+ Reply to Thread
Results 1 to 13 of 13
  1. Junior Member cyberjunkie's Avatar
    Join Date
    Dec 2009
    Location
    India
    Posts
    13

    Certifications
    MCSA, CCNA, CCNP-Switching , CCNP-Routing
    #1

    Default Lab setup for CCNA-Security GNS3 or Real Equipment

    Hi,

    I am going to start preparation for CCNA-Security, How can I use GNS 3 for this which IOS version will it be sufficient or I have to buy real equipments.
    Reply With Quote Quote  

  2. SS -->
  3. Last RHCT EVAR!? CiskHo's Avatar
    Join Date
    Feb 2010
    Location
    RTP NC
    Posts
    189

    Certifications
    CCNA:Security RHCT CCENT MCP Net+ A+
    #2
    2600XMs or 1800s would be ideal for a home lab setup, I think. However, I think GNS3 using 7200s with 12.4T would work as well.... Hopefully someone can explain in more detail if I am incorrect.

    I'm not sure exactly what kind of labs one should setup to cover the CCNA:S as my study material hasn't referenced any specific labs yet. I would guess that reviewing SDM 2.5 on an 1800 would work. Not sure if something like setting up IPSec between 2 routers is needed info for the exam... I'd love any additional input on that.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Sep 2009
    Location
    Wales, UK
    Posts
    411

    Certifications
    CCENT, CCNA, CCNA Voice, CCNA Security, ITIL V3 Foundation, MCP, MCTS
    #3
    Quote Originally Posted by CiskHo View Post
    Not sure if something like setting up IPSec between 2 routers is needed info for the exam... I'd love any additional input on that.
    Yes, learn all the ins and outs of VPNs in SDM. If possible try to understand some of the ios syntax too.
    Reply With Quote Quote  

  5. Cisco Moderator mikej412's Avatar
    Join Date
    May 2005
    Location
    Chicago
    Posts
    10,190

    Certifications
    CCNP CCIP CCSP CCVP CCDP CCDA CCNA CS-CIPSS CS-CIPTDS CS-CIPTOS CS-CIPCSS CS-CFWS CS-CVPNS CS-CISecS ISSP 4013 4011
    #4
    Zone Firewall support did show up in 12.4(6)T, but you want 12.4(9)T or 12.4(11)T (or higher) -- can't remember if it was bug fixes or more features.... Advanced Security, Advanced IP Services, or Advanced Enterprise Services feature sets should have the Security Features you need.

    Dynamips (Dynagen/GNS3) should be enough for the router side of things (if you have access to supported IOS images and no qualms about violating the Cisco Software License).
    Reply With Quote Quote  

  6. Member
    Join Date
    Apr 2009
    Location
    Portland, Oregon
    Posts
    30

    Certifications
    MCSA, CCNA, Security+, CCNA:Security, AAS in Computer Information Systems
    #5
    I'm a big fan of GNS3, and have been using it almost exclusively for my CCNA:S studies. It saves you a bunch on equipment costs, and it's really convenient being able to do all the labs on my laptop.
    With a 12.4(15)T image, I've set up labs for IPS and ZBF on my virtualized 7200s. I'm about to start researching doing layer 2 stuff using virtualized switches - I've heard this can be done.
    I'm working through the Cisco Academy (highly reccomended) which includes an excellent lab manual.
    I'm not sure about the legalities of using Cisco IOS images in my lab, but I don't have any moral issues with it. The way I see it, I'm benefitting from it academically, but ultimately it must be good for Cisco too, having more people skilled and able to promote their equipment.
    Reply With Quote Quote  

  7. Senior Member blackninja's Avatar
    Join Date
    Dec 2007
    Location
    UK
    Posts
    386

    Certifications
    CCNA Security, CCNP, MCSE (S2003) & LPIC-1
    #6
    A couple of guys at work are doing the CCNA through the Cisco Network Acadamy and using packect tracer 5.2.

    Had a go and seems to support all what is needed for the CCNA:S.

    I'm currently studying for the CCNA:S and I've got 2620XMs with IOS c2600-advsecurityk9-mz.124-23.bin.

    I also use GNS3 when studying at night or from work.
    Reply With Quote Quote  

  8. Junior Member cyberjunkie's Avatar
    Join Date
    Dec 2009
    Location
    India
    Posts
    13

    Certifications
    MCSA, CCNA, CCNP-Switching , CCNP-Routing
    #7
    Thank u all for ur quick response and support
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Apr 2008
    Location
    Tampa, Fl
    Posts
    1,097

    Certifications
    A Few....
    #8
    Quote Originally Posted by CiskHo View Post
    2600XMs or 1800s would be ideal for a home lab setup, I think. However, I think GNS3 using 7200s with 12.4T would work as well.... Hopefully someone can explain in more detail if I am incorrect.

    I'm not sure exactly what kind of labs one should setup to cover the CCNA:S as my study material hasn't referenced any specific labs yet. I would guess that reviewing SDM 2.5 on an 1800 would work. Not sure if something like setting up IPSec between 2 routers is needed info for the exam... I'd love any additional input on that.
    Here's the CCNA Security Lab Manual. Excellent resource for the CCNA Security Exam.

    CCNA Security Lab Manual

    HTH

    ~Peanut
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Sep 2006
    Location
    San Francisco Bay Area
    Posts
    2,047

    Certifications
    None?
    #9
    I bought the stuff, but then I discovered it was just easier to use Packet Tracer. Either way, 2621xm would be perfect along with a 2950. For the SSH VPN though, you might need an ASA.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Apr 2009
    Posts
    5,015
    #10
    Quote Originally Posted by Daniel333 View Post
    I bought the stuff, but then I discovered it was just easier to use Packet Tracer. Either way, 2621xm would be perfect along with a 2950. For the SSH VPN though, you might need an ASA.

    SSH VPN? You mean SSL VPN or am I missing something?


    SSL VPN isn't on the blueprint so in theory you don't need to cover this for the exam. You can do everything on the blueprint with a cisco 1721 if you are looking for a cheaper option. Just know that they aren't rackable.

    Looking at the ios feature navigator will determine which ios versions you can use

    Cisco Feature Navigator - Cisco Systems
    Reply With Quote Quote  

  12. Last RHCT EVAR!? CiskHo's Avatar
    Join Date
    Feb 2010
    Location
    RTP NC
    Posts
    189

    Certifications
    CCNA:Security RHCT CCENT MCP Net+ A+
    #11
    Quote Originally Posted by knwminus View Post
    You can do everything on the blueprint with a cisco 1721 if you are looking for a cheaper option. Just know that they aren't rackable.
    Pardon my noobishness but what do you mean by "not rackable"?
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Apr 2008
    Location
    Tampa, Fl
    Posts
    1,097

    Certifications
    A Few....
    #12
    The cisco 1721 model cannot be rack mounted. Here's an image of the 1721. HTH.

    ~Peanut
    Attached Images Attached Images
    Reply With Quote Quote  

  14. Last RHCT EVAR!? CiskHo's Avatar
    Join Date
    Feb 2010
    Location
    RTP NC
    Posts
    189

    Certifications
    CCNA:Security RHCT CCENT MCP Net+ A+
    #13
    Thanks Peanut! I didn't realize the 1721 had that chassis type. I knew my 1761 was rackable and I assumed all 1700s had the same chassis. I guess one should never assume anything in the world of Cisco
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks