1 00:00:06,450 --> 00:00:09,180 Hello and welcome to this lecture in this lecture. 2 00:00:09,180 --> 00:00:14,250 We will build our first apology based on K VM QM images. 3 00:00:14,430 --> 00:00:22,410 So now that we have everything set up and the genius 3 VM is running my B.S. is also listed in the service 4 00:00:22,410 --> 00:00:24,480 summary tab here. 5 00:00:24,480 --> 00:00:33,470 Let's go ahead and create a new project so file new Blank Project. 6 00:00:33,850 --> 00:00:41,120 Let's say i s the labs and click Okay. 7 00:00:43,210 --> 00:00:51,260 Now we'll go to the bar browse all devices and let's search for first of all the IRS V. 8 00:00:52,700 --> 00:00:54,080 This is the IRS V. 9 00:00:56,380 --> 00:01:04,000 I'm trying to pull one device on on the topology and here are the results so it's a rather it's running 10 00:01:04,070 --> 00:01:05,050 ISV. 11 00:01:05,140 --> 00:01:10,450 It's from Cisco and the K VM it's required now look what's next. 12 00:01:10,630 --> 00:01:16,180 So next here server type run the appliance on the genius free VM. 13 00:01:16,180 --> 00:01:20,100 It's recommended but look it's basically the only option. 14 00:01:20,140 --> 00:01:22,330 So what we have done until now. 15 00:01:22,330 --> 00:01:30,460 Building the Genesis 3 infrastructure to say so with the P.C. running the galley and then integrating 16 00:01:30,460 --> 00:01:38,590 with the viewer workstation pro the genius 3 VM it's leading to this success so we can run QM key VM 17 00:01:38,800 --> 00:01:40,060 images. 18 00:01:40,060 --> 00:01:46,960 So now let's click Next the genius 3 server requirement is okay and you can continue the installation 19 00:01:47,380 --> 00:01:48,180 looks good. 20 00:01:48,280 --> 00:01:50,200 Click next. 21 00:01:50,200 --> 00:01:59,680 Now we can see that this specific version 15 that 6 to t it's ready to install it has found this specific 22 00:01:59,680 --> 00:02:01,990 image and a start up config. 23 00:02:02,260 --> 00:02:08,860 And when the genius 3 is looking after these files he's basically looking in the downloads folder. 24 00:02:08,860 --> 00:02:11,540 So my user downloads folder. 25 00:02:11,680 --> 00:02:18,140 This is the this is the image and this is the Ayaz vs startup config. 26 00:02:19,190 --> 00:02:26,230 So I'll now click next would you like to install this specific version. 27 00:02:26,230 --> 00:02:30,710 Yes it is going to use this. 28 00:02:31,040 --> 00:02:33,990 This QM binary and I will peak next. 29 00:02:35,000 --> 00:02:39,810 And next and finish. 30 00:02:39,900 --> 00:02:42,800 Now look in the left side in the all devices. 31 00:02:42,810 --> 00:02:47,660 We have a new category Cisco guy v 15 6 2 t please. 32 00:02:47,730 --> 00:02:57,840 Okay here and I will now try to install also the Cisco ISV layer to so for the switches next run the 33 00:02:57,840 --> 00:03:00,860 appliance on the genus 3 VM Next. 34 00:03:00,940 --> 00:03:10,030 Next and we have this version ready for install heat has been found again is looking in the download 35 00:03:10,030 --> 00:03:11,230 folder. 36 00:03:11,350 --> 00:03:19,650 This is my letter to v Virgil I s I will now click next. 37 00:03:19,650 --> 00:03:25,410 Sorry cannot install Cisco as V as Vila too with missing files. 38 00:03:25,740 --> 00:03:29,130 So let's see ready to install next. 39 00:03:29,880 --> 00:03:30,410 Yes. 40 00:03:30,410 --> 00:03:31,860 So I was previously. 41 00:03:31,920 --> 00:03:35,320 Previously I was selecting the first one which has missing files. 42 00:03:35,370 --> 00:03:39,230 Now I have selected the second one which is ready to install. 43 00:03:39,230 --> 00:03:39,650 Yes 44 00:03:43,300 --> 00:03:44,300 next. 45 00:03:44,510 --> 00:03:48,520 Next and finish again. 46 00:03:48,600 --> 00:03:52,680 You can see that we have a new device available now so I will click. 47 00:03:52,760 --> 00:03:58,530 Okay let's see now what happens when I tried to add a Cisco SCV. 48 00:04:00,270 --> 00:04:02,530 So it's a firewall as a category. 49 00:04:02,610 --> 00:04:10,680 The product SCV from Cisco again K. VM it's required so all the major vendors if probably not all are 50 00:04:10,680 --> 00:04:17,400 transitioning from selling boxes to selling software to say so. 51 00:04:17,520 --> 00:04:24,320 And basically they're offering either free or in the case of Cisco through a contract. 52 00:04:24,330 --> 00:04:28,640 No they're offering the softer versions of their appliances. 53 00:04:28,670 --> 00:04:32,710 And in this case it's about the key VM QM that can be emulated. 54 00:04:32,720 --> 00:04:34,210 Ingenious 3. 55 00:04:34,290 --> 00:04:40,460 So let's keep next run the appliance on the genius BBM recommended next. 56 00:04:40,520 --> 00:04:41,720 Next. 57 00:04:41,850 --> 00:04:48,930 But now as opposed to the previous two cases we don't have anything available. 58 00:04:48,960 --> 00:04:52,200 So everything says status missing files. 59 00:04:52,650 --> 00:05:02,170 But if you look in the folder I have 9 8 2 version and this is not available here. 60 00:05:02,220 --> 00:05:12,630 So I would just create a new version so create new version and let's say a CV 9 that aid up to and click 61 00:05:12,680 --> 00:05:13,200 ok. 62 00:05:15,630 --> 00:05:20,500 This is lined up eight to next. 63 00:05:20,820 --> 00:05:23,740 No. 64 00:05:23,800 --> 00:05:25,380 So this is not good. 65 00:05:25,380 --> 00:05:26,740 This is not our image. 66 00:05:26,740 --> 00:05:30,440 Never 9 that either too this is something that was previously found here somewhere. 67 00:05:30,470 --> 00:05:40,310 Click import I'll go to download and select my image nine a two and open uploading the image now 68 00:05:45,490 --> 00:05:48,090 and now it is ready to install. 69 00:05:48,460 --> 00:05:53,130 So select my version and next. 70 00:05:53,330 --> 00:05:54,910 Would you like to install this. 71 00:05:54,920 --> 00:05:55,660 Of course. 72 00:05:55,730 --> 00:06:03,560 Yes I I'm using this camera binary to run the image next as opposed to the IRS. 73 00:06:03,680 --> 00:06:04,850 You can see that the ram. 74 00:06:04,850 --> 00:06:06,910 It's a little bit more now. 75 00:06:06,920 --> 00:06:11,690 So it's two gigs per person per SCV. 76 00:06:11,960 --> 00:06:15,450 Next year appliance is available in the final category. 77 00:06:15,510 --> 00:06:21,980 So that there is no default password default configuration is present and as a v goes through a double 78 00:06:21,980 --> 00:06:23,470 would before becoming active. 79 00:06:23,500 --> 00:06:29,460 So useful information yes to not panic and click finish. 80 00:06:29,510 --> 00:06:32,930 Now it can see that we have also SCV present. 81 00:06:32,930 --> 00:06:40,670 So imagine that there were times years ago when there was hard to to study to study technologies either 82 00:06:41,120 --> 00:06:49,160 new current or really really new to say so now we have these tools available and we can study as much 83 00:06:49,250 --> 00:06:52,070 as we as meek as we can and want. 84 00:06:52,310 --> 00:06:55,580 And this is the very best example that I can give you. 85 00:06:56,090 --> 00:06:58,940 So let's drag and drop two routers 86 00:07:01,520 --> 00:07:09,180 let's drag also and say I'm not sure if it will be supported by my my P.C.. 87 00:07:09,240 --> 00:07:15,750 So this is one gig three gigs because this is two three gigs all. 88 00:07:16,830 --> 00:07:24,340 Let's also take a switch role while creating the image is missing. 89 00:07:24,500 --> 00:07:28,800 So let's see. 90 00:07:29,140 --> 00:07:30,050 This is something. 91 00:07:30,280 --> 00:07:40,950 This is something wrong so HDD browse downloads. 92 00:07:41,020 --> 00:07:43,270 I want to use this image open 93 00:07:47,630 --> 00:07:50,560 OK let's see now. 94 00:07:53,220 --> 00:07:55,020 OK now it's working. 95 00:07:55,020 --> 00:07:59,240 So remember what we have taught in the previous lectures. 96 00:07:59,430 --> 00:08:03,210 We can now hit the Connect link. 97 00:08:03,430 --> 00:08:05,460 Will use gigabit zero by zero. 98 00:08:05,490 --> 00:08:18,990 Let's say this one gigabyte 0 0 0 by one year by 0 0 by 2 and 0 by 0 so now the topology is kind of 99 00:08:18,990 --> 00:08:19,770 complete. 100 00:08:19,860 --> 00:08:25,690 I want basically to test all these devices and see if they work if we can being from one side to the 101 00:08:25,800 --> 00:08:27,360 other and so on. 102 00:08:27,360 --> 00:08:31,020 So let's start one by one start 103 00:08:35,090 --> 00:08:36,560 right click Start 104 00:08:40,920 --> 00:08:45,630 switch start and the last one. 105 00:08:45,630 --> 00:08:54,600 It's a Cisco essay SCV virtual running basically the newest Code 9 a 2 by the way something that has 106 00:08:54,600 --> 00:09:03,120 been for a long time waited in the essay code in this version 9 a 2 interface tunnel it's available 107 00:09:03,460 --> 00:09:06,660 in every interface tunnel it's available in the essay code. 108 00:09:06,960 --> 00:09:15,060 I don't know if if it was at any moment in time useful to you but for me it was so we can run like side 109 00:09:15,060 --> 00:09:20,190 to side with pins and you can just apply crypto opposite profile to the virtual tunnel that you could 110 00:09:20,190 --> 00:09:23,480 do on the ice but on the essay was not available. 111 00:09:23,610 --> 00:09:28,790 So that's a huge that's a huge step forward from Cisco. 112 00:09:28,830 --> 00:09:36,330 And I will just demo this in an upcoming course as you will you'll see available now if we want to cancel 113 00:09:36,330 --> 00:09:42,600 two to one by one we can just click to the three to the devices you can just right click and cancel 114 00:09:42,690 --> 00:09:49,130 if you want to cancel to all of them at the same time remember we have this console connect all nodes 115 00:09:49,920 --> 00:10:00,090 so I'm now connecting to all nodes and let's see this is the this is the C tied Vinci you remember this 116 00:10:00,090 --> 00:10:09,600 was a package that was downloaded in the initial phase of the Genesis 3 installation so let's take it 117 00:10:09,600 --> 00:10:10,380 one by one 118 00:10:13,870 --> 00:10:22,550 this is the layer to this is the switch yes this is a broader and again a rather 119 00:10:25,410 --> 00:10:34,020 so I just try to set them up real nice and let's see. 120 00:10:34,350 --> 00:10:41,400 So this switch how are the interfaces looking everything it's up up perfect. 121 00:10:41,430 --> 00:10:50,190 Let's go on to the to the rather now so I don't know which is which but it doesn't matter. 122 00:10:50,490 --> 00:10:57,960 So I will just configure IP addressing on the interfaces and we will see if they if they see packets 123 00:10:58,050 --> 00:11:00,900 coming in when the other one is going to ping. 124 00:11:01,650 --> 00:11:04,370 So it does show IP interface brief. 125 00:11:05,610 --> 00:11:18,060 Let's take this one and say the or you are one and the IP and not the interface but you by zero by zero 126 00:11:18,060 --> 00:11:24,260 is going to receive the IP address 10 0 0 1 slash 24. 127 00:11:24,870 --> 00:11:27,460 And I will just no shut the interface. 128 00:11:28,860 --> 00:11:41,880 And this one will be a router to interface you by 0 by 0 IP address 10 0 0 2 and also slash 24 no shut 129 00:11:44,750 --> 00:11:51,760 now look at that we have the NSA working so enable just hit enter it has no password defined in the 130 00:11:51,760 --> 00:11:52,890 first place. 131 00:11:53,170 --> 00:11:56,270 Show version. 132 00:11:56,510 --> 00:12:03,970 Now look at that Cisco adaptive security appliance software version 9 8 2 this is really fantastic. 133 00:12:04,730 --> 00:12:10,420 So show interface ip brief it's a little different. 134 00:12:10,490 --> 00:12:20,730 We have connected the Gigabit Ethernet zero by zero so let's say interface with 0 by 0 IP address 10 135 00:12:20,770 --> 00:12:30,740 0 0 3 2 5 5 2 5 5 2 5 5 0 and no shut show IP address. 136 00:12:31,490 --> 00:12:44,540 And yes we have the first interface configured with 10 0 0 3 outlets being 10 0 0 1 from the NSA Yeah 137 00:12:44,790 --> 00:12:52,290 we have to do something something else to work so let's fly from this one being 10 0 0 1 It's myself 138 00:12:53,220 --> 00:12:55,000 and let's begin also. 139 00:12:55,410 --> 00:12:57,290 The other one. 140 00:12:57,720 --> 00:13:06,960 Now let's make sure that indeed this specific rudder which I have forgotten to say hostname to show 141 00:13:06,960 --> 00:13:14,970 IP interface brief let's make let's make sure that indeed 10 0 0 2 or the packets is destined to this 142 00:13:14,970 --> 00:13:17,140 IP address are reaching this rudder. 143 00:13:17,160 --> 00:13:22,630 How do you do that debug IP ICMP. 144 00:13:24,060 --> 00:13:27,510 Just repeat a command and yes. 145 00:13:27,540 --> 00:13:29,920 So ICMP equal play send. 146 00:13:29,940 --> 00:13:31,650 This is the source myself. 147 00:13:31,650 --> 00:13:40,420 Destination 10 0 0 1 coming to this other road show IP interface brief. 148 00:13:40,470 --> 00:13:43,820 Now let's see how this guy looks. 149 00:13:43,830 --> 00:13:48,170 Show IP address we said and 0 0 3 show running config. 150 00:13:49,890 --> 00:13:58,290 So let's make sure we have so put the names here as well so it invites zero by zero. 151 00:13:59,240 --> 00:14:05,050 Let's see the switch how the switch looks show. 152 00:14:05,150 --> 00:14:06,020 Still good. 153 00:14:06,020 --> 00:14:06,620 Perfect. 154 00:14:07,880 --> 00:14:12,210 Let's go on now and see the configuration. 155 00:14:12,650 --> 00:14:18,200 And we have here the global policy 156 00:14:20,990 --> 00:14:24,620 show run policy map. 157 00:14:24,980 --> 00:14:27,350 You have points map global policy. 158 00:14:27,410 --> 00:14:46,550 And we will just inspect also ICMP so comforting policy map global policy plus inspection. 159 00:14:46,570 --> 00:14:47,010 Default 160 00:14:50,350 --> 00:14:55,380 inspect ICMP and right. 161 00:14:55,410 --> 00:15:00,230 Let's also say the configuration on on all of the devices. 162 00:15:00,750 --> 00:15:01,170 Right. 163 00:15:03,520 --> 00:15:06,200 And we have another one. 164 00:15:06,730 --> 00:15:07,290 Right. 165 00:15:08,990 --> 00:15:13,180 OK let's see now. 166 00:15:13,350 --> 00:15:18,960 Why is this not no road to host show route 167 00:15:22,520 --> 00:15:22,880 good 168 00:15:25,800 --> 00:15:27,890 show interface ip Griff 169 00:15:31,630 --> 00:15:33,310 so let's a county 170 00:15:36,340 --> 00:15:37,760 road. 171 00:15:38,300 --> 00:15:40,110 No interface. 172 00:15:40,170 --> 00:15:43,130 By Zero by zero. 173 00:15:43,210 --> 00:15:46,780 This is the problem Naomi if let's say this is outside 174 00:15:50,210 --> 00:15:51,500 let's save the configuration 175 00:15:54,310 --> 00:15:57,310 and think 10 0 0 1. 176 00:15:57,310 --> 00:15:57,890 Perfect. 177 00:15:58,410 --> 00:16:02,790 So let's enable on this side also debug IP ICMP. 178 00:16:03,610 --> 00:16:08,380 And on this other one or two debug IP ICMP 179 00:16:11,490 --> 00:16:15,330 so being 10 0 0 1 We've seen that the bugs coming 180 00:16:17,730 --> 00:16:25,680 and also 10 0 0 2 inherently bugs. 181 00:16:25,940 --> 00:16:27,670 So here we go. 182 00:16:27,680 --> 00:16:35,330 We have basically installed and successfully tested the connection between an essay running the latest 183 00:16:35,330 --> 00:16:46,170 code and also to Ayers routers running a new code 15 that's six through layer to ISV switch. 184 00:16:46,820 --> 00:16:57,720 Let us try also just for fun configure let's say interface look back 0 IP address put that to not do 185 00:16:57,720 --> 00:17:12,330 that to slash 32 and rather a Europe P 100 network by zero. 186 00:17:12,440 --> 00:17:16,020 And now summary. 187 00:17:16,520 --> 00:17:33,110 Let's go also on rider 1 and let's say crafted interface that one IP address 1 that 1 2 5 5 5 5 5 2 188 00:17:33,130 --> 00:17:34,230 by 5. 189 00:17:36,650 --> 00:17:37,560 Well yeah. 190 00:17:37,600 --> 00:17:45,640 Jeremy one hundred auto summary network everything. 191 00:17:48,080 --> 00:17:57,100 So we see that we have also each IP running and we're receiving the low back from the other end through 192 00:17:57,140 --> 00:17:58,900 the repeat. 193 00:17:59,030 --> 00:18:06,410 So if you say show IP HAARP neighbors we see that we have a neighbor on the other side and 0 0 2 we 194 00:18:06,410 --> 00:18:08,630 are 10 0 0 1. 195 00:18:08,630 --> 00:18:11,350 Once again this is ourselves. 196 00:18:11,570 --> 00:18:17,210 We are having having a successful neighbor relationship with 10 0 0 2. 197 00:18:17,220 --> 00:18:24,470 We have the cucumber zero meaning that the negotiation is complete and we have connectivity to the other 198 00:18:24,470 --> 00:18:28,200 side as well to that to not do not to repeat. 199 00:18:28,220 --> 00:18:35,900 Let's say I don't know 100 and the source is our self look back one yes. 200 00:18:36,550 --> 00:18:39,090 So everything is working as expected. 201 00:18:39,160 --> 00:18:47,250 This is basically the beginning of a long journey of a long starting journey to say so I hope that you'll 202 00:18:47,260 --> 00:18:48,650 find this. 203 00:18:50,050 --> 00:18:57,280 So I don't know useful and yet hopefully you'll use this this information on how to build your own lab 204 00:18:57,280 --> 00:19:04,210 environment in order to practice whatever we want related to routing switching and now see security 205 00:19:04,210 --> 00:19:05,530 also available. 206 00:19:05,680 --> 00:19:13,010 So in the next lecture I will show you how to also add a connection to a real virtual machine. 207 00:19:13,030 --> 00:19:21,070 So for example in this case I would like I don't know to have connected to this to this device a Windows 208 00:19:21,070 --> 00:19:27,480 machine but I want it to be a real Windows P.C. so that I can also install software like any kind of 209 00:19:27,490 --> 00:19:32,290 client or other software that's needed in a network to function. 210 00:19:32,290 --> 00:19:35,620 So yeah thanks for viewing and see you in the next lecture.