Transcription
INSTALLATION AND CONFIGURATION GUIDEMulti-Purpose Academy Pod with ASADocument Version: 2018-01-09 For Cisco Networking Academy courses, including:CCNA ROUTING AND SWITCHINGCCNA SECURITYCCNP ROUTING AND SWITCHINGCopyright 2017 Network Development Group, Inc.www.netdevgroup.comNETLAB Academy Edition, NETLAB Professional Edition, and NETLAB are registered trademarks of Network Development Group, Inc.Cisco, IOS, Cisco IOS, Networking Academy, CCNA, and CCNP are registered trademarks of Cisco Systems, Inc.
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide1Introduction . 31.1 Deviations . 41.2 Remote PC Support . 41.3 Dynamic Topologies . 42 Lab Device Requirements . 52.1 Lab Device Requirements for CCNPv7 . 52.2 Lab Device Requirements for CCNA Security v2.0 . 72.2.1 Required software for CCNA Security v2.0 . 82.2.2 Cisco Adaptive Security Appliance (ASA) for CCNA Security v2.0. 102.3 Lab Device Requirements for CCNA Routing and Switching, Security v1.2 . 112.3.1 Required software for CCNA Security v1.2 . 122.3.2 Cisco Adaptive Security Appliance (ASA) for CCNA Security v1.2. 142.4 PCs and Servers . 143 Control Device Requirements . 153.1 Control Switch Overview . 153.2 Access Server Ports . 173.3 Switched Outlets . 174 Pre-requisites . 184.1 Understanding VMware Virtualization and Virtual Machines . 184.2 Setup Control Devices . 184.3 Upload IOS Images . 184.4 Disable User Logins (optional). 185 Adding the Pod. 195.1 Start the New Pod Wizard . 195.2 Add a Multi-Purpose Academy Pod with ASA . 195.3 Select Control Switch and Ports . 195.4 Select Access Server(s) and Ports. 205.5 Select Switched Outlets. 235.6 Select Device Types . 245.7 Select Software Images and Recovery Options . 245.8 Select a Pod ID . 265.9 Select a Pod Name . 265.10Verify Your Settings . 266 Cable the Pod . 287 Switch Configuration Tasks . 317.1 Verify Control Switch IOS Version . 317.2 Configure Control Switch Ports . 317.3 Initial Lab Switch Setup . 348 Testing the Pod (Test 1 – Before PC Implementation) . 369 Select PC Type . 3710 VMware Settings . 3811 Testing the Pod (Test 2 – After PC Implementation) . 3912 Finishing Up. 4112.1Bring the Pod(s) Back Online . 4112.2Enable Multi-Purpose Academy Pod with ASA Exercises . 4212.3Schedule a Lab Reservation for Your New Pod . 431/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 2
Multi-Purpose Academy Pod with ASA Installation and Configuration GuidePART 1 – PLANNING1IntroductionThe NETLAB Multi-Purpose Academy Pod with ASA is a versatile pod, which includes 3routers, 3 switches, and an ASA. This pod is designed to be compatible with BasicRouter Pod Version 2 and the LAN Switching Pod; therefore, it supports many CCNADiscovery and Exploration Labs. The Multi-Purpose Academy Pod with ASA alsosupports CCNA Security Labs (including ASA labs) and CCNPv6.0 TSHOOT, ROUTE andSWITCH labs.The Multi-Purpose Academy Pod with ASA features direct access to router, switch andASA consoles. Integration with a separate VMware server supports up to 3 virtual PCs.NETLAB can provide remote access to the keyboard, video, and mouse of the VMwarevirtual machines in the pod.NETLAB users in a team or instructor-led class can share access to a device console orPC.1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 3
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide1.1DeviationsRemote users may get confused by local deviations from the standard curriculum andlabs. The curriculum is relatively complex and offers many opportunities to “makeadjustments to the labs”. If your NETLAB pods will be made accessible outside yourlocal Academy, you should carefully consider the impact of deviations and substitutions.Even if your user community is local or relatively small, we recommend that you (1)document the specifics of your pods and (2) use the NETLAB News and Announcementsfeature to point users to your documentation.1.2Remote PC SupportA Multi-Purpose Academy Pod with ASA supports up to 3 remote PCs implementedusing VMware. NETLAB allows several settings for each: Users can control the keyboard, video, and mouse.Users can power on, shutdown, reboot, and revert to a clean state.Users can have administrator rights.The NETLAB Remote PC Guide Series provides detailed, version-specific information onthe implementation of VMware products and virtual machines.To learn more about VMware virtualization products, please visit:http://www.netdevgroup.com/support/remote pc.html1.3Dynamic TopologiesThe Multi-Purpose Academy Pod with ASA features dynamic topologies. NETLAB canalter the topology and reposition PCs by manipulating VLANs on the control switch. Thisis done automatically based on the selected lab exercise. Instructors can changeexercises and topologies during instructor led class reservations.1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 4
Multi-Purpose Academy Pod with ASA Installation and Configuration GuideLab Device Requirements2Lab devices are part of the topology and users can interact with them either directly orindirectly. The lab device requirements vary for the Multi-purpose Academy Pod withASA, depending on the courses you plan to teach.Please also refer to the NDG website for the latest ap/topologies/multipurpose academy podasa.html If you plan to use your Multi-purpose Academy Pod with ASA for the CCNPv7.0TSHOOT, ROUTE and SWITCH courses, please refer to the lab devicerequirements in Section 2.1. If you plan to use your Multi-purpose Academy Pod with ASA to teach CCNASecurity v2.0, you may follow the requirements in Section 2.2 below. If you plan to use your Multi-purpose Academy Pod with ASA to teach CCNASecurity v1.2 and/or CCNA Routing and Switching, you may follow therequirements in Section 2.3 below.Other equipment may work if it is supported by NETLAB and can meet the minimumrequirements for feature sets, interfaces, IOS, RAM, and Flash. A list of NETLAB supported lab equipment can be found on the NDG website. Please note, compatibilitywith NETLAB does not guarantee compatibility with the Academy labs.2.1Lab Device Requirements for CCNPv7Details on requirements are provided on the lab pages for each course:TSHOOT: http://www.netdevgroup.com/content/cnap/labs/ccnp v7 tshoot.htmlROUTE: http://www.netdevgroup.com/content/cnap/labs/ccnp v7 route.htmlSWITCH: http://www.netdevgroup.com/content/cnap/labs/ccnp v7 switch.htmlOnly two (2) SWITCH labs are supported using the MinimumFlashMinimumIOSFeature Set/TechnologyPackagesR1Cisco 1941256 MB256 MB15.4(3)IP Base, Security1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 5
Multi-Purpose Academy Pod with ASA Installation and Configuration nimumFlashMinimumIOSFeature Set/TechnologyPackagesR2Cisco 1941256 MB256 MB15.4(3)IP Base, SecurityR3Cisco 1941256 MB256 MB15.4(3)IP Base, Security4096MB2048 MB3.3.5 SEUniversal128 MB64 MB15.0(2)SE7LAN Base4096MB2048 MB3.3.5 SEUniversalS1S2S31Cisco 36501,2WS-C2960 24TC-LCisco 36501,2Requires minimum NETLAB version 2015.R2.beta.5.2CCNA Routing and Switching and CCNA Security v2.0 have not been tested with theCisco 3650 switch.The global command boot enable-break must be enabled on all switches for properoperation. Please refer to Section 7.1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 6
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide2.2Lab Device Requirements for CCNA Security imumFlashMinimumIOSFeature Set/TechnologyPackagesR1CISCO1941512 MB256 MB15.4(3)M2IP Base, SecurityR2CISCO1941512 MB256 MB15.4(3)M2IP Base, SecurityR3CISCO1941512 MB256 MB15.4(3)M2IP Base, SecurityS1WS-C2960 24TC-L128 MB64 MB15.0(2)SE7LAN BaseS2WS-C2960 24TC-L128 MB64 MB15.0(2)SE7LAN BaseS3WS-C2960 24TC-L128 MB64 MB15.0(2)SE7LAN BaseThe global command boot enable-break must be enabled on all switches for properoperation. Please refer to Section 7.1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 7
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide2.2.1Required software for CCNA Security v2.0SoftwareNamePurposeRequirementsComments / LinksIOS-S854CLI.pkgasdm-781.binInstalled ur topology will include either the ASA-5506or the ASA-5505.asdm-741.binAnyConnectSecure MobilityClient release4.1.00028Installed onASA-5505Kiwi SyslogThis softwarewill be usedas the syslogserver.Tftpd32 canalso be usedas the syslogserver.WinRadiusWinRadius isa standardRADIUSserver fornetworkauthentication s/winradius/NMAP/ZENMAPThis softwareis used totest the 32DHCP,TFTP,SMTP,Syslogservers, andTFTP client.1/9/2018Supported O/S: WindowsXP t/tftpd32 download.htmlCopyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 8
Multi-Purpose Academy Pod with ASA Installation and Configuration GuideSoftwareNamePurposeRequirementsComments / LinksIOS-S855CLI.pkgThis file isused withLab 5.4.1.1.To obtain instructions on the file version andhow to download, please see Lab 5.4.1.1.realmcisco.pub.keyThis file isused withLab 5.4.1.1.To obtain instructions on the file version andhow to download, please see Lab 5.4.1.1.1/9/2018Copyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 9
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide2.2.2Cisco Adaptive Security Appliance (ASA) for CCNA Security v2.0A Multi-Purpose Academy Pod with ASA adds the additional functionality of a CiscoAdaptive Security Appliance (ASA) to complete the CCNA Security v2.0 labs.RecommendedModel(s)MinimumDRAMASACisco ASA5505-BUN-K9512MBASACisco ASA5506-K9Device1/9/2018MinimumFlashMinimum IOS Feature Set128 MBCisco (ASA) Software Version9.2(3)Base LicenseCisco ASDM Version 7.4(1)asa982-lfbff-k8.SPA, asdm781.binCopyright 2017 Network Development Group, Inc. www.netdevgroup.comPage 10
Multi-Purpose Academy Pod with ASA Installation and Configuration Guide2.3Lab Device Requirements for CCNA Routing and Switching, Security inimumFlashMinimumIOSFeature Set/TechnologyPackagesR1Cisc
If you plan to use your Multi-purpose Academy Pod with ASA for the CCNPv7.0 TSHOOT, ROUTE and SWITCH courses, please refer to the lab device requirements in Section 2.1. If you plan to use your Multi-purpose Academy Pod with ASA to teach CCNA Security v2.0, you may follow the requirements in Section 2.2 below.
