Confidential 4221 2960 or 4321 or 4331 Various end devices Server SOHO WiFi Router 4221 2960 or 4321 or 4331 Various end devices Server PT used for 3- router/switch topologies CCNA 6.0 vs 7.0 – Lab Equipment New For CCNAv7 Please Note: • Serial ports not required • PT version 7.3 required
Supports CCNA 7 & released together with CCNA 7 • New ISR 4331 router to support new topics • New enhanced 3504 WLC wireless LAN controller • Dynamic ARP Inspection (DAI) • DHCP snooping fixes and enhancements • Section output modifier for show commands • Improved user authentication: when student takes online PTSA, authentication is not required • Major GUI framework upgrade for better accessibility and usability • Support for Ubuntu 18.04.3 LTS Packet Tracer 7.3
Commands • ip ospf network point-to-point • ip arp inspection vlan <vlan-id> • ip arp inspection trust • ip arp inspection validate • show ip arp inspection <vlan-id> • show ip arp inspection interfaces • show ip arp inspection interface <interface> <interface-num> • show ip arp inspection statistics <vlan-id> • spanning-tree portfast bpduguard default
ARP inspection (DAI) requires DHCP snooping and helps prevent ARP attacks by • Not relaying invalid or gratuitous ARP Replies out to other ports in the same VLAN. • Intercepting all ARP Requests and Replies on untrusted ports. • Verifying each intercepted packet for a valid IP- to-MAC binding. • Dropping and logging ARP Replies coming from invalid source to prevent ARP poisoning. • Error-disabling the interface if the configured DAI number of ARP packets is exceeded. What is DAI
mitigate the chances of ARP spoofing and ARP poisoning, follow these DAI implementation guidelines: • Enable DHCP snooping globally. • Enable DHCP snooping on selected VLANs. • Enable DAI on selected VLANs. • Configure trusted interfaces for DHCP snooping and ARP inspection. • (Optional) Configure additional MAC and IP address validation It is generally advisable to configure all access switch ports as untrusted and to configure all uplink ports that are connected to other switches as trusted. Global Config ip dhcp snooping ip dhcp snooping vlan 10 ip arp inspection vlan 10 ip arp inspection validate src-mac ip arp inspection validate dst-mac ip arp inspection validate ip Interface level ip dhcp snooping trust ip arp inspection trust Verify show ip arp inspection interfaces show ip arp inspection vlan 10 show ip dhcp snooping binding show ip arp inspection statistics vlan 10 DAI Configuration
Enables a WLC to manage multiple APs and WLANs • Provides AP discovery for easy provisioning • Encapsulates and forwards WLAN client traffic between an AP and a WLC • Based on LWAPP with additional security provided by Datagram Transport Layer Security (DTLS) CAPWAP
Access Control AP MAC Functions WLC MAC Functions Beacons and probe responses Authentication Packet acknowledgements and retransmissions Association and re-association of roaming clients Frame queueing and packet prioritization Frame translation to other protocols MAC layer data encryption and decryption Termination of 802.11 traffic on a wired interface
For CCNA 7, PT 7.3 is required • For CCNA 6, PT 7.2.2 was most thoroughly tested • If you use PT 7.3 for CCNA 6, you may sometimes receive a scripts warning • You can have both PT versions installed alongside on Windows but only the latest install will be used for PTSAs Which version to use
Tracer 7.3.0 FAQ Q: Which version of PT should I use for CCNA 7? A: Use PT 7.3.0. It’s required. Some files may not open with PT 7.2.2. Q: Which version of PT should I use for CCNA 6? A: Use PT 7.2.2. It has been most thoroughly tested for CCNA 6 compatibility. Q: If I am teaching both CCNA 6 and CCNA 7, which version of PT should I use? (Windows only) A: Use PT 7.3.0. Q: If I am teaching both CCNA 6 and CCNA 7, which version of PT should I use? (macOS/Linux) A: Use PT 7.3.0. You may only install one version of PT at a time on macOS. Fully uninstall any previous versions using the uninstaller tool. Q: Can I install both PT 7.2.2 and PT 7.3.0 simultaneously? A: You may have both PT 7.2.2 and PT 7.3.0 installed simultaneously (for Windows), but PTSAs and PTMOs will launch using the newest install of PT. We recommend installing PT 7.2.2 first, followed by PT 7.3.0. Q: What happens if I use PT 7.3.0 for CCNA 6? A: There is a small possibility you may encounter the warning message above. If so, you may disregard the message, or skip the activity. It is simply a warning that scripts in this file needs to be updated for PT 7.3.0 compatibility. https://www.netacad.com/portal/resources/file/f1a291e2-a9a5-42ba-9074-51df6e06fa03 (also accessible from PT download page)
Issue: I have a "File Not Found" icon when I create a device. (Windows) • Workaround: Change your screen DPI setting lower (below 225%) to see if it resolves your issue. Various screen resolutions combined with high DPI settings may cause this. On Windows 10, this setting is under "Display Settings → Scale and Layout → Change the size of text, apps, and other items". If this setting is grayed out, you may have to click the "Turn off custom scaling and sign out" link. “File Not Found” Icons
Issue: On macOS, when I install Packet Tracer, I encounter the following error as shown • Workaround: You may select "Ignore" to continue the installation. Your installation will be successful. This error prompt may happen due to system permission issues when writing to /usr/local, which is used to write the location of Packet Tracer for the purposes of java based PTSAs. You may manually write this by doing the following: sudo mkdir /usr/local/com.cisco.packettracer sudo touch /usr/local/com.cisco.packettracer/PT7HOME sudo chmod 666 /usr/local/com.cisco.packettracer/PT7HOME echo HOME=\"/Applications/Cisco Packet Tracer/Cisco Packet Tracer.app/Contents\" >> /usr/local/com.cisco.packettracer/PT7HOME echo PROGRAM=\"/Applications/Cisco Packet Tracer/Cisco Packet Tracer.app/Contents/MacOS/PacketTracer7\" >> /usr/local/com.cisco.packettracer/PT7HOME sudo chmod 664 /usr/local/com.cisco.packettracer/PT7HOME Installation error
Issue: On Ubuntu, Packet Tracer freezes my system whenever I try to use the Save As functionality. • Workaround: If your system freezes, perform a hard reboot. If you need to use the Save As functionality in PT, create a new temp folder, browse to the folder, and save the file there. There is a known issue where if you attempt to save a file in a directory with other existing Packet Tracer save files, the system will freeze. “Save As…” Causes Freeze
page2me
emiki
kawaguti
maroon1st
recruitengineers
bengo4com
kentaitakura
paraworld
databricksjapan
eventhub
fujiwara3
kyohmizu
colopl
mraible
ufuk
edds
iamctodd
matthewcrist
chriscoyier
tammyeverts
brad_frost
destraynor
brianwarren
jonrohan
chrislema
