Network Simulation

Transcript

1. Network Simulation GNS3 & Virtual Box Cyber Security Student Organization

   University of North Texas October 14,2020

2. IP Addressing • Network ip - 192.168.1.0 • Host ip

   – 192.168.1.10 • Gateway – 192.168.1.1 • Broadcast ip – 192.168.1.255 • Subnet mask - 255.255.255.0 • CIDR value - 24 • Network notation – 192.168.1.0/24 • Reference on ip addressing - https://www.cisco.com/c/en/us/support/docs/ip/routing- information-protocol-rip/13788-3.html

3. Basic Network Devices • Layer 3 - Router • Builds

   routing table for destinations • Network layer representation • Records host attached to routers • Permit or deny traffic • Many types of Quality of Service • Addresing technique - IP • Layer 2 – Switch • Layer 2 switching(or Data Link layer switching) is the process of using devices’ MAC addresses to decide where to forward frames. • Addressing technique : MAC

4. Routing Protocol • Distance vector • Routing Information protocol (RIP)

   • Enhanced Interior Gateway Routing Protocol(EIGRP) • Link State • Open Shortest Path First (OSPF) • Intermediate Systems to Intermediate Systems (IS-IS) Interior Gateway Protocol • Border Gateway Protocol(BGP) External Gateway Protocol

5. Setting up GNS3 (2.1.21) & Virtual Box System Requirement Ram

   – 8GB Storage – 30 GB Software Requirement GNS3 software Virtual box GNS3 VM OVA Linux L2/L3 images iourc license

6. Setting Up Ennvironment – Part 1 • Steps • Download

   the files from the link • https://bit.ly/33T4GQm • Unzip the folder and get following items • Gns3 software • Gns3 virtualbox image • iourc file • IOU L2 image • IOU L3 image • Install GNS3 software on windows • Unzip the virtual box vm zip file and load the vm ova file on virtual box • Start GNS3 software now • Choose IOU settings

7. Setting Up Ennvironment – Part 2

8. Select Interface of Virtual Box Host

9. Check the interface IP address of the virtual box gns3vm

   network

10. This is Fine

11. Change the settngs as below- and that’s it

12. Select Add an IOU device

13. Select Image

14. Routing Lab Topology

15. Router Configuration • Entering Configuration terminal • Config terminal •

    Hostname • Hostname <desired hostname> • Interface ip address • Interface <onterface type and number> • Ip address <desired ip address> <subnet mask> • Management interface • Line console (Physical access) - line con 0 • Line vty (telnet/ssh access) - line vty 0 4 • Routing • OSPF • Router ospf <rpocess id> • Network <network id> • Eigrp • Router <AS Number> • Network <network id> <wildcard mask> • Example • IOU1#config terminal • IOU1(config)#hostname Seattle • Seattle(config)#int e0/0 • Seattle(config-if)#ip add <ip> <mask>

16. Security Management Plane Protection Control access to the device Control

    Plane Protection Controlling what routes can be availed to a router Data Plane protection Controlling what kind of traffic s allowed

17. Management Plane Security • Configuring management plane • SSH access

    configuration • Config t • aaa new-model • aaa authentication login default local • username <user1> privilege 15 secret <secret password> • unable secret <secret> • line vty 0 4 • Transpurt input ssh • Login local

18. Control Plane Security • New-York router to allow only access

    to 2.2.2.2 • Create access list • Access-list 1 permit ip 1.1.1.1 0.0.0.0 • Create route-map • route-map ext permit 10 • Match ip address 1 • Route-map ext deny 20 • Redistribute specific routes • Router eigrp 1 • Redistribute ospf 1 route-map ext

19. Data-Plane Security • Create extended Access-list • Ip access-list extended

    100 • 5 deny icmp any 4.4.4.4 0.0.0.0 echo • 10 deny icmp any 4.4.4.4 0.0.0.0 echo- reply • Apply the access-list on inbound or outbound interface • Int ee0/0 • Ip access-group 100 in

20. References • Configure Cisco Router Step by Step Guide -

    https://www.computernetworkingnotes.com/ccna -study-guide/configure-cisco-router-step-by-step- guide.html • Cisco Guide to Harden Cisco IOS Devices - https://www.cisco.com/c/en/us/support/docs/ip/ access-lists/13608-21.html • Cisco IOS Routing - https://www.cisco.com/c/en/us/td/docs/switches /lan/catalyst1000/software/releases/15_2_7_e/co nfiguration_guides/rtng/b_1527e_routing_c1000_ cg/configuring_ip_unicast_routing.html • Learn How to install GNS3 VM and Link With Latest GNS3 2.x - https://luminisindia.com/it-networking-blog/167-learn- how-to-install-gns3-vm-and-link-with-latest-gns3-2-0