This site is provides lab scenarios for students who preparing for the Cisco exams and gain some practical experience with Cisco routers and switches with other vendors like Mikrotik and juniper. All labs have been created using real equipment. our labs is easy to use you don't need to pre-configure or any another thing just login into our remote server and follow the instructions . All Labs available for free to assist network operators and Cisco certification students with common problems or challenges that crop up in configuring Cisco networks.
Powered by Blogger.

This is our lab.

This is our lab.

If some one want to donate abit money or even a pieces of cake, we are welcome and appreciate, it will be used to keep the freelabnetworks running.



This is our lab.

If some one want to donate abit money or even a pieces of cake, we are welcome and appreciate, it will be used to keep the freelabnetworks running.



Cisco 802.1Q Tunneling aka Q-in-Q

Q-in-Q is a feature often used by service provider as a layer 2 VPN.
The configuration is very simple, put a 802.1Q tag on interface that it receives from customer and on interface that it out to customer other side. A different VLAN tag for each customer can separate the traffic from different customers. Set dot1q tunnel on both edge of service provider.

One of benefit of this technique is that it’s easy to implement, you don’t need to run any routing protocols inside service provider and also between provider and customer. From customers perspective, it’s just like their sites are directly connected on layer 2.

You can use freelabnetworks to configure Q-in-Q.

The following example is like site-A direcly connected with site-B.



SW2 as Customer-site-A
SW3 as Customer-site-B
SW4 as Service-provider-cloud

Before Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            122          S I      WS-C3550-2Fas 0/3

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            171          S I      WS-C3550-2Fas 0/5

After Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW3              Fas 0/5            152          S I      WS-C2950G-Fas 0/5

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW2              Fas 0/5            164          S I      WS-C2950G-Fas 0/5

Q-in-Q configured on Service-provider-cloud (SW4) :

SW4#show running-config interface FastEthernet 0/3
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/3
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show running-config interface FastEthernet 0/5
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/5
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show interfaces FastEthernet 0/3 switchport 
Name: Fa0/3
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

SW4#show interfaces FastEthernet 0/5 switchport 
Name: Fa0/5
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

Q-in-Q is a feature often used by service provider as a layer 2 VPN.
The configuration is very simple, put a 802.1Q tag on interface that it receives from customer and on interface that it out to customer other side. A different VLAN tag for each customer can separate the traffic from different customers. Set dot1q tunnel on both edge of service provider.

One of benefit of this technique is that it’s easy to implement, you don’t need to run any routing protocols inside service provider and also between provider and customer. From customers perspective, it’s just like their sites are directly connected on layer 2.

You can use freelabnetworks to configure Q-in-Q.

The following example is like site-A direcly connected with site-B.



SW2 as Customer-site-A
SW3 as Customer-site-B
SW4 as Service-provider-cloud

Before Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            122          S I      WS-C3550-2Fas 0/3

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            171          S I      WS-C3550-2Fas 0/5

After Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW3              Fas 0/5            152          S I      WS-C2950G-Fas 0/5

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW2              Fas 0/5            164          S I      WS-C2950G-Fas 0/5

Q-in-Q configured on Service-provider-cloud (SW4) :

SW4#show running-config interface FastEthernet 0/3
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/3
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show running-config interface FastEthernet 0/5
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/5
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show interfaces FastEthernet 0/3 switchport 
Name: Fa0/3
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

SW4#show interfaces FastEthernet 0/5 switchport 
Name: Fa0/5
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

Recovery Password Cisco Router

If you have a problem with accessing Cisco router cause forgotten the password, hope this tutorial will help you to find out how to fix it.


  • If you can access the router, type show version at the prompt, and record the configuration register setting.
    • 0x2102 boots and loads your saved configuration.
      0x2142 boots and by-passes the configuration and allows you to view/edit the save configuration if you need to do any kind of password recovery, etc.
  • Use the power switch in order to turn off the router, and then turn the router back on.
  • Press Ctrl + Break on the terminal keyboard a couple of time after power up in order to put the router into ROMmon.
  • Type confreg 0x2142
    • rommon 1 > confreg 0x2142
  • Type reset
    • rommon 2 > reset
  •  Type no in the intial cofiguration dialog
    • Would you like to enter the initial configuration dialog? [yes/no]: no
  • Do not type copy running-config startup-config or write. These commands erase your startup configuration.
  • If you really want to restore your existing configuration,
  • Type copy startup-config running-config
    • Router#copy startup-config running-config
  • Type configure terminal
  • Type enable secret <password> in order to change the enable secret password.
  • Type config-register 0x2102
  • Type write memory or copy running-config startup-config in order to commit the changes.
 Reference : 
http://www.cisco.com/c/en/us/support/docs/routers/2600-series-multiservice-platforms/22188-pswdrec-2600.html  
If you have a problem with accessing Cisco router cause forgotten the password, hope this tutorial will help you to find out how to fix it.


  • If you can access the router, type show version at the prompt, and record the configuration register setting.
    • 0x2102 boots and loads your saved configuration.
      0x2142 boots and by-passes the configuration and allows you to view/edit the save configuration if you need to do any kind of password recovery, etc.
  • Use the power switch in order to turn off the router, and then turn the router back on.
  • Press Ctrl + Break on the terminal keyboard a couple of time after power up in order to put the router into ROMmon.
  • Type confreg 0x2142
    • rommon 1 > confreg 0x2142
  • Type reset
    • rommon 2 > reset
  •  Type no in the intial cofiguration dialog
    • Would you like to enter the initial configuration dialog? [yes/no]: no
  • Do not type copy running-config startup-config or write. These commands erase your startup configuration.
  • If you really want to restore your existing configuration,
  • Type copy startup-config running-config
    • Router#copy startup-config running-config
  • Type configure terminal
  • Type enable secret <password> in order to change the enable secret password.
  • Type config-register 0x2102
  • Type write memory or copy running-config startup-config in order to commit the changes.
 Reference : 
http://www.cisco.com/c/en/us/support/docs/routers/2600-series-multiservice-platforms/22188-pswdrec-2600.html  
 
2012 Free Lab Online | BTemplate3s | Blogger Templates for HostGator Coupon Code Sponsors: WooThemes Coupon Code, Rockable Press Discount Code