C.D Wildcard bits Log | Cisco Systems CCNA 2 specs

A.B.C.D Wildcard bits

log	Log matches against this entry
<cr>

rt1(config)#access-list 1 permit 192.168.0.1 0.0.0.0 ? log Log matches against this entry

<cr>

Give students a list of rules for access lists to help them understand this concept. Emphasize the following points:

•Use one access list for each protocol and for each direction.

•Place standard access lists closest to the destination.

•Place extended access lists closest to the source.

•Apply the "in” or “out" keyword as if from inside the router.

•Remember statements are processed sequentially from the top of the list until a match is found and if no match is found, the packet is denied.

•Remember there is an implicit “deny all” at the end of ACLs that will not appear in the configuration listing.

•Remember, the match condition is examined first and the permit or deny is examined ONLY if the match is true.

•List statements from specific references such as individual hosts to general references such as entire networks when access list logic overlaps.

•Do not work with an access list that is actively applied.

•Use Notepad or a similar text editor to create comments that outline the logic and then fill in the statements that perform the logic.

•Remember new lines are always added to the end of the access list.

•Use the no access-listx command to remove an entire list since it is not possible to selectively add and remove lines.

•Remember that an IP access list will send an ICMP host unreachable message to the sender of a rejected packet and will discard the packet.

•Use care when removing an access list. If the access list is applied to a production interface and it is removed, there may be a default “deny any” applied to the interface and all traffic will be halted. If the IOS defaults to “permit all”, there will be no security or performance regulation.

•Remember outbound filters do not affect traffic that originates from the local router.

These rules will help students become successful with using ACLs. This is not an all-inclusive list and it can be presented in any order.

122 - 238 CCNA 2: Routers and Routing Basics v3.1 Instructor Guide – Module 11

Copyright ♥ 2004, Cisco Systems, Inc.

Image 123

Cisco Systems CCNA 2 manual C.D Wildcard bits Log

Contents

Page Student-Centered, Instructor-Facilitated Welcome Hands-On, Skills-Based One Size Does Not Fit All Guide Overview Global Community Course Description II. Course OverviewTarget Audience Prerequisites Certification Alignment Lab Requirements Course Overview Copyright 2004, Cisco Systems, Inc Nomenclature III. Teaching Guide for Each TI Lesson Target indicator TIModule Learning objective LO Module 1 WANs and Routers OverviewModule 1 Caution WANs Introduction to WANsIntroduction to routers in a WAN ROM Router LANs and WANs Academy approach to hands-on labs Role of Routers in a WAN Routers Router physical characteristics Router external connections Management port connectionsConsole Port Connections Connecting WAN interfaces Connecting Router LAN interfaces Module 1 Summary Module 2 Caution Module 2 Introduction to Routers Router user interface modes Operating Cisco IOS SoftwarePurpose of Cisco IOS software Router user interface Operation of Cisco IOS software Cisco IOS software features Initial startup of Cisco routers Router LED indicatorsInitial router bootup Starting a Router Router login Establish a console sessionKeyboard help in the router CLI Router command history Enhanced editing commands Show version command Troubleshooting command line errors Module 2 Summary Module 3 Caution Module 3 Configuring a Router Copyright 2004, Cisco Systems, Inc CLI command modes Configure a Router Configuring router passwords Configuring a router name Examining the show commands Making configuration changes Configuring a serial interface Router#copy running-config startup-config Configuring an Ethernet interface Importance of configuration standards Finishing the Configuration Interface descriptions Configuring an interface description Login banners Configuring message-of-the-day MotdHost name resolutions Configuring host tables Configuration backup and documentationBacking up configuration files Copyright 2004, Cisco Systems, Inc Module 3 Summary Use the show cdp neighbors command Module 4 Learning about Other DevicesModule 4 Caution Discovering and Connecting to Neighbors Introduction to CDPEssential Labs Optional Labs TLV Information obtained with CDP Creating a network map of the environment Implementation, monitoring, and maintenance of CDP Disabling CDP Troubleshooting CDP Command Purpose Router131.108.100.152 Getting Information about Remote DevicesTelnet Establishing and verifying a Telnet connection Resume Disconnecting and suspending Telnet sessionsAdvanced Telnet operation Ctrl -Shift -6 then StanlyLab#show sessions Alternative connectivity tests LAB-A#trace lab-d LAB-B#ping lab-cLAB-D#ping lab-c LAB-A#trace lab-e LAB-C#show ip route Troubleshooting IP addressing issues Module 4 Summary Module 5 Managing Cisco IOS Software Essential Labs Optional Labs None Core TIs All Optional TIs Router Boot Sequence and VerificationStages of the router power-on boot sequence How a Cisco device locates and loads the Cisco IOS Using the boot system command Configuration registerTroubleshooting IOS boot failure Additional Resources Managing the Cisco File System IOS naming convention IOS file system overview Select Transfer Capture Text Managing configuration files using TftpManaging configuration files using copy and paste Enter copy tftp running-config Show running-config Managing IOS images using XModem Managing IOS images using Tftp File system verification Environment variables Discuss the following alternatives with the students Module 5 Summary Module 6 Caution Module 6 Routing and Routing Protocols Introduction to Static Routing Introduction to routingStatic route operation Rt1config#ip route 192.168.2.0 255.255.255.0 Rt1config#ip route 192.168.2.0 255.255.255.0 s0Rt1config#ip route 192.168.2.0 255.255.255.0 192.168.1.2 Rt1#config terminal Configuring static routes Verifying static route configuration Configuring default route forwarding Show ip route output Rt1#show ip route Troubleshooting static route configuration Rt1#ping Rt1#show interfaces s0 Dynamic Routing Overview Introduction to routing protocolsAutonomous systems Distance vector routing protocol features Purpose of a routing protocol and autonomous systemsIdentifying the classes of routing protocols Routing Protocols Overview Link-state routing protocol features Routing configuration Path determinationRouting protocols IGP versus EGP Module 6 Summary Module 7 Distance Vector Routing Protocols OverviewModule 7 Caution Distance vector routing updates Distance vector routing loop issuesDistance Vector Routing Problem Routing Loops Eliminating routing loops through split horizon Defining a maximum count Routing Update Route poisoning Avoiding routing loops with triggered updates RIP Preventing routing loops with holddown timers RIP routing process Configuring RIP Common RIP configuration issues Using the ip classless command Verifying RIP configuration Troubleshooting RIP update issuesLAB-A#debug ip rip Load Balancing with RIP Preventing routing updates through an interface Essential Labs Optional Labs Core TIs IgrpLoad balancing across multiple paths Integrating static routes with RIP Igrp metrics Igrp features Igrp routes Igrp stability features Configuring Igrp Verifying Igrp ConfigurationMigrating from RIP to Igrp Troubleshooting Igrp Module 7 Summary Ip classless command Copyright 2004, Cisco Systems, Inc Module 8 Caution Module 8 TCP/IP Suite Error and Control Messages Icmp message delivery Overview of TCP/IP Error MessageError reporting and error correction Icmp Using ping to test destination reachability Unreachable networksDetecting excessively long routes Miscellaneous error reporting Echo messagesDestination unreachable message TCP/IP Suite Control Messages Introduction to control messagesIcmp redirect/change requests Router discovery message Clock synchronization and transit time estimationInformation requests and reply message formats Address mask requests Congestion and flow control messages Router solicitation message Module 8 Summary Module 9 Caution Module 9 Basic Router Troubleshooting Show ip route command Examining the Routing TableDetermining the gateway of last resort Determining route administrative distance Determining route source and destinationDetermining L2 and L3 addresses Determining the last routing update Determining the route metricDetermining the route next hop Observing multiple paths to destination Network TestingIntroduction to network testing Using a structured approach to troubleshooting Layer 7 troubleshooting using Telnet Testing by OSI layersLayer 1 troubleshooting using indicators Layer 3 troubleshooting using ping Troubleshooting using show cdp Troubleshooting Router Issues OverviewTroubleshooting Layer 1 using show interfaces Troubleshooting Layer 2 using the show interfaces Troubleshooting using traceroute Troubleshooting routing issuesTroubleshooting using show controllers Introduction to debug Show cdp Traceroute Show controllers serial Debug Module 9 Summary Module 10 Caution Module 10 Intermediate TCP/IP TCP Operation TCP operationSynchronization or three-way handshake Windowing and window size Denial of service attacks Sequencing numbers Positive acknowledgementsUDP operation Multiple conversations between hosts Overview of Transport Layer Ports Ports for services Ports for clientsPort numbering and well known port numbers Comparison of MAC addresses, IP addresses, and port numbers Example of multiple sessions between hosts Module 10 Summary Access Control List Fundamentals Module 11 Access Control List ACLs How ACLs work Introduction to ACLs Creating ACLs Rt1config#access-list ?Rt1config#access-list 1 permit ? Rt1config#access-list 1 permit 192.168.0.1 ? C.D Wildcard bits Log Verifying ACLs Function of a wildcard mask Standard ACLs Access Control Lists ACLs Rt1config#access-list 101 ? Rt1config#access-list 101 permit ?Extended ACLs Named ACLs Firewalls Placing ACLs Restricting virtual terminal access Module 11 Summary Overview and Objectives IV. Case Study Scenario and Phase 1 Project Description Network Diagram IP Addressing Phase 2 IP Addressing Boaz Center Phase 3 Basic Router and Workstation Configuration Instructor approval Date Ping from Router Boaz to Workstation Phase 4 Access Control Lists Eva Phase 5 Documenting the NetworkConfiguration management documentation Boaz Eva Security management documentation Boaz Case Study Deliverables General DocumentationTechnical Documentation Copyright 2004, Cisco Systems, Inc Phase 1 Project Description Case Study Instructor NotesClass Range Optional Case Study Instructor Sample Outputs Phase 5 Documenting the Network Sample outputs Boaz Boaz#show ip interface brief Boaz#show startup-config Using 1090 out of 32762 bytes Boaz#show ip interface Security Management documentation Boaz Copyright 2004, Cisco Systems, Inc Configuration Management documentation Phase 5 Documenting the Network Sample outputs Centre Centre#show version Copyright 2004, Cisco Systems, Inc Centre#show ip interface Security Management documentation Centre Centre#show ip access-lists Configuration Management documentation Eva Phase 5 Documenting the Network Sample outputs Eva Eva#show hosts Eva#show startup-config Using 1156 out of 32762 bytes Eva#show ip interface Security Management documentation Eva Copyright 2004, Cisco Systems, Inc Appendices Appendix a Cisco Online Tools and Utilities Output Interpreter Error Message Decoder Software Bug Toolkit IP Subnet Calculator Password Recovery Procedures TAC Case Collection Software Advisor Feature Navigator TAC Advanced Search Best Practices What is meant by best practices? Nets Standards Nets Literacy, math, and science standards Web Links Timss Report Participating Countries Timss report Learner Model Academy Student Student-centered learning Multiple Intelligences Multiple intelligences Web Links Inquiry Based Learning Inquiry-based learning Special Needs Special needs Web Links Learning Disabilities Learning disabilities Strategies for Teaching Students with Learning Disabilities Ccna labs Lab-Centric Instruction PPP Isdn Ccnp Labs Ccnp labs Web Links Netlab Web Links Simulations Simulations Sponsored Curriculum Labs Sponsored curriculum labs Sponsored Curriculum Labs IT Essentials PC Hardware and Software IT Essentials IT Essentials Network Operating SystemsFundamentals of Voice and Data Cabling Fundamentals of Unix Fundamentals of Java ProgrammingFundamentals of Web Design Http//cisco.netacad.net/cnacs/prot-doc/newcourses.html PIX Firewall PhotoZoom Emerging technologies Wireless solutions Steps in the Problem-Solving Model Troubleshooting Teaching Methods Web Resources Challenges and projects Project-based Instruction Copyright 2004, Cisco Systems, Inc Design activities Dartmouth Problem-Solving Cycle Web Links Brainstorming Cluster Diagram Gifted Education a Resource Guide for Teachers Case Studies Case studies Case Study Teaching in Science a Bibliography Cisco.com Web research Instructor-led classrooms Instructional Strategies Copyright 2004, Cisco Systems, Inc Self-paced instruction Cooperative/collaborative work Pairs or partnersSmall groups Whole class TeamsCompetitive teams Large groups Student-led discussions Demonstrations Presentations Jigsaw Puzzle Jigsaws Ask the Right Questions Ask the right questions Copyright 2004, Cisco Systems, Inc PMI 6 PMI Graphic organizers Problem-Solving Matrix Flowchart Extended Star Topology in a Multi-Building Campus Digital Signal Data Encapsulation Local Area Networks and Devices Copyright 2004, Cisco Systems, Inc RFI EMI Setting goals Kinesthetic Activities Kinesthetic activities Web Links Review strategies Assessment Strategies Journals and reflection Copyright 2004, Cisco Systems, Inc Web Links Grading Rubric Sample Rubrics Rubistar http//rubistar.4teachers.org Guidelines for Portfolio Assessment in Teaching English Portfolio Oral Exams Oral exams Copyright 2004, Cisco Systems, Inc Lab Exams Lab exams Web Links Six Lenses Six lenses Copyright 2004, Cisco Systems, Inc