Author: upravnik

Unlike with static NAT, where you had to manually define a static mapping between a private and public address, dynamic NAT does the mapping of a local address to a global address happens dynamically. This means that the router dynamically Read More …

With static NAT, routers or firewalls translate one private IP address to a single public IP address. Each private IP address is mapped to a single public IP address. Static NAT is not often used because it requires one public Read More …

NAT (Network Address Translation) is a process of changing the source and destination IP addresses and ports. Address translation reduces the need for IPv4 public addresses and hides private network address ranges. This process is usually done by routers or Read More …

Just like the numbered ACLs we’ve used so far, named ACLs allow you to filter network traffic according to various criteria. However, they have the following benefits over numbered ACLs: an ALC can be assigned a meaningful name (e.g. filter_traffic_to_server) Read More …

To be more precise when matching a certain network traffic, extended access lists are used. Extended access lists are more difficult to configure and require more processor time than the standard access lists, but they enable a much more granular Read More …

To create an standard access list on a Cisco router, the following command is used from the router’s global configuration mode: R1(config)# access-list ACL_NUMBER permit|deny IP_ADDRESS WILDCARD_MASK NOTE ACL number for the standard ACLs has to be between 1–99 and Read More …

There are two types of access lists: 1. standard access lists – with standard access lists, you can filter only on the source IP address of a packet. These types of access list are not as powerful as extended access Read More …

ACLs are a set of rules used most commonly to filter network traffic. They are used on network devices with packet filtering capatibilites (e.g. routers or firewalls). ACLs are applied on the interface basis to packets leaving or entering an Read More …

Most newer Cisco switches use RSTP by default. RSTP prevents frame looping out of the box and no additional configuration is necessary. To check whether a switch runs RSTP, the show spanning-tree command is used: SW1#show spanning-tree VLAN0001 Spanning tree Read More …

Just like STP, RSTP creates a topology database of the network. To prevent loops, some interfaces on switches are placed in forwarding state and other interfaces in discarding state. How does RSTP decides in which state the port will be Read More …