The New Packet Tracer 7.3 for the New CCNAv7

The New Packet Tracer 7.3 for the New CCNAv7

Event Information: IPD Week - Technical Session - The New Packet Tracer 7.3 for the New CCNAv7

7a75a2cc883ed99599e1b3d4a2597f58?s=128

page2me kitarotao

December 13, 2019
Tweet

Transcript

  1. © 2019 Cisco and/or its affiliates. All rights reserved. Eugene

    Morozov NetAcad.com Technical Manager Technical Session December 2019 IPD Week The New Packet Tracer 7.3 for the New CCNAv7
  2. © 2019 Cisco and/or its affiliates. All rights reserved. Why

    New Packet Tracer What’s New Dynamic ARP Inspection Wireless LAN Controller PT Versions Known Issues Agenda 1 2 3 4 5 6
  3. © 2019 Cisco and/or its affiliates. All rights reserved. Why

    New PT and What’s New?
  4. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco

    Confidential 4221 2960 or 4321 or 4331 Various end devices Server SOHO WiFi Router 4221 2960 or 4321 or 4331 Various end devices Server PT used for 3- router/switch topologies CCNA 6.0 vs 7.0 – Lab Equipment New For CCNAv7 Please Note: • Serial ports not required • PT version 7.3 required
  5. © 2019 Cisco and/or its affiliates. All rights reserved. •

    Supports CCNA 7 & released together with CCNA 7 • New ISR 4331 router to support new topics • New enhanced 3504 WLC wireless LAN controller • Dynamic ARP Inspection (DAI) • DHCP snooping fixes and enhancements • Section output modifier for show commands • Improved user authentication: when student takes online PTSA, authentication is not required • Major GUI framework upgrade for better accessibility and usability • Support for Ubuntu 18.04.3 LTS Packet Tracer 7.3
  6. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco

    4331 ISR • 1 GE/SFP, 1 GE, 1 SFP integrated WAN ports • 2 NIM slots Cisco 3504 WLC • Provides centralized control, management, and troubleshooting next-gen wireless networks New Devices Details
  7. © 2019 Cisco and/or its affiliates. All rights reserved. Controller

    configuration • Startup wizard • DHCP scope Management configuration • SNMP • Logs Monitoring statistics • Controller • AP join • Ports WLC Enhancement Details
  8. © 2019 Cisco and/or its affiliates. All rights reserved. New

    Commands • ip ospf network point-to-point • ip arp inspection vlan <vlan-id> • ip arp inspection trust • ip arp inspection validate • show ip arp inspection <vlan-id> • show ip arp inspection interfaces • show ip arp inspection interface <interface> <interface-num> • show ip arp inspection statistics <vlan-id> • spanning-tree portfast bpduguard default
  9. © 2019 Cisco and/or its affiliates. All rights reserved. Dynamic

    ARP Inspection
  10. © 2019 Cisco and/or its affiliates. All rights reserved. Dynamic

    ARP inspection (DAI) requires DHCP snooping and helps prevent ARP attacks by • Not relaying invalid or gratuitous ARP Replies out to other ports in the same VLAN. • Intercepting all ARP Requests and Replies on untrusted ports. • Verifying each intercepted packet for a valid IP- to-MAC binding. • Dropping and logging ARP Replies coming from invalid source to prevent ARP poisoning. • Error-disabling the interface if the configured DAI number of ARP packets is exceeded. What is DAI
  11. © 2019 Cisco and/or its affiliates. All rights reserved. To

    mitigate the chances of ARP spoofing and ARP poisoning, follow these DAI implementation guidelines: • Enable DHCP snooping globally. • Enable DHCP snooping on selected VLANs. • Enable DAI on selected VLANs. • Configure trusted interfaces for DHCP snooping and ARP inspection. • (Optional) Configure additional MAC and IP address validation It is generally advisable to configure all access switch ports as untrusted and to configure all uplink ports that are connected to other switches as trusted. Global Config ip dhcp snooping ip dhcp snooping vlan 10 ip arp inspection vlan 10 ip arp inspection validate src-mac ip arp inspection validate dst-mac ip arp inspection validate ip Interface level ip dhcp snooping trust ip arp inspection trust Verify show ip arp inspection interfaces show ip arp inspection vlan 10 show ip dhcp snooping binding show ip arp inspection statistics vlan 10 DAI Configuration
  12. © 2019 Cisco and/or its affiliates. All rights reserved. Wireless

    LAN Controller
  13. © 2019 Cisco and/or its affiliates. All rights reserved. Autonomous

    AP Controller-based APs Access Points Types
  14. © 2019 Cisco and/or its affiliates. All rights reserved. •

    Enables a WLC to manage multiple APs and WLANs • Provides AP discovery for easy provisioning • Encapsulates and forwards WLAN client traffic between an AP and a WLC • Based on LWAPP with additional security provided by Datagram Transport Layer Security (DTLS) CAPWAP
  15. © 2019 Cisco and/or its affiliates. All rights reserved. Media

    Access Control AP MAC Functions WLC MAC Functions Beacons and probe responses Authentication Packet acknowledgements and retransmissions Association and re-association of roaming clients Frame queueing and packet prioritization Frame translation to other protocols MAC layer data encryption and decryption Termination of 802.11 traffic on a wired interface
  16. © 2019 Cisco and/or its affiliates. All rights reserved. PT

    Versions
  17. © 2019 Cisco and/or its affiliates. All rights reserved. •

    For CCNA 7, PT 7.3 is required • For CCNA 6, PT 7.2.2 was most thoroughly tested • If you use PT 7.3 for CCNA 6, you may sometimes receive a scripts warning • You can have both PT versions installed alongside on Windows but only the latest install will be used for PTSAs Which version to use
  18. © 2019 Cisco and/or its affiliates. All rights reserved. Packet

    Tracer 7.3.0 FAQ Q: Which version of PT should I use for CCNA 7? A: Use PT 7.3.0. It’s required. Some files may not open with PT 7.2.2. Q: Which version of PT should I use for CCNA 6? A: Use PT 7.2.2. It has been most thoroughly tested for CCNA 6 compatibility. Q: If I am teaching both CCNA 6 and CCNA 7, which version of PT should I use? (Windows only) A: Use PT 7.3.0. Q: If I am teaching both CCNA 6 and CCNA 7, which version of PT should I use? (macOS/Linux) A: Use PT 7.3.0. You may only install one version of PT at a time on macOS. Fully uninstall any previous versions using the uninstaller tool. Q: Can I install both PT 7.2.2 and PT 7.3.0 simultaneously? A: You may have both PT 7.2.2 and PT 7.3.0 installed simultaneously (for Windows), but PTSAs and PTMOs will launch using the newest install of PT. We recommend installing PT 7.2.2 first, followed by PT 7.3.0. Q: What happens if I use PT 7.3.0 for CCNA 6? A: There is a small possibility you may encounter the warning message above. If so, you may disregard the message, or skip the activity. It is simply a warning that scripts in this file needs to be updated for PT 7.3.0 compatibility. https://www.netacad.com/portal/resources/file/f1a291e2-a9a5-42ba-9074-51df6e06fa03 (also accessible from PT download page)
  19. © 2019 Cisco and/or its affiliates. All rights reserved. Known

    Issues
  20. © 2019 Cisco and/or its affiliates. All rights reserved. •

    Issue: I have a "File Not Found" icon when I create a device. (Windows) • Workaround: Change your screen DPI setting lower (below 225%) to see if it resolves your issue. Various screen resolutions combined with high DPI settings may cause this. On Windows 10, this setting is under "Display Settings → Scale and Layout → Change the size of text, apps, and other items". If this setting is grayed out, you may have to click the "Turn off custom scaling and sign out" link. “File Not Found” Icons
  21. © 2019 Cisco and/or its affiliates. All rights reserved. •

    Issue: On macOS, when I install Packet Tracer, I encounter the following error as shown • Workaround: You may select "Ignore" to continue the installation. Your installation will be successful. This error prompt may happen due to system permission issues when writing to /usr/local, which is used to write the location of Packet Tracer for the purposes of java based PTSAs. You may manually write this by doing the following: sudo mkdir /usr/local/com.cisco.packettracer sudo touch /usr/local/com.cisco.packettracer/PT7HOME sudo chmod 666 /usr/local/com.cisco.packettracer/PT7HOME echo HOME=\"/Applications/Cisco Packet Tracer/Cisco Packet Tracer.app/Contents\" >> /usr/local/com.cisco.packettracer/PT7HOME echo PROGRAM=\"/Applications/Cisco Packet Tracer/Cisco Packet Tracer.app/Contents/MacOS/PacketTracer7\" >> /usr/local/com.cisco.packettracer/PT7HOME sudo chmod 664 /usr/local/com.cisco.packettracer/PT7HOME Installation error
  22. © 2019 Cisco and/or its affiliates. All rights reserved. •

    Issue: On Ubuntu, Packet Tracer freezes my system whenever I try to use the Save As functionality. • Workaround: If your system freezes, perform a hard reboot. If you need to use the Save As functionality in PT, create a new temp folder, browse to the folder, and save the file there. There is a known issue where if you attempt to save a file in a directory with other existing Packet Tracer save files, the system will freeze. “Save As…” Causes Freeze
  23. © 2019 Cisco and/or its affiliates. All rights reserved. Community

    Forums Report an Issue Feature Found PT Issue?
  24. None