Cisco CCNA

Preface

The article describe how to get the Cisco IDS/IPS Software Release 5 running inside VMWare software . After successful installtion, the VM will emulate a

IDS-4215platform with 3 GigabitEthernet interfaces Wink,so I developed this Howto by using VMWare Workstation for Linux, I test this in VMWare 6.0 version

for Windows.

Configuration environment

- VMWare Workstation, the version 6.0, running on a debian etch host system
I never tested with a Windows host system.

- Cisco IPS recovery CD image, Use IPS-K9-cd-1.1-a-5.1-4.iso This file can be downloaded from CCO.

- modified VMWare BIOS (CISCO_IDS4215_440.BIOS.ROM) This file should be in the archive from where you extracted this Howto

- some basic UNIX skills for working with a shell and using vi,

- knowledge of the english keyboard layout Wink

Techincal Desciption

Why I use Cisco Software VMare Software ,beacuse  that  I’m not skilled enough to produce anything useful with the BIOS that can be  downloaded from CCO Wink, so I investigated in how to get VMWare to provide
anything the IPS software wants to hear. I still would prefer to have the native BIOS running, but this is a start for all the desperate souls that need a

working IPS for study/LAB preparation.  It seems that with IDS/IPS software release 5, Cisco Simulator implemented a more strict  hardware identification checks, making it impossible to load the code on 4.x

custom-build systems or in VMWare.  I concentrated myself on the 4215 platform, because it seems that it does not have any special ROM/PROM chips built in.

Basically, IPSv5 is based on Redhat Linux, so it is able to run inside VMWare. The recovery CD boots and reimages fine, as long as the virtual harddisks are
large enough (256M for hda, 4GB for hdb).

hda is the flash in the appliance and holds the complete OS and the  configuration. hdb is a real harddisk and is for “var” storage (event store
etc.). The reimage fails when you have disks that are too small (fdisk will complain about wrong boundaries/size).

With a fresh system, you can boot into runlevel 1, mount the remaining filesystems and inspect what the system will do at regular startups.

The procedure collection file /etc/init.d/ids_functions will determine the platform type during bootup. Because the 4215 doesnt have a special chip, the
routine makes selections based on the CPU speed and processor count. You can trick the routine by entering the CPU speed reported by linux.

But this is not enough. At some point, a program called smbios_bios_info is called, reading information from the BIOS. Also, the binary mainApp will do this
again later, so we have to find a way how to tell the systems what it wants to hear. Luckily, on the 4215 only DMI strings are checked.

VMWare allows to extract the required portion of the BIOS, and with a resource editor you can modify the DMI strings to match the values the software checks.
By telling VMWare to load this modified BIOS, the IPS software is satisfied and identifies the VM as a 4215 sensor.

Change  all the DMI strings to read as Vendor “Cisco Systems”, Platform “IDS-4215″, Chassis/Asset Tag “12345678901″.

Now that the sensor boots and the CLI is useable, network connectivity must work. VMWare and the IPS linux both support Intel e1000 cards, so this looks

promisingThe physical interface configuration layout of all the appliances are defined in /usr/cids/idsRoot/etc/interface.conf. By replacing the pci device-id values with
the one provided by VMWare (see /proc/pci), the sensor recognized the VMWare virtual ethernet cards.

By modifying this file you are able to use interface types a platform normally will not support (Gigabit cards in the 4215).

With this VM I was able to use IDM from a windoze system, create own signatures  and put a sensing interface between two dynamips instances (aletring each
time it sees EIGRP packets). This should be proof enough!

Well, this are nearly all the information I collected during 8-12 hours of  experimenting in a few sentences. However, there are still some quirks and areas
I dont understand well, for example, the problems caused by the absence of the  file /usr/share/zoneinfo/cidsZoneInfo.

I hope you can get Cisoc CCNA Certification.

Writing the following article, I hope that I can help people in learning CISCO technology who do not have enough money to buy equipment, I collated the Cisco 7200 IOS simulator, all the processes and software installation in the preparation after there were a number of well-tested carefully, the environment is the real CCIE lab environment.

First, the installation steps
1, Download Dynamips for Windows Setup and install the latest version.
2 , Download and install Winpcap (currently version 4.0 Beta 1).
3, Download Cisco 7200 IOS [decompression C7200.BIN to the installation directory ,such as C: \ Program Files \ Dynamips \ images \ under.

Second, run the steps

1, download grades one, two configuration files itaa01.net, itaa02.net, extract placed in a new directory can be independent (due to running a lot of files automatically), and the installation directory of the directory to be in the same district disk (such as C: drive), the proposed release of the two documents can be a shortcut to your desktop.

2, run desktop / program shortcuts: Dynamips Server (the window is not closed)

3, according to the need to select one of the following two kinds of way of a:

A, double-click the running level of the itaa01.net, that is, to start a test-bed level;
B, double-click to run level II itaa01.net, that is to start test-bed level II;

4, start the CRT, telnet 127.0.0.1 2001 (Note do not use the default port 23, but changed to 2001, R2 for 2002, R3 2003), in order to start the router on and so forth.

To be able to do this step ITAA grade I, II routing experiments.
Beginners can temporarily ignore the following questions.

Cisco 7200 Simulator is only a software for simulate router. Acutally the cisco emulator cannot replace a real router,but you should be able to get a  performance of about 1 kpps, to be compared to the 100 kpps delivered by a NPE-100 (the oldest NPE model). So, it is simply a complementary tool to real labs for administrators of Cisco networks or people wanting to pass the ccna exams.

There are some measures how to  boot quickly the cisco 7200 simulator, the preferred method is to decompress the IOS image with the “unzip” utility. It avoids to run the self-decompressing process in the emulator.
chris@portchris2:~/dynamips-0.2.5$ ./dynamips image.bin -t npe-400 -p 1:PA-A1 -p 2:PA-8T -p 3:PA-4E -p 4:PA-POS-OC3 -p 6:PA-FE-TX
Cisco 7200 Simulation Platform (version 0.2.5-x86)
Copyright (c) 2005,2006 Christophe Fillot.

IOS image file: image.bin

CPU0: carved JIT exec zone of 64 Mb into 2048 pages of 32 Kb.
NVRAM is empty, setting config register to 0×2142
C7200 instance ‘default’ (id 0):
VM Status : 0
RAM size : 256 Mb
IOMEM size : 0 Mb
NVRAM size : 128 Kb
NPE model : npe-400
Midplane : vxr
IOS image : image.bin

Loading ELF file ‘image.bin’…
ELF entry point: 0×80008000

C7200 ‘default’: starting simulation (CPU0 PC=0xffffffffbfc00000), JIT enabled.
ROMMON emulation microcode.

Launching IOS image at 0×80008000…

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 12.4(9)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 16-Jun-06 17:27 by prod_rel_team
Image text-base: 0×60009084, data-base: 0×6308C000

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 7206VXR (NPE400) processor (revision A) with 245760K/16384K bytes of memory.
Processor board ID 4294967295
R7000 CPU at 150MHz, Implementation 39, Rev 2.1, 256KB L2, 512KB L3 Cache
6 slot VXR midplane, Version 2.1

Last reset from power-on

PCI bus mb0_mb1 (Slots 0, 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb0_mb1 has a total of 540 bandwidth points.
This configuration is within the PCI bus capacity and is supported.

PCI bus mb2 (Slots 2, 4, 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 500 bandwidth points
This configuration is within the PCI bus capacity and is supported.

Please refer to the following document “Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines” on Cisco.com
for c7200 bandwidth points oversubscription and usage guidelines.

4 Ethernet interfaces
2 FastEthernet interfaces
8 Serial interfaces
1 ATM interface
1 Packet over SONET interface
125K bytes of NVRAM.
Installed image archive

65536K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
8192K bytes of Flash internal SIMM (Sector size 256K).

Cisco Certification has been considered is IT field gold-lettered signboard, in some country, Cisco primary network engineer’s related authentication–CCNA is called “obtains the high salary the direct bus”, obviously Cisco Certification as well as field approval degree, but after that multistep professional certificate–CCNP->CCIE is enters the IT profession to obtain the high salary the guarantee, therefore, so many younger to attend Cisco Certification Network  Associate.

The Cisco simulator use the software to create avirtual lab enviroment, whic contains the necessary experimental routers,switches, a variety of connections ,click to enter the associated equipmnet to operate.Although the simulator is very expensive,it is installed on your computer,we don’t waste time on the way to laboratory,and we can learn to more.

No1. Boson Netsim

In my option, The simulator is not good,beacause the authenticity is questionable.But I introduce it firstly beacuse  it is the offical recommended Cisco simulator, especially for Cisco Certification Exams, and the majority cases is user can succes simulat the embedded entiromnet.

No2.GNS

The other kind of graphical interface of Dyamips ,comparted to Dynamips GUI   individuals  more frinedly.