Lab suggestions for CCNA:Security

astorrs

I am now guilty of another "what should I buy" thread... isn't that a requirement to become a full fledged member of the forums?

Now onto the question...

I'm looking for suggestions on what I should pickup (cost is not much of an issue) so that I can play with them though CCNA and CCNA:Security and won't be totally useless for CCNP in 2009 (probably second half, I have other plans). I don't want to pickup a bunch of 2500/2600's only to turf them. I'm debating picking up a couple of 1841's and a pair of switches but at the same time I don't really want to throw money away.

No rush to pick anything up as I won't start for a while, but its always good to keep an eye out on eBay...

Essendon

Andrew, have a look at the following threads. Should put you in the right direction. It's a project in its own right to select the right equipment for the labs!

http://techexams.net/forums/viewtopic.php?t=37214

http://techexams.net/forums/viewtopic.php?t=23929

tiersten

Even if you do have 2500/2600 routers you'll be able to find a use for them. If you want to buy something shiny then get an 1841 or above. An ASA would be handy as well but those are pretty expensive if you go beyond the little 5505.

How much money you got to spend here?

On a purely nice to have level, you should get a 2511, NM-16A/NM-32A or HWIC-8A/HWIC-16A to make an access server.

scheistermeister

Honestly I am sorta curious as to what the security people on the forum say. That is one part of Cisco I have really avoided like the plague. I can't stand security stuff, but will probably end up going after the CCNA:Security eventually as well.

astorrs

Thanks MobileOne, I guess I was thinking more from the CCNA:Security perspective as to what's required - I've read so many threads here about CCNA lab ideas I can pull those out of my hat. But since I've been out of networking for so long, I'm not really sure what matches up to what IOS for the :Security bit. I know I could poke around and figure it out using Cisco's IOS version history tool, but figured some of you would have an idea of the top of your heads.

tiersten, money isn't an issue (within reason, no 6509E's) but the key for me is to hold onto it for a few years as I paddle my way through a few more (NP/IP) in the next 24 months (I'm doing some for a change up when I get bored of what I normally do these days, and to make sure I don't fall any further behind the curve in the networking space).

I will have the opporunity to pickup some 3750G switches and 2811's & 3845's routers in about 12 months after I finish a project and that will round out my CCNP lab, but I want to hold onto the stuff I buy now until the next revision (when did they last update the CCNP/CCIP spec and when would you expect the next one?) so I'm looking into the future.

I have an AS2511-RJ so we're good there. I also have an 871 ISR.

scheistermeister

astorrs wrote:

(when did they last update the CCNP/CCIP spec and when would you expect the next one?)

They just updated the CCNP. I was in the first class to go through the new version at my school for the Net Acad. I would expect a few years until another revision.

LOkrasa

Get a router that runs SDM and ADV IP Services, use 12.4(15)T6 for the IOS and you are set. I think that two would be even better but I think 1 is more then enough. Download the trial version of Cisco Secure ACS to get exp with that but I don't even think it's too critical. I think that the actual hands on stuff for this exam is very minimal and its mostly memorization/understanding of fundamentals.

LBC90805

tiersten wrote: »

Even if you do have 2500/2600 routers you'll be able to find a use for them. If you want to buy something shiny then get an 1841 or above. An ASA would be handy as well but those are pretty expensive if you go beyond the little 5505.

How much money you got to spend here?

On a purely nice to have level, you should get a 2511, NM-16A/NM-32A or HWIC-8A/HWIC-16A to make an access server.

How about say a 2509, is that good enough?

msteinhilber

LBC90805 wrote: »

How about say a 2509, is that good enough?

Depends on how many devices you desire to use it with. 2509's have 8 async ports while the 2511's have 16. I've seen 2511's go for around the same as a 2509 on ebay if you are patient, might be worth going with a 2511.

CCIEWANNABE

no need to buy actual routers anymore thanks to gns3. for the ccna:security exam i used GNS3, SDM v2.5 and the ISCW lab guide book. as for your ccnp studies, just buy a couple 3550's and then you can link them to your routers via GNS3. good luck studying.

LBC90805

msteinhilber wrote: »

Depends on how many devices you desire to use it with. 2509's have 8 async ports while the 2511's have 16. I've seen 2511's go for around the same as a 2509 on ebay if you are patient, might be worth going with a 2511.

Actually, the only REAL router I have is a 2509 that was kicked down to me by an oldtimer at my job last year before he retired.

All my studying for Cisco has been with the Current and Previous versions of Packet Tracer.

briangl

CCIEWANNABE, what version of GNS3 are you running and what operating system?

I have been having a horrible time trying to get it to work right. I am using GNS3 version 0.6 on Windows XP. I am going to try reinstalling it. If that doesn't help I will try the earlier version. I haven't been getting much help on the GNS3 forum. I have been trying to get it to work right for over a week.

CCIEWANNABE

hmmm, what problems are you having specifically? speed problems, errors? I am running v0.6 on my windows xp machine. the only problem i was having was losing the router configs. when i tried to save the configs and then open gns3 back up, the configs would be blank, but i fixed that issue by creating a new project and then saving it that way.

briangl

I was getting different, inconsistent errors. I have tried to be as consistent as possible, to eliminate that as a variable. I got it to work to a point, not by doing anything different, but by repetition. I got it to the point where I was running SDM on a router. I thought I had gotten past all the errors, then SDM locked up.

I reinstalled it last night and still have problems.

It seems to be ok if I just connect routers together. I get errors when I add a cloud. When I try to open a console / tenet window to the router the window opens, says it is connecting to localhost then closes.

I will try to install it on another system tonight.

CCIEWANNABE

briangl wrote: »

I was getting different, inconsistent errors. I have tried to be as consistent as possible, to eliminate that as a variable. I got it to work to a point, not by doing anything different, but by repetition. I got it to the point where I was running SDM on a router. I thought I had gotten past all the errors, then SDM locked up.

I reinstalled it last night and still have problems.

It seems to be ok if I just connect routers together. I get errors when I add a cloud. When I try to open a console / tenet window to the router the window opens, says it is connecting to localhost then closes.

I will try to install it on another system tonight.

hmm, ok, but again, what are your computer hardware specs, this may be why its locking up, due to cpu over-utilization.

briangl

I don't think the CPU is having a problem. I was actually keeping a pretty close eye on that. I got to the point where every time I got a router running or connected 2 together, pretty much whenever I added something, I would look at the CPU usage. It seems like it will fluctuate between maybe 3% to 20% at the most.

I have been doing this on my laptop. I don't have it with me at work today, most days I do. I don't know the exact processor speed off hand, I know it is 1.some GHz, maybe 2. I just don't remember off hand.

The thing is, I was communicating through a cloud just fine (pinging from my laptop to a virtual router and vice versa). Now, even after reinstalling, if I add a cloud and then try to open a console window on a router, the consol window opens for a couple of seconds, says it’s connecting and then just closes. Something seems to have changed and it seems to be related to the cloud object.

I didn't get a chance to try it on another system yet, hopefully this weekend. My laptop is my fastest system though.

Thank you. I'm at an impasse with my studying because of this.

vivek2727

If you've a firewall installed (or windows firewall maybe ?), then try turning it of temp. while you run GNS3. Might just be that a firewall is blocking the required ports.

briangl

vivek2727 wrote: »

If you've a firewall installed (or windows firewall maybe ?), then try turning it of temp. while you run GNS3. Might just be that a firewall is blocking the required ports.

Thanks, I have already tried turning off my firewall. I have pretty much given up on GNS3.There just seems to be some incompatibility with my system. I had it working to a point then it messed up, different problems at different times. Can’t get it to work even to that point again. Haven't tried it in a while, so don't even remember what specifically. Just doesn’t work for me, tired of beating my head against the wall. Tried for about 2 weeks, using all of my home time, trying everything, reinstalling, asking for help, etc. Even tried on my wife’s laptop, doesn’t work at all. I guess because she has Vista. Anyone getting it to work on Vista?

Instead of wasting time on this, I need to concentrate on finding a job.