WAN Connections: Understanding Frame Relay

WAN Connections: Configuring Frame Relay

IPv6: Understanding Basic Concepts and Addressing

IPv6: Configuring, Routing, and Interoperating

Certification: Some Last Words for Test Takers

Advanced TCP/IP: Working with Binary

Advanced TCP/IP: IP Subnetting, Part 1

Advanced TCP/IP: IP Subnetting, Part 2

Advanced TCP/IP: IP Subnetting, Part 3

This forum is for community use – trainers will not participate in conversations. Share your thoughts on training content and engage with other members of the CBT Nuggets community. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Community Standards

We encourage you to share your wisdom, opinions, and questions with the CBT Nuggets community. To keep things civil, we have established the following policy.

We reserve the right not to post comments that:
contain obscene, indecent, or profane language; contain threats or defamatory statements; contain personal attacks; contain hate speech directed at race, color, sex, sexual orientation, national origin, ethnicity, age, religion, or disability; contributes to a hostile atmosphere; or promotes or endorses services or products. Non-commercial links, if relevant to the topic, are acceptable. Comments are not moderated, however, all comments will automatically be filtered for content that might violate our comment policies. If your comment is flagged by our filter, it will not be published.

We will be continually monitoring published comments and any content that violates our policies will be removed. Users who repeatedly violate our comments policy may be prohibited from commenting.

Course Features

Speed Control

Play videos at a faster or slower pace.

Bookmarks

Pick up where you left off watching a video.

Notes

Jot down information to refer back to at a later time.

Closed Captions

Follow what the trainers are saying with ease.

MP3 Downloads

Listen to videos anytime, anywhere
Jeremy Cioara

Jeremy Cioara

CBT Nuggets Trainer

Certifications:
Cisco CCNA, CCDA, CCNA Security, CCNA Voice, CCNP, CCSP, CCVP, CCDP, CCIE R&S; Amazon Web Services CSA; Microsoft MCP, MCSE, Novell CNA, CNE; CompTIA A+, Network+, iNet+

Area Of Expertise:
Cisco network administration and development. Author or coauthor of numerous books, including: CCNA Voice 640-461 Official Cert Guide; CCNA Voice Official Exam Certification Guide (640-460 IIUC); CCENT Exam Prep (Exam 640-822); CCNA Exam Cram (Exam 640-802) 3rd Edition; and CCNA Voice 640-461 Official Cert Guide.

Add training to a playlist
or create a new list
Add to current playlist
or add to an existing list
Add to new playlist
Add New Bookmark

Review: Rebuilding the Small Office Network, Part 1
Bookmark Title:
Whoops

Login is required to access this feature.

Your browser cannot access Virtual Labs
Video Options

This advanced buffering is applied to all streams regardless if you installed the doublespeed control or not. Sometimes the advanced buffering causes the video to hang or behave erratically. If you are experienceing issues with video playback please disable the doublespeed buffer.

Remember to re-enable the buffer if you want to use the doublespeed control.

If you are experiencing problems with our content delivery, please click here to switch to our alternate content delivery network or go to our network FAQ.
For other common video playback issues, including firewall and corporate network issues, please visit our Tech Support forum.