The previous chapter examined the process of BGP neighbor negotiation at a fairly technical level. It emphasized the formats of messages exchanged during negotiation. This chapter now expands the examination to consider additional subtleties of the negotiation process. In addition, this section introduces distinctions between internal and external BGP, which have practical implications in building peer sessions. Although BGP is most commonly used to provide a loop-free inter..
Very soon after ratification of the 802.11b standard, 802.11b access points and radio cards began shipping. It was a fairly easy modification to existing 802.11 DSSS devices to become 802.11b-compliant. In fact, most users could upgrade their existing access points and radio cards with simple firmware upgrades. For several years, 802.11b devices were the best ones on the market, so they proliferated throughout the industry and became the most commonly installed wireless LAN h..
The Foundation Summary provides a convenient review of many key concepts in this chapter. If you are already comfortable with the topics in this chapter, this summary might help you recall a few details. If you just read this chapter, this review should help solidify some key facts. If you are doing your final prep before the exam, the following lists and tables are a convenient way to review the day before the exam. IP addresses are • 32-bit numbers (written as four bytes)..
Basic Foundation Identity Concepts
Almost all network-connected applications support some basic form of identity. Most often this takes the form of a username and a password. By proactively checking for bad passwords, educating users about choosing good passwords, and giving preference to applications with some form of secure transport (for example, Secure Shell [SSH]), you can achieve reasonable security for most systems. This chapter discusses more advanced identity systems that usually benefit very specific..
Creating an Encrypted Router-to-Router VPN in a GRE Tunnel
There are several steps to these configurations, but they are the same on both routers. The first step is to create an appropriate key exchange policy using ISAKMP. The following set of commands defines the policy with priority 10. When ISAKMP negotiates the security association (SA) parameters, it starts with the lowest priority and goes to the highest. The highest possible priority value is 10,000: Router1(config)#crypto isakmp policy 10 Router1(config-isakmp)#encr aes 256..
