Chapter 8

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1Version 4.0

Prototyping the WAN

Designing and Supporting Computer Networks – Chapter 8

© 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 2

Objectives Describe the methods to prototype remote

connectivity support

Prototype the WAN Connectivity

Prototype the VPN connectivity for remote workers


Describe the Methods to Prototype Remote Connectivity Support

Simulation software

Prototype testing using simulated links

Pilot testing in the actual environment



Benefits of using simulation software to test remote connectivity:

Lower overall cost

Flexibility

Scalability

Control


Limitations of using simulation software to test the design:

Limited functionality

Unrealistic performance




Simulate WAN connectivity in a prototype lab:

Use Ethernet connection to simulate DSL or cable

Use CSU/DSU, serial modems, or V.35 cables to simulate serial connectivity



Identify business goals and technical requirements from the case study and determine which of these goals and requirements can be tested in the prototype



Create a success criteria checklist to support business goals and technical requirements


Determine the elements of the simulated WAN connection:

Simulate the Frame Relay connection using a Cisco router acting as a Frame Relay switch

Simulate a crossover function using V.35 cables

Provide the DCE function with a clock rate




Validate the choice of WAN devices and topologies:

Local point-to-point circuit

Packet-switched network

Remote point-to-point circuit



Configure the router to act as the Frame Relay switch

Configure serial interfaces as DCE devices

Configure Layer 3 addresses and encapsulation type



Verify that the Frame Relay WAN operates as expected:

Display the status of the interfaces

Verify the exchange of LMI messages

Display the status of PVCs and the Frame Relay maps


Provide and test backup capabilities:

Set up Ethernet connections

Create floating static routes




Troubleshoot Layer 1 using the show interface serial command

Troubleshoot Layer 2 using the show frame-relay lmi command

Check Layer 3 functionality



Identify areas of risk and weakness in the design


Prototype the VPN Connectivity for Remote Workers

Determine which business goals and technical requirements can be tested in the prototype:

VPN security

VPN server location



Create a success criteria checklist to support business goals and technical requirements



Verify the use of Cisco EasyVPN to configure a VPN server and set up the client software



Validate the choice of VPN technology, devices, and topologies



Prototype the Remote Worker Support:

IPSec

Split tunnels



Validate the placement of the VPN server and access list filtering in the prototype network



Identify risks or weaknesses in the VPN design


Summary Every Frame Relay link has three components: a local

point-to-point circuit, the packet-switched network, and a remote point-to-point circuit.

Frame Relay is a nonbroadcast multi-access protocol.

One way to configure routers to use a backup link when a primary link fails is to create floating static routes.

VPNs have two important components: tunneling and encryption.

Encryption algorithms such as DES require a symmetric, shared secret key.

IPSec provides data confidentiality, integrity, and authentication at Layer 3.


Education

Chapter 8