I thought I’d share the GNS3 files that I used to study for my CCNA. This isn’t based off of any lab that I know of, I just made them up. I created a blank Frame Relay network and a blank router network and practiced configuring them for Frame Relay hub and spoke, NAT, DHCP server, RIPv2, single area OSPF, EIGRP, and security.

GNS3 Frame Relay Network

What You Get

These are blank files in that they are connected, have host names, IP addresses and the DLCIs are configured in the Frame Relay network. They’re basically ready to configure for the items listed above. All passwords are cisco. The drawings have the IP and DLCI information on them.

You can download the zipped file here (7 MB). You can unzip them and copy them to your working file such as /Applications/Dynagen/tmp/ or wherever you put your working files. I used 3640 routers, but you can open the config files and modify them for whichever router you use.

You should be able to save the files, start GNS3, and then start the devices and be on your way. For Mac users, here is a link to setup your default terminal to open new tabs for each device.

Strategy

I did it this way to save time setting up practice networks. I used these blanks to get started, and then I’d configure NAT and EIGRP or maybe just NAT and a DHCP server. These were small, quick setups so I wouldn’t save my work after I made changes. If I were to do this for CCNP or CCIE practice, I’d save a blank file like this and save the work using a new file name. Just my thoughts. Let us know if you have a way that works better for you.

Disclaimers

I don’t think it matters, but these were created on a Mac.

I’m just throwing these out there for your use if you want them, and use them at your own risk. I am not including the Cisco IOS, or any warranties of any kind. I am happy to answer any questions you might have on a best effort basis.

Related Posts

• Mac OSX Leopard Terminal & GNS3 / Dynagen
• Certs!? We Don’t Need No Stinkin’ Certs

Despite the debatable value of certifications, I decided to use my two week school break to study and test for my Cisco CCNA certification.  In this article I’ll discuss why technology leaders should consider getting the CCNA (even if you can’t login to any of your equipment), and I’ll share how I prepared for the exam with links to all the tools I used. After reading this, I hope you’ll be motivated to get your CCNA, and you’ll feel confident that you have the tools you need to pass it.

Why Get a CCNA

I’m in management and don’t even have authorization to log into any of the equipment we operate, so why get a CCNA? Believe me, I asked myself this several times over the last few days when I was tired of studying.

The CCNA is not super tough but the time, effort and knowledge required to pass the exam demonstrates a commitment to your profession and to your people. I think your engineers will appreciate it if you put in the time and effort it takes to get the CCNA. They know what it takes, and they’ll respect your commitment if nothing else.

I decided to get it because as the manager of a group of network engineers, I thought I should have at least the associate level certification. If we’re asking our folks to get certified, shouldn’t we have at least a minimum level certification?

Does the CCNA make me any smarter or validate me in some way? Well, I did learn a few things that I didn’t know before, time based ACLs for example. I also gained a real appreciation for the effort required to get the certification. All of us in the tech industry have to learn continually, but there is a difference between self study with no test versus study followed by a $250 test.

How to prepare for the CCNA?

Preparation

I’ll share my preparation for those who are interested in getting their CCNA.

• I read Exam Cram via my Safari Books subscription and reviewed weak areas multiple times.
• Used the iCOD (see video below) and accompanying books to review ICND2 material. I connected the iPod to my Mac Book Pro so I could view it on a bigger screen. The iPod is good for portability, but given a choice I prefer to watch it on my laptop. Contact the folks at CCBOOTCAMP to get one of your own – you’ll even get lab rack time.
• Review modules on The Cisco Learning Center. There is a ton of good, free information on this site.
• Used GNS3 / Dynagen (on my Mac Book Pro) to practice routing, NAT, Frame Relay and DHCP pool configuration. I love this software and highly recommend it to anyone who wants to be a network engineer or even those who are engineers.
• Took practice tests using Self Test Software and Pass For Sure

Are You Ready to Go For It?

What do you think, is it worth it for someone in management to get their CCNA? I’ve listed several tools here to help you; are you willing to get your CCNA?

Do you think it’s  enough or should mangers go for their CCNP, CCDP or <shudder>CCIE</shudder>?

SANS is offering a free preview of 4 of their security courses:

• Vulnerability Scanning with Eric Cole
• Windows Intrusion Detection with Ed Skoudis
• Cyber Forensics with Rob Lee
• Pen Testing Methodology with Ed Skoudis

Here’s the link: http://www.sans.org/ondemand/spring09.php SANS is offering their On Demand courses at a 25% discount too.

These are just a taste of the full courses, but there is a lot of good information here. A bonus for me is these are topics we will cover in my next MSIA seminar at Norwich.

For 10 days, researchers covertly took control of a botnet and watched how it worked and what information it collected. In the process, they learned that, “the malware problem is essentially a cultural problem.” That’s right folks, it’s not a technology problem, it’s people, it’s us.

While they had visibility to the inner workings of the botnet, the researchers watched the botnet obtain login credentials for more than 300,000 accounts. These credentials gave the botnet owners access to bank and credit card accounts, as well as email, chat, and other social accounts.

Basically, they learned what we’ve all known for awhile now:

• People use easy to crack passwords
• People use the same password for multiple accounts
• People don’t understand how vulnerable they are to attack

Does this sound like you? What can you do to avoid becoming a victim?

Passwords

1. Use passwords that are easy to remember but hard to guess.
2. Use passwords that are at least 8 characters long.
3. Use passwords that use a mix of upper and lower case letters, numbers and symbols
4. One way to do this is to use a pass phrase like, “I like to play golf early in the morning” From this phrase you could create a password such as Il2pg3itm by using the first letter of each word and substitute numbers for words like “to” and 3 for the letter “e”. It’s pretty easy right?

Password Managers

You need to use a different password for each account. This can become tough to manage, so you may want to use a password manager to help make this manageable. That means you had better use a very good password for the manager, or all of you passwords are vulnerable. Here are some password managers you may want to check out:

• Sxipper addon to Firefox browser
• KeePass all platforms
• 1Password OS X
• RoboForm Windows

One of the interesting statistics the researchers published is, “almost 40% of the credentials stolen were from browser password managers.” That means if you are using the built-in password manager on Firefox, Safari, or IE, you may want to think again.

Don’t be a victim. Think of securing your computer and data the same way you remember to secure your home or car. Poor passwords are like leaving the key to your house under the welcome mat. Use a strong password, don’t use the same password for all of your accounts, and use a strong master password for your password manager.

Now you have the tools you need to protect yourself. Take the time to make these simple changes now; it is a lot easier than dealing with theft of your money and identity.

If you are interested in learning more, read the article and the report.

I attended the most recent Technology Education Business Alliance (TEBA) meeting on Friday. There were approximately 25-30 people in attendance at the Cheyenne campus of the College of Southern Nevada and approximately 20 or so at the northern campuses. The topics discussed were the Tech Prep Program for high school students, and the Nevada Information Technology Project (NVITE)

Tech Prep Program

There was an excellent presentation on the Tech Prep Program by retiring director, Dr. Andrea Anderson. This is a program that allows high school seniors and juniors to earn college credit for courses they take in high school. They must earn an A or B in the course and pay a $10 administrative fee to get the credit. High School students are eligible to earn up to 15 college credits from CSN through this program. The goal is to have the kids go on to college, knowing they can do the work. An added benefit is the significantly reduced cost per credit. The kids and their parents can save over $250 per course.

An interesting statistic is that in 2008, there were 10, 654 students taking eligible courses with 1639 earning college credit. Both numbers are record highs for the program. I asked why there is such a large gap between the number of students eligible versus the number earning credit and was given  three reasons:

• $10
• The requirement to earn an A or B
• Interest / awareness level of the high school teacher

It is a shame that $10 could be a reason to not participate, and lack of interest or awareness by the high school teacher is also a shame. Since 2000 this program has saved parents and kids more than $487,000 in tuition costs. We need to do more to get the word out and to get money for those who cannot afford the $10 per class.

Nevada owes Dr. Anderson a huge thanks for all the lives she has helped influence through her management of this program. Education is a proven path out of poverty, and she helped many kids have opportunities they would have missed without this program. Enjoy your retirement Dr. Anderson.

NVITE

The NVITE portion of the meeting was spent brainstorming ideas for courses or degrees that the college could offer that would meet the needs of the business representatives in attendance. There were three major themes:

• Security
• Data Centers
• Mobile technologies

Security dominated the conversation. Most of the security topics rolled up into the 10 domains of security as defined in the common body of knowlede for the CISSP certification.  It was very apparent that the business representatives are extremely concerned about security in all aspects.

Data center technologies were discussed as they related to virtualization, cloud computing, and understanding power and cooling requirements.

Mobile technologies were discussed as they related to understanding wireless protocols such as 802.11, Zigbee, RF propagation, and mobile devices and applications.

The colleges have courses that address some of the requests, but the scope of the security topics were overwhelming. They wondered if they could cover everything in two years. The colleges are going to review the requests and try to consolidate the information into something they can use to develop courses and degrees.

On a personal note, the obvious concern for secuirty education made me feel very good about my decision to get my Master of Science in Information Assurance (MSIA) from Norwich University.

I think these education and business alliances are extremely important. By working together, we can get improve the quality of education in the areas that businesses need most, and hopefully get kids interested in math, science and technology.

A couple of months ago, I wrote an article about ideas to get Cisco training on a budget. There are several free or low cost suggestions for anyone pursuing Cisco certifications or to just practice your skills.

We were fortunate to have some Cisco Learning Credits this year, which are obviously very valuable in this economy. Long story short, we arranged for 20 people from several different departments to attend the ICND 1 and ICND 2 classes.

Most of the people scheduled for the ICND 1 class had some very basic understanding of networking, but this is a fast-paced class covering a lot of material. We wanted these people to succeed, and from experience we know that the OSI model and subnetting are particularly difficult topics to newbies. I had my two senior engineers create classes on these subjects so these folks could have the best shot at success. We divided the material into 3, 2 hour classes. By the end of the preparatory classes, all of them could subnet almost well enough to pass the CCENT exam.

The ICND 1 class took place last week and I received emails throughout the week telling me how much they enjoyed it. I received 2 emails this weekend thanking me, 1 of the folks passed his CCENT test on Friday, and another scheduled his test for the 22nd. I actually teared up a bit on hearing this news, and I am not a crier. It makes me so happy to hear people learning new skills that can actually change their lives. There is a huge difference between the lifetime earning power of a help desk technician versus a network administrator.

It looks like we met our goal of getting as many people trained to a baseline level, and the prep classes helped them. I wonder how many more of those in the class will go for their CCENT and beyond.

UPDATE: 3 people have passed their CCENT certification exams so far.

What ideas do you have to stretch your training budget, or get by without one?

This week’s topic in my MSIA course is Security Awareness. I am amazed how little awareness of security issues exists out there. This is not a sexy or exciting subject to be sure, but it has to be one of the best ROI you can have in a business. It costs very little to increase security awareness, and considering how many security violations begin with employees (> 80%), awareness is a great place to focus your efforts.

One of my classmates posted links to two sites that I think do a great job of increasing security awareness in a fun way. The first site is a game teaching people how to recognize phishing. Phishing is a tactic used by criminals to fool you into following a link to a site that takes advantage of you in one way or another such as loading malware on your computer. Please forward this link to family and friends so they can learn to avoid these scams. http://wombatsecurity.com/antiphishingphil

The other site is from the Commonwealth of Virgina, and it is a 13 minute video explaining several tactics to improve security. It presents the topic in a fun way and I actually laughed out loud a couple of times. Check it out here on YouTube. I think it is effective enough that I’m going to show it to my department in our staff meeting.

I hope these links help you improve your own security awareness and that they might help you, your family or employees learn to be more secure. I would love to hear what you or you company is doing to increase security awareness, and how effective you find it to be.

Thanks to Steven Gregory for originally posting these links.

I originally posted this on the Cisco Powered Technical Community Forum.

I thought I would share some recent experiences with locating training for people who are fairly new to Cisco networking. We’re trying to stretch our training dollars as far as we can, so we met with a local training partner, CCBootcamp. They worked with us to meet our training needs by scheduling classes for ICND 1&2.

We’ve asked for leadership to sponsor individuals who will benefit from the training and have a good shot at success. I also have a couple of my engineers developing a short (6 hours) preparatory course on OSI and subnetting, so these folks can get through the class without spinning out on those subjects.

By combining these classes, Dynagen, and the Cisco Learning Center, we hope to have 15-20 people who will know Cisco networking at least at the entry level, and hopfully have a few go on to their CCNA and beyond.

What strategies are you using to help get training while working with a small budget?

Cisco has put a lot of effort into their online Cisco Learning Center, and it shows. They have resources for all their certification levels, including videos, white papers and blogs. They also cover topics that most engineers ignore, such as the soft skills necessary to be a successful and influential member of their organization.

I am not saying this is a one stop site for all the training an engineer or network manager will ever need, but it is a very good resource. Given the tightening of training budgets, this site is a great resource to use to develop you people and yourself.

I’ve updated the osascript to one that works better than the original one that I posted.

I just finished a 3 hour tangent to my CCNA studies. I was going to mess around with EIGRP and OSPF configurations in GNS3 / Dynagen, but was a little annoyed with it opening a new terminal window for each console session. I’ve got Leopard, which uses tabs so it seems awfully silly to open a new terminal each time.

I thought this would be pretty straight forward since it can be done using iTerm fairly easily. I found it to be somewhat simple to open a new tab, although I had to take a crash course on Applescripts. The real problem is you don’t seem to be able to name the tabs even though there is a property that should handle it (custom title).

I muddled around with the script editor, the script dictionary, and spent hours on Google looking for an answer. All that to come to the same conclusion as everyone else; it can’t be done with Applescript. I did find a wrapper and a SIMB plug in, but don’t really want to go that far for this application.

After all that effort, here is what I have decided to live with as the command to launch a new terminal tab for GNS / Dynagen. You can copy it and paste it directly into the Terminal Command section of the GNS3 preferences.

I make no claims of being an Applescript expert, so use this at your own risk. Your results may vary.

Edit your dynagen.ini file to look like this:

# Uncomment below of OS X with Terminal with named tabs (requires Leopard)
telnet = /usr/bin/osascript -e ‘tell application “System Events” to tell process “Terminal” to keystroke “t” using command down’ -e ‘tell application “Terminal” to do script with command “telnet %h %p ; exit” in last tab of first window’ -e ‘tell application “Terminal” to tell window 1  to set custom title to “%d”‘

Old setting opened too many unused windows. Included here for reference only.

# Uncomment below of OS X with Terminal with named tabs (requires Leopard)
telnet = /usr/bin/osascript -e ‘tell application “Terminal” to activate’ -e ‘tell application “System Events” to tell process “Terminal” to keystroke “t” using command down’ -e ‘tell application “Terminal” to do script with command “telnet %h %p ; exit ” in last tab of first window’

Related Posts

• Certs!? We Don’t Need No Stinkin’ Certs
• GNS3 Files for CCNA Level Practice