support@davidbombal.com

Packet Tracer file (PT Version 7.1): https://goo.gl/iJg2cJ
Get the Packet Tracer course for only $10 by clicking here: https://goo.gl/vikgKN
Get my ICND1 and ICND2 courses for $10 here: https://goo.gl/XR1xm9 (you will get ICND2 as a free bonus when you buy the ICND1 course).

For lots more content, visit http://www.davidbombal.com – learn about GNS3, CCNA, Packet Tracer, Python, Ansible and much, much more.

The Point-to-Point Protocol (PPP) provides a standard method for transporting multi-protocol datagrams over point-to-point links. PPP is comprised of three main components:

● A method for encapsulating multi-protocol datagrams.
● A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link connection.
● A family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols.

The Challenge Handshake Authentication Protocol (CHAP) (defined in RFC 1994) verifies the identity of the peer by means of a three-way handshake. These are the general steps performed in CHAP:

After the LCP (Link Control Protocol) phase is complete, and CHAP is negotiated between both devices, the authenticator sends a challenge message to the peer.

The peer responds with a value calculated through a one-way hash function (Message Digest 5 (MD5)).

The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authentication is successful. Otherwise, the connection is terminated.

This authentication method depends on a “secret” known only to the authenticator and the peer. The secret is not sent over the link. Although the authentication is only one-way, you can negotiate CHAP in both directions, with the help of the same secret set for mutual authentication.

For more information on the advantages and disadvantages of CHAP, refer to RFC 1994

Transcription:

In this lab you need to configure point to point protocol or PPP.
You need to configure Point-to-Point Protocol on the link between ISP 1 and Customer Router 1.
You also need to configure Point-to-Point Protocol but with CHAP between ISP3 and Customer 2. In other words you’re going to configure PPP with a CHAP or Challenge Handshake Authentication Protocol.

This lab consists of required tasks as well as bonus tasks.
The required tasks are once again that you need to configure the link between Customer 1 and ISP1. This link here with PPP.

You need to configure this link using PPP CHAP and a password of cisco
You then need to configure static default routes on the customer routers pointing to the ISPs.

The reason for doing that is that, these devices representing the Internet in this topology of running BGP in autonomous systems 65000, 65001, 65002.
So you need to configure the customer routers to use static default routes so that they can send traffic on to the Internet and access the Google DNS server 8.8.4.4

You need to verify that things are working by ensuring that the customer routers can ping the DNS server and that they can ping Cisco.com
So make sure that you configure both of the ISP side and customer side with PPP between ISP 1 and ISP 2. Configure IP addresses and anything else that’s relevant and again the side needs to be configured with PPP CHAP. That’s the required portion of the lab but to make the lab more real world, we have some bonus tasks.

In the bonus tasks, you need to create a DHCP pool on the customer routers to allocate IP addresses to the PCs. Customer Router 1 needs to be configured with this IP address on gigabit 0.0.0 and it needs to allocate IP addresses to the PC in that subnet.

Customer Router 2 needs to be configured with this IP address 10.1.2.1 on gigabit 0 /0 / 0
And you need to configure a DHCP pool on the customer router to allocate IP addresses to this PC in this subnet.

Now without giving it away think about all the DHCP options that you need to allocate to your PCs to allow the PCs to ping Cisco.com
The verification for this section is that PC 1 and PC 2 can ping Cisco.com.
So think about what’s required from a DHCP point of view but also from a NAT or Network Address Translation point of view.

You’re going to have to configure both of these routers with network address translation and to be specific; it’s actually port address translation so that the PCs can access the Internet.
So make sure that these PCs which are using RFC 1918 addresses, in other words private IP addresses can access the Internet which is a public network.

Notice as an example, that the BGP routers on the Internet only know about Network 8, they have no visibility of network 10. You are not going to advertise Network 10 to the Internet. Network 10 is a private IP address; it’s none routable on the Internet because ISPs will block that network.

So can you complete this lab?
Can you configure the network with PPP, PPP CHAP, DHCP Network Address Translation and DNS information?

subscribe
  • David Bombal

Search

Categories

Recent Posts

I got Pwned … and so did you! (you’re likely in the 12 Billion)
Windows Pentest Tutorial (Active Directory Game Over!)
What’s the Future of AI in Cybersecurity and Hacking (are we doomed)?
It’s DNS again 😢 Did you know this Malware Hack?
Kali NetHunter Pro in 6 minutes
His new gadget any good? (Can he catch me?)
How to be Invisible Online (and the hard truth about it)…
Raspberry Pi Availability Update and Painful decisions (Eben Upton Interview)
Birthday Giveaway

Birthday Giveaway

A PhD in Hacking & AI?

A PhD in Hacking & AI?

Eben Upton Interview (Raspberry Pi)
Kali Linux TP-Link TL-WN722N install (1 command fix)
Pentester Blueprint: Your road to success
Deep Dive OSINT (Hacking, Shodan and more!)
The best Hacking Cert just got updated (OSCP PEN-200)
Hacking IoT devices with Python (it’s too easy to take control)
Kali Linux NetHunter with WiFi support (rooted Android install)
Root Android (Kali Linux NetHunter install)
My training for free on Cisco’s website??
What happened to Cisco certs?