+ Reply to Thread
Page 1 of 4 1 234 Last
Results 1 to 25 of 96
  1. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #1

    Default Getting ready soon

    Greetings,

    I am down to just three classes at WGU and will finish 1 very soon, leaving just tech writing + capstone. The CCNP is logically next since I work as a Network Engineer, but don't really get to dive into the crazy depths yet. I used to think the CCNP was impossible to get to before I took the CCNA, so it's cool to be at this point.

    Now, I was really planning on just reading the official book and taking notes, but I recall there being no actual labs in there. For example, I recall reading about DMVPNs. It would probably be good to have an actual lab to follow, but is it necessary or could I just go ahead and do it on my own? Curious to see what other people did.

    I took awhile to do the CCNA since I wanted to learn it, so there's no rush to get this done. Obviously, the sooner I get it done the better, but there's no timeline like I said. I want to be genuinely great and it's been mentioned before here, but you do not get paid the big bucks because of a cert, you only get the opportunity. You still need to ace the interview, and be good at it. So, I just would like to see what has worked for other people in recent times. I used CBT nuggets for the CCNA, but unsure if I will again.

    Does anyone actually read this T-Shoot book either? Or do people just go take it after doing the route and switch exams? Equipment is also no issue as I have anything and everything available to me at work, which is fantastic.

    As for the CCNP Security, is that really necessary? Now, at my job we handle the firewalls - there is no separate team. I do not do much with them yet though. My boss claims the R&S is important, but did not stress the security exam. At the point of completing the R&S, I would either do the Security or go back to WGU for an MBA. There's value in both really, I'd love to have both. But maybe someone with a Sr. Network Engineer job can go into detail on their opinion.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jan 2015
    Location
    England
    Posts
    322

    Certifications
    CCNP: R&S, CCNA: Sec
    #2
    CCNP R&S will teach you the perfect network. You then stick a firewall in the middle and it breaks pings etc.

    I've heard CCNA:Sec isn't very ASA heavy and it teaches you the basics. If you want ASA related bits, that's in the NP:Sec. I think doing CCNP R&S would be a great place to start and then branch out imho
    Reply With Quote Quote  

  4. Senior Member Mitechniq's Avatar
    Join Date
    Jun 2012
    Posts
    262

    Certifications
    CCNA, GIAC G2700, VCP5-DCV C|EH, ISC2 CISSP, AWS-PSA (Most have Expired)
    #3
    I've been torn with this dilemma myself. However, I looked at several CCNP:SEC material and a lot of it makes the assumption you have a very good grasp on CCNP switching and routing protocols. As soon as I am done with VCP, I will be starting CCNP:RS and then move over to the SEC/DC stuff feeling confident I have the fundamentals down.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #4
    I am definitely doing the NP R&S first, with me probably doing routing first. I don't personally know anyone with the NP:S but I know there are people here with it.

    The CCNP: R&S looks good. I actually look forward to doing it which I don't think I've ever said before about a certification lol. But now that I'm in the field, there's so much value to it because I know it's benefiting me now and in the future.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jan 2015
    Location
    England
    Posts
    322

    Certifications
    CCNP: R&S, CCNA: Sec
    #5
    Knowledge is power and all that.

    Seriously though, it'll be worth it. It's all good fun learning new material.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #6
    WGU just accepted my capstone and now I finally have my BS (and an AS and AAS). CCNP starts tomorrow!
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #7
    I've got a lab set up, and I'm read to go. I have 3 2811's all running the same 12.xxx IOS and a 3850 switch (fancy!). I've got all these in the lab at work running back to a PC via console cables (except 3850) and I can access everything by RDPing into the PC. I've got R1 connected to R2, R2 connected to R3 thru the 3850 on VLAN 100 and an SVI so I can daisy chain over to manage this switch remotely. Everything has loop back addresses which will be thrown into the routing protocols. Everything is cabled neatly and ready to go. I know with this set up I'll be able to do DMVPNs, route redistribution, and some other things. Should be good to go. I didn't take this from anywhere though and plan to just make up my own scenarios and go with the flow.
    Reply With Quote Quote  

  9. Senior Member Segovia's Avatar
    Join Date
    Jun 2014
    Location
    Seattle, WA
    Posts
    115

    Certifications
    CCENT, A+, Network+
    #8
    Hey I can't really comment on the CCNP but I wanted to say congratulations!

    Was the capstone really difficult? I am not looking forward to it..

    Also your lab sounds great, wish I could get my hands on that gear!
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #9
    Hello,

    I banged out the 35 page capstone in 3-4 days. It was not bad at all.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #10
    So, the route book is 18 chapters. I had 1/3 of that many months ago but decided to restart completely. I banged out the first chapter today.

    I read that Cisco recommends you do not span a VLAN across more than one access layer switch. In reality, this has to never actually be put to practice - no? It recommends that you adrust the ARP timer to be less than the CAM aging time. Does this appear in the running config? I need to investigate.


    I don't even see these commands as being options in our network. Show arp timeout does not exist.
    Last edited by hurricane1091; 12-07-2015 at 08:43 PM.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #11
    I've been working on chapter 2, and am having trouble understanding how a Layer 2 MPLS VPN works and who actually uses them. Any ideas?
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #12
    Still on chapter 2, I built a GRE tunnel to see what was up. I was getting recursive routing issues, but the Sr. guy I work with pointed me in the right direction because he encountered it when building an iWan lab. I had the destination of the tunnels set to the tunnel IP address of the tunnels.

    Also, I was not going thru the tunnel From R1 to R3 but was in the reverse order. This was due to a static route I had to the tunnel address on R3 from R1. I find it interesting that a route is not needed, and assume it because the destination is set on the tunnel interface and there is a route to that in the routing table.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #13
    Been crazy busy but going to try to finish Chapter 2 today. I wish it was going faster, hopefully once the holidays pass it will. I did learn some things over the past couple of days though - like how we're using HSRP between two Layer 3 switches than run back to 1 router at branches, and how that affects egress traffic. EIGRP OSLs affect ingress traffic. Still a little confusing though!
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #14
    I finished reading Chapter 2. DMVPN and NHRP configuration is apparently "beyond the scope" of the CCNP book and is a CCIE thing, but I got to talking with our boss. Our environment does not work properly and he wants me to build a DMVPN w/ NHRP & mGRE lab tomorrow.

    What I am struggling to understand is that I cannot find an example of where it actually works the way it should. Like, it actually does not work the right way in our environment either I realized and my boss wants me to figure out a way to overcome it with VRFs.

    Check this out: https://supportforums.cisco.com/docu...ration-example

    Look at his verification though. His tunnel to 10.1.1.2 is not actually up. He's not actually going directly there via a tunnel.

    Cisco's example is this: Configuring Dynamic Multipoint VPN (DMVPN) using GRE over IPSec between Multiple Routers - Cisco

    This is using static routes though, which isn't going to scale. Hmm.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #15
    No progress made on this yet. I've spent all my time labbing a DMVPN environment which is apparently CCIE level stuff. dmvpnlab.jpg

    The diagram is here that I made. I found a useful follow-along on line and then figured out the differences for myself. Read some good info too. It works as it should, but the challenge is to make it work with the default route going back to the hub and now the ISP next-hop.

    What I learned:

    1. You cannot use a summary address in this scenario - which is something I recall from the CCNA days. However, if you redistribute a routing protocol into OSPF, you are able to use a summary address.

    2. Learned how to inject a default route into OSPF from the hub (which I'll need to do next to get it working the way I want)

    3. It's the first time in awhile I have had to make ISAKMP and IPSec policies, so that was a good refresher. Got to trouble shoot it too.

    4. Learned how to set up DMVPN and NHRP

    While not really covered on the CCNP, it was a good exercise and I'm hoping to get this to production at work.
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #16
    Well I removed the static default route to the physical next hop and it's been replaced with a default route learned via OSPF to the tunnel IP of the hub thru the default information originate command. Everything still works at it should but I am slightly unsure how the router knows to go to the physical next hop to form a tunnel with a spoke. It's obviously "in the nature of NHRP/DMVPN" but I need a concrete answer. I know it works though because a traceroute from Spoke A will go to the hub, then Spoke B. Another traceroute after will go directly to B, and a tunnel is seen in "show ip nhrp". If you type a random IP (like an internet address) and traceroute it, you can see it goes back to the hub. Hmm!
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #17
    After some packet capturing and research, the tunnel was forming correctly and the DMVPN environment worked.

    However, the tunnel was going THROUGH the hub, was is useless. My boss showed me how to correct this with a VRF but it's slightly over my head and I really need to look at it again today.

    So yeah, back on track to the CCNP next week I'm thinking after spending 5 days working on some CCIE level stuff. I do need to implement this though. Amazing the stuff you learn from actually doing.
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #18
    Was looking at this DMVPN/NHRP/VRF lab I had done today and it makes decent sense. I was thinking of making a cat tools job to fix the entire environment, but that will not work. The IP address of the interface gets removed when you add in VRF forwarding. There is another obstacle to overcome too but I need to sit down and think about it.

    Anyways, I will do Chapter 3 today and get back on track. Not that excited for this chapter.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #19
    Half way thru Chapter 4. I have EIGRP configured between the hub and the switch in that diagram now. Messed with setting up the hello and dead timers and the passive interface stuff. It's been awhile and basic stuff, but feeling good.
    Reply With Quote Quote  

  21. Member HardDisk's Avatar
    Join Date
    Jul 2009
    Location
    Denver, Colorado
    Posts
    62

    Certifications
    CCNA, A+, Net+, Security+, MCP, MCTS
    #20
    Just a heads up. OSPF and EIGRP dead timers work differently.
    When you tweak the EIGRP dead timer (hold-time) it actually changes the EIGRP neighbor's dead timer.
    When you tweak the OSPF dead timer is only effects the host router and has no effect on the neighbor's dead timer.

    R1(config)#interface serial 2/0
    R1(config-if)#ip hello-interval eigrp 100 2
    R1(config-if)#ip hold-time eigrp 100 6 <--- confusing because this sets the neighbor's hold timer.
    R1(config-if)#exit
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #21
    Hello! I finished Chapter 4 today. I had previously noticed that changing the hello timer did not have an affect on the neighbor. I know in EIGRP that hello/dead timers do not have to match though.



    Update: I misunderstood the concept and re-read it. What you are saying makes sense. I thought you were suggesting that if I make the dead timer 10 seconds on R1, it will change it on the neighbor.

    That was a helpful hint, thank you.
    Last edited by hurricane1091; 01-04-2016 at 07:28 PM.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #22
    Dug into chapter 5 today - Advanced EIGRP topics. Somewhere in this chapter is what I read up to previously, so the second half of it will be all new. I labbed up some off set list and broke out the calculator to really understand how the EIGRP FD is calculated (which is simple, but really breaking out the calculator and understanding where the FD came from). I also typed up the EIGRP OSL that was non-existent on the two branch switches for an office I am relocating next week. These offices are small and only have 2 switches and one router mostly, but it makes sense now why we're using off set lists there (and HSRP) which was cool. Good progress today, slowly but surely coming along.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #23
    Dug more into chapter 5 today and will finish tomorrow. Did some simple route filtering in my lab, nothing crazy.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #24
    Done chapter 5 and moving onto chapter 6. Going to review all notes up until this point first. I've labbed everything so far. It's slow going, but I try to use the knowledge when I learn it and better understand our production environment. Labbed up route summarization and saw it fail when I tried to summarize 9.0.0.0/8 but was only permitting 9.1.1.1/32 and 9.2.2.2/32 in my distribute-list ACL which was cool. Also drew out and realized why summarization for the branch offices here is not an option and would cause issues which was good. Good stuff so far.
    Reply With Quote Quote  

  26. Senior Member siggnation's Avatar
    Join Date
    Jun 2014
    Location
    SF Bay Area
    Posts
    176

    Certifications
    CCNP R&S, CCNA: Sec, A+
    #25
    I think the route filtering topic was one of the most important while I studied Route. Keep it up!
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 4 1 234 Last

Social Networking & Bookmarks