Network Simulation GNS3 & Virtual Box Cyber Security Student Organization University of North Texas October 14,2020 

IP Addressing • Network ip - 192.168.1.0 • Host ip – 192.168.1.10 • Gateway – 192.168.1.1 • Broadcast ip – 192.168.1.255 • Subnet mask - 255.255.255.0 • CIDR value - 24 • Network notation – 192.168.1.0/24 • Reference on ip addressing - https://www.cisco.com/c/en/us/support/docs/ip/routing- information-protocol-rip/13788-3.html 

Basic Network Devices • Layer 3 - Router • Builds routing table for destinations • Network layer representation • Records host attached to routers • Permit or deny traffic • Many types of Quality of Service • Addresing technique - IP • Layer 2 – Switch • Layer 2 switching(or Data Link layer switching) is the process of using devices’ MAC addresses to decide where to forward frames. • Addressing technique : MAC 

Routing Protocol • Distance vector • Routing Information protocol (RIP) • Enhanced Interior Gateway Routing Protocol(EIGRP) • Link State • Open Shortest Path First (OSPF) • Intermediate Systems to Intermediate Systems (IS-IS) Interior Gateway Protocol • Border Gateway Protocol(BGP) External Gateway Protocol 

Setting up GNS3 (2.1.21) & Virtual Box System Requirement Ram – 8GB Storage – 30 GB Software Requirement GNS3 software Virtual box GNS3 VM OVA Linux L2/L3 images iourc license 

Setting Up Ennvironment – Part 1 • Steps • Download the files from the link • https://bit.ly/33T4GQm • Unzip the folder and get following items • Gns3 software • Gns3 virtualbox image • iourc file • IOU L2 image • IOU L3 image • Install GNS3 software on windows • Unzip the virtual box vm zip file and load the vm ova file on virtual box • Start GNS3 software now • Choose IOU settings 

Setting Up Ennvironment – Part 2 

Select Interface of Virtual Box Host 

Check the interface IP address of the virtual box gns3vm network 

This is Fine 

Change the settngs as below- and that’s it 

Select Add an IOU device 

Select Image 

Routing Lab Topology 

Router Configuration • Entering Configuration terminal • Config terminal • Hostname • Hostname • Interface ip address • Interface • Ip address • Management interface • Line console (Physical access) - line con 0 • Line vty (telnet/ssh access) - line vty 0 4 • Routing • OSPF • Router ospf • Network • Eigrp • Router • Network • Example • IOU1#config terminal • IOU1(config)#hostname Seattle • Seattle(config)#int e0/0 • Seattle(config-if)#ip add 

Security Management Plane Protection Control access to the device Control Plane Protection Controlling what routes can be availed to a router Data Plane protection Controlling what kind of traffic s allowed 

Management Plane Security • Configuring management plane • SSH access configuration • Config t • aaa new-model • aaa authentication login default local • username privilege 15 secret • unable secret • line vty 0 4 • Transpurt input ssh • Login local 

Control Plane Security • New-York router to allow only access to 2.2.2.2 • Create access list • Access-list 1 permit ip 1.1.1.1 0.0.0.0 • Create route-map • route-map ext permit 10 • Match ip address 1 • Route-map ext deny 20 • Redistribute specific routes • Router eigrp 1 • Redistribute ospf 1 route-map ext 

Data-Plane Security • Create extended Access-list • Ip access-list extended 100 • 5 deny icmp any 4.4.4.4 0.0.0.0 echo • 10 deny icmp any 4.4.4.4 0.0.0.0 echo- reply • Apply the access-list on inbound or outbound interface • Int ee0/0 • Ip access-group 100 in 

References • Configure Cisco Router Step by Step Guide - https://www.computernetworkingnotes.com/ccna -study-guide/configure-cisco-router-step-by-step- guide.html • Cisco Guide to Harden Cisco IOS Devices - https://www.cisco.com/c/en/us/support/docs/ip/ access-lists/13608-21.html • Cisco IOS Routing - https://www.cisco.com/c/en/us/td/docs/switches /lan/catalyst1000/software/releases/15_2_7_e/co nfiguration_guides/rtng/b_1527e_routing_c1000_ cg/configuring_ip_unicast_routing.html • Learn How to install GNS3 VM and Link With Latest GNS3 2.x - https://luminisindia.com/it-networking-blog/167-learn- how-to-install-gns3-vm-and-link-with-latest-gns3-2-0